mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
a211f058cc
Loading a load of json files into a memory structure and stashing in a bitbake variable is relatively anti-social making bitbake -e output hard to read for example as well as other potential performance issues. Defer loading of that data until it is actually needed/used in a funciton where it is now passed as a parameter. (From OE-Core rev: 6f21cc9598178288784ff451ab3c40b174c0ef3e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
70 lines
2.3 KiB
Plaintext
70 lines
2.3 KiB
Plaintext
#
|
|
# Copyright OpenEmbedded Contributors
|
|
#
|
|
# SPDX-License-Identifier: GPL-2.0-only
|
|
#
|
|
|
|
SPDX_VERSION ??= ""
|
|
DEPLOY_DIR_SPDX ??= "${DEPLOY_DIR}/spdx/${SPDX_VERSION}"
|
|
|
|
# The product name that the CVE database uses. Defaults to BPN, but may need to
|
|
# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
|
|
CVE_PRODUCT ??= "${BPN}"
|
|
CVE_VERSION ??= "${PV}"
|
|
|
|
SPDXDIR ??= "${WORKDIR}/spdx/${SPDX_VERSION}"
|
|
SPDXDEPLOY = "${SPDXDIR}/deploy"
|
|
SPDXWORK = "${SPDXDIR}/work"
|
|
SPDXIMAGEWORK = "${SPDXDIR}/image-work"
|
|
SPDXSDKWORK = "${SPDXDIR}/sdk-work"
|
|
SPDXSDKEXTWORK = "${SPDXDIR}/sdk-ext-work"
|
|
SPDXDEPS = "${SPDXDIR}/deps.json"
|
|
|
|
SPDX_TOOL_NAME ??= "oe-spdx-creator"
|
|
SPDX_TOOL_VERSION ??= "1.0"
|
|
|
|
SPDXRUNTIMEDEPLOY = "${SPDXDIR}/runtime-deploy"
|
|
|
|
SPDX_INCLUDE_SOURCES ??= "0"
|
|
SPDX_ARCHIVE_SOURCES ??= "0"
|
|
SPDX_ARCHIVE_PACKAGED ??= "0"
|
|
|
|
SPDX_UUID_NAMESPACE ??= "sbom.openembedded.org"
|
|
SPDX_NAMESPACE_PREFIX ??= "http://spdx.org/spdxdocs"
|
|
SPDX_PRETTY ??= "0"
|
|
|
|
SPDX_LICENSES ??= "${COREBASE}/meta/files/spdx-licenses.json"
|
|
|
|
SPDX_CUSTOM_ANNOTATION_VARS ??= ""
|
|
|
|
SPDX_MULTILIB_SSTATE_ARCHS ??= "${SSTATE_ARCHS}"
|
|
|
|
python do_collect_spdx_deps() {
|
|
# This task calculates the build time dependencies of the recipe, and is
|
|
# required because while a task can deptask on itself, those dependencies
|
|
# do not show up in BB_TASKDEPDATA. To work around that, this task does the
|
|
# deptask on do_create_spdx and writes out the dependencies it finds, then
|
|
# do_create_spdx reads in the found dependencies when writing the actual
|
|
# SPDX document
|
|
import json
|
|
import oe.spdx_common
|
|
from pathlib import Path
|
|
|
|
spdx_deps_file = Path(d.getVar("SPDXDEPS"))
|
|
|
|
deps = oe.spdx_common.collect_direct_deps(d, "do_create_spdx")
|
|
|
|
with spdx_deps_file.open("w") as f:
|
|
json.dump(deps, f)
|
|
}
|
|
# NOTE: depending on do_unpack is a hack that is necessary to get it's dependencies for archive the source
|
|
addtask do_collect_spdx_deps after do_unpack
|
|
do_collect_spdx_deps[depends] += "${PATCHDEPENDENCY}"
|
|
do_collect_spdx_deps[deptask] = "do_create_spdx"
|
|
do_collect_spdx_deps[dirs] = "${SPDXDIR}"
|
|
|
|
oe.spdx_common.collect_direct_deps[vardepsexclude] += "BB_TASKDEPDATA"
|
|
oe.spdx_common.collect_direct_deps[vardeps] += "DEPENDS"
|
|
oe.spdx_common.collect_package_providers[vardepsexclude] += "BB_TASKDEPDATA"
|
|
oe.spdx_common.get_patched_src[vardepsexclude] += "STAGING_KERNEL_DIR"
|