From: "'Felix Moessbauer' via isar-users" <isar-users@googlegroups.com>
To: isar-users@googlegroups.com
Cc: christoph.steiger@siemens.com, cedric.hombourger@siemens.com,
jan.kiszka@siemens.com,
Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [PATCH v3 09/10] imager: create SBOM of IMAGER_BOM packages
Date: Wed, 22 Oct 2025 17:39:20 +0200 [thread overview]
Message-ID: <20251022153921.2494749-10-felix.moessbauer@siemens.com> (raw)
In-Reply-To: <20251022153921.2494749-1-felix.moessbauer@siemens.com>
This uses the same interface as the .manifest file, but adds the
packagse to an SBOM.
Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
meta/classes/image-tools-extension.bbclass | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/meta/classes/image-tools-extension.bbclass b/meta/classes/image-tools-extension.bbclass
index 65258a5a..2576c5ef 100644
--- a/meta/classes/image-tools-extension.bbclass
+++ b/meta/classes/image-tools-extension.bbclass
@@ -75,6 +75,8 @@ EOAPT
schroot -r -c ${session_id} -d / -- \
dpkg-query -W -f='${source:Package}|${source:Version}|${Package}:${Architecture}|${Version}\n' ${local_bom} > \
${WORKDIR}/imager.manifest
+
+ ${@bb.utils.contains('ROOTFS_FEATURES', 'generate-sbom', 'generate_imager_sbom', '', d)}
fi
schroot -e -c ${session_id}
@@ -82,3 +84,23 @@ EOAPT
remove_mounts
schroot_delete_configs
}
+
+generate_imager_sbom() {
+ TIMESTAMP=$(date --iso-8601=s -d @${SOURCE_DATE_EPOCH})
+ sbom_document_uuid="${@d.getVar('SBOM_DOCUMENT_UUID') or generate_document_uuid(d, False)}"
+ bwrap \
+ --unshare-user \
+ --unshare-pid \
+ --bind ${SBOM_CHROOT} / \
+ --bind $schroot_dir /mnt/rootfs \
+ --bind ${WORKDIR} /mnt/deploy-dir \
+ -- debsbom -vv generate ${SBOM_DEBSBOM_TYPE_ARGS} \
+ --from-pkglist -r /mnt/rootfs -o /mnt/deploy-dir/'${PN}-${DISTRO}-${MACHINE}-imager' \
+ --distro-name '${SBOM_DISTRO_NAME}-Imager' --distro-supplier '${SBOM_DISTRO_SUPPLIER}' \
+ --distro-version '${SBOM_DISTRO_VERSION}' --distro-arch '${DISTRO_ARCH}' \
+ --base-distro-vendor '${SBOM_BASE_DISTRO_VENDOR}' \
+ --cdx-serialnumber $sbom_document_uuid \
+ --spdx-namespace '${SBOM_SPDX_NAMESPACE_PREFIX}'-$sbom_document_uuid \
+ --timestamp $TIMESTAMP \
+ < ${WORKDIR}/imager.manifest
+}
--
2.51.0
--
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/20251022153921.2494749-10-felix.moessbauer%40siemens.com.
next prev parent reply other threads:[~2025-10-22 15:40 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-22 15:39 [PATCH v3 00/10] Add SBOM generation with debsbom 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 01/10] refactor: move get_rootfs_distro from sdk into rootfs 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 02/10] meta: package python libraries for SBOM generation 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 03/10] meta: package python3-debsbom 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 04/10] meta: add SBOM generation with debsbom 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 05/10] override distro vendor in SBOM on Ubuntu 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 06/10] add support to add imager dependencies to BOM 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 07/10] wic: create uniform manifest describing all image components 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` [PATCH v3 08/10] qemuamd64: add IMAGER_BOM entries 'Felix Moessbauer' via isar-users
2025-10-22 15:39 ` 'Felix Moessbauer' via isar-users [this message]
2025-10-22 15:39 ` [PATCH v3 10/10] wic: create uniform SBOM describing all image components 'Felix Moessbauer' via isar-users
2025-10-24 8:33 ` [PATCH v3 00/10] Add SBOM generation with debsbom 'Bouska, Zdenek' via isar-users
2025-10-24 8:59 ` 'MOESSBAUER, Felix' via isar-users
2025-10-24 9:37 ` 'Bouska, Zdenek' via isar-users
2025-10-24 10:02 ` 'MOESSBAUER, Felix' via isar-users
2025-10-27 7:54 ` 'Bouska, Zdenek' via isar-users
2025-10-27 9:24 ` 'MOESSBAUER, Felix' via isar-users
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251022153921.2494749-10-felix.moessbauer@siemens.com \
--to=isar-users@googlegroups.com \
--cc=cedric.hombourger@siemens.com \
--cc=christoph.steiger@siemens.com \
--cc=felix.moessbauer@siemens.com \
--cc=jan.kiszka@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox