From: Joshua Watt <jpewhacker@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: Joshua Watt <JPEWhacker@gmail.com>
Subject: [OE-core][PATCH v6 11/12] classes/create-spdx-2.2: Handle empty packages
Date: Fri, 12 Jul 2024 09:58:21 -0600 [thread overview]
Message-ID: <20240712160304.3514496-12-JPEWhacker@gmail.com> (raw)
In-Reply-To: <20240712160304.3514496-1-JPEWhacker@gmail.com>
When combining an SPDX document, the package list might be empty (e.g.
a baremetal image). Handle this case instead of erroring out
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
---
meta/classes/create-spdx-2.2.bbclass | 83 ++++++++++++++--------------
1 file changed, 42 insertions(+), 41 deletions(-)
diff --git a/meta/classes/create-spdx-2.2.bbclass b/meta/classes/create-spdx-2.2.bbclass
index 0382e4cc51a..865323d66a6 100644
--- a/meta/classes/create-spdx-2.2.bbclass
+++ b/meta/classes/create-spdx-2.2.bbclass
@@ -822,52 +822,53 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages, spdx
doc.packages.append(image)
- for name in sorted(packages.keys()):
- if name not in providers:
- bb.fatal("Unable to find SPDX provider for '%s'" % name)
+ if packages:
+ for name in sorted(packages.keys()):
+ if name not in providers:
+ bb.fatal("Unable to find SPDX provider for '%s'" % name)
- pkg_name, pkg_hashfn = providers[name]
+ pkg_name, pkg_hashfn = providers[name]
- pkg_spdx_path = oe.sbom.doc_find_by_hashfn(deploy_dir_spdx, package_archs, pkg_name, pkg_hashfn)
- if not pkg_spdx_path:
- bb.fatal("No SPDX file found for package %s, %s" % (pkg_name, pkg_hashfn))
+ pkg_spdx_path = oe.sbom.doc_find_by_hashfn(deploy_dir_spdx, package_archs, pkg_name, pkg_hashfn)
+ if not pkg_spdx_path:
+ bb.fatal("No SPDX file found for package %s, %s" % (pkg_name, pkg_hashfn))
- pkg_doc, pkg_doc_sha1 = oe.sbom.read_doc(pkg_spdx_path)
+ pkg_doc, pkg_doc_sha1 = oe.sbom.read_doc(pkg_spdx_path)
- for p in pkg_doc.packages:
- if p.name == name:
- pkg_ref = oe.spdx.SPDXExternalDocumentRef()
- pkg_ref.externalDocumentId = "DocumentRef-%s" % pkg_doc.name
- pkg_ref.spdxDocument = pkg_doc.documentNamespace
- pkg_ref.checksum.algorithm = "SHA1"
- pkg_ref.checksum.checksumValue = pkg_doc_sha1
+ for p in pkg_doc.packages:
+ if p.name == name:
+ pkg_ref = oe.spdx.SPDXExternalDocumentRef()
+ pkg_ref.externalDocumentId = "DocumentRef-%s" % pkg_doc.name
+ pkg_ref.spdxDocument = pkg_doc.documentNamespace
+ pkg_ref.checksum.algorithm = "SHA1"
+ pkg_ref.checksum.checksumValue = pkg_doc_sha1
- doc.externalDocumentRefs.append(pkg_ref)
- doc.add_relationship(image, "CONTAINS", "%s:%s" % (pkg_ref.externalDocumentId, p.SPDXID))
- break
- else:
- bb.fatal("Unable to find package with name '%s' in SPDX file %s" % (name, pkg_spdx_path))
-
- runtime_spdx_path = oe.sbom.doc_find_by_hashfn(deploy_dir_spdx, package_archs, "runtime-" + name, pkg_hashfn)
- if not runtime_spdx_path:
- bb.fatal("No runtime SPDX document found for %s, %s" % (name, pkg_hashfn))
-
- runtime_doc, runtime_doc_sha1 = oe.sbom.read_doc(runtime_spdx_path)
-
- runtime_ref = oe.spdx.SPDXExternalDocumentRef()
- runtime_ref.externalDocumentId = "DocumentRef-%s" % runtime_doc.name
- runtime_ref.spdxDocument = runtime_doc.documentNamespace
- runtime_ref.checksum.algorithm = "SHA1"
- runtime_ref.checksum.checksumValue = runtime_doc_sha1
-
- # "OTHER" isn't ideal here, but I can't find a relationship that makes sense
- doc.externalDocumentRefs.append(runtime_ref)
- doc.add_relationship(
- image,
- "OTHER",
- "%s:%s" % (runtime_ref.externalDocumentId, runtime_doc.SPDXID),
- comment="Runtime dependencies for %s" % name
- )
+ doc.externalDocumentRefs.append(pkg_ref)
+ doc.add_relationship(image, "CONTAINS", "%s:%s" % (pkg_ref.externalDocumentId, p.SPDXID))
+ break
+ else:
+ bb.fatal("Unable to find package with name '%s' in SPDX file %s" % (name, pkg_spdx_path))
+
