From: Richard Purdie <richard.purdie@linuxfoundation.org>
To: JPEWhacker@gmail.com, openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][PATCH v4 03/10] classes/create-spdx-3.0: Add classes
Date: Tue, 25 Jun 2024 15:44:58 +0100 [thread overview]
Message-ID: <2b67292a8d2cf14782de6f34f1430323082c8eee.camel@linuxfoundation.org> (raw)
In-Reply-To: <20240624193151.1645802-4-JPEWhacker@gmail.com>
On Mon, 2024-06-24 at 13:10 -0600, Joshua Watt via lists.openembedded.org wrote:
> +python spdx30_build_started_handler () {
> + import oe.spdx30
> + import oe.sbom30
> + import os
> + from pathlib import Path
> +
> + # Create a copy of the datastore. Set PN to "bitbake" so that SPDX IDs can
> + # be generated
> + d = e.data.createCopy()
> + d.setVar("PN", "bitbake")
> + d.setVar("BB_TASKHASH", "bitbake")
> + load_spdx_license_data(d)
> +
> + deploy_dir_spdx = Path(e.data.getVar("DEPLOY_DIR_SPDX"))
> +
> + nonce = os.urandom(16).hex()
> +
> + objset = oe.sbom30.ObjectSet.new_objset(d, "bitbake", False)
> +
> + build = objset.add_root(oe.spdx30.build_Build(
> + _id=objset.new_spdxid(nonce, include_unihash=False),
> + creationInfo=objset.doc.creationInfo,
> + build_buildType=oe.sbom30.SPDX_BUILD_TYPE,
> + build_buildStartTime=oe.sbom30.spdx_now()
> + ))
> +
> + host_import_key = d.getVar("SPDX_BUILD_HOST")
> + if host_import_key:
> + objset.new_scoped_relationship(
> + [build],
> + oe.spdx30.RelationshipType.hasHost,
> + oe.spdx30.LifecycleScopeType.build,
> + [objset.new_import("SPDX_BUILD_HOST")],
> + )
> +
> + invoked_by = objset.new_agent("SPDX_INVOKED_BY")
> + if invoked_by:
> + invoked_by_spdx = objset.new_scoped_relationship(
> + [build],
> + oe.spdx30.RelationshipType.invokedBy,
> + oe.spdx30.LifecycleScopeType.build,
> + [invoked_by],
> + )
> +
> + on_behalf_of = objset.new_agent("SPDX_ON_BEHALF_OF")
> + if on_behalf_of:
> + objset.new_scoped_relationship(
> + [on_behalf_of],
> + oe.spdx30.RelationshipType.delegatedTo,
> + oe.spdx30.LifecycleScopeType.build,
> + invoked_by_spdx,
> + )
> +
> + for obj in objset.foreach_type(oe.spdx30.Element):
> + obj.extension.append(oe.sbom30.OELinkExtension(link_spdx_id=False))
> + obj.extension.append(oe.sbom30.OEIdAliasExtension())
> +
> + oe.sbom30.write_jsonld_doc(d, objset, deploy_dir_spdx / "bitbake.spdx.json")
> +}
> +
> +addhandler spdx30_build_started_handler
> +spdx30_build_started_handler[eventmask] = "bb.event.ConfigParsed"
Reading through, this caught my eye. Do we really need to do that at
ConfigParsed? I suspect you'll hit this a lot more than you expect
since each new execution thread could parse the config and trigger
this. Would BuildStarted not be more appropriate?
I'm also worried about determinism here. I didn't look into what data
this is writing out but it worries me...
