| #!/usr/bin/env python3 |
| # |
| # Copyright 2022 Google LLC |
| # |
| # This program is free software; you can redistribute it and/or |
| # modify it under the terms of the GNU General Public License |
| # version 2 as published by the Free Software Foundation. |
| # |
| # This program is distributed in the hope that it will be useful, |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| # GNU General Public License for more details. |
| # |
| |
| # This script is used to automatically generate package |
| # information for SBOM of COS image bundled dependencies. |
| |
| import os |
| import sys |
| from sbom_info_lib import download_url |
| from sbom_info_lib import go_dep |
| from sbom_info_lib import licenses |
| from chromite.lib import osutils |
| |
| SBOM_INFO_FILE_NAME = "sbom-pkg-info" |
| |
| |
| class SbomPackageInfo: |
| def __init__(self): |
| self.download_url = "" |
| self.licenses = "" |
| self.go_dep = "" |
| self.err = "" |
| |
| def write_to_build_info(self, build_info_dir): |
| content = ( |
| f"download-url:{self.download_url}\n" |
| + f"licenses:{self.licenses}\n" |
| + f"go-dep:{self.go_dep}\n" |
| + f"err:{self.err}\n" |
| ) |
| osutils.WriteFile( |
| f"{build_info_dir}/{SBOM_INFO_FILE_NAME}", content, makedirs=True |
| ) |
| |
| |
| class SBOMPkgInfoError(Exception): |
| def __init__(self, msg): |
| super().__init__(msg) |
| |
| |
| def read_build_info(build_info_dir): |
| with open(os.path.join(build_info_dir, "repository"), "r") as f: |
| repository = f.read().strip() |
| with open(os.path.join(build_info_dir, "CATEGORY"), "r") as f: |
| category = f.read().strip() |
| with open(os.path.join(build_info_dir, "PF"), "r") as f: |
| pf = f.read().strip() |
| license_path = os.path.join(build_info_dir, "LICENSE") |
| license = "" |
| if os.path.exists(license_path): |
| with open(license_path, "r") as f: |
| license = f.read().strip() |
| return repository, category, pf, license |
| |
| |
| def main(): |
| sbom_pkg_info = SbomPackageInfo() |
| package_dir = os.getenv("PORTAGE_BUILDDIR") |
| build_info_dir = os.path.join(package_dir, "build-info") |
| private = False |
| try: |
| package_name = os.path.basename(package_dir) |
| ebuild = os.path.join(build_info_dir, package_name + ".ebuild") |
| repository, category, pf, license = read_build_info(build_info_dir) |
| if "private" in repository: |
| # Skip private packages. |
| private = True |
| return |
| sbom_pkg_info.download_url = download_url.get_download_url( |
| ebuild, repository, category, pf, license |
| ) |
| sbom_pkg_info.licenses = licenses.get_licenses(build_info_dir) |
| sbom_pkg_info.go_dep = go_dep.get_go_dep( |
| sbom_pkg_info.download_url, build_info_dir |
| ) |
| if not sbom_pkg_info.download_url: |
| raise SBOMPkgInfoError(f"download url not found") |
| if not sbom_pkg_info.licenses: |
| sbom_pkg_info.licenses = "NONE" |
| except Exception as e: |
| sbom_pkg_info.err = repr(e) |
| finally: |
| if not private: |
| sbom_pkg_info.write_to_build_info(build_info_dir) |
| |
| |
| if __name__ == "__main__": |
| sys.exit(main()) |