diff mbox series

[RFC,5/5] Makefile: add command to generate SBOM in CycloneDX format

Message ID 20240404124329.768546-6-thomas.perale@mind.be
State New
Headers show
Series Support SBOM in CycloneDX format | expand

Commit Message

Thomas Perale April 4, 2024, 12:43 p.m. UTC 
This patch adds a new command to generate a JSON SBOM in the CycloneDX
format based on the packages selected in the dot config.

Usage:

  make cyclonedx

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
 Makefile | 13 +++++++++++++
 1 file changed, 13 insertions(+)

--
2.44.0
diff mbox series

Patch

diff --git a/Makefile b/Makefile
index 91973cca60..43344673c0 100644
--- a/Makefile
+++ b/Makefile
@@ -155,6 +155,8 @@  MAKEOVERRIDES :=

 # Include some helper macros and variables
 include support/misc/utils.mk
+# Include CycloneDX SBOM support
+include support/misc/cyclonedx.mk

 # Set variables related to in-tree or out-of-tree build.
 # Here, both $(O) and $(CURDIR) are absolute canonical paths.
@@ -924,6 +926,16 @@  show-info:
 		) \
 	)

+.PHONY: cyclonedx
+cyclonedx:
+	@:
+	$(info $(call cyclonedx-json, \
+			$(sort $(foreach p,$(PACKAGES) $(TARGETS_ROOTFS), \
+				$(p) $($(call UPPERCASE,$(p))_FINAL_RECURSIVE_DEPENDENCIES)) \
+			) \
+		) \
+	)
+
 .PHONY: pkg-stats
 pkg-stats:
 	@cd "$(CONFIG_DIR)" ; \
@@ -1185,6 +1197,7 @@  help:
 	@echo '  source                 - download all sources needed for offline-build'
 	@echo '  external-deps          - list external packages used'
 	@echo '  legal-info             - generate info about license compliance'
+	@echo '  cyclonedx              - generate info about packages, as a CycloneDX formatted json blurb'
 	@echo '  show-info              - generate info about packages, as a JSON blurb'
 	@echo '  pkg-stats              - generate info about packages as JSON and HTML'
 	@echo '  printvars              - dump internal variables selected with VARS=...'