From: "Q. Gylstorff" <Quirin.Gylstorff@siemens.com>
To: isar-users@googlegroups.com
Cc: Quirin Gylstorff <quirin.gylstorff@siemens.com>,
Claudius Heine <ch@denx.de>
Subject: [PATCH v4] meta/classes: generate bill of material from image
Date: Tue, 13 Aug 2019 10:18:23 +0200 [thread overview]
Message-ID: <20190813081823.29704-1-Quirin.Gylstorff@siemens.com> (raw)
In-Reply-To: <3221bfdb-641b-7e54-3fb5-1facbf6e5585@siemens.com>
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
To create products it is necessary to have a list
of used packages for clearance and to security monitoring.
To get a simple list of packages use dpkg-query and generate
a list with the following pattern:
source name| source version | binary package name | binary version
The list is stored in ${IMAGE_FULLNAME}.rootfs.manifest
Remove the feature with:
ROOTFS_FEATURES_remove = "generate-manifest"
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
Changes:
v4:
Add sdk rootfs to manifest
Avoid duplicated code and move gen_accounts_array and gen_manifest_array to
shell-list-processing-helper
call dpkg-query from $PATH
v3:
Add list of manifest for buildchroot manifest
This list can be exdent to add additional output generators
v2:
use FEATURE instead of own variable
meta/classes/image-account-extension.bbclass | 28 ++--------
.../image-package-list-extension.bbclass | 54 +++++++++++++++++++
meta/classes/image.bbclass | 3 +-
.../shell-list-processing-helper.bbclass | 30 +++++++++++
4 files changed, 89 insertions(+), 26 deletions(-)
create mode 100644 meta/classes/image-package-list-extension.bbclass
create mode 100644 meta/classes/shell-list-processing-helper.bbclass
diff --git a/meta/classes/image-account-extension.bbclass b/meta/classes/image-account-extension.bbclass
index 22754da..df44c49 100644
--- a/meta/classes/image-account-extension.bbclass
+++ b/meta/classes/image-account-extension.bbclass
@@ -25,36 +25,14 @@ GROUPS ??= ""
#GROUP_root[gid] = ""
#GROUP_root[flags] = "system"
-def gen_accounts_array(d, listname, entryname, flags, verb_flags=None):
- from itertools import chain
-
- entries = (d.getVar(listname, True) or "").split()
- return " ".join(
- ":".join(
- chain(
- (entry,),
- (
- (",".join(
- (
- d.getVarFlag(entryname + "_" + entry, flag, True) or ""
- ).split()
- ) if flag not in (verb_flags or []) else (
- d.getVarFlag(entryname + "_" + entry, flag, True) or ""
- )).replace(":","=")
- for flag in flags
- ),
- )
- )
- for entry in entries
- )
-
+inherit shell-list-processing-helper
# List of space separated entries, where each entry has the format:
# username:encryptedpassword:expiredate:inactivenumber:userid:groupid:comment:homedir:shell:group1,group2:flag1,flag2
-IMAGE_ACCOUNTS_USERS =+ "${@gen_accounts_array(d, 'USERS', 'USER', ['password', 'expire', 'inactive', 'uid', 'gid', 'comment', 'home', 'shell', 'groups', 'flags'], ['password', 'comment', 'home', 'shell'])}"
+IMAGE_ACCOUNTS_USERS =+ "${@gen_shell_list(d, 'USERS', 'USER', ['password', 'expire', 'inactive', 'uid', 'gid', 'comment', 'home', 'shell', 'groups', 'flags'], ['password', 'comment', 'home', 'shell'])}"
# List of space separated entries, where each entry has the format:
# groupname:groupid:flag1,flag2
-IMAGE_ACCOUNTS_GROUPS =+ "${@gen_accounts_array(d, 'GROUPS', 'GROUP', ['gid', 'flags'])}"
+IMAGE_ACCOUNTS_GROUPS =+ "${@gen_shell_list(d, 'GROUPS', 'GROUP', ['gid', 'flags'])}"
ROOTFS_CONFIGURE_COMMAND += "image_configure_accounts"
image_configure_accounts[weight] = "3"
diff --git a/meta/classes/image-package-list-extension.bbclass b/meta/classes/image-package-list-extension.bbclass
new file mode 100644
index 0000000..0aa3015
--- /dev/null
+++ b/meta/classes/image-package-list-extension.bbclass
@@ -0,0 +1,54 @@
+# This software is a part of ISAR.
