diff options
-rw-r--r-- | meta/classes/create-spdx-2.2.bbclass | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass index f0513af083..9aede86870 100644 --- a/meta/classes/create-spdx-2.2.bbclass +++ b/meta/classes/create-spdx-2.2.bbclass | |||
@@ -14,6 +14,8 @@ CVE_VERSION ??= "${PV}" | |||
14 | SPDXDIR ??= "${WORKDIR}/spdx" | 14 | SPDXDIR ??= "${WORKDIR}/spdx" |
15 | SPDXDEPLOY = "${SPDXDIR}/deploy" | 15 | SPDXDEPLOY = "${SPDXDIR}/deploy" |
16 | SPDXWORK = "${SPDXDIR}/work" | 16 | SPDXWORK = "${SPDXDIR}/work" |
17 | SPDXIMAGEWORK = "${SPDXDIR}/image-work" | ||
18 | SPDXSDKWORK = "${SPDXDIR}/sdk-work" | ||
17 | 19 | ||
18 | SPDX_TOOL_NAME ??= "oe-spdx-creator" | 20 | SPDX_TOOL_NAME ??= "oe-spdx-creator" |
19 | SPDX_TOOL_VERSION ??= "1.0" | 21 | SPDX_TOOL_VERSION ??= "1.0" |
@@ -821,10 +823,12 @@ def spdx_get_src(d): | |||
821 | d.setVar("WORKDIR", workdir) | 823 | d.setVar("WORKDIR", workdir) |
822 | 824 | ||
823 | do_rootfs[recrdeptask] += "do_create_spdx do_create_runtime_spdx" | 825 | do_rootfs[recrdeptask] += "do_create_spdx do_create_runtime_spdx" |
826 | do_rootfs[cleandirs] += "${SPDXIMAGEWORK}" | ||
824 | 827 | ||
825 | ROOTFS_POSTUNINSTALL_COMMAND =+ "image_combine_spdx ; " | 828 | ROOTFS_POSTUNINSTALL_COMMAND =+ "image_combine_spdx ; " |
826 | 829 | ||
827 | do_populate_sdk[recrdeptask] += "do_create_spdx do_create_runtime_spdx" | 830 | do_populate_sdk[recrdeptask] += "do_create_spdx do_create_runtime_spdx" |
831 | do_populate_sdk[cleandirs] += "${SPDXSDKWORK}" | ||
828 | POPULATE_SDK_POST_HOST_COMMAND:append:task-populate-sdk = " sdk_host_combine_spdx; " | 832 | POPULATE_SDK_POST_HOST_COMMAND:append:task-populate-sdk = " sdk_host_combine_spdx; " |
829 | POPULATE_SDK_POST_TARGET_COMMAND:append:task-populate-sdk = " sdk_target_combine_spdx; " | 833 | POPULATE_SDK_POST_TARGET_COMMAND:append:task-populate-sdk = " sdk_target_combine_spdx; " |
830 | 834 | ||
@@ -840,7 +844,7 @@ python image_combine_spdx() { | |||
840 | img_spdxid = oe.sbom.get_image_spdxid(image_name) | 844 | img_spdxid = oe.sbom.get_image_spdxid(image_name) |
841 | packages = image_list_installed_packages(d) | 845 | packages = image_list_installed_packages(d) |
842 | 846 | ||
843 | combine_spdx(d, image_name, imgdeploydir, img_spdxid, packages) | 847 | combine_spdx(d, image_name, imgdeploydir, img_spdxid, packages, Path(d.getVar("SPDXIMAGEWORK"))) |
844 | 848 | ||
845 | def make_image_link(target_path, suffix): | 849 | def make_image_link(target_path, suffix): |
846 | if image_link_name: | 850 | if image_link_name: |
@@ -848,12 +852,8 @@ python image_combine_spdx() { | |||
848 | if link != target_path: | 852 | if link != target_path: |
849 | link.symlink_to(os.path.relpath(target_path, link.parent)) | 853 | link.symlink_to(os.path.relpath(target_path, link.parent)) |
850 | 854 | ||
851 | image_spdx_path = imgdeploydir / (image_name + ".spdx.json") | ||
852 | make_image_link(image_spdx_path, ".spdx.json") | ||
853 | spdx_tar_path = imgdeploydir / (image_name + ".spdx.tar.zst") | 855 | spdx_tar_path = imgdeploydir / (image_name + ".spdx.tar.zst") |
854 | make_image_link(spdx_tar_path, ".spdx.tar.zst") | 856 | make_image_link(spdx_tar_path, ".spdx.tar.zst") |
855 | spdx_index_path = imgdeploydir / (image_name + ".spdx.index.json") | ||
856 | make_image_link(spdx_index_path, ".spdx.index.json") | ||
857 | } | 857 | } |
858 | 858 | ||
859 | python sdk_host_combine_spdx() { | 859 | python sdk_host_combine_spdx() { |
@@ -873,9 +873,9 @@ def sdk_combine_spdx(d, sdk_type): | |||
873 | sdk_deploydir = Path(d.getVar("SDKDEPLOYDIR")) | 873 | sdk_deploydir = Path(d.getVar("SDKDEPLOYDIR")) |
874 | sdk_spdxid = oe.sbom.get_sdk_spdxid(sdk_name) | 874 | sdk_spdxid = oe.sbom.get_sdk_spdxid(sdk_name) |
875 | sdk_packages = sdk_list_installed_packages(d, sdk_type == "target") | 875 | sdk_packages = sdk_list_installed_packages(d, sdk_type == "target") |
876 | combine_spdx(d, sdk_name, sdk_deploydir, sdk_spdxid, sdk_packages) | 876 | combine_spdx(d, sdk_name, sdk_deploydir, sdk_spdxid, sdk_packages, Path(d.getVar('SPDXSDKWORK'))) |
877 | 877 | ||
878 | def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): | 878 | def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages, spdx_workdir): |
879 | import os | 879 | import os |
880 | import oe.spdx | 880 | import oe.spdx |
881 | import oe.sbom | 881 | import oe.sbom |
@@ -944,7 +944,7 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): | |||
944 | comment="Runtime dependencies for %s" % name | 944 | comment="Runtime dependencies for %s" % name |
945 | ) | 945 | ) |
946 | 946 | ||
947 | image_spdx_path = rootfs_deploydir / (rootfs_name + ".spdx.json") | 947 | image_spdx_path = spdx_workdir / (rootfs_name + ".spdx.json") |
948 | 948 | ||
949 | with image_spdx_path.open("wb") as f: | 949 | with image_spdx_path.open("wb") as f: |
950 | doc.to_json(f, sort_keys=True, indent=get_json_indent(d)) | 950 | doc.to_json(f, sort_keys=True, indent=get_json_indent(d)) |
@@ -1020,7 +1020,3 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): | |||
1020 | info.gname = "root" | 1020 | info.gname = "root" |
1021 | 1021 | ||
1022 | tar.addfile(info, fileobj=index_str) | 1022 | tar.addfile(info, fileobj=index_str) |
1023 | |||
1024 | spdx_index_path = rootfs_deploydir / (rootfs_name + ".spdx.index.json") | ||
1025 | with spdx_index_path.open("w") as f: | ||
1026 | json.dump(index, f, sort_keys=True, indent=get_json_indent(d)) | ||