feat (Laerdal.Builder.targets): auto-generate SBOMs

   also update Laerdal.SetupBuildEnvironment.sh to have it install cyclone-dx

Laerdal.McuMgr.Tests/FileUploader/FileUploaderTestbed.MultipleFilesUploadAsync.ShouldCompleteSuccessfully_GivenVariousFilesToDownload.cs

@@ -45,10 +45,9 @@ public async Task MultipleFilesUploadAsync_ShouldCompleteSuccessfully_GivenVario
 
             // Act
             var work = new Func<Task<IEnumerable<string>>>(async () => await fileUploader.UploadAsync(remoteFilePathsAndTheirData: remoteFilePathsToTest, maxTriesPerUpload: 4));
+            var filesThatFailedToBeUploaded = (await work.Should().CompleteWithinAsync(6.Seconds())).Which;
 
             // Assert
-            var filesThatFailedToBeUploaded = (await work.Should().CompleteWithinAsync(3.Seconds())).Which;
-
             filesThatFailedToBeUploaded.Should().BeEquivalentTo(expectation: new[]
             {
                 "/some/file/to/a/folder/that/doesnt/exist.bin",

Laerdal.Scripts/Laerdal.Builder.targets

@@ -40,7 +40,7 @@
 
         <PackageOutputPath Condition=" '$(PackageOutputPath)' == '' ">$(BUILD_ARTIFACTSTAGINGDIRECTORY)</PackageOutputPath>
         <PackageOutputPath Condition=" '$(PackageOutputPath)' == '' ">$([System.IO.Path]::Combine($(Laerdal_RootDirectory_Folderpath), `Artifacts/`))</PackageOutputPath>
-
+        
         <PackageOutputPath>$([System.IO.Path]::GetFullPath( '$(PackageOutputPath)' ))</PackageOutputPath>
 
         <Laerdal_Test_Results_Folderpath Condition=" '$(Laerdal_Test_Results_Folderpath)' == '' ">$([System.IO.Path]::Combine($(Laerdal_RootDirectory_Folderpath), `TestResults`))</Laerdal_Test_Results_Folderpath>
@@ -310,4 +310,23 @@
               WorkingDirectory="$(Laerdal_RootDirectory_Folderpath)"/>
     </Target>
 
+    <!-- GENERATE SBOM -->
+    <Target Name="GenerateSBOM" AfterTargets="PrintConfiguration">
+
+        <PropertyGroup>
+            <!-- using double-quotes instead of single-quotes is vital for the command to work as intended -->
+            <_Laerdal_Command___Generate_SBOM>   dotnet-CycloneDX   --json   --exclude-dev   --output &quot;$(PackageOutputPath)&quot;   </_Laerdal_Command___Generate_SBOM>
+        </PropertyGroup>
+
+        <Message Importance="High" Text="** Generating SBOMs:"/>
+
+        <!-- we intentionally avoided using WorkingDirectory="$(Laerdal_Script_FolderPath)" because our global.json settings enforce net8 but cyclonedx runs on net6 and net7 -->
+        <Exec Command=" $(_Laerdal_Command___Generate_SBOM)   --filename &quot;mcumgr.json&quot;               &quot;$(Laerdal_McuMgr_ProjectFile)&quot;                      " ConsoleToMSBuild="true" />
+        <Exec Command=" $(_Laerdal_Command___Generate_SBOM)   --filename &quot;mcumgr.ios.json&quot;           &quot;$(Laerdal_McuMgrBindings_ProjectFile_iOS)&quot;          " ConsoleToMSBuild="true" />
+        <Exec Command=" $(_Laerdal_Command___Generate_SBOM)   --filename &quot;mcumgr.android.json&quot;       &quot;$(Laerdal_McuMgrBindings_ProjectFile_Android)&quot;      " ConsoleToMSBuild="true" />
+        <Exec Command=" $(_Laerdal_Command___Generate_SBOM)   --filename &quot;mcumgr.maccatalyst.json&quot;   &quot;$(Laerdal_McuMgrBindings_ProjectFile_MacCatalyst)&quot;  " ConsoleToMSBuild="true" />
+        <Exec Command=" $(_Laerdal_Command___Generate_SBOM)   --filename &quot;mcumgr.netstandard.json&quot;   &quot;$(Laerdal_McuMgrBindings_ProjectFile_NetStandard)&quot;  " ConsoleToMSBuild="true" />
+
+    </Target>
+
 </Project>

Laerdal.Scripts/Laerdal.SetupBuildEnvironment.sh

@@ -224,6 +224,26 @@ if [ $exitCode != 0 ]; then
   exit 160
 fi
 
+echo
+echo "** Installing CycloneDX as a dotnet tool:"
+dotnet   tool       \
+         install    \
+             --global   CycloneDX
+declare exitCode=$?
+if [ $exitCode != 0 ]; then
+  echo "##vso[task.logissue type=error]Something went wrong with the CycloneDX tool for dotnet."
+  exit 165
+fi
+
+echo
+echo "** CycloneDX:"
+which    dotnet-CycloneDX   &&   dotnet-CycloneDX   --version
+declare exitCode=$?
+if [ $exitCode != 0 ]; then
+  echo "##vso[task.logissue type=error]Something's wrong with 'dotnet-CycloneDX'."
+  exit 166
+fi
+
 echo
 echo "** Nuget:"
 which  nuget  &&  nuget  help