diff options
| author | AlexSm <alex@ydb.tech> | 2024-03-05 10:40:59 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-05 12:40:59 +0300 |
| commit | 1ac13c847b5358faba44dbb638a828e24369467b (patch) | |
| tree | 07672b4dd3604ad3dee540a02c6494cb7d10dc3d /build/scripts/link_sbom.py | |
| parent | ffcca3e7f7958ddc6487b91d3df8c01054bd0638 (diff) | |
| download | ydb-1ac13c847b5358faba44dbb638a828e24369467b.tar.gz | |
Library import 16 (#2433)
Co-authored-by: robot-piglet <robot-piglet@yandex-team.com>
Co-authored-by: deshevoy <deshevoy@yandex-team.com>
Co-authored-by: robot-contrib <robot-contrib@yandex-team.com>
Co-authored-by: thegeorg <thegeorg@yandex-team.com>
Co-authored-by: robot-ya-builder <robot-ya-builder@yandex-team.com>
Co-authored-by: svidyuk <svidyuk@yandex-team.com>
Co-authored-by: shadchin <shadchin@yandex-team.com>
Co-authored-by: robot-ratatosk <robot-ratatosk@yandex-team.com>
Co-authored-by: innokentii <innokentii@yandex-team.com>
Co-authored-by: arkady-e1ppa <arkady-e1ppa@yandex-team.com>
Co-authored-by: snermolaev <snermolaev@yandex-team.com>
Co-authored-by: dimdim11 <dimdim11@yandex-team.com>
Co-authored-by: kickbutt <kickbutt@yandex-team.com>
Co-authored-by: abdullinsaid <abdullinsaid@yandex-team.com>
Co-authored-by: korsunandrei <korsunandrei@yandex-team.com>
Co-authored-by: petrk <petrk@yandex-team.com>
Co-authored-by: miroslav2 <miroslav2@yandex-team.com>
Co-authored-by: serjflint <serjflint@yandex-team.com>
Co-authored-by: akhropov <akhropov@yandex-team.com>
Co-authored-by: prettyboy <prettyboy@yandex-team.com>
Co-authored-by: ilikepugs <ilikepugs@yandex-team.com>
Co-authored-by: hiddenpath <hiddenpath@yandex-team.com>
Co-authored-by: mikhnenko <mikhnenko@yandex-team.com>
Co-authored-by: spreis <spreis@yandex-team.com>
Co-authored-by: andreyshspb <andreyshspb@yandex-team.com>
Co-authored-by: dimaandreev <dimaandreev@yandex-team.com>
Co-authored-by: rashid <rashid@yandex-team.com>
Co-authored-by: robot-ydb-importer <robot-ydb-importer@yandex-team.com>
Co-authored-by: r-vetrov <r-vetrov@yandex-team.com>
Co-authored-by: ypodlesov <ypodlesov@yandex-team.com>
Co-authored-by: zaverden <zaverden@yandex-team.com>
Co-authored-by: vpozdyayev <vpozdyayev@yandex-team.com>
Co-authored-by: robot-cozmo <robot-cozmo@yandex-team.com>
Co-authored-by: v-korovin <v-korovin@yandex-team.com>
Co-authored-by: arikon <arikon@yandex-team.com>
Co-authored-by: khoden <khoden@yandex-team.com>
Co-authored-by: psydmm <psydmm@yandex-team.com>
Co-authored-by: robot-javacom <robot-javacom@yandex-team.com>
Co-authored-by: dtorilov <dtorilov@yandex-team.com>
Co-authored-by: sennikovmv <sennikovmv@yandex-team.com>
Co-authored-by: hcpp <hcpp@ydb.tech>
Diffstat (limited to 'build/scripts/link_sbom.py')
| -rw-r--r-- | build/scripts/link_sbom.py | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/build/scripts/link_sbom.py b/build/scripts/link_sbom.py new file mode 100644 index 0000000000..8210415ab9 --- /dev/null +++ b/build/scripts/link_sbom.py @@ -0,0 +1,67 @@ +import argparse +import json +import os + + +def parse_kv_arr(val): + res = {} + for kv in val.split(';'): + k, v = kv.split('=') + res[k] = v + return res + + +def deduce_name(path): + name = os.path.basename(path) + for prefix in ['contrib/libs/', 'contrib/python/py2/', 'contrib/python/py3/', 'contrib/python/']: + if path.startswith(prefix): + name = path[len(prefix):].replace('/', '-') + break + return name + + +def parse_componenet(component): + props = parse_kv_arr(component) + path = props['path'] + ver = props['ver'] + + res = {} + res['type'] = 'library' + res['name'] = deduce_name(path) + res['version'] = ver + res["properties"] = [ + {'name': 'arcadia_module_subdir', 'value': path}, + {'name': 'language', 'value': props['lang']} + ] + return res + + +def main(): + parser = argparse.ArgumentParser(description='Generate SBOM data from used contribs info') + parser.add_argument('-o', '--output', type=argparse.FileType('w', encoding='UTF-8'), help='resulting SBOM file', required=True) + parser.add_argument('--vcs-info', type=argparse.FileType('r', encoding='UTF-8'), help='VCS information file', required=True) + parser.add_argument('--mod-path', type=str, help='Path to module in arcadia', required=True) + parser.add_argument('libinfo', metavar='N', type=str, nargs='*', help='libraries info for components section') + + args = parser.parse_args() + + vcs = json.load(args.vcs_info) + + res = {} + res['$schema'] = "http://cyclonedx.org/schema/bom-1.5.schema.json" + res["bomFormat"] = "CycloneDX" + res["specVersion"] = "1.5" + res["version"] = 1 + res["components"] = [parse_componenet(lib) for lib in args.libinfo] + res["properties"] = [ + {'name': 'commit_hash', 'value': vcs['ARCADIA_SOURCE_HG_HASH'], 'arcadia_module_subdir': args.mod_path} + ] + if vcs.get('DIRTY', '') == 'dirty': + res["properties"].append({'name': 'has_uncommited_changes', 'value': True}) + + json.dump(res, args.output) + args.output.close() + + +if __name__ == '__main__': + main() |