Currently the plugin/pipeline configuration requires an existing project by defining projectId.
      I think it would be smoother to auto-create project, and read name/version from pom-files like:
      name: ${groupId}-${artifactId}
      version: ${version}

      then the entry-barrier would be lowered and it would be easier to adopt DT at larger scale.

          [JENKINS-60643] Auto-create project for maven-based jobs

          Auto-creating projects is already supported, but is limited to pipeline jobs. Non-pipeline jobs do not have the option.

          Steve Springett added a comment - Auto-creating projects is already supported, but is limited to pipeline jobs. Non-pipeline jobs do not have the option.

          davidkarlsen added a comment -

          Hm - I get:
          Missing required parameter: "projectId" @ line 114, column 9.
          dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom'

          when running with:
          dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom'

          davidkarlsen added a comment - Hm - I get: Missing required parameter: "projectId" @ line 114, column 9. dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom' when running with: dependencyTrackPublisher artifact: 'target/bom.xml', artifactType: 'bom'

          Pipeline parameters are documented here:

          https://jenkins.io/doc/pipeline/steps/dependency-track/

           

          If you don't specify a projectId, then you have to specify the projectName and projectVersion. If the project name and version does not exist, it will be created.

          Steve Springett added a comment - Pipeline parameters are documented here: https://jenkins.io/doc/pipeline/steps/dependency-track/   If you don't specify a projectId, then you have to specify the projectName and projectVersion. If the project name and version does not exist, it will be created.

          davidkarlsen added a comment -

          I get:

          WorkflowScript: 102: Invalid parameter "projectVersion", did you mean "projectId"? @ line 102, column 121.
          .edb.fs.tac.jfr.srv:jfr-srv", projectVer
          ^

          when running:
          dependencyTrackPublisher artifact: 'bom.xml', artifactType: 'bom', projectId: "com.edb.fs.tac.jfr.srv:jfr-srv", projectVersion: "10.1.0-SNAPSHOT"

          davidkarlsen added a comment - I get: WorkflowScript: 102: Invalid parameter "projectVersion", did you mean "projectId"? @ line 102, column 121. .edb.fs.tac.jfr.srv:jfr-srv", projectVer ^ when running: dependencyTrackPublisher artifact: 'bom.xml', artifactType: 'bom', projectId: "com.edb.fs.tac.jfr.srv:jfr-srv", projectVersion: "10.1.0-SNAPSHOT"

          davidkarlsen added a comment - - edited

          When I visit the ..../pipeline-syntax page, only these parameters are documented:

          dependencyTrackPublisher: Publish results to Dependency-Track
          projectId
          Type:String
          artifact
          Type:String
          artifactType
          Type:String

          installed plugin version: 2.2.0

          davidkarlsen added a comment - - edited When I visit the ..../pipeline-syntax page, only these parameters are documented: dependencyTrackPublisher: Publish results to Dependency-Track projectId Type:String artifact Type:String artifactType Type:String installed plugin version: 2.2.0

          I'm still unable to replicate. The automated generated docs posted here https://jenkins.io/doc/pipeline/steps/dependency-track/ contain all the configurable params including the projectName and projectVersion params I mentioned earlier. The pipeline syntax feature in Jenkins itself has a lot of limitations and will not properly generate all docs for some plugins. Use jenkins.io for plugin docs.

           

          dependencyTrackPublisher artifact: 'bom.xml', artifactType: 'bom', projectName: 'Acme Example', projectVersion: '1.0.0', synchronous: true
          

          Steve Springett added a comment - I'm still unable to replicate. The automated generated docs posted here https://jenkins.io/doc/pipeline/steps/dependency-track/  contain all the configurable params including the projectName and projectVersion params I mentioned earlier. The pipeline syntax feature in Jenkins itself has a lot of limitations and will not properly generate all docs for some plugins. Use jenkins.io for plugin docs.   dependencyTrackPublisher artifact: 'bom.xml' , artifactType: 'bom' , projectName: 'Acme Example' , projectVersion: '1.0.0' , synchronous: true

          davidkarlsen added a comment -


          Our config section looks a "little strange" - double up with settings. What could cause this?

          davidkarlsen added a comment - Our config section looks a "little strange" - double up with settings. What could cause this?

          That is likely due to the use of an old version of the Dependency-Check Jenkins plugin being installed. That version of the plugin doesn't work anymore. It was compatible with DC 4.x, which utilized the XML feeds from the NVD. Those feeds are no longer available, so DC 4.x no longer works. Because of that, the old DC Jenkins plugin is likely safe to remove.

          Steve Springett added a comment - That is likely due to the use of an old version of the Dependency-Check Jenkins plugin being installed. That version of the plugin doesn't work anymore. It was compatible with DC 4.x, which utilized the XML feeds from the NVD. Those feeds are no longer available, so DC 4.x no longer works. Because of that, the old DC Jenkins plugin is likely safe to remove.

          davidkarlsen added a comment -

          Indeed the old dependency check plugin shadowed the dependency track one and everything works as designed. (However the name and version parameters don't show in the pipeline-syntax ui - but that's unrelated).
          Thanks!

          davidkarlsen added a comment - Indeed the old dependency check plugin shadowed the dependency track one and everything works as designed. (However the name and version parameters don't show in the pipeline-syntax ui - but that's unrelated). Thanks!

            sspringett Steve Springett
            davidkarlsen davidkarlsen
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: