With all the pieces in place, the self test can be re-enabled.
(From OE-Core rev: 46e8b94582ea9734117d20cd62c39fb4450c00c4)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There have been errors seen when assembling root file system SPDX
documents where they will references files that don't exist in the
package SPDX.
The speculation is that this is caused by os.walk() ignoring errors when
walking, causing files to be omitted. Improve the code by adding an
error handler to os.walk() to report errors when they occur.
In addition, sort the files and directories while walking to ensure
consistent ordering of the file SPDX IDs.
(From OE-Core rev: 86b581e80637cd8136ce7a7e95db94d9553d2f60)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If networking fails, we can get useful informaiton over the serial connection. Add
this fallback code so that any issues can be more easily debugged by showing the
host and target networking states.
(From OE-Core rev: 3291f9d07ecfe7d3301dc914f5e6a80577cf1d5d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
As well as commit counts, it is helpful to know when metadata dates from. Store
the unix timestamp for commits in a commit_time field alongside the commit count.
This is useful for performance graph analysis and saves having to recompute the
data.
(From OE-Core rev: 56d1bc3f8f45d2f9c8ca0319c429cec562a16384)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit 0d3901b768.
We've still having CDN issues so go back to the double attempt to
see if this improves things.
(From OE-Core rev: 136f0edb75d9601a0ae56e025419d3cddfb90219)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix markdown style issues using markdownlint tool [1]:
$ cat ./meta/lib/patchtest/README.md | mdl
(stdin):4: MD034 Bare URL used
(stdin):8: MD034 Bare URL used
(stdin):9: MD034 Bare URL used
(stdin):20: MD034 Bare URL used
[1] https://github.com/markdownlint/markdownlint
(From OE-Core rev: 623cd2ffa8815a60ef630974393b17a1489ebf41)
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Introduce a new variable "OEQA_REPRODUCIBLE_TEST_LEAF_TARGETS".
It can be used like OEQA_REPRODUCIBLE_TEST_TARGET but will try to use
sstate for the dependencies.
This can be used to "quickly" test the reproducibility of a single recipe.
[YOCTO #15701]
(From OE-Core rev: e2440618bd12d7288a7f3f7cfb92d377ae61a3b4)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The code line was moved in
commit 5a9a5ad6a7 ("reproducibility: continue testing in case of build failure")
(From OE-Core rev: b4b60941153ebeb5019b26eeed593d0a1cdb4012)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adds a "contains" relationship that relates the root file system package
to the files contained in it. If a package provides a file with a
matching hash and path, it will be linked, otherwise a new File element
will be created
(From OE-Core rev: e6fe754aef93e834e5226c8b13fdf75e03080ba2)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes a bug in the code that created the hash dictionary that was
accidentally excluding items with a SHA256 hash instead of including
them
(From OE-Core rev: 90765467e42241d8b572d035389d7062a0316a9f)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rather than hiding the multilib logic in the package tests, move the
multilib setting to the init function of the class so the logic is
clearer.
(From OE-Core rev: 7699867c3ce979ab615eb677a417bb5b82faecb7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 'devtool' cases make a copy of 'poky', but before this patch, that
only included modifications to the 'meta/' subdirectory.
It's very frustrating to make changes to scripts/ and have them be
silently ignored by oe-selftest.
(From OE-Core rev: 35de7080c53808ade526b3b97cb54f528357deca)
Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The do_testsdk for lib32-core-image-sato aborts with below error:
configure: error: Package requirements (gtk+-3.0) were not met:
No package 'gtk+-3.0' found
Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix.
This causes due to an absolute path name in 'sdk_env', which is now stripped to have only the environment name.
(From OE-Core rev: 386e4132a9ced75599d92610cf5c0e8fe907c3b6)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
create_image_spdx() implementation assumes that image is indeed a file.
If image recipe deploys a directory (for example, which contains an
hierarchy of flash artifacts, that is used by SoC vendor-specific
flashing tool) which follows ${IMAGE_NAME}.${IMAGE_TYPE} naming scheme,
create_image_spdx() function will fail after trying to hash a directory:
*** 0002:do_create_image_spdx(d)
0003:
File: '.../meta/classes-recipe/create-spdx-image-3.0.bbclass', lineno: 48, function: do_create_image_spdx
0044:addtask do_create_rootfs_spdx_setscene
0045:
0046:python do_create_image_spdx() {
0047: import oe.spdx30_tasks
*** 0048: oe.spdx30_tasks.create_image_spdx(d)
0049:}
0050:addtask do_create_image_spdx after do_image_complete do_create_rootfs_spdx before do_build
0051:SSTATETASKS += "do_create_image_spdx"
...
File: '.../bitbake/lib/bb/utils.py', lineno: 536, function: _hasher
0532:
0533:def _hasher(method, filename):
0534: import mmap
0535:
*** 0536: with open(filename, "rb") as f:
0537: try:
0538: with mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ) as mm:
0539: for chunk in iter(lambda: mm.read(8192), b''):
0540: method.update(chunk)
Exception: IsADirectoryError: [Errno 21] Is a directory: '...'
(From OE-Core rev: a0d63082a4db375a55586c7864e280cd8f45ff7b)
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adjust test_recipetool_go_create test to a smaller repository.
Combine test_recipetool_go_create and test_recipetool_go_replace_modules
tests into test_recipetool_go_create, the new test performs both tests.
(From OE-Core rev: d1256f8ff4a94d4f32b2b9ca855359dd2d691beb)
Signed-off-by: Alexander Yurkov <alexander.v.yurkov@gmail.com>
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Looking at some of the autobuilder failures, it seems that somehow empty
reads might be possible despite not being EOF. Tweak the code to be a little
more robust in handling this.
In theory this shouldn't be possible but python does handle signals a bit
differently (e.g. transparrently retrying syscalls for EINTR) so adding this
check and a bit of code safety at least rules out this problem.
(From OE-Core rev: 9d91a5674c515a43ae76d8615f72e5e2dc16c961)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The test code in poison was flawed: as long as one CPP/CC/CXX has fatal
poisoning enabled then the test passes. However, at the moment due to
a bad rebase only CPP has fatal poisoning and CC/CXX do not.
Rewrite the do_compile() task to more carefully check the output so the
test harness itself just has to bitbake the recipe.
Note that this results in the test failing:
ERROR: poison-1.0-r0 do_compile: C Compiler is not poisoned.
Exit status 0, output: cc1: warning: include location "/usr/include" is unsafe for cross-compilation [-Wpoison-system-directories]
ERROR: poison-1.0-r0 do_compile: C++ Compiler is not poisoned.
Exit status 0, output: cc1plus: warning: include location "/usr/include" is unsafe for cross-compilation [-Wpoison-system-directories]
(From OE-Core rev: 5b413d1fdb4bdbaec86d630bb52c3ccf68aae789)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The idea of the base class dependency is to say "yes, I need a C cross compiler"
and this was never meant to be gcc specific. Looking at the codebase, whilst we
code triplets into this, it does overcomplicate things as there are only ever
limited, "target", "sdk" and the class extended versions like mutlilib.
After much thought, we can simplify this to virtual/cross-cc and virtual/nativesdk-cross-cc.
This lets us remove the "gcc" specific element as well as removing the over
complicated triplet usage.
At the same time, change the much less widely used "g++" variant to "c++" for
similar reasons and remove the triplet from virtual/XXX-binutils too.
Backwards compatibility mappings could be left but are just going to confuse
things in future so we'll just require users to update.
This simplification, whilst disruptive for any toolchain focused layers, will
make improved toolchain selection in the future much easier.
Since we no longer have overlapping variables, some code for that can just
be removed. The class extension code does need to start remapping some variables
but not the crosssdk target recipe names.
This patch is in two pieces, this one handles the renaming with the functional
changes separate in a second for easier review even if this breaks bisection.
(From OE-Core rev: 4ccc3bc8266c327bcc18c9a3faf7536210dfb9f0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 3.0.1 release of SPDX has been officially released with a few minor
modifications. Regenerate the bindings to use this version.