+# Copyright (C) Siemens AG, 2019
+#
+# SPDX-License-Identifier: MIT
+MANIFESTS ?= "target build sdk"
+DPKG_DIR ?= "/var/lib/dpkg"
+# rootfs needs to be mounted inside of buildchroot
+MANIFEST_build[rootfs] ?= "${DPKG_DIR}"
+MANIFEST_target[rootfs] ?= "${PP_ROOTFS}${DPKG_DIR}"
+MANIFEST_sdk[rootfs] ?= "/work/${DISTRO}-${DISTRO_ARCH}/sdkchroot-${HOST_DISTRO}-${HOST_ARCH}-${DISTRO_ARCH}/rootfs${DPKG_DIR}"
+
+inherit shell-list-processing-helper
+IMAGE_MANIFESTS =+ "${@gen_shell_list(d, 'MANIFESTS', 'MANIFEST', ['rootfs'])}"
+
+do_image_generate_manifest[dirs] = "${DEPLOY_DIR_IMAGE}"
+image_generate_manifest() {
+ image_do_mounts
+ # mount working directory to access sdk rootfs
+ sudo -s <<'EOSUDO'
+ ( flock 9
+ mkdir -p ${BUILDCHROOT_DIR}/work
+ if ! mountpoint ${BUILDCHROOT_DIR}/work >/dev/null 2>&1; then
+ mount --bind --make-private ${TMPDIR}/work ${BUILDCHROOT_DIR}/work
+ fi
+ ) 9>${MOUNT_LOCKFILE}
+EOSUDO
+ list='${@" ".join(d.getVar('IMAGE_MANIFESTS', True).split())} '
+ while true; do
+ list_rest="${list#*:* }"
+ entry="${list%%${list_rest}}"
+ list="${list_rest}"
+
+ if [ -z "${entry}" ]; then
+ break
+ fi
+ # Add colon to the end of the entry and remove trailing space:
+ entry="${entry% }:"
+
+ # Decode entries:
+ name="${entry%%:*}"
+ entry="${entry#${name}:}"
+
+ rootfs="${entry%%:*}"
+ entry="${entry#${rootfs}:}"
+ if sudo -E chroot ${BUILDCHROOT_DIR} test -d "$rootfs"; then
+ sudo -E chroot ${BUILDCHROOT_DIR} \
+ dpkg-query --admindir="$rootfs" \
+ -f '${source:Package}|${source:Version}|${binary:Package}|${Version}\n' -W > \
+ ${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}."$name".manifest
+ fi
+ done
+}
+ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate-manifest', 'image_generate_manifest', '', d)}"
+
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index ec6bd39..60dd9fb 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -58,7 +58,7 @@ image_do_mounts() {
}
ROOTFSDIR = "${IMAGE_ROOTFS}"
-ROOTFS_FEATURES += "copy-package-cache clean-package-cache finalize-rootfs"
+ROOTFS_FEATURES += "copy-package-cache clean-package-cache finalize-rootfs generate-manifest"
ROOTFS_PACKAGES += "${IMAGE_PREINSTALL} ${IMAGE_INSTALL}"
inherit rootfs
@@ -68,6 +68,7 @@ inherit image-tools-extension
inherit image-postproc-extension
inherit image-locales-extension
inherit image-account-extension
+inherit image-package-list-extension
# Extra space for rootfs in MB
ROOTFS_EXTRA ?= "64"
diff --git a/meta/classes/shell-list-processing-helper.bbclass b/meta/classes/shell-list-processing-helper.bbclass
new file mode 100644
index 0000000..105066b
--- /dev/null
+++ b/meta/classes/shell-list-processing-helper.bbclass
@@ -0,0 +1,30 @@
+# This software is a part of ISAR.
+# Copyright (C) Siemens AG, 2019
+#
+# SPDX-License-Identifier: MIT
+#
+# This class extends the image.bbclass for creating user accounts and groups.
+
+def gen_shell_list(d, listname, entryname, flags, verb_flags=None):
+ from itertools import chain
+
+ entries = (d.getVar(listname, True) or "").split()
+ return " ".join(
+ ":".join(
+ chain(
+ (entry,),
+ (
+ (",".join(
+ (
+ d.getVarFlag(entryname + "_" + entry, flag, True) or ""
+ ).split()
+ ) if flag not in (verb_flags or []) else (
+ d.getVarFlag(entryname + "_" + entry, flag, True) or ""
+ )).replace(":","=")
+ for flag in flags
+ ),
+ )
+ )
+ for entry in entries
+ )
+
--
2.20.1
next prev parent reply other threads:[~2019-08-13 8:19 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-05 14:07 [PATCH] " Q. Gylstorff
2019-08-05 14:37 ` vijai kumar
2019-08-05 14:43 ` Henning Schild
2019-08-05 14:48 ` Jan Kiszka
2019-08-05 15:08 ` Henning Schild
2019-08-05 15:10 ` Jan Kiszka
2019-08-05 15:00 ` Baurzhan Ismagulov
2019-08-06 8:07 ` Claudius Heine
2019-08-06 8:36 ` Baurzhan Ismagulov
2019-08-06 8:47 ` Claudius Heine
2019-08-06 9:03 ` Baurzhan Ismagulov
2019-08-06 10:38 ` Claudius Heine
2019-08-06 8:38 ` Jan Kiszka
2019-08-06 8:48 ` Claudius Heine
2019-08-06 10:51 ` Quirin Gylstorff
2019-08-06 13:55 ` [PATCH v2] " Q. Gylstorff
2019-08-07 7:52 ` Quirin Gylstorff
2019-08-07 7:56 ` Gernot Hillier
2019-08-07 8:01 ` Claudius Heine
2019-08-07 8:08 ` Gernot Hillier
2019-08-07 8:21 ` Claudius Heine
2019-08-07 8:29 ` Gernot Hillier
2019-08-07 10:00 ` Gernot Hillier
2019-08-07 10:59 ` Baurzhan Ismagulov
2019-08-07 11:27 ` Claudius Heine
2019-08-07 12:27 ` Quirin Gylstorff
2019-08-09 10:30 ` [PATCH v3] " Q. Gylstorff
2019-08-12 8:04 ` Claudius Heine
2019-08-12 9:09 ` Quirin Gylstorff
2019-08-12 9:57 ` Claudius Heine
2019-08-13 8:18 ` Q. Gylstorff [this message]
2019-08-13 8:53 ` [PATCH v4] " Claudius Heine
2019-08-13 13:40 ` [PATCH v5] " Q. Gylstorff
2019-09-21 13:02 ` Jan Kiszka
2019-09-23 12:25 ` [PATCH v6] " Q. Gylstorff
2019-09-23 13:51 ` [PATCH v7] " Q. Gylstorff
2019-10-16 12:26 ` Baurzhan Ismagulov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190813081823.29704-1-Quirin.Gylstorff@siemens.com \
--to=quirin.gylstorff@siemens.com \
--cc=ch@denx.de \
--cc=isar-users@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox