diff options
author | svidyuk <svidyuk@yandex-team.com> | 2024-06-26 09:16:18 +0300 |
---|---|---|
committer | svidyuk <svidyuk@yandex-team.com> | 2024-06-26 09:28:59 +0300 |
commit | 6870500d6d5eae3b9282920f03ebeda7875c3be5 (patch) | |
tree | 57942de7550676fef8b2c0b6b4aae04d52e78288 /build | |
parent | 06f45ca8ced228e81bab2bba577286043f3474c9 (diff) | |
download | ydb-6870500d6d5eae3b9282920f03ebeda7875c3be5.tar.gz |
Use GLOBAL_SRCS to pass sbom information
8b17a7d46ec1a950b59da80e66713dc21714248b
Diffstat (limited to 'build')
-rw-r--r-- | build/conf/go.conf | 3 | ||||
-rw-r--r-- | build/conf/license.conf | 11 | ||||
-rw-r--r-- | build/conf/proto.conf | 6 | ||||
-rw-r--r-- | build/internal/scripts/gen_sbom.py | 38 | ||||
-rw-r--r-- | build/internal/scripts/link_sbom.py | 37 | ||||
-rw-r--r-- | build/ymake.core.conf | 15 |
6 files changed, 59 insertions, 51 deletions
diff --git a/build/conf/go.conf b/build/conf/go.conf index a12d7b8e6a..298b1caa2d 100644 --- a/build/conf/go.conf +++ b/build/conf/go.conf @@ -635,7 +635,7 @@ otherwise { ### ### The base module of all golang modules. Defines common properties, dependencies and rules for go build. module _GO_BASE_UNIT: _BASE_UNIT { - .EXTS=.go .gosrc .o .obj .a .symabis .mf + .EXTS=.go .gosrc .o .obj .sbom .a .symabis .mf .CMD=TOUCH_UNIT .NODE_TYPE=Bundle .GLOBAL=GO_LDFLAGS OBJADDE_LIB @@ -959,6 +959,7 @@ module GO_TEST: GO_PROGRAM { SET(_GO_TOOL_MODE test) SET(MODULE_TYPE PROGRAM) ENABLE(GO_TEST_MODULE) + DISABLE(_NEED_SBOM_INFO) SET(GO_COVER_INFO_VALUE) # We have to add uncoditionaly PEERDIR to ${GOSTD}/os here thouth it is really diff --git a/build/conf/license.conf b/build/conf/license.conf index d83e81528d..76133b0c1b 100644 --- a/build/conf/license.conf +++ b/build/conf/license.conf @@ -27,16 +27,7 @@ macro LICENSE(Flags...) { SET(LICENSE_EXPRESSION $Flags) SET(LICENSE_NAMES $Flags) # TODO(YMAKE-1136) avoid abusing LICENSE - # NOTICE: final value of MODVER might not be set yet if VERSION macro is called after LICENSE. Var expansion is - # escaped here to prevent eager value substitution by SET but allow delayed value substitution when - # adding linking SBOM data command to graph. - when ($_NEED_SBOM_INFO == "yes") { - _SBOM_INFO_LOCAL="path=${MODDIR};ver=${join=.:MODVER};lang=${MODULE_LANG}" - } - otherwise { - _SBOM_INFO_LOCAL= - } - SET_APPEND(_SBOM_INFO_GLOBAL $_SBOM_INFO_LOCAL) + _CONTRIB_MODULE_HOOKS() } ### @usage LICENSE_RESTRICTION(ALLOW_ONLY|DENY LicenseProperty...) diff --git a/build/conf/proto.conf b/build/conf/proto.conf index 7f87cd8e6f..96ae17212a 100644 --- a/build/conf/proto.conf +++ b/build/conf/proto.conf @@ -698,6 +698,7 @@ multimodule PROTO_LIBRARY { .SEM=JAVA_PROTO_LIBRARY_SEM SET(PEERDIR_TAGS JAVA_PROTO) ENABLE(JAVA_PROTO) + DISABLE(_NEED_SBOM_INFO) PEERDIR+=$JAVA_PROTOBUF_PEERS when ($KOTLIN_PROTO == "yes") { @@ -724,6 +725,7 @@ multimodule PROTO_LIBRARY { .SEM=IGNORED SET(PEERDIR_TAGS PY2 PY_PROTO) ENABLE(PY_PROTO) + DISABLE(_NEED_SBOM_INFO) OPTIMIZE_PY_PROTOS() OBJ_SUF=.py2 # Can not use NO_LINT(), because is not allowed outside of contrib directory @@ -748,6 +750,7 @@ multimodule PROTO_LIBRARY { .SEM=IGNORED SET(PEERDIR_TAGS PY3 PY3_PROTO) ENABLE(PY3_PROTO) + DISABLE(_NEED_SBOM_INFO) OPTIMIZE_PY_PROTOS() OBJ_SUF=.py3 # Can not use NO_LINT(), because is not allowed outside of contrib directory @@ -789,11 +792,13 @@ multimodule PROTO_LIBRARY { .INCLUDE_TAG=no .EPILOGUE=_TS_CONFIG_EPILOGUE .PEERDIRSELF=TS_PREPARE_DEPS + DISABLE(_NEED_SBOM_INFO) } module TS_PREPARE_DEPS: _PREPARE_DEPS_BASE { .INCLUDE_TAG=no .IGNORED=PEERDIR + DISABLE(_NEED_SBOM_INFO) } module DESC_PROTO: _BARE_UNIT { @@ -805,6 +810,7 @@ multimodule PROTO_LIBRARY { SET(PEERDIR_TAGS DESC_PROTO) ENABLE(DESC_PROTO) + DISABLE(_NEED_SBOM_INFO) MODULE_SUFFIX=.self.protodesc SET(MODULE_TYPE LIBRARY) diff --git a/build/internal/scripts/gen_sbom.py b/build/internal/scripts/gen_sbom.py new file mode 100644 index 0000000000..2aec699931 --- /dev/null +++ b/build/internal/scripts/gen_sbom.py @@ -0,0 +1,38 @@ +import argparse +import json +import os + + +def deduce_name(path): + name = os.path.basename(path) + for prefix in ['contrib/libs/', 'contrib/python/py2/', 'contrib/python/py3/', 'contrib/python/']: + if path.startswith(prefix): + name = path[len(prefix):].replace('/', '-') + break + return name + + +def main(): + parser = argparse.ArgumentParser(description='Generate single SBOM component JSON object for current third-party library') + parser.add_argument('-o', '--output', type=argparse.FileType('w', encoding='UTF-8'), help='resulting SBOM component file', required=True) + parser.add_argument('--path', type=str, help='Path to module in arcadia', required=True) + parser.add_argument('--ver', type=str, help='Version of the contrib module', required=True) + parser.add_argument('--lang', type=str, help='Language of the library', required=True) + + args = parser.parse_args() + + res = {} + res['type'] = 'library' + res['name'] = deduce_name(args.path) + res['version'] = args.ver + res["properties"] = [ + {'name': 'arcadia_module_subdir', 'value': args.path}, + {'name': 'language', 'value': args.lang} + ] + + json.dump(res, args.output) + args.output.close() + + +if __name__ == '__main__': + main() diff --git a/build/internal/scripts/link_sbom.py b/build/internal/scripts/link_sbom.py index fa366007f4..3f1dd71246 100644 --- a/build/internal/scripts/link_sbom.py +++ b/build/internal/scripts/link_sbom.py @@ -3,45 +3,12 @@ import json import os -def parse_kv_arr(val): - res = {} - for kv in val.split(';'): - k, v = kv.split('=') - res[k] = v - return res - - -def deduce_name(path): - name = os.path.basename(path) - for prefix in ['contrib/libs/', 'contrib/python/py2/', 'contrib/python/py3/', 'contrib/python/']: - if path.startswith(prefix): - name = path[len(prefix):].replace('/', '-') - break - return name - - -def parse_componenet(component): - props = parse_kv_arr(component) - path = props['path'] - ver = props['ver'] - - res = {} - res['type'] = 'library' - res['name'] = deduce_name(path) - res['version'] = ver - res["properties"] = [ - {'name': 'arcadia_module_subdir', 'value': path}, - {'name': 'language', 'value': props['lang']} - ] - return res - - def main(): parser = argparse.ArgumentParser(description='Generate SBOM data from used contribs info') parser.add_argument('-o', '--output', type=argparse.FileType('w', encoding='UTF-8'), help='resulting SBOM file', required=True) parser.add_argument('--vcs-info', type=argparse.FileType('r', encoding='UTF-8'), help='VCS information file', required=True) parser.add_argument('--mod-path', type=str, help='Path to module in arcadia', required=True) - parser.add_argument('libinfo', metavar='N', type=str, nargs='*', help='libraries info for components section') + parser.add_argument('components', metavar='N', type=argparse.FileType('r', encoding='UTF-8'), nargs='*', help='dependencies