From 98ba39e7fe8dbe8ae5b42095bfbe538d7553c49f Mon Sep 17 00:00:00 2001
From: Jochen Schalanda <jochen@schalanda.name>
Date: Tue, 7 Jun 2022 23:50:06 +0200
Subject: [PATCH] Generate SBOM using CycloneDX Maven plugin

https://cyclonedx.org/
https://github.com/CycloneDX/cyclonedx-maven-plugin
---
 pom.xml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/pom.xml b/pom.xml
index 8e321ea4a..56d33b16e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -252,6 +252,18 @@
                             </execution>
                         </executions>
                     </plugin>
+                    <plugin>
+                        <groupId>org.cyclonedx</groupId>
+                        <artifactId>cyclonedx-maven-plugin</artifactId>
+                        <executions>
+                            <execution>
+                                <phase>package</phase>
+                                <goals>
+                                    <goal>makeAggregateBom</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
                 </plugins>
             </build>
         </profile>
@@ -330,6 +342,11 @@
                     <artifactId>sonar-maven-plugin</artifactId>
                     <version>3.9.1.2184</version>
                 </plugin>
+                <plugin>
+                    <groupId>org.cyclonedx</groupId>
+                    <artifactId>cyclonedx-maven-plugin</artifactId>
+                    <version>2.7.0</version>
+                </plugin>
             </plugins>
         </pluginManagement>
         <plugins>