Cheers,
Richard
next prev parent reply other threads:[~2024-06-25 14:45 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-10 21:41 [OE-core][PATCH 0/6] Add SPDX 3.0 support Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 1/6] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-11 8:50 ` Martin Hundebøll
2024-06-10 21:41 ` [OE-core][PATCH 2/6] classes/spdx-common: Move common SPDX to new class Joshua Watt
2024-07-17 16:44 ` Adrian Freihofer
2024-06-10 21:41 ` [OE-core][PATCH 3/6] classes/spdx-common: Add SPDX version to path Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 4/6] classes/spdx-common: Return empty list from extract_licenses Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 5/6] classes/create-spdx-3.0: Add class Joshua Watt
2024-06-10 22:11 ` Patchtest results for " patchtest
2024-06-18 14:48 ` Marta Rybczynska
2024-06-18 15:22 ` Joshua Watt
2024-06-10 21:41 ` [OE-core][PATCH 6/6] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-11 8:50 ` [OE-core][PATCH 0/6] Add SPDX 3.0 support Richard Purdie
2024-06-11 10:40 ` Richard Purdie
2024-06-11 14:42 ` Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 0/7] " Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 1/7] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 2/7] classes/create-spdx-3.0: Add classs Joshua Watt
2024-06-19 22:45 ` Patchtest results for " patchtest
2024-06-19 22:13 ` [OE-core][PATCH v2 3/7] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 4/7] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 5/7] classes-recipe: nospdx: Add class Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 6/7] classes/spdx-common: Move SPDX_SUPPLIER Joshua Watt
2024-06-19 22:13 ` [OE-core][PATCH v2 7/7] Switch default spdx version to 3.0 Joshua Watt
2024-06-19 22:45 ` Patchtest results for " patchtest
2024-06-21 4:15 ` [OE-core][PATCH v2 0/7] Add SPDX 3.0 support Khem Raj
2024-06-21 6:24 ` Alexandre Belloni
2024-06-21 14:24 ` Joshua Watt
2024-06-21 17:21 ` Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 00/10] " Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 01/10] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 02/10] classes-recipe/baremetal-image: " Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 03/10] classes/create-spdx-3.0: Add classes Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 04/10] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 05/10] binutils-cross-testsuite: Rename to binutils-testsuite Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 06/10] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 07/10] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 08/10] classes-recipe: nospdx: Add class Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 09/10] classes/spdx-common: Move SPDX_SUPPLIER Joshua Watt
2024-06-24 15:20 ` [OE-core][PATCH v3 10/10] Switch default spdx version to 3.0 Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 00/10] Add SPDX 3.0 support Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 01/10] classes-recipe/image: Add image file manifest Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 02/10] classes-recipe/baremetal-image: " Joshua Watt
2024-06-25 10:24 ` Ernst Persson
2024-06-24 19:10 ` [OE-core][PATCH v4 03/10] classes/create-spdx-3.0: Add classes Joshua Watt
2024-06-25 14:44 ` Richard Purdie [this message]
2024-06-25 18:40 ` Mark Hatle
2024-06-27 16:33 ` Joshua Watt
2024-06-27 16:47 ` Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 04/10] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 05/10] binutils-cross-testsuite: Rename to binutils-testsuite Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 06/10] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 07/10] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 08/10] classes-recipe: nospdx: Add class Joshua Watt
2024-06-24 19:10 ` [OE-core][PATCH v4 09/10] classes/spdx-common: Move SPDX_SUPPLIER Joshua Watt
2024-06-24 19:11 ` [OE-core][PATCH v4 10/10] Switch default spdx version to 3.0 Joshua Watt
2024-06-25 15:08 ` [OE-core][PATCH v4 00/10] Add SPDX 3.0 support Alexandre Belloni
2024-06-25 15:43 ` Richard Purdie
2024-07-03 13:59 ` [OE-core][PATCH v5 0/8] " Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 1/8] classes-recipe/image: Add image file manifest Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 2/8] classes-recipe/baremetal-image: " Joshua Watt
2024-07-11 9:56 ` Richard Purdie
2024-07-03 13:59 ` [OE-core][PATCH v5 3/8] classes/create-spdx-3.0: Add classes Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 4/8] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 5/8] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 6/8] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 7/8] classes-recipe: nospdx: Add class Joshua Watt
2024-07-03 13:59 ` [OE-core][PATCH v5 8/8] Switch default spdx version to 3.0 Joshua Watt
2024-07-05 7:17 ` [OE-core][PATCH v5 0/8] Add SPDX 3.0 support Richard Purdie
[not found] ` <17DF3FE80C22BC48.23364@lists.openembedded.org>
2024-07-10 12:18 ` Richard Purdie
2024-07-10 14:03 ` Joshua Watt
2024-07-10 14:22 ` Richard Purdie
2024-07-12 15:58 ` [OE-core][PATCH v6 00/12] " Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 01/12] classes-recipe/image: Add image file manifest Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 02/12] classes-recipe/baremetal-image: " Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 03/12] classes/create-spdx-3.0: Add classes Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 04/12] classes-global/staging: Exclude do_create_spdx from automatic sysroot extension Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 05/12] classes-recipe/image_types: Add SPDX_IMAGE_PURPOSE to images Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 06/12] selftest: spdx: Add SPDX 3.0 test cases Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 07/12] classes-recipe: nospdx: Add class Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 08/12] selftest: sstatetests: Exclude all SPDX tasks Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 09/12] classes/spdx-common: Move to library Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 10/12] classes/create-spdx-3.0: Move tasks " Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 11/12] classes/create-spdx-2.2: Handle empty packages Joshua Watt
2024-07-12 15:58 ` [OE-core][PATCH v6 12/12] Switch default spdx version to 3.0 Joshua Watt
2024-07-13 6:44 ` [OE-core][PATCH v6 00/12] Add SPDX 3.0 support Richard Purdie
2024-07-15 20:40 ` Joshua Watt
2024-07-15 21:07 ` Richard Purdie
2024-07-15 21:26 ` Joshua Watt
2024-07-15 23:00 ` Richard Purdie
[not found] ` <17E2852F1C219F3B.14505@lists.openembedded.org>
2024-07-16 13:18 ` Richard Purdie
2024-07-16 13:46 ` Joshua Watt
[not found] ` <17E2B3F7B69CE314.18588@lists.openembedded.org>
2024-07-16 14:14 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2b67292a8d2cf14782de6f34f1430323082c8eee.camel@linuxfoundation.org \
--to=richard.purdie@linuxfoundation.org \
--cc=JPEWhacker@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox