diff options
| -rw-r--r-- | meta/classes/create-spdx-2.2.bbclass | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass index f0513af083..9aede86870 100644 --- a/meta/classes/create-spdx-2.2.bbclass +++ b/meta/classes/create-spdx-2.2.bbclass | |||
| @@ -14,6 +14,8 @@ CVE_VERSION ??= "${PV}" | |||
| 14 | SPDXDIR ??= "${WORKDIR}/spdx" | 14 | SPDXDIR ??= "${WORKDIR}/spdx" |
| 15 | SPDXDEPLOY = "${SPDXDIR}/deploy" | 15 | SPDXDEPLOY = "${SPDXDIR}/deploy" |
| 16 | SPDXWORK = "${SPDXDIR}/work" | 16 | SPDXWORK = "${SPDXDIR}/work" |
| 17 | SPDXIMAGEWORK = "${SPDXDIR}/image-work" | ||
| 18 | SPDXSDKWORK = "${SPDXDIR}/sdk-work" | ||
| 17 | 19 | ||
| 18 | SPDX_TOOL_NAME ??= "oe-spdx-creator" | 20 | SPDX_TOOL_NAME ??= "oe-spdx-creator" |
| 19 | SPDX_TOOL_VERSION ??= "1.0" | 21 | SPDX_TOOL_VERSION ??= "1.0" |
| @@ -821,10 +823,12 @@ def spdx_get_src(d): | |||
| 821 | d.setVar("WORKDIR", workdir) | 823 | d.setVar("WORKDIR", workdir) |
| 822 | 824 | ||
| 823 | do_rootfs[recrdeptask] += "do_create_spdx do_create_runtime_spdx" | 825 | do_rootfs[recrdeptask] += "do_create_spdx do_create_runtime_spdx" |
| 826 | do_rootfs[cleandirs] += "${SPDXIMAGEWORK}" | ||
| 824 | 827 | ||
| 825 | ROOTFS_POSTUNINSTALL_COMMAND =+ "image_combine_spdx ; " | 828 | ROOTFS_POSTUNINSTALL_COMMAND =+ "image_combine_spdx ; " |
| 826 | 829 | ||
| 827 | do_populate_sdk[recrdeptask] += "do_create_spdx do_create_runtime_spdx" | 830 | do_populate_sdk[recrdeptask] += "do_create_spdx do_create_runtime_spdx" |
| 831 | do_populate_sdk[cleandirs] += "${SPDXSDKWORK}" | ||
| 828 | POPULATE_SDK_POST_HOST_COMMAND:append:task-populate-sdk = " sdk_host_combine_spdx; " | 832 | POPULATE_SDK_POST_HOST_COMMAND:append:task-populate-sdk = " sdk_host_combine_spdx; " |
| 829 | POPULATE_SDK_POST_TARGET_COMMAND:append:task-populate-sdk = " sdk_target_combine_spdx; " | 833 | POPULATE_SDK_POST_TARGET_COMMAND:append:task-populate-sdk = " sdk_target_combine_spdx; " |
| 830 | 834 | ||
| @@ -840,7 +844,7 @@ python image_combine_spdx() { | |||
| 840 | img_spdxid = oe.sbom.get_image_spdxid(image_name) | 844 | img_spdxid = oe.sbom.get_image_spdxid(image_name) |
| 841 | packages = image_list_installed_packages(d) | 845 | packages = image_list_installed_packages(d) |
| 842 | 846 | ||
| 843 | combine_spdx(d, image_name, imgdeploydir, img_spdxid, packages) | 847 | combine_spdx(d, image_name, imgdeploydir, img_spdxid, packages, Path(d.getVar("SPDXIMAGEWORK"))) |
| 844 | 848 | ||
| 845 | def make_image_link(target_path, suffix): | 849 | def make_image_link(target_path, suffix): |
| 846 | if image_link_name: | 850 | if image_link_name: |
| @@ -848,12 +852,8 @@ python image_combine_spdx() { | |||
| 848 | if link != target_path: | 852 | if link != target_path: |
| 849 | link.symlink_to(os.path.relpath(target_path, link.parent)) | 853 | link.symlink_to(os.path.relpath(target_path, link.parent)) |
| 850 | 854 | ||
| 851 | image_spdx_path = imgdeploydir / (image_name + ".spdx.json") | ||
| 852 | make_image_link(image_spdx_path, ".spdx.json") | ||
| 853 | spdx_tar_path = imgdeploydir / (image_name + ".spdx.tar.zst") | 855 | spdx_tar_path = imgdeploydir / (image_name + ".spdx.tar.zst") |
| 854 | make_image_link(spdx_tar_path, ".spdx.tar.zst") | 856 | make_image_link(spdx_tar_path, ".spdx.tar.zst") |
| 855 | spdx_index_path = imgdeploydir / (image_name + ".spdx.index.json") | ||
| 856 | make_image_link(spdx_index_path, ".spdx.index.json") | ||
| 857 | } | 857 | } |
| 858 | 858 | ||
| 859 | python sdk_host_combine_spdx() { | 859 | python sdk_host_combine_spdx() { |
| @@ -873,9 +873,9 @@ def sdk_combine_spdx(d, sdk_type): | |||
| 873 | sdk_deploydir = Path(d.getVar("SDKDEPLOYDIR")) | 873 | sdk_deploydir = Path(d.getVar("SDKDEPLOYDIR")) |
| 874 | sdk_spdxid = oe.sbom.get_sdk_spdxid(sdk_name) | 874 | sdk_spdxid = oe.sbom.get_sdk_spdxid(sdk_name) |
| 875 | sdk_packages = sdk_list_installed_packages(d, sdk_type == "target") | 875 | sdk_packages = sdk_list_installed_packages(d, sdk_type == "target") |
| 876 | combine_spdx(d, sdk_name, sdk_deploydir, sdk_spdxid, sdk_packages) | 876 | combine_spdx(d, sdk_name, sdk_deploydir, sdk_spdxid, sdk_packages, Path(d.getVar('SPDXSDKWORK'))) |
| 877 | 877 | ||
| 878 | def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): | 878 | def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages, spdx_workdir): |
| 879 | import os | 879 | import os |
| 880 | import oe.spdx | 880 | import oe.spdx |
| 881 | import oe.sbom | 881 | import oe.sbom |
| @@ -944,7 +944,7 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): | |||
| 944 | comment="Runtime dependencies for %s" % name | 944 | comment="Runtime dependencies for %s" % name |
| 945 | ) | 945 | ) |
| 946 | 946 | ||
| 947 | image_spdx_path = rootfs_deploydir / (rootfs_name + ".spdx.json") | 947 | image_spdx_path = spdx_workdir / (rootfs_name + ".spdx.json") |
| 948 | 948 | ||
| 949 | with image_spdx_path.open("wb") as f: | 949 | with image_spdx_path.open("wb") as f: |
| 950 | doc.to_json(f, sort_keys=True, indent=get_json_indent(d)) | 950 | doc.to_json(f, sort_keys=True, indent=get_json_indent(d)) |
| @@ -1020,7 +1020,3 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): | |||
| 1020 | info.gname = "root" | 1020 | info.gname = "root" |
| 1021 | 1021 | ||
| 1022 | tar.addfile(info, fileobj=index_str) | 1022 | tar.addfile(info, fileobj=index_str) |
| 1023 | |||
| 1024 | spdx_index_path = rootfs_deploydir / (rootfs_name + ".spdx.index.json") | ||
| 1025 | with spdx_index_path.open("w") as f: | ||
| 1026 | json.dump(index, f, sort_keys=True, indent=get_json_indent(d)) | ||