summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoshua Watt <JPEWhacker@gmail.com>2021-09-01 08:44:43 -0500
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-09-03 09:03:36 +0100
commitebfe78ad26b643ce0fb22ba5b3ede43da4a78987 (patch)
treeefe4f10ca46bc17bce9c15125ba4268958e1c642
parent6fdea64ef53eb4de3d0e58e70ae6b391fdff6cd0 (diff)
downloadopenembedded-core-contrib-ebfe78ad26b643ce0fb22ba5b3ede43da4a78987.tar.gz
classes/create-spdx: Add SHA1 to index file
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/create-spdx.bbclass3
-rw-r--r--meta/lib/oe/sbom.py16
2 files changed, 15 insertions, 4 deletions
diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass
index e49d4d7e3c..5adad59065 100644
--- a/meta/classes/create-spdx.bbclass
+++ b/meta/classes/create-spdx.bbclass
@@ -627,7 +627,7 @@ python image_combine_spdx() {
visited_docs.add(path)
with path.open("rb") as f:
- doc = oe.spdx.SPDXDocument.from_json(f)
+ doc, sha1 = oe.sbom.read_doc(f)
f.seek(0)
if doc.documentNamespace in visited_docs:
@@ -651,6 +651,7 @@ python image_combine_spdx() {
index["documents"].append({
"filename": info.name,
"documentNamespace": doc.documentNamespace,
+ "sha1": sha1,
})
for ref in doc.externalDocumentRefs:
diff --git a/meta/lib/oe/sbom.py b/meta/lib/oe/sbom.py
index d40e5b792f..294feee10b 100644
--- a/meta/lib/oe/sbom.py
+++ b/meta/lib/oe/sbom.py
@@ -45,11 +45,21 @@ def write_doc(d, spdx_doc, subdir):
return doc_sha1
-def read_doc(filename):
+def read_doc(fn):
import hashlib
import oe.spdx
-
- with filename.open("rb") as f:
+ import io
+ import contextlib
+
+ @contextlib.contextmanager
+ def get_file():
+ if isinstance(fn, io.IOBase):
+ yield fn
+ else:
+ with fn.open("rb") as f:
+ yield f
+
+ with get_file() as f:
sha1 = hashlib.sha1()
while True:
chunk = f.read(4096)