mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-09 17:39:31 +00:00
Code Issues Projects Releases Wiki Activity

spdx 3.0: Find local sources when searching for debug sources

Browse Source 
Include the local files when searching for matching debug sources

(From OE-Core rev: 3ff2cc453d1ec3e12876e64f7dc84d79d25a7ea9)

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Joshua Watt
2024-09-27 09:51:54 -06:00
committed by Richard Purdie
parent 3d0289bca2
commit 98e71107d7
1 changed files with 32 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/lib/oe/spdx30_tasks.py
+32 -27
View File
@@ -119,7 +119,9 @@ def add_license_expression(d, objset, license_expression, license_data):
) )
spdx_license_expression = " ".join(convert(l) for l in lic_split) spdx_license_expression = " ".join(convert(l) for l in lic_split)
return objset.new_license_expression(spdx_license_expression, license_data, license_text_map) return objset.new_license_expression(
spdx_license_expression, license_data, license_text_map
)
def add_package_files( def add_package_files(
@@ -202,6 +204,7 @@ def get_package_sources_from_debug(
return False return False
debug_search_paths = [ debug_search_paths = [
Path(d.getVar("SPDXWORK")),
Path(d.getVar("PKGD")), Path(d.getVar("PKGD")),
Path(d.getVar("STAGING_DIR_TARGET")), Path(d.getVar("STAGING_DIR_TARGET")),
Path(d.getVar("STAGING_DIR_NATIVE")), Path(d.getVar("STAGING_DIR_NATIVE")),
@@ -286,8 +289,24 @@ def collect_dep_objsets(d, build):
return dep_objsets, dep_builds return dep_objsets, dep_builds
def collect_dep_sources(dep_objsets): def index_sources_by_hash(sources, dest):
sources = {} for s in sources:
if not isinstance(s, oe.spdx30.software_File):
continue
if s.software_primaryPurpose != oe.spdx30.software_SoftwarePurpose.source:
continue
for v in s.verifiedUsing:
if v.algorithm == oe.spdx30.HashAlgorithm.sha256:
if not v.hashValue in dest:
dest[v.hashValue] = s
break
else:
bb.fatal(f"No SHA256 found for {s.name}")
def collect_dep_sources(dep_objsets, dest):
for objset in dep_objsets: for objset in dep_objsets:
# Don't collect sources from native recipes as they # Don't collect sources from native recipes as they
# match non-native sources also. # match non-native sources also.
@@ -307,26 +326,7 @@ def collect_dep_sources(dep_objsets):
if e.relationshipType != oe.spdx30.RelationshipType.hasInputs: if e.relationshipType != oe.spdx30.RelationshipType.hasInputs:
continue continue
for to in e.to: index_sources_by_hash(e.to, dest)
if not isinstance(to, oe.spdx30.software_File):
continue
if (
to.software_primaryPurpose
!= oe.spdx30.software_SoftwarePurpose.source
):
continue
for v in to.verifiedUsing:
if v.algorithm == oe.spdx30.HashAlgorithm.sha256:
sources[v.hashValue] = to
break
else:
bb.fatal(
"No SHA256 found for %s in %s" % (to.name, objset.doc.name)
)
return sources
def add_download_files(d, objset): def add_download_files(d, objset):
@@ -511,18 +511,21 @@ def create_spdx(d):
source_files = add_download_files(d, build_objset) source_files = add_download_files(d, build_objset)
build_inputs |= source_files build_inputs |= source_files
recipe_spdx_license = add_license_expression(d, build_objset, d.getVar("LICENSE"), license_data) recipe_spdx_license = add_license_expression(
d, build_objset, d.getVar("LICENSE"), license_data
)
build_objset.new_relationship( build_objset.new_relationship(
source_files, source_files,
oe.spdx30.RelationshipType.hasConcludedLicense, oe.spdx30.RelationshipType.hasConcludedLicense,
[recipe_spdx_license], [recipe_spdx_license],
) )
dep_sources = {}
if oe.spdx_common.process_sources(d) and include_sources: if oe.spdx_common.process_sources(d) and include_sources:
bb.debug(1, "Adding source files to SPDX") bb.debug(1, "Adding source files to SPDX")
oe.spdx_common.get_patched_src(d) oe.spdx_common.get_patched_src(d)
build_inputs |= add_package_files( files = add_package_files(
d, d,
build_objset, build_objset,
spdx_workdir, spdx_workdir,
@@ -535,6 +538,8 @@ def create_spdx(d):
ignore_top_level_dirs=["temp"], ignore_top_level_dirs=["temp"],
archive=None, archive=None,
) )
build_inputs |= files
index_sources_by_hash(files, dep_sources)
dep_objsets, dep_builds = collect_dep_objsets(d, build) dep_objsets, dep_builds = collect_dep_objsets(d, build)
if dep_builds: if dep_builds:
@@ -555,7 +560,7 @@ def create_spdx(d):
# TODO: Handle native recipe output # TODO: Handle native recipe output
if not is_native: if not is_native:
bb.debug(1, "Collecting Dependency sources files") bb.debug(1, "Collecting Dependency sources files")
sources = collect_dep_sources(dep_objsets) collect_dep_sources(dep_objsets, dep_sources)
bb.build.exec_func("read_subpackage_metadata", d) bb.build.exec_func("read_subpackage_metadata", d)
@@ -726,7 +731,7 @@ def create_spdx(d):
if include_sources: if include_sources:
debug_sources = get_package_sources_from_debug( debug_sources = get_package_sources_from_debug(
d, package, package_files, sources, source_hash_cache d, package, package_files, dep_sources, source_hash_cache
) )
debug_source_ids |= set( debug_source_ids |= set(
oe.sbom30.get_element_link_id(d) for d in debug_sources oe.sbom30.get_element_link_id(d) for d in debug_sources