(From OE-Core rev: 54233a7d6fe414d22449fb02fac26b66a820b17a)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Printed message looks like this:
2025-01-12 00:40:08,326 - oe-selftest - ERROR - reproducibleA build failed. Trying to compute built packages differences but the test will fail.
2025-01-12 00:40:08,326 - oe-selftest - INFO - Failure log for reproducibleA will be copied to <snip>/oe-reproducible-20250112-mza9w940/bitbake-reproducibleA.log
Fixes [YOCTO #15655] (first half).
(From OE-Core rev: 1c2287849a2742445d80c81d6a1c6c3e3668765e)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We want to ensure ARM nativesdk signatures match those for the 32 and 64 bit
x86 versions. Add a test to ensure this is the case.
(From OE-Core rev: dced735e2cc9663527ff8b386bf20a5e1fb9ab07)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Due to commit [cve-check: Rework patch parsing] applied, it missed to
update patched_cves dictionary if cve_id not in patched_cves
(From OE-Core rev: 08796a8153666d93bb622c6a7497a85cef4def42)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otherwise fragments with 'require' statements will not parse,
as the parser will not be able to find files referred to by
those statements.
Add such a statement to the test fragment so that the scenario
is tested.
[YOCTO #15707]
(From OE-Core rev: d88e63d1a7867b3a4ebfc57d472900136b5361d8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The cve_check functionality to parse CVE IDs from the patch filename and
patch contents have been reworked to improve parsing and also utilize
tests. This ensures that the parsing works as intended.
Additionally, the new patched_cves dict has a few issues I tried to fix
as well. If multiple patch files exist for a single CVE ID, only the
last one will show up with the "resource" key. The value for the
"resource" key has been updated to hold a list and return all patch
files associated with a given CVE ID. Also, at the end of
get_patch_cves, CVE_STATUS can overwrite an existing entry in the dict.
This could cause an issue, for example, if a CVE has been addressed via
a patch, but a CVE_STATUS line also exists that ignores the given CVE
ID. A warning has been added if this ever happens.
(From OE-Core rev: 87c6da681609b4f8e048eca2a27ae8e068c724e1)
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Two warning lines in cve_check.py reference a variable that doesn't
exist. These would cause a runtime error if the conditions they are
hidden in were to be entered. The log lines have been updated to no
longer reference an undefined variable.
(From OE-Core rev: c9d059e8a362b3c9d604f7ebe8fd1dd994f0af6b)
Signed-off-by: Colin McAllister <colinmca242@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Extends the 'enable-fragment' and 'disable-fragment' commands so that
they accept multiple fragments at once as a convenience for the user
(From OE-Core rev: 50c3cdb3a3b9c7daa55ff26d302d95e5f350e4d2)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The current implementation of the config fragments is too aggressive in
checking files; any file in the fragment directory is checked, including
hidden files or files with weird extensions. In particular, if an editor
is creating temporary backup files when editing, these will be checked
and will almost assuredly fail, which prevents the tool from running.
Add a filter so that only non-hidden files that end with .conf are
checked.
(From OE-Core rev: 93edab0e2bccacb808421f0766d587c576c1a12b)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This allows fine-tuning local configurations with pre-frabricated
configuration snippets in a structured, controlled way. It's also
an important building block for bitbake-setup.
The tool requires that each fragment contains a one-line summary, and one or more
lines of description, as BB_CONF_FRAGMENT_SUMMARY style metadata.
There are three (and a half) operations (list/enable/disable/disable all), and here's the 'list' output:
alex@Zen2:/srv/storage/alex/yocto/build-64$ bitbake-config-build list-fragments
NOTE: Starting bitbake server...
