Unable to upload bom using version 1.9.1

[sanderino666]

io.github.pmckeown:dependency-track-maven-plugin:1.9.1:upload-bom keeps failing with the error:

[ERROR] Failure integrating with Dependency Track: 400 Bad Request
[DEBUG] Error occurred during upload
io.github.pmckeown.dependencytrack.DependencyTrackException: Failure integrating with Dependency Track: 400 Bad Request
    at io.github.pmckeown.dependencytrack.upload.UploadBomAction.doUpload (UploadBomAction.java:99)
    at io.github.pmckeown.dependencytrack.upload.UploadBomAction.upload (UploadBomAction.java:54)
    at io.github.pmckeown.dependencytrack.upload.UploadBomMojo.performAction (UploadBomMojo.java:88)
    at io.github.pmckeown.dependencytrack.AbstractDependencyTrackMojo.execute (AbstractDependencyTrackMojo.java:105)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:126)
    at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2 (MojoExecutor.java:328)
    at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute (MojoExecutor.java:316)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:212)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:174)
    at org.apache.maven.lifecycle.internal.MojoExecutor.access$000 (MojoExecutor.java:75)
    at org.apache.maven.lifecycle.internal.MojoExecutor$1.run (MojoExecutor.java:162)
    at org.apache.maven.buildcache.BuildCacheMojosExecutionStrategy.execute (BuildCacheMojosExecutionStrategy.java:145)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:159)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:105)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:73)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:53)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:118)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:261)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:173)
    at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:101)
    at org.apache.maven.cli.MavenCli.execute (MavenCli.java:906)
    at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:283)
    at org.apache.maven.cli.MavenCli.main (MavenCli.java:206)
    at jdk.internal.reflect.DirectMethodHandleAccessor.invoke (DirectMethodHandleAccessor.java:103)
    at java.lang.reflect.Method.invoke (Method.java:580)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:283)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:226)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:407)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:[348](https://gitlab.pinkprivate.cloud/pz/openburgerzaken/services/usermanagementservice/-/jobs/2174447#L348))
Caused by: io.github.pmckeown.dependencytrack.DependencyTrackException: Failure integrating with Dependency Track: 400 Bad Request
    at io.github.pmckeown.dependencytrack.upload.UploadBomAction.doUpload (UploadBomAction.java:96)
    at io.github.pmckeown.dependencytrack.upload.UploadBomAction.upload (UploadBomAction.java:54)
    at io.github.pmckeown.dependencytrack.upload.UploadBomMojo.performAction (UploadBomMojo.java:88)
    at io.github.pmckeown.dependencytrack.AbstractDependencyTrackMojo.execute (AbstractDependencyTrackMojo.java:105)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:126)
    at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2 (MojoExecutor.java:328)
    at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute (MojoExecutor.java:316)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:212)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:174)
    at org.apache.maven.lifecycle.internal.MojoExecutor.access$000 (MojoExecutor.java:75)
    at org.apache.maven.lifecycle.internal.MojoExecutor$1.run (MojoExecutor.java:162)
    at org.apache.maven.buildcache.BuildCacheMojosExecutionStrategy.execute (BuildCacheMojosExecutionStrategy.java:145)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:159)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:105)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:73)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:53)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:118)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:261)
    at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:173)
    at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:101)
    at org.apache.maven.cli.MavenCli.execute (MavenCli.java:906)
    at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:283)
    at org.apache.maven.cli.MavenCli.main (MavenCli.java:206)
    at jdk.internal.reflect.DirectMethodHandleAccessor.invoke (DirectMethodHandleAccessor.java:103)
    at java.lang.reflect.Method.invoke (Method.java:580)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:283)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:226)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:407)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:348)

Reverting back to version 1.7.0 fixes the issue.

I tried the following configuration options but they all fail with the same error:

Update parent set to true

[INFO] SSL Verification enabled: true
[DEBUG] bomLocation not supplied so using: /builds/pz/openburgerzaken/services/usermanagementservice/boot/target/bom.xml
[INFO] Update Project Parent : true
[INFO] Project Name: OPENburgerzaken UserManagementService
[INFO] Project Version: 1.0.8-SNAPSHOT
[INFO] Project is latest: true
[INFO] Project Tags: 
[INFO] Parent UUID: null
[INFO] Parent Name: OPENburgerzaken UserManagementService
[INFO] Parent Version: 1.0.8-SNAPSHOT
[INFO] PollingConfig[attempts=20,enabled=true,pause=1,timeUnit=SECONDS]

Update parent set to false

[INFO] SSL Verification enabled: true
[DEBUG] bomLocation not supplied so using: /builds/pz/openburgerzaken/services/usermanagementservice/boot/target/bom.xml
[INFO] Update Project Parent : false
[INFO] Project Name: OPENburgerzaken UserManagementService
[INFO] Project Version: 1.0.8-SNAPSHOT
[INFO] Project is latest: true
[INFO] Project Tags: 
[INFO] Parent UUID: null
[INFO] Parent Name: OPENburgerzaken UserManagementService
[INFO] Parent Version: 1.0.8-SNAPSHOT
[INFO] PollingConfig[attempts=20,enabled=true,pause=1,timeUnit=SECONDS]

Update parent set to false and no parent version, override default maven parent name

[INFO] SSL Verification enabled: true
[DEBUG] bomLocation not supplied so using: /builds/pz/openburgerzaken/services/usermanagementservice/boot/target/bom.xml
[INFO] Update Project Parent : false
[INFO] Project Name: OPENburgerzaken UserManagementService
[INFO] Project Version: 1.0.8-SNAPSHOT
[INFO] Project is latest: true
[INFO] Project Tags: 
[INFO] Parent UUID: null
[INFO] Parent Name: OPENburgerzaken UserManagementService
[INFO] Parent Version: null
[INFO] PollingConfig[attempts=20,enabled=true,pause=1,timeUnit=SECONDS]

Update parent set to false and no parent version, default maven parent name

[INFO] SSL Verification enabled: true
[DEBUG] bomLocation not supplied so using: /builds/pz/openburgerzaken/services/usermanagementservice/boot/target/bom.xml
[INFO] Update Project Parent : false
[INFO] Project Name: OPENburgerzaken UserManagementService
[INFO] Project Version: 1.0.8-SNAPSHOT
[INFO] Project is latest: true
[INFO] Project Tags: 
[INFO] Parent UUID: null
[INFO] Parent Name: usermanagementservice
[INFO] Parent Version: null
[INFO] PollingConfig[attempts=20,enabled=true,pause=1,timeUnit=SECONDS]

Update parent set to false and parent values empty strings

[INFO] SSL Verification enabled: true
[DEBUG] bomLocation not supplied so using: /builds/pz/openburgerzaken/services/usermanagementservice/boot/target/bom.xml
[INFO] Update Project Parent : false
[INFO] Project Name: OPENburgerzaken UserManagementService
[INFO] Project Version: 1.0.8-SNAPSHOT
[INFO] Project is latest: true
[INFO] Project Tags: 
[INFO] Parent UUID: 
[INFO] Parent Name: 
[INFO] Parent Version: 
[INFO] PollingConfig[attempts=20,enabled=true,pause=1,timeUnit=SECONDS]

Update parent set to false and parent name and version empty strings

[INFO] SSL Verification enabled: true
[DEBUG] bomLocation not supplied so using: /builds/pz/openburgerzaken/services/usermanagementservice/boot/target/bom.xml
[INFO] Update Project Parent : false
[INFO] Project Name: OPENburgerzaken UserManagementService
[INFO] Project Version: 1.0.8-SNAPSHOT
[INFO] Project is latest: true
[INFO] Project Tags: 
[INFO] Parent UUID: null
[INFO] Parent Name: 
[INFO] Parent Version: 
[INFO] PollingConfig[attempts=20,enabled=true,pause=1,timeUnit=SECONDS]

[pmckeown]

What version of Dependency Track server are you connecting to? Could be a difference an API that the later version of the plugin is using.

[sanderino666]

We are using version 4.9.1

[sanderino666]

FYI we'll upgrade to the latest dependency track version and report back (will be in a couple of days).