+ runtime_spdx_path = oe.sbom.doc_find_by_hashfn(deploy_dir_spdx, package_archs, "runtime-" + name, pkg_hashfn)
+ if not runtime_spdx_path:
+ bb.fatal("No runtime SPDX document found for %s, %s" % (name, pkg_hashfn))
+
+ runtime_doc, runtime_doc_sha1 = oe.sbom.read_doc(runtime_spdx_path)
+
+ runtime_ref = oe.spdx.SPDXExternalDocumentRef()
+ runtime_ref.externalDocumentId = "DocumentRef-%s" % runtime_doc.name
+ runtime_ref.spdxDocument = runtime_doc.documentNamespace
+ runtime_ref.checksum.algorithm = "SHA1"
+ runtime_ref.checksum.checksumValue = runtime_doc_sha1
+
+ # "OTHER" isn't ideal here, but I can't find a relationship that makes sense
+ doc.externalDocumentRefs.append(runtime_ref)
+ doc.add_relationship(
+ image,
+ "OTHER",
+ "%s:%s" % (runtime_ref.externalDocumentId, runtime_doc.SPDXID),
+ comment="Runtime dependencies for %s" % name
+ )
bb.utils.mkdirhier(spdx_workdir)
image_spdx_path = spdx_workdir / (rootfs_name + ".spdx.json")
--
2.45.2
next prev parent reply other threads:[~2024-07-12 16:03 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-10 21:41 [OE-core][PATCH 0/6] Add SPDX 3.0 support Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 1/6] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-11 8:50 ` Martin Hundebøll
2024-06-10 21:41 ` [OE-core][PATCH 2/6] classes/spdx-common: Move common SPDX to new class Joshua Watt
2024-07-17 16:44 ` Adrian Freihofer
2024-06-10 21:41 ` [OE-core][PATCH 3/6] classes/spdx-common: Add SPDX version to path Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 4/6] classes/spdx-common: Return empty list from extract_licenses Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 5/6] classes/create-spdx-3.0: Add class Joshua Watt
2024-06-10 22:11 ` Patchtest results for " patchtest
2024-06-18 14:48 ` Marta Rybczynska
2024-06-18 15:22 ` Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 6/6] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-11 8:50 ` [OE-core][PATCH 0/6] Add SPDX 3.0 support Richard Purdie
2024-06-11 10:40 ` Richard Purdie
2024-06-11 14:42 ` Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 0/7] " Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 1/7] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 2/7] classes/create-spdx-3.0: Add classs Joshua Watt
2024-06-19 22:45 ` Patchtest results for " patchtest
2024-06-19 22:13 ` [OE-core][PATCH v2 3/7] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 4/7] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 5/7] classes-recipe: nospdx: Add class Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 6/7] classes/spdx-common: Move SPDX_SUPPLIER Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 7/7] Switch default spdx version to 3.0 Joshua Watt
2024-06-19 22:45 ` Patchtest results for " patchtest
2024-06-21 4:15 ` [OE-core][PATCH v2 0/7] Add SPDX 3.0 support Khem Raj
2024-06-21 6:24 ` Alexandre Belloni
2024-06-21 14:24 ` Joshua Watt
2024-06-21 17:21 ` Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 00/10] " Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 01/10] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 02/10] classes-recipe/baremetal-image: " Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 03/10] classes/create-spdx-3.0: Add classes Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 04/10] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 05/10] binutils-cross-testsuite: Rename to binutils-testsuite Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 06/10] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 07/10] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 08/10] classes-recipe: nospdx: Add class Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 09/10] classes/spdx-common: Move SPDX_SUPPLIER Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 10/10] Switch default spdx version to 3.0 Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 00/10] Add SPDX 3.0 support Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 01/10] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 02/10] classes-recipe/baremetal-image: " Joshua Watt
