tequilaOS/platform_build
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Copy SBOM files of unbundled APKs to dist directory." am: 0ab788ee83

Browse source 
Original change: https://android-review.googlesource.com/c/platform/build/+/2534800

Change-Id: I80b17ef163898aa1f5d667fa35539ce99026169a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Wei Li 2023-04-19 17:32:50 +00:00 committed by Automerger Merge Worker
commit 54854098e9
2 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
core/main.mk
View file

@ -2196,12 +2196,19 @@ $(PRODUCT_OUT)/sbom.spdx: $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM)
$(call dist-for-goals,droid,$(PRODUCT_OUT)/sbom.spdx.json:sbom/sbom.spdx.json) $(call dist-for-goals,droid,$(PRODUCT_OUT)/sbom.spdx.json:sbom/sbom.spdx.json)
else else
apps_only_sbom_files := $(sort $(patsubst %,%.spdx,$(apps_only_installed_files))) apps_only_sbom_files := $(sort $(patsubst %,%.spdx.json,$(filter %.apk,$(apps_only_installed_files))))
$(apps_only_sbom_files): $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM) $(apps_only_sbom_files): $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM)
rm -rf $@ rm -rf $@
$(GEN_SBOM) --output_file $@ --metadata $(PRODUCT_OUT)/sbom-metadata.csv --product_out_dir=$(PRODUCT_OUT) --build_version $(BUILD_FINGERPRINT_FROM_FILE) --product_mfr="$(PRODUCT_MANUFACTURER)" --unbundled $(GEN_SBOM) --output_file $@ --metadata $(PRODUCT_OUT)/sbom-metadata.csv --product_out_dir=$(PRODUCT_OUT) --build_version $(BUILD_FINGERPRINT_FROM_FILE) --product_mfr="$(PRODUCT_MANUFACTURER)" --unbundled
sbom: $(apps_only_sbom_files) sbom: $(apps_only_sbom_files)
$(foreach f,$(apps_only_sbom_files),$(eval $(patsubst %.spdx.json,%-fragment.spdx,$f): $f))
apps_only_fragment_files := $(patsubst %.spdx.json,%-fragment.spdx,$(apps_only_sbom_files))
$(foreach f,$(apps_only_fragment_files),$(eval apps_only_fragment_dist_files += :sbom/$(notdir $f)))
$(foreach f,$(apps_only_sbom_files),$(eval apps_only_sbom_dist_files += :sbom/$(notdir $f)))
$(call dist-for-goals,apps_only,$(join $(apps_only_sbom_files),$(apps_only_sbom_dist_files)) $(join $(apps_only_fragment_files),$(apps_only_fragment_dist_files)))
endif endif
$(call dist-write-file,$(KATI_PACKAGE_MK_DIR)/dist.mk) $(call dist-write-file,$(KATI_PACKAGE_MK_DIR)/dist.mk)

7
tools/sbom/generate-sbom.py
View file

@ -397,7 +397,7 @@ def generate_sbom_for_unbundled():
creators=['Organization: ' + args.product_mfr]) creators=['Organization: ' + args.product_mfr])
for installed_file_metadata in reader: for installed_file_metadata in reader:
installed_file = installed_file_metadata['installed_file'] installed_file = installed_file_metadata['installed_file']
if args.output_file != args.product_out_dir + installed_file + ".spdx": if args.output_file != args.product_out_dir + installed_file + '.spdx.json':
continue continue
module_path = installed_file_metadata['module_path'] module_path = installed_file_metadata['module_path']
@ -418,7 +418,10 @@ def generate_sbom_for_unbundled():
doc.created = datetime.datetime.now(tz=datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%SZ') doc.created = datetime.datetime.now(tz=datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%SZ')
break break
with open(args.output_file, 'w', encoding="utf-8") as file: with open(args.output_file, 'w', encoding='utf-8') as file:
sbom_writers.JSONWriter.write(doc, file)
fragment_file = args.output_file.removesuffix('.spdx.json') + '-fragment.spdx'
with open(fragment_file, 'w', encoding='utf-8') as file:
sbom_writers.TagValueWriter.write(doc, file, fragment=True) sbom_writers.TagValueWriter.write(doc, file, fragment=True)