Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix SBOM glibc, gcc and bootjdk settings #3447

Merged
merged 28 commits into from
Aug 9, 2023
Merged
Changes from 16 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
d198af5
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 1, 2023
2681d93
Ensure SBOM BOOTJDK is full version including build
andrew-m-leonard Aug 1, 2023
b1cfc6b
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
26a2c71
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
4dc6265
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
b2bf0b7
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
bc5e8ec
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
6867572
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
7b10688
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
b4400d0
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
aa3c5fa
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
8ffcab7
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
1d376eb
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
b95d6ac
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
af70b81
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
059934f
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 4, 2023
0c8ea5e
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
43e8380
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
4450a58
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
7f89b81
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
b38d1ae
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
6c7a3bd
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
7dcb0a1
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 7, 2023
09f9335
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 8, 2023
5ed912f
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 8, 2023
9fbc441
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 8, 2023
dca42e7
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 8, 2023
3862423
Fix SBOM glibc and gcc version info
andrew-m-leonard Aug 8, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 45 additions & 14 deletions sbin/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -874,9 +874,13 @@ generateSBoM() {
addSBOMComponentPropertyFromFile "${javaHome}" "${classpath}" "${sbomJson}" "Eclipse Temurin" "make_command_args" "${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/makeCommandArg.txt"

# Below add build tools into metadata tools
addGLIBCforLinux
addGCC
if [ "${BUILD_CONFIG[OS_KERNEL_NAME]}" == "linux" ]; then
addGLIBCforLinux
addGCC
fi

addBootJDK

# Add ALSA 3rd party
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "ALSA" "$(cat ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/dependency_version_alsa.txt)"
# Add FreeType 3rd party (windows + macOS)
Expand Down Expand Up @@ -912,24 +916,51 @@ checkingToolSummary() {
# Below add versions to sbom | Facilitate reproducible builds

addGLIBCforLinux() {
export CC=$(grep "^CC :=" ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[WORKING_DIR]}/${BUILD_CONFIG[OPENJDK_SOURCE_DIR]}/build/*/spec.gmk)
export SYSROOT_CFLAGS=$(grep "^SYSROOT_CFLAGS :=" ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[WORKING_DIR]}/${BUILD_CONFIG[OPENJDK_SOURCE_DIR]}/build/*/spec.gmk)
export GLIBC_MAJOR="$(echo "#include <features.h>" | $CC $SYSROOT_CFLAGS -dM -E - 2>&1 | tr -s " " | grep "#define __GLIBC__" | cut -d" " -f3)"
export GLIBC_MINOR="$(echo "#include <features.h>" | $CC $SYSROOT_CFLAGS -dM -E - 2>&1 | tr -s " " | grep "#define __GLIBC_MINOR__" | cut -d" " -f3)"
export GLIBC_VERSION="${GLIBC_MAJOR}.${GLIBC_MINOR}"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "GLIBC" "${GLIBC_VERSION}"
# Alpine uses "musl" rather than "glibc"
if [[ "${BUILD_CONFIG[OS_FULL_VERSION]}" == *"Alpine"* ]]; then
local MUSL_VERSION=$("/lib/libc.musl-x86_64.so.1" 2>&1 | grep "Version" | tr -s " " | cut -d" " -f2)
andrew-m-leonard marked this conversation as resolved.
Show resolved Hide resolved
echo "Adding MUSL version to SBOM: ${MUSL_VERSION}"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "MUSL" "${MUSL_VERSION}"
else
# Get GLIBC from configured build spec.gmk sysroot and features.h definitions
# Get CC and SYSROOT_CFLAGS from the built build spec.gmk.
cat ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[WORKING_DIR]}/${BUILD_CONFIG[OPENJDK_SOURCE_DIR]}/build/linux-x86_64-normal-server-release/spec.gmk
andrew-m-leonard marked this conversation as resolved.
Show resolved Hide resolved
local CC=$(grep "^CC[ ]*:=" ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[WORKING_DIR]}/${BUILD_CONFIG[OPENJDK_SOURCE_DIR]}/build/*/spec.gmk)
echo "CC=$CC"
# Remove env=xx from CC, so we can call from bash to get __GLIBC.
CC=$(echo "$CC" | tr -s " " | cut -d" " -f3- | sed -E "s/[^ ]*=[^ ]*//g")
local SYSROOT_CFLAGS=$(grep "^SYSROOT_CFLAGS[ ]*:=" ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[WORKING_DIR]}/${BUILD_CONFIG[OPENJDK_SOURCE_DIR]}/build/*/spec.gmk | tr -s " " | cut -d" " -f3-)
echo "CC=$CC"
echo "SYSROOT=$SYSROOT_CFLAGS"
local GLIBC_MAJOR=$(echo "#include <features.h>" | $CC $SYSROOT_CFLAGS -dM -E - 2>&1 | tr -s " " | grep "#define __GLIBC__" | cut -d" " -f3)
local GLIBC_MINOR=$(echo "#include <features.h>" | $CC $SYSROOT_CFLAGS -dM -E - 2>&1 | tr -s " " | grep "#define __GLIBC_MINOR__" | cut -d" " -f3)
local GLIBC_VERSION="${GLIBC_MAJOR}.${GLIBC_MINOR}"

echo "Adding GLIBC version to SBOM: ${GLIBC_VERSION}"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "GLIBC" "${GLIBC_VERSION}"
fi
}

addGCC() {
echo "Checking and getting GCC Version:"
inputConfigFile="${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/configure.txt"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "GCC" "$(sed -n '/^Tools summary:$/,$p' "${inputConfigFile}" | grep "C Compiler:" | tr -s " " | cut -d " " -f5)"
# Get GLIBC from configured build spec.gmk sysroot and features.h definitions
local CC_VERSION_NUMBER=$(grep "^CC_VERSION_NUMBER :=" ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[WORKING_DIR]}/${BUILD_CONFIG[OPENJDK_SOURCE_DIR]}/build/*/spec.gmk | tr -s " " | cut -d" " -f3)
echo "Adding GCC version to SBOM: ${CC_VERSION_NUMBER}"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "GCC" "${CC_VERSION_NUMBER}"
}

addBootJDK() {
echo "Checking and getting BootJDK Version:"
inputConfigFile="${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/configure.txt"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "BOOTJDK" "$(sed -n '/^Tools summary:$/,$p' "${inputConfigFile}" | grep "Boot JDK:" | tr -s " " | cut -d " " -f 6)"
local inputConfigFile="${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/configure.txt"

local bootjava
bootjava="$(sed -n '/^Tools summary:$/,$p' "${inputConfigFile}" | grep "Boot JDK:" | sed 's/.*(at \([^)]*\)).*/\1/')/bin/java"
if [[ "${BUILD_CONFIG[OS_KERNEL_NAME]}" == *"cygwin"* ]]; then
bootjava="${bootjava}.exe"
fi
echo "BootJDK java : ${bootjava}"
local bootjdk=$("${bootjava}" -XshowSettings 2>&1 | grep "java\.runtime\.version" | tr -s " " | cut -d" " -f4)

echo "Adding BOOTJDK to SBOM: ${bootjdk}"
addSBOMMetadataTools "${javaHome}" "${classpath}" "${sbomJson}" "BOOTJDK" "${bootjdk}"
}

getGradleJavaHome() {
Expand Down
Loading