From 73de3e52e060faba227c6f1da0c636f1e76b9f46 Mon Sep 17 00:00:00 2001 From: Sebastian Schuberth Date: Mon, 15 Jul 2024 22:48:40 +0200 Subject: [PATCH] refactor(cyclonedx): Continue with remaining formats even if one failed Signed-off-by: Sebastian Schuberth --- .../src/main/kotlin/CycloneDxReporter.kt | 54 ++++++++++--------- 1 file changed, 30 insertions(+), 24 deletions(-) diff --git a/plugins/reporters/cyclonedx/src/main/kotlin/CycloneDxReporter.kt b/plugins/reporters/cyclonedx/src/main/kotlin/CycloneDxReporter.kt index a0deb08d80897..7bbb2d995694b 100644 --- a/plugins/reporters/cyclonedx/src/main/kotlin/CycloneDxReporter.kt +++ b/plugins/reporters/cyclonedx/src/main/kotlin/CycloneDxReporter.kt @@ -24,6 +24,8 @@ import java.util.Date import java.util.SortedSet import java.util.UUID +import org.apache.logging.log4j.kotlin.logger + import org.cyclonedx.Version import org.cyclonedx.generators.BomGeneratorFactory import org.cyclonedx.model.AttachmentText @@ -368,37 +370,41 @@ class CycloneDxReporter : Reporter { outputFileExtensions.forEach { fileExtension -> val outputFile = outputDir.resolve("$outputName.$fileExtension") - val bomGenerator = when (fileExtension) { - "xml" -> BomGeneratorFactory.createXml(schemaVersion, bom).toXmlString() - "json" -> { - // JSON output cannot handle extensible types (see [1]), so simply remove them. As JSON output is - // guaranteed to be the last format serialized, it is okay to modify the BOM here without doing a - // deep copy first. - // - // [1] https://github.com/CycloneDX/cyclonedx-core-java/issues/99. - val bomWithoutExtensibleTypes = bom.apply { - components.forEach { component -> - // Clear the "dependencyType". - component.extensibleTypes = null - - component.licenses.licenses.forEach { license -> - // Clear the "origin". - license.extensibleTypes = null + runCatching { + val bomGenerator = when (fileExtension) { + "xml" -> BomGeneratorFactory.createXml(schemaVersion, bom).toXmlString() + "json" -> { + // JSON output cannot handle extensible types (see [1]), so simply remove them. As JSON output + // is guaranteed to be the last format serialized, it is okay to modify the BOM here without + // doing a deep copy first. + // + // [1] https://github.com/CycloneDX/cyclonedx-core-java/issues/99. + val bomWithoutExtensibleTypes = bom.apply { + components.forEach { component -> + // Clear the "dependencyType". + component.extensibleTypes = null + + component.licenses.licenses.forEach { license -> + // Clear the "origin". + license.extensibleTypes = null + } + + // Remove duplicates that may occur due to clearing the distinguishing extensive type. + component.licenses.licenses = component.licenses.licenses.distinct() } - - // Remove duplicates that may occur due to clearing the distinguishing extensive type. - component.licenses.licenses = component.licenses.licenses.distinct() } + + BomGeneratorFactory.createJson(schemaVersion, bomWithoutExtensibleTypes).toJsonString() } - BomGeneratorFactory.createJson(schemaVersion, bomWithoutExtensibleTypes).toJsonString() + else -> throw IllegalArgumentException("Unsupported CycloneDX file extension '$fileExtension'.") } - else -> throw IllegalArgumentException("Unsupported CycloneDX file extension '$fileExtension'.") + outputFile.bufferedWriter().use { it.write(bomGenerator) } + writtenFiles += outputFile + }.onFailure { + logger.error("Unable to create CycloneDX report: ", it) } - - outputFile.bufferedWriter().use { it.write(bomGenerator) } - writtenFiles += outputFile } return writtenFiles