From 4799594b26f77ed259dc661bf077519b338390c8 Mon Sep 17 00:00:00 2001 From: Joshua Watt Date: Mon, 13 Jun 2022 21:30:47 -0500 Subject: classes/create-spdx: Add SPDX_PRETTY option Adds an option to make the SPDX more human-readable (at the expense of a larger files) Signed-off-by: Joshua Watt Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie --- meta/classes/create-spdx.bbclass | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) (limited to 'meta/classes/create-spdx.bbclass') diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index 37b6b569a1..15cccac84b 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -25,6 +25,7 @@ SPDX_ARCHIVE_PACKAGED ??= "0" SPDX_UUID_NAMESPACE ??= "sbom.openembedded.org" SPDX_NAMESPACE_PREFIX ??= "http://spdx.org/spdxdoc" +SPDX_PRETTY ??= "0" SPDX_LICENSES ??= "${COREBASE}/meta/files/spdx-licenses.json" @@ -76,6 +77,11 @@ def recipe_spdx_is_native(d, recipe): def is_work_shared_spdx(d): return bb.data.inherits_class('kernel', d) or ('work-shared' in d.getVar('WORKDIR')) +def get_json_indent(d): + if d.getVar("SPDX_PRETTY") == "1": + return 2 + return None + python() { import json if d.getVar("SPDX_LICENSE_DATA"): @@ -515,7 +521,7 @@ python do_create_spdx() { dep_recipes = collect_dep_recipes(d, doc, recipe) - doc_sha1 = oe.sbom.write_doc(d, doc, "recipes") + doc_sha1 = oe.sbom.write_doc(d, doc, "recipes", indent=get_json_indent(d)) dep_recipes.append(oe.sbom.DepRecipe(doc, doc_sha1, recipe)) recipe_ref = oe.spdx.SPDXExternalDocumentRef() @@ -579,7 +585,7 @@ python do_create_spdx() { add_package_sources_from_debug(d, package_doc, spdx_package, package, package_files, sources) - oe.sbom.write_doc(d, package_doc, "packages") + oe.sbom.write_doc(d, package_doc, "packages", indent=get_json_indent(d)) } # NOTE: depending on do_unpack is a hack that is necessary to get it's dependencies for archive the source addtask do_create_spdx after do_package do_packagedata do_unpack before do_populate_sdk do_build do_rm_work @@ -743,7 +749,7 @@ python do_create_runtime_spdx() { ) seen_deps.add(dep) - oe.sbom.write_doc(d, runtime_doc, "runtime", spdx_deploy) + oe.sbom.write_doc(d, runtime_doc, "runtime", spdx_deploy, indent=get_json_indent(d)) } addtask do_create_runtime_spdx after do_create_spdx before do_build do_rm_work @@ -938,7 +944,7 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): image_spdx_path = rootfs_deploydir / (rootfs_name + ".spdx.json") with image_spdx_path.open("wb") as f: - doc.to_json(f, sort_keys=True) + doc.to_json(f, sort_keys=True, indent=get_json_indent(d)) num_threads = int(d.getVar("BB_NUMBER_THREADS")) @@ -996,7 +1002,11 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): index["documents"].sort(key=lambda x: x["filename"]) - index_str = io.BytesIO(json.dumps(index, sort_keys=True).encode("utf-8")) + index_str = io.BytesIO(json.dumps( + index, + sort_keys=True, + indent=get_json_indent(d), + ).encode("utf-8")) info = tarfile.TarInfo() info.name = "index.json" @@ -1010,4 +1020,4 @@ def combine_spdx(d, rootfs_name, rootfs_deploydir, rootfs_spdxid, packages): spdx_index_path = rootfs_deploydir / (rootfs_name + ".spdx.index.json") with spdx_index_path.open("w") as f: - json.dump(index, f, sort_keys=True) + json.dump(index, f, sort_keys=True, indent=get_json_indent(d)) -- cgit 1.2.3-korg