Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4f8f32b1 authored by Wei Li's avatar Wei Li Committed by Automerger Merge Worker
Browse files

Merge "Copy SBOM files of unbundled APKs to dist directory." am: 0ab788ee... 

Merge "Copy SBOM files of unbundled APKs to dist directory." am: 0ab788ee am: 54854098 am: b3565b4a

Original change: https://android-review.googlesource.com/c/platform/build/+/2534800



Change-Id: I234246245c1c9d63a9c7758d9fab8196e8b8475e
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 64fae709 b3565b4a

core/main.mk

+8 −1
Original line number Diff line number Diff line
@@ -2196,12 +2196,19 @@ $(PRODUCT_OUT)/sbom.spdx: $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM) 


$(call dist-for-goals,droid,$(PRODUCT_OUT)/sbom.spdx.json:sbom/sbom.spdx.json)

else

apps_only_sbom_files := $(sort $(patsubst %,%.spdx,$(apps_only_installed_files)))

apps_only_sbom_files := $(sort $(patsubst %,%.spdx.json,$(filter %.apk,$(apps_only_installed_files))))

$(apps_only_sbom_files): $(PRODUCT_OUT)/sbom-metadata.csv $(GEN_SBOM)

	rm -rf $@

	$(GEN_SBOM) --output_file $@ --metadata $(PRODUCT_OUT)/sbom-metadata.csv --product_out_dir=$(PRODUCT_OUT) --build_version $(BUILD_FINGERPRINT_FROM_FILE) --product_mfr="$(PRODUCT_MANUFACTURER)" --unbundled



sbom: $(apps_only_sbom_files)



$(foreach f,$(apps_only_sbom_files),$(eval $(patsubst %.spdx.json,%-fragment.spdx,$f): $f))

apps_only_fragment_files := $(patsubst %.spdx.json,%-fragment.spdx,$(apps_only_sbom_files))

$(foreach f,$(apps_only_fragment_files),$(eval apps_only_fragment_dist_files += :sbom/$(notdir $f)))



$(foreach f,$(apps_only_sbom_files),$(eval apps_only_sbom_dist_files += :sbom/$(notdir $f)))

$(call dist-for-goals,apps_only,$(join $(apps_only_sbom_files),$(apps_only_sbom_dist_files)) $(join $(apps_only_fragment_files),$(apps_only_fragment_dist_files)))

endif



$(call dist-write-file,$(KATI_PACKAGE_MK_DIR)/dist.mk)

tools/sbom/generate-sbom.py

+5 −2
Original line number Diff line number Diff line
@@ -397,7 +397,7 @@ def generate_sbom_for_unbundled(): 
                             creators=['Organization: ' + args.product_mfr])

    for installed_file_metadata in reader:

      installed_file = installed_file_metadata['installed_file']

      if args.output_file != args.product_out_dir + installed_file + ".spdx":

      if args.output_file != args.product_out_dir + installed_file + '.spdx.json':

        continue



      module_path = installed_file_metadata['module_path']
@@ -418,7 +418,10 @@ def generate_sbom_for_unbundled(): 
      doc.created = datetime.datetime.now(tz=datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%SZ')

      break



  with open(args.output_file, 'w', encoding="utf-8") as file:

  with open(args.output_file, 'w', encoding='utf-8') as file:

    sbom_writers.JSONWriter.write(doc, file)

  fragment_file = args.output_file.removesuffix('.spdx.json') + '-fragment.spdx'

  with open(fragment_file, 'w', encoding='utf-8') as file:

    sbom_writers.TagValueWriter.write(doc, file, fragment=True)