Configuring Dependency Track for NodeJs in pre-build or post build task creates a bill of materials from Maven & Gradle projects and environments and uploads it to D-track for Component Analysis to identify and reduce risk in the software supply chain.
Prerequisite: Make sure you have set up an account in dependency track or get the API keys from an admin.
- On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).
- Click + Add task.
- Select Dependency track for Maven & Gradle from PRESET PLUGINS.
- Enter a relevant name in the
Task namefield. It is a mandatory field. - Enter a descriptive message for the task in the
Descriptionfield. It is an optional field. - Provide a value for the input variable.
Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.
| Variable | Format | Description |
|---|---|---|
| BuildToolType | String | Type of build tool your project is using. E.g., Maven, or Gradle |
| DTrackEndpoint | String | API endpoint of your dependency track account |
| DTrackProjectName | String | Name of your dependency track project |
| DTrackProjectVersion | String | Version of dependency track project |
| DTrackApiKey | String | API key of your dependency track account |
| CheckoutPath | String | Checkout path of Git material |
-
Trigger/Skip Conditionrefers to a conditional statement to execute or skip the task. You can select either:Set trigger conditionsorSet skip conditions
-
Click Update Pipeline.