2024-06-25 10:24 ` Ernst Persson
2024-06-24 19:10 ` [OE-core][PATCH v4 03/10] classes/create-spdx-3.0: Add classes Joshua Watt
2024-06-25 14:44 ` Richard Purdie
2024-06-25 18:40 ` Mark Hatle
2024-06-27 16:33 ` Joshua Watt
2024-06-27 16:47 ` Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 04/10] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 05/10] binutils-cross-testsuite: Rename to binutils-testsuite Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 06/10] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 07/10] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 08/10] classes-recipe: nospdx: Add class Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 09/10] classes/spdx-common: Move SPDX_SUPPLIER Joshua Watt
2024-06-24 19:11 ` [OE-core][PATCH v4 10/10] Switch default spdx version to 3.0 Joshua Watt
2024-06-25 15:08 ` [OE-core][PATCH v4 00/10] Add SPDX 3.0 support Alexandre Belloni
2024-06-25 15:43 ` Richard Purdie
2024-07-03 13:59 ` [OE-core][PATCH v5 0/8] " Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 1/8] classes-recipe/image: Add image file manifest Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 2/8] classes-recipe/baremetal-image: " Joshua Watt
2024-07-11 9:56 ` Richard Purdie
2024-07-03 13:59 ` [OE-core][PATCH v5 3/8] classes/create-spdx-3.0: Add classes Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 4/8] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 5/8] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 6/8] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 7/8] classes-recipe: nospdx: Add class Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 8/8] Switch default spdx version to 3.0 Joshua Watt
2024-07-05 7:17 ` [OE-core][PATCH v5 0/8] Add SPDX 3.0 support Richard Purdie
[not found] ` <17DF3FE80C22BC48.23364@lists.openembedded.org>
2024-07-10 12:18 ` Richard Purdie
2024-07-10 14:03 ` Joshua Watt
2024-07-10 14:22 ` Richard Purdie
2024-07-12 15:58 ` [OE-core][PATCH v6 00/12] " Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 01/12] classes-recipe/image: Add image file manifest Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 02/12] classes-recipe/baremetal-image: " Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 03/12] classes/create-spdx-3.0: Add classes Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 04/12] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 05/12] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 06/12] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 07/12] classes-recipe: nospdx: Add class Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 08/12] selftest: sstatetests: Exclude all SPDX tasks Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 09/12] classes/spdx-common: Move to library Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 10/12] classes/create-spdx-3.0: Move tasks " Joshua Watt
2024-07-12 15:58 ` Joshua Watt [this message]
2024-07-12 15:58 ` [OE-core][PATCH v6 12/12] Switch default spdx version to 3.0 Joshua Watt
2024-07-13 6:44 ` [OE-core][PATCH v6 00/12] Add SPDX 3.0 support Richard Purdie
2024-07-15 20:40 ` Joshua Watt
2024-07-15 21:07 ` Richard Purdie
2024-07-15 21:26 ` Joshua Watt
2024-07-15 23:00 ` Richard Purdie
[not found] ` <17E2852F1C219F3B.14505@lists.openembedded.org>
2024-07-16 13:18 ` Richard Purdie
2024-07-16 13:46 ` Joshua Watt
[not found] ` <17E2B3F7B69CE314.18588@lists.openembedded.org>
2024-07-16 14:14 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240712160304.3514496-12-JPEWhacker@gmail.com \
--to=jpewhacker@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox