From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Tue, 24 Feb 2026 13:00:05 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-lf1-f57.google.com (mail-lf1-f57.google.com [209.85.167.57]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61OC03lX029007 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 24 Feb 2026 13:00:04 +0100 Received: by mail-lf1-f57.google.com with SMTP id 2adb3069b0e04-5a0fe061de0sf42011e87.0 for ; Tue, 24 Feb 2026 04:00:04 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771934398; cv=pass; d=google.com; s=arc-20240605; b=AC96BZKAhd607EvghaWs/74xqJl3Q7SHExtvvCEwop2mLZhJdiGjyw/E6mVFFVeNdP 8qj7lqg92ZokN2LyQbPsuYK6J+E67dBIUUG5IkORKem8R8f2YULdzACFoxMEwgb80Ck9 1cbgXTYV+RjxycKCy1bpkWUKXKP4nN0TxGbvhBNV5toQdUI9GyLmPr7orqrAgjLH5fxd jUJ9spmilgy/+M/RPKddWwDfyKbThei0SGbJRScyD9h6EBccHUVcAvyW7d6g4qDMsQf7 Q8EPiAHslivVryR6u6bb1LrTWaoxRd8cNLkHm/EjVMgjF/Y/O4TBlpDq7EaQ29mpT44S KgRA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:user-agent :content-transfer-encoding:references:in-reply-to:date:cc:to:from :subject:message-id:sender:dkim-signature; bh=DtxdVdqJGTfEjDd086vCjwzWW9LVI1IcVMxYRlk2dBw=; fh=4QC0Z3mV8oBooysfxG+5Lk1l/DKBze78XKJNvZ2gNJ4=; b=HL4ZzuvqJP5og2TfQaO0hcPIZSj902/3eUx5pFMGvvE6MKSTa7ecbD49xZ6VyIX/p/ JPqlZnFixVH6oiPG7ldg3SVPkBj2tqoLnknYu99XSj+AqBXsPU4APvld8P6ywE4idUm4 mPc9jIkgophPIvJ5IBSfjeXWVABosuCn9Z2xxv7/v5unwAASrBUxIqA5mO6NlMIuvepo qMLLYio6+TqFViSIoi5l/0GITLZ7KW9V2dyCE3uhgl9VSnxCROL+PF7w8zdU9asNV5AD OipHbFpU9gw9j3Fq+Se4R2YlK9PDwzVB9EjpAi3cqbY5C56U/zxKAPosxbmstHnA02VB O0GQ==; darn=ilbers.de ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771934398; x=1772539198; darn=ilbers.de; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:user-agent:content-transfer-encoding :references:in-reply-to:date:cc:to:from:subject:message-id:sender :from:to:cc:subject:date:message-id:reply-to; bh=DtxdVdqJGTfEjDd086vCjwzWW9LVI1IcVMxYRlk2dBw=; b=GEvwTlcXfUQIhM0wsWbageHGP55W0cb7arPOC4r7I7UvmX7nq8KxGCobatvr2QoPZv /2XcRnOL/FAWrXDbeQwV0byBPbljQQW91gv5RlKS67U3e2qjLdzYYmnzhiGxmbBAk72p nVYFotvMaLMlMugaa/LsNEpX3wV18g2cXbRvOdH3sR5PltVMzT5/FXzpXrOrULJcS+I2 jJoZcI4m2NzEieQm+cvZMj6KqRtfMF7/Y3VweDNBxppx5zsUg4enO9/FEkMOV1ZouW8l PbKFtGNyVKXQNHU6eIMGkEaFcDp/t7LJRIUqRu13rXiwvOVQNdeJ5ArYXzqj71ONZ16O fKvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771934398; x=1772539198; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence :x-original-authentication-results:x-original-sender:mime-version :user-agent:content-transfer-encoding:references:in-reply-to:date:cc :to:from:subject:message-id:x-beenthere:x-gm-message-state:sender :from:to:cc:subject:date:message-id:reply-to; bh=DtxdVdqJGTfEjDd086vCjwzWW9LVI1IcVMxYRlk2dBw=; b=tsHBzsIW96juN+LiLdTW4usnOlB+4MtEmJ6JPQzVr5trRVzMlR92mCnSU7BdGgRg3Z 72RM7bUBfbAKVrZ/zotCRNrt+lQCyYKEYu76QHnCVy9jGSbUP63qRbo6Aejdx4V1fXzR RXDAjacCOiBl5VnSEQxhNshtydJNoDlcW9yGX4Ee7Ewn3ptBsV4CAF5dOUpJUBJ25U5c aG78jRGAuVKNo9G/HJA0p7CYqZ+Bq5D5Ycd/hlU8qqa0CCI470gx/weDO7swp80hn5Do 19y/QPgRGiv3byL3GY1src/gsVOXmIdY4KmuVSFM8ufWuyd1VitknEtJRLnTXq7FPNwg JFxg== Sender: isar-users@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCVQMR7EQkS5bi3WS6PQhy26yJz3KWQ++NX3N+WFa/RvzdaV8gYVMNjTfv6WIj01XB/eue6w@ilbers.de X-Gm-Message-State: AOJu0YwmxJlpmPt8uo3T9QOB1U6mCVh5+shDnWaXXexGQKhOkyR/adoU F/caqohCihpMRkDfTjPtzln+yU3dn41+s1kuKjyS+MiF58nSN+yUQqNK X-Received: by 2002:a05:6512:1302:b0:59f:91ad:a5b5 with SMTP id 2adb3069b0e04-5a0ed895469mr4095170e87.14.1771934397872; Tue, 24 Feb 2026 03:59:57 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HhYEmBZccLJcp+zuQLunbNxK19pNYIgsqqUTRFisbIvg==" Received: by 2002:a05:6512:acd:b0:59b:7324:a12c with SMTP id 2adb3069b0e04-59e652357bals4231844e87.2.-pod-prod-07-eu; Tue, 24 Feb 2026 03:59:55 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWITnqsBm0r4tDSj4gIGdu/ptJtyHejoV+WEKwXD6SLtINrPdaJAlGS9U4v3GC9mvZ8kWBgAq7G+FBn@googlegroups.com X-Received: by 2002:a05:6512:a8c:b0:5a0:f928:3618 with SMTP id 2adb3069b0e04-5a0f9283810mr1094201e87.2.1771934394918; Tue, 24 Feb 2026 03:59:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1771934394; cv=none; d=google.com; s=arc-20240605; b=TDIobjiZfOL28OLtpi14qESaru98d4/xYmLYt37unmjtErksZdiYbFWm77a7SiHV+p l1aVVlz17g6zeIoDauL0WkmmXlXXhjyFwHRnmeWWI/RtxQUlUjKS0uyImzhjwPlNZkNU H/Od76I5RvNRnWhXOfqBoymGvO6VVlFSa/Wb5/+4Qysg8XzN2YPCbnmjrHvoPCyocjYt sKtYxyeWQfUmejUeJnIT81AEOFm5DDqNHZz3RG/YW6RpfgIAFHIzw7/vEilDDu6lhXDO 4PBv3QmVvz46uH1rZeTbe6nLxEq6CiqCjy8NSOT2AwhNmpc8YZVicjJNJruVXB62Q4+D 2VfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id; bh=TD84+C2XIrOqBRnBCJF3mZLZPK+iyPqmflBcZXuHIpg=; fh=IVp0QWynYjRDLgPOtV1T5HMff/H1Md+cmuYVuVdUt/o=; b=VbuZFFvUwwioVyTdgRafXHlWH4rwSmYUdXjKIR6zNtMt+BjrvgEER+bFR14gTbGjb3 RVfNv45MgupgLv6H5nYd2p1mVDYJBr2mbcT0EFLLFOqddaolnEe9oGKP3laY2axtlYm3 NeSOmzLwG9iMMe4nDFgQd8nH42/WkNJpYItWH2d9QzD2apDQxPJk6IzTmzphNajtEinW 580ult47+r9x/dRL565JwwMqlroDS+v2Mn3s84RX5tiGwaXHONhbEYBK5LMVp8NUOgDL X0lOKN3e4dQIYHg1BmUKkAtr3EdgN0douhXImkMyPmlX/bJNxmZOdPS+nnB8+iWpZyXN dB8g==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id 38308e7fff4ca-389a798fd5bsi2483791fa.3.2026.02.24.03.59.54 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 24 Feb 2026 03:59:54 -0800 (PST) Received-SPF: pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Received: from [127.0.0.1] ([88.130.203.42]) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPSA id 61OBxq9f028997 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 24 Feb 2026 12:59:53 +0100 Message-ID: <597e22183bf6fa70ed1286a06c2f6657247086b6.camel@ilbers.de> Subject: Re: [RFC v2 19/19] use copy of sbom-chroot for sbom creation From: Uladzimir Bely To: "MOESSBAUER, Felix" , "isar-users@googlegroups.com" Cc: "Gylstorff, Quirin" , "Kiszka, Jan" Date: Tue, 24 Feb 2026 14:59:52 +0300 In-Reply-To: <32b1cfc2bd4136098ccc3e75b756d02b434a4d29.camel@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> <20260220171601.3845113-20-felix.moessbauer@siemens.com> <7d85cb9a26928e4dd0a3827a13e02858cfb61b60.camel@ilbers.de> <32b1cfc2bd4136098ccc3e75b756d02b434a4d29.camel@siemens.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.56.2 MIME-Version: 1.0 X-Spam-Status: No, score=-4.6 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-Original-Sender: ubely@ilbers.de X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=ubely@ilbers.de Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-TUID: LX4FbhifWLNl On Tue, 2026-02-24 at 11:36 +0000, MOESSBAUER, Felix wrote: > On Tue, 2026-02-24 at 13:33 +0300, Uladzimir Bely wrote: > > Hello Felix. > >=20 > > On Fri, 2026-02-20 at 18:16 +0100, 'Felix Moessbauer' via isar- > > users > > wrote: > > > We previously used the same sbom-chroot for generating the sbom > > > of > > > different root filesystems. This required to have a live copy of > > > the > > > sbom-chroot in the deploy dir, on which also was operated on. > > > Further, > > > this copy was left behind in the deploy dir. > > >=20 > > > We improve this by just storing a minimized tarball of the sbom- > > > chroot > > > in the deploy dir and extract that into the workdir of the > > > rootfs. > > >=20 > > > Signed-off-by: Felix Moessbauer > > > --- > > > =C2=A0meta/classes/sbom.bbclass=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 | 29 > > > ++++++++++++++++- > > > -- > > > =C2=A0.../sbom-chroot/sbom-chroot.bb=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | 11 ++++++- > > > =C2=A02 files changed, 35 insertions(+), 5 deletions(-) > > >=20 > > > diff --git a/meta/classes/sbom.bbclass > > > b/meta/classes/sbom.bbclass > > > index e3d0e702..69c5d1b0 100644 > > > --- a/meta/classes/sbom.bbclass > > > +++ b/meta/classes/sbom.bbclass > > > @@ -23,7 +23,8 @@ SBOM_SPDX_NAMESPACE_PREFIX ?=3D > > > "https://spdx.org/spdxdocs" > > > =C2=A0DEPLOY_DIR_SBOM =3D "${DEPLOY_DIR_IMAGE}" > > > =C2=A0 > > > =C2=A0SBOM_DIR =3D "${DEPLOY_DIR}/sbom" > > > -SBOM_CHROOT =3D "${SBOM_DIR}/sbom-chroot" > > > +SBOM_CHROOT =3D "${SBOM_DIR}/sbom-chroot.tar.zst" > > > +SBOM_CHROOT_LOCAL =3D "${WORKDIR}/sbom-chroot" > >=20 > > This change also requires appropriate changes in at least image- > > tools- > > extension.bbclass and imagetype_wic.bbclass, e.g.: >=20 > Yes, I also found this later on and already fixed it. Will be part of > the v3. Are you considering this patch relevant for the release? In > this case I can just send the fixed version as a standalone patch on > next. Just let me know. >=20 >=20 > Not sure it's ready enough for release. >=20 > I managed to build some targets using KAS_CONTAINER_ENGINE=3Dpodman, > but it doesn't work with default "docker" value. Initial issue comes > from option "--userns=3Dkeep-id" podman has since docker doesn't have. > But even when bypassing it, I faced some more issues under docker. >=20 > v3 also reworks the whole imaging part to require less (or ideally > no) > changes in downstream layers. >=20 >=20 > Anyway, if v3 fixes mentioned docker-related issues, it would be good > to have the fixed version for futher testing. >=20 >=20 > Felix >=20 > >=20 > >=20 > > diff --git a/meta/classes-recipe/imagetypes_wic.bbclass > > b/meta/classes- > > recipe/imagetypes_wic.bbclass > > index ebf3ce8e..34f2286e 100644 > > --- a/meta/classes-recipe/imagetypes_wic.bbclass > > +++ b/meta/classes-recipe/imagetypes_wic.bbclass > > @@ -216,13 +216,16 @@ merge_wic_sbom() { > > =C2=A0=C2=A0=C2=A0=C2=A0 TIMESTAMP=3D$(date --iso-8601=3Ds -d @${SOURCE= _DATE_EPOCH}) > > =C2=A0=C2=A0=C2=A0=C2=A0 sbom_document_uuid=3D"${@d.getVar('SBOM_DOCUME= NT_UUID') or > > generate_document_uuid(d, False)}" > > =C2=A0 > > +=C2=A0=C2=A0=C2=A0 mkdir -p ${SBOM_CHROOT_LOCAL} > > +=C2=A0=C2=A0=C2=A0 tar -xf ${SBOM_CHROOT} -C ${SBOM_CHROOT_LOCAL} > > + > > =C2=A0=C2=A0=C2=A0=C2=A0 cat ${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.${bo= mtype}.json \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ${DEPLOY_DIR_IMAGE}/${= INITRD_DEPLOY_FILE}.${bomtype}.json > > \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ${WORKDIR}/imager.${bo= mtype}.json 2>/dev/null | \ > > =C2=A0=C2=A0=C2=A0=C2=A0 bwrap \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --unshare-user \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --unshare-pid \ > > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bind ${SBOM_CHROOT} / \ > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bind ${SBOM_CHROOT_LOCAL}= / \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 -- debsbom -v merge -t= $BOMTYPE \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 --distro-name '${SBOM_DISTRO_NAME}-Image' --distro- > > supplier '${SBOM_DISTRO_SUPPLIER}' \ > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 --distro-version '${SBOM_DISTRO_VERSION}' --base- > > distro- > > vendor '${SBOM_BASE_DISTRO_VENDOR}' \ > >=20 > >=20 > > Without it, in my build this failed at wic stage (qemuamd64 target) > > when attempting to bind-mount tar.zst: > >=20 > >=20 > > bwrap --unshare-user --unshare-pid --bind > > =C2=A0/work/build/tmp/deploy/sbom/sbom-chroot.tar.zst / -- debsbom -v > > merge > > -t spdx --distro-name ISAR-Debian-GNU-Linux-Image --distro-supplier > > ISAR --distro-version 1 --base-distro-vendor debian --cdx- > > serialnumber > > 4641ea56-9fce-4120-ae90-0784cd98d434 --spdx-namespace > > https://spdx.org/spdxdocs-4641ea56-9fce-4120-ae90-0784cd98d434=C2=A0-- > > timestamp 2024-03-04T18:14:11+03:00 - -o - > >=20 > > bwrap: Can't create file at /: Is a directory > >=20 > >=20 > > > =C2=A0 > > > =C2=A0# adapted from the isar-cip-core image_uuid.bbclass > > > =C2=A0def generate_document_uuid(d, warn_not_repr=3DTrue): > > > @@ -40,14 +41,25 @@ def sbom_doc_uuid(d): > > > =C2=A0=C2=A0=C2=A0=C2=A0 if not d.getVar("SBOM_DOCUMENT_UUID"): > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 d.setVar("SBOM_DOCUM= ENT_UUID", > > > generate_document_uuid(d)) > > > =C2=A0 > > > +prepare_sbom_chroot() { > > > +=C2=A0=C2=A0=C2=A0 create_chroot_parent_dir ${WORKDIR} > > > +=C2=A0=C2=A0=C2=A0 run_privileged_heredoc <<'EOF' > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 set -e > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 mkdir -p ${SBOM_CHROOT_LO= CAL} > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 tar -xf ${SBOM_CHROOT} -C= ${SBOM_CHROOT_LOCAL} > > > +EOF > > > +} > > > + > > > =C2=A0generate_sbom() { > > > -=C2=A0=C2=A0=C2=A0 run_privileged mkdir -p ${SBOM_CHROOT}/mnt/rootfs > > > ${SBOM_CHROOT}/mnt/deploy-dir > > > +=C2=A0=C2=A0=C2=A0 run_privileged mkdir -p \ > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ${SBOM_CHROOT_LOCAL}/mnt/= rootfs \ > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ${SBOM_CHROOT_LOCAL}/mnt/= deploy-dir > > > =C2=A0 > > > =C2=A0=C2=A0=C2=A0=C2=A0 TIMESTAMP=3D$(date --iso-8601=3Ds -d @${SOUR= CE_DATE_EPOCH}) > > > =C2=A0=C2=A0=C2=A0=C2=A0 bwrap \ > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --unshare-user \ > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --unshare-pid \ > > > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bind ${SBOM_CHROOT} / \ > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bind ${SBOM_CHROOT_LOCA= L} / \ > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bind ${ROOTFSDIR} = /mnt/rootfs \ > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bind ${DEPLOY_DIR_= SBOM} /mnt/deploy-dir \ > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 -- debsbom -v genera= te ${SBOM_DEBSBOM_TYPE_ARGS} -r > > > /mnt/rootfs -o /mnt/deploy-dir/'${PN}-${DISTRO}-${MACHINE}' \ > > > @@ -59,8 +71,17 @@ generate_sbom() { > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 --timestamp $TIMESTAMP ${SBOM_DEBSBOM_EXTRA_ARGS} > > > =C2=A0} > > > =C2=A0 > > > +cleanup_sbom_chroot() { > > > +=C2=A0=C2=A0=C2=A0 run_privileged rm -rf ${SBOM_CHROOT_LOCAL} > > > +} > > > + > > > =C2=A0do_generate_sbom[dirs] +=3D "${DEPLOY_DIR_SBOM}" > > > +do_generate_sbom[network] =3D "${TASK_USE_SUDO}" > > > =C2=A0python do_generate_sbom() { > > > =C2=A0=C2=A0=C2=A0=C2=A0 sbom_doc_uuid(d) > > > -=C2=A0=C2=A0=C2=A0 bb.build.exec_func("generate_sbom", d) > > > +=C2=A0=C2=A0=C2=A0 try: > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bb.build.exec_func("prepa= re_sbom_chroot", d) > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bb.build.exec_func("gener= ate_sbom", d) > > > +=C2=A0=C2=A0=C2=A0 finally: > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bb.build.exec_func("clean= up_sbom_chroot", d) > > > =C2=A0} > > > diff --git a/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb > > > b/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb > > > index bf6d6683..fec1f502 100644 > > > --- a/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb > > > +++ b/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb > > > @@ -27,7 +27,16 @@ ROOTFSDIR =3D "${WORKDIR}/rootfs" > > > =C2=A0ROOTFS_PACKAGES =3D "${SBOM_IMAGE_INSTALL}" > > > =C2=A0 > > > =C2=A0do_sbomchroot_deploy[dirs] =3D "${SBOM_DIR}" > > > +do_sbomchroot_deploy[network] =3D "${TASK_USE_SUDO}" > > > =C2=A0do_sbomchroot_deploy() { > > > -=C2=A0=C2=A0=C2=A0 ln -Tfsr "${ROOTFSDIR}" "${SBOM_CHROOT}" > > > +=C2=A0=C2=A0=C2=A0 # deploy with empty var to make it smaller > > > +=C2=A0=C2=A0=C2=A0 lopts=3D"--one-file-system --exclude=3Dvar/*" > > > +=C2=A0=C2=A0=C2=A0 ZSTD=3D"zstd -${SSTATE_ZSTD_CLEVEL} -T${ZSTD_THRE= ADS}" > > > + > > > +=C2=A0=C2=A0=C2=A0 run_privileged \ > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 tar -C ${ROOTFSDIR} -cpS = $lopts ${ROOTFS_TAR_ATTR_FLAGS} > > > . \ > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 |= $ZSTD > ${SBOM_CHROOT} > > > +=C2=A0=C2=A0=C2=A0 # cleanup extracted rootfs > > > +=C2=A0=C2=A0=C2=A0 run_privileged rm -rf ${ROOTFSDIR} > > > =C2=A0} > > > =C2=A0addtask do_sbomchroot_deploy before do_build after do_rootfs > > > --=20 > > > 2.51.0 > >=20 > > -- > > Best regards, > > Uladzimir. >=20 > --=20 > Siemens AG > Linux Expert Center > Friedrich-Ludwig-Bauer-Str. 3 > 85748 Garching, Germany --=20 Best regards, Uladzimir. --=20 You received this message because you are subscribed to the Google Groups "= isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/= 597e22183bf6fa70ed1286a06c2f6657247086b6.camel%40ilbers.de.