Offer a mechanism to bootstrap / provision a new Dependency-Track instance

[nscuro]

Current Behavior

Currently, the majority of settings in Dependency-Track is managed via ConfigProperty records in the database. Available options and their defaults are listed in ConfigPropertyConstants.

The database is populated with default values upon startup, via DefaultObjectGenerator:

https://github.com/DependencyTrack/hyades-apiserver/blob/794e9eaa2991f961223653b293c46ce64bc7e0ce/src/main/java/org/dependencytrack/persistence/DefaultObjectGenerator.java#L225-L235

Properties can be updated at runtime via the POST /api/v1/configProperty endpoint, or via UI (which calls the same endpoint behind the scenes).

A major downside of this behavior is that configuration of new instances requires manual or heavily automated steps. Even though automation is possible, it is not straightforward, and there is no ready-made solution that users can adopt.

Proposed Behavior

Offer a mechanism that allows users to bootstrap new instances with custom configuration, for example by passing a YAML file that contains the desired values.

The mechanism could be further extended to include:

• Initial user credentials
• Users, teams, and potentially API keys
• Notification configurations
• Repository configurations
• Policies

For reference, Grafana has a provisioning feature with which datasources, dashboard, and alerts can be pre-configured.

Checklist

• I have read and understand the contributing guidelines
• I have checked the existing issues for whether this enhancement was already requested