Move OWASP dependency check to a Maven profile

This takes way too long to perform each time on a Github action as we cannot cache the image
2021-03-29 08:17:40 +02:00 · 2021-03-29 08:17:40 +02:00 · b16e60f691
commit b16e60f691
parent f959e0387e
1 changed files with 37 additions and 21 deletions
--- a/pom.xml
+++ b/pom.xml
@ -230,30 +230,45 @@
                    </execution>
                </executions>
            </plugin>
-            <plugin>
-                <groupId>org.owasp</groupId>
-                <artifactId>dependency-check-maven</artifactId>
-                <version>5.3.2</version>
-                <configuration>
-                    <failBuildOnCVSS>7</failBuildOnCVSS>
-                    <skipProvidedScope>true</skipProvidedScope>
-                    <skipRuntimeScope>true</skipRuntimeScope>
-                    <suppressionFiles>
-                        <!--suppress UnresolvedMavenProperty -->
-                        <suppressionFile>${maven.multiModuleProjectDirectory}/config/dependency-check/project-suppression.xml</suppressionFile>
-                    </suppressionFiles>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>check</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
        </plugins>
    </build>

+    <profiles>
+        <profile>
+            <id>owasp</id>
+            <activation>
+                <activeByDefault>false</activeByDefault>
+            </activation>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.owasp</groupId>
+                        <artifactId>dependency-check-maven</artifactId>
+                        <version>5.3.2</version>
+                        <configuration>
+                            <failBuildOnCVSS>7</failBuildOnCVSS>
+                            <skipProvidedScope>true</skipProvidedScope>
+                            <skipRuntimeScope>true</skipRuntimeScope>
+                            <suppressionFiles>
+                                <!--suppress UnresolvedMavenProperty -->
+                                <suppressionFile>
+                                    ${maven.multiModuleProjectDirectory}/config/dependency-check/project-suppression.xml
+                                </suppressionFile>
+                            </suppressionFiles>
+                        </configuration>
+                        <executions>
+                            <execution>
+                                <goals>
+                                    <goal>check</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+
    <repositories>
        <repository>
            <id>central</id>
@ -273,4 +288,5 @@
        </pluginRepository>
    </pluginRepositories>

+
 </project>