info in SBOM component JSON format') args = parser.parse_args() @@ -52,7 +19,7 @@ def main(): res["bomFormat"] = "CycloneDX" res["specVersion"] = "1.5" res["version"] = 1 - res["components"] = [parse_componenet(lib) for lib in args.libinfo] + res["components"] = [json.load(dep) for dep in args.components] res["properties"] = [ {'name': 'commit_hash', 'value': vcs['ARCADIA_SOURCE_HG_HASH']}, {'name': 'arcadia_module_subdir', 'value': args.mod_path} diff --git a/build/ymake.core.conf b/build/ymake.core.conf index 9444bfaddb..9c0ae75a4a 100644 --- a/build/ymake.core.conf +++ b/build/ymake.core.conf @@ -595,7 +595,7 @@ module GEN_LIBRARY: _BARE_UNIT { ### The base of all LIBRARY/PROGRAM modules describing common logic for all modules. ### To avoid surprises, all buildable modules are better to be inherited from it or its descendants. module _BASE_UNIT: _BARE_UNIT { - .GLOBAL=_FBS_NAMESPACE_MAP _SBOM_INFO + .GLOBAL=_FBS_NAMESPACE_MAP PEERDIR_TAGS=CPP_PROTO CPP_FBS CPP_ROS H_IDL PY2 PY2_NATIVE YQL_UDF_STATIC __EMPTY__ RESOURCE_LIB DLL_LIB @@ -1071,7 +1071,7 @@ macro LINK_EXEC_DYN_LIB_IMPL(WHOLE_ARCHIVE_PEERS...) { ### ### The base of all linkable modules: programs, DLLs etc. Describes common linking logic. module _LINK_UNIT: _BASE_UNIT { - .EXTS=.o .obj .supp .tidyjson .ld .a .lib + .EXTS=.o .obj .supp .sbom .tidyjson .ld .a .lib .CMD=LINK_EXE .ALLOWED=EXTRALIBS OBJADDE_GLOBAL RESOURCE_FILES .NODE_TYPE=Program @@ -1804,7 +1804,7 @@ module _LIBRARY: _BASE_UNIT { .CMD=LINK_LIB .NODE_TYPE=Library .PEERDIR_POLICY=as_include - .EXTS=.o .obj .a .mf .supp .tidyjson .ld .lib + .EXTS=.o .obj .a .mf .supp .sbom .tidyjson .ld .lib .ALLOWED=GRPC USE_SKIFF EXTRALIBS OBJADDE_GLOBAL RESOURCE_FILES .GLOBAL=USER_CFLAGS USER_CXXFLAGS USER_CONLYFLAGS LDFLAGS SRCS _WHOLE_ARCHIVE_LIBS_VALUE RPATH OBJADDE_LIB .RESTRICTED=ALLOCATOR SIZE TAG DATA TEST_DATA DEPENDS FORK_TESTS FORK_SUBTESTS SPLIT_FACTOR TEST_CWD RUN TIMEOUT SPLIT_DWARF @@ -1988,8 +1988,8 @@ module RESOURCES_LIBRARY: _BARE_UNIT { .ALIASES=EXTRALIBS=PY_EXTRALIBS .NODE_TYPE=Library .PEERDIR_POLICY=as_include - .EXTS=.o .obj .a .mf .supp .tidyjson .ld .lib - .GLOBAL=USER_CFLAGS USER_CXXFLAGS USER_CONLYFLAGS LDFLAGS _WHOLE_ARCHIVE_LIBS_VALUE RPATH OBJADDE_LIB + .EXTS=.o .obj .a .mf .supp .sbom .tidyjson .ld .lib + .GLOBAL=USER_CFLAGS USER_CXXFLAGS USER_CONLYFLAGS LDFLAGS _WHOLE_ARCHIVE_LIBS_VALUE RPATH OBJADDE_LIB SRCS SET(MODULE_TAG RESOURCE_LIB) @@ -5915,3 +5915,8 @@ macro CLANG_EMIT_AST_CXX_RUN_TOOL(SOURCES[], OPTS[], Tool, IN{input}[], IN_NOPAR .CMD=${cwd:BINDIR} $YMAKE_PYTHON ${input:"build/scripts/clang_wrapper.py"} $WINDOWS ${CLANG_RESOURCE_GLOBAL}/bin/clang++ ${pre=-I:_C__INCLUDE} $CXXFLAGS $C_FLAGS_PLATFORM $LLVM_OPTS -emit-ast -c ${input:SOURCES} ${hide;tmp;noext;nopath:SOURCES.ast} $OPTS ${hide;kv:"p ST"} ${hide;kv:"pc light-green"} && ${cwd:CWD} ${env:ENV} ${tool:Tool} $Args ${hide;input:IN} ${input;context=TEXT;hide:IN_NOPARSE} ${hide;input:IN_DEPS} ${output_include;hide:OUTPUT_INCLUDES} $INDUCED_DEPS ${hide;tool:TOOL} ${hide;output:OUT} ${hide;noauto;output:OUT_NOAUTO} ${output;stdout:STDOUT} ${output;stdout;noauto:STDOUT_NOAUTO} ${hide;kv:"p PR"} ${hide;kv:"pc yellow"} ${hide;kv:"show_out"} PEERDIR(build/platform/clang) } + +### Hooks for contrib modules which can be transparenctly extended in repo internal python plugins +macro _CONTRIB_MODULE_HOOKS() { + ENABLE(UNUSED_MACRO) +} |