Available fragments in selftest layer located in /srv/work/alex/poky/meta-selftest:
Enabled fragments:
selftest/test-fragment This is a configuration fragment intended for testing in oe-selftest context
Unused fragments:
selftest/more-fragments-here/test-another-fragment This is a second configuration fragment intended for testing in oe-selftest context
(From OE-Core rev: fdb611e13bd7aa00360d3a68e4818ef5f05c8944)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rpm2cpio has been deprecated upstream, so this prepares for its
eventual removal.
rpm2archive produces a tar archive which can be uncompressed
with tar executable from the host.
(From OE-Core rev: ed824d3fb23f0c89d8dfdacb2c4ef0b7c21a5144)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With this release, as expected, deprecated openpgp support
has been fully removed and replaced with sequoia:
https://github.com/rpm-software-management/rpm-sequoia/
Alas, it's written in rust, and has no recipe, so for now
signing rpm packages has to be disabled.
Remove package name parameter to %prep in source archiving, as it's
been dropped in the new rpm, and wasn't needed to begin with.
Drop 0001-perl-disable-auto-reqs.patch
(files removed upstream).
(From OE-Core rev: 8c15b4577d5e554cc2dd5adfb88b816894b05a9a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When used with `--newbuilddir` option, it replaces relative paths in
BBLAYERS variable with absolute paths by evaluating the final value of
the variable, converting paths and saving result by assignment
(`BBLAYERS =`) at the end of bblayers.conf.
This breaks tests when bblayers.conf contains BBLAYERS:append because
:append statements are evaluated after all assignments and we end up
with the appended layer added twice - first by evaluating final value
of the variable, then again by bitbake evaluating BBLAYERS:append.
The error is as follows:
AssertionError: Command 'bitbake -e' returned non-zero exit status 1:
ERROR: Found duplicated BBFILE_COLLECTIONS 'layer-name', check bblayers.conf or layer.conf to fix it.
(From OE-Core rev: 516c8e8f722ed0eb85a715a23b5e68d05abe9275)
Signed-off-by: Oleksandr Hnatiuk <ohnatiuk@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The SPDX code needs to be able to look up an Element by its SPDX ID,
locating the file that (should) contain the SPDX ID and opening it for
parsing. Previously, the code would do this be hashing each Element
SPDX ID and Alias, and the creating a symbolic link to the file that
contains the element with a name of the hash.
This worked well as it was possible to look up any arbitrary SPDX ID or
alias by simply hashing it and following the symbolic link to get the
file. However, the down side of this approach is that it creates a lot
of symbolic links, since it will make one or two per Element in the
document. This can be a problem when using SPDX_INCLUDE_SOURCES, for
example.
This change reworks this strategy so that the only Element that gets a
symbolic link based on the hash is the singular SpdxDocument that is
create for each file. All other Elements are assigned an alias with a
special prefix that encodes the hash of SpdxDocument alias. Thus, when
attempting to look up an arbitrary alias, the code sees the special
prefix, extract the hash, opens the file based on the symlink with that
hash name, then finds the matching Element in the file. This drastically
reduces the number of symbolic links by making only one per file.
This also means that the custom link extension can be removed since it
is now superfluous.
(From OE-Core rev: 838d64c09657ac53175737fc4e7fd6f01f3dcf47)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adds a test for several of the extra options provided by the SPDX
classes. In particular, these are the options that can produce
non-reproducible results, so are not enabled by default in OE core. This
test takes care to configure the build so that the tests do run in a
reproducible manner so that pre-built test objects can be pulled from
sstate
(From OE-Core rev: 14f534f15f7fe6362723d7f064d39783c5bd758f)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The call to make a new import for the SPDX_BUILD_HOST was incorrect,
since it was asking for the key named "SPDX_BUILD_HOST", instead of the
key name contained in that variable
(From OE-Core rev: 250c2bcc557040b4cd67cecf25f8351638cff45d)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When a agent reference was being used, the code was not using the
correct base variable to look up the agent
(From OE-Core rev: f3f13f48e214b25cf302b8ce397b630f5aa283fa)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These two files are the only ones that are left in meta/lib.
They logically belong to meta/lib/oe, so move them there.
(From OE-Core rev: c65dd0e3e463d6072b9364ac74e1fef0d998068f)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
