Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8b9c23ec authored by Wei Li's avatar Wei Li Committed by Gerrit Code Review
Browse files

Merge "Export attestation file information to provenance metadata of an... 

Merge "Export attestation file information to provenance metadata of an artifact if its attestation file exists."
parents 85f8fa2c b68b3675

provenance/provenance_singleton.go

+2 −1
Original line number Diff line number Diff line
@@ -36,7 +36,8 @@ var ( 
	mergeProvenanceMetaData = pctx.AndroidStaticRule("mergeProvenanceMetaData",

		blueprint.RuleParams{

			Command: `rm -rf $out $out.temp && ` +

				`echo -e "# proto-file: build/soong/provenance/proto/provenance_metadata.proto\n# proto-message: ProvenanceMetaDataList" > $out && ` +

				`echo "# proto-file: build/soong/provenance/proto/provenance_metadata.proto" > $out && ` +

				`echo "# proto-message: ProvenanceMetaDataList" >> $out && ` +

				`touch $out.temp && cat $out.temp $in | grep -v "^#.*" >> $out && rm -rf $out.temp`,

		})

)

provenance/tools/gen_provenance_metadata.py

+6 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


import argparse

import hashlib

import os.path

import sys



import google.protobuf.text_format as text_format
@@ -51,6 +52,11 @@ def main(argv): 
    h.update(artifact_file.read())

  provenance_metadata.artifact_sha256 = h.hexdigest()



  Log("Check if there is attestation for the artifact")

  attestation_file_name = args.artifact_path + ".intoto.jsonl"

  if os.path.isfile(attestation_file_name):

    provenance_metadata.attestation_path = attestation_file_name



  text_proto = [

      "# proto-file: build/soong/provenance/proto/provenance_metadata.proto",

      "# proto-message: ProvenanceMetaData",

provenance/tools/gen_provenance_metadata_test.py

+7 −0
Original line number Diff line number Diff line
@@ -100,6 +100,11 @@ class ProvenanceMetaDataToolTest(unittest.TestCase): 
    artifact_file = tempfile.mktemp()

    with open(artifact_file,"wt") as f:

      f.write(artifact_content)



    attestation_file = artifact_file + ".intoto.jsonl"

    with open(attestation_file, "wt") as af:

      af.write("attestation file")



    metadata_file = tempfile.mktemp()

    cmd = ["gen_provenance_metadata"]

    cmd.extend(["--module_name", "a"])
@@ -117,9 +122,11 @@ class ProvenanceMetaDataToolTest(unittest.TestCase): 
      self.assertEqual(provenance_metadata.artifact_path, artifact_file)

      self.assertEqual(provenance_metadata.artifact_install_path, "b")

      self.assertEqual(provenance_metadata.artifact_sha256, sha256(artifact_content))

      self.assertEqual(provenance_metadata.attestation_path, attestation_file)



    os.remove(artifact_file)

    os.remove(metadata_file)

    os.remove(attestation_file)



if __name__ == '__main__':

  unittest.main(verbosity=2)
 
 No newline at end of file