-
Notifications
You must be signed in to change notification settings - Fork 193
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add p2-aware model converter for CycloneDX SBOM generation
This change consists of two parts. The first part consists of generating a valid package URL for a given p2 artifact. The PURL contains the symbolic name, version and classifier of the artifact key, as well as the repository it is located in. The second part handles the dependencies between two PURLs. For the sake of consistency, this dependency tree matches the tree calculated by the dependency-tree mojo.
- Loading branch information
Showing
19 changed files
with
996 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<extensions> | ||
<extension> | ||
<groupId>org.eclipse.tycho</groupId> | ||
<artifactId>tycho-build</artifactId> | ||
<version>${tycho-version}</version> | ||
</extension> | ||
</extensions> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
-Dtycho-version=5.0.0-SNAPSHOT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
bin.includes = feature.xml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<feature | ||
id="example.feature" | ||
label="Feature with SBOM" | ||
version="1.0.0.qualifier"> | ||
|
||
<description url="http://www.example.com/description"> | ||
[Enter Feature Description here.] | ||
</description> | ||
|
||
<copyright url="http://www.example.com/copyright"> | ||
[Enter Copyright Description here.] | ||
</copyright> | ||
|
||
<license url="http://www.example.com/license"> | ||
[Enter License Description here.] | ||
</license> | ||
|
||
<plugin | ||
id="example.plugin" | ||
version="0.0.0"/> | ||
|
||
</feature> |
11 changes: 11 additions & 0 deletions
11
tycho-its/projects/sbom/example.plugin/META-INF/MANIFEST.MF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
Manifest-Version: 1.0 | ||
Bundle-ManifestVersion: 2 | ||
Bundle-Name: Plugin with SBOM | ||
Bundle-SymbolicName: example.plugin | ||
Bundle-Version: 1.0.0.qualifier | ||
Require-Bundle: org.eclipse.core.databinding;bundle-version="1.13.100", | ||
org.eclipse.core.databinding.beans;bundle-version="1.10.100", | ||
org.eclipse.core.databinding.observable;bundle-version="1.13.100", | ||
org.eclipse.core.databinding.property;bundle-version="1.10.100" | ||
Automatic-Module-Name: example.plugin | ||
Bundle-RequiredExecutionEnvironment: JavaSE-17 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
source.. = src/ | ||
output.. = bin/ | ||
bin.includes = META-INF/,\ | ||
. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
<groupId>tycho-demo</groupId> | ||
<artifactId>sbom</artifactId> | ||
<version>1.0.0-SNAPSHOT</version> | ||
<packaging>pom</packaging> | ||
|
||
<properties> | ||
<tycho-version>5.0.0-SNAPSHOT</tycho-version> | ||
<tycho.sbom.url>https://www.example.p2.repo/</tycho.sbom.url> | ||
</properties> | ||
|
||
<modules> | ||
<module>example.feature</module> | ||
<module>example.plugin</module> | ||
<module>product</module> | ||
<module>repository</module> | ||
</modules> | ||
|
||
<build> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.eclipse.tycho</groupId> | ||
<artifactId>tycho-maven-plugin</artifactId> | ||
<version>${tycho-version}</version> | ||
<extensions>true</extensions> | ||
</plugin> | ||
<plugin> | ||
<groupId>org.eclipse.tycho</groupId> | ||
<artifactId>target-platform-configuration</artifactId> | ||
<version>${tycho-version}</version> | ||
<configuration> | ||
<target> | ||
<file>../target-definition.target</file> | ||
</target> | ||
<environments> | ||
<environment> | ||
<os>linux</os> | ||
<ws>gtk</ws> | ||
<arch>x86_64</arch> | ||
</environment> | ||
</environments> | ||
</configuration> | ||
</plugin> | ||
<plugin> | ||
<groupId>org.eclipse.tycho</groupId> | ||
<artifactId>tycho-packaging-plugin</artifactId> | ||
<version>${tycho-version}</version> | ||
<configuration> | ||
<forceContextQualifier>today</forceContextQualifier> | ||
</configuration> | ||
</plugin> | ||
<plugin> | ||
<groupId>org.cyclonedx</groupId> | ||
<artifactId>cyclonedx-maven-plugin</artifactId> | ||
<version>2.7.9</version> | ||
<configuration> | ||
<includeTestScope>true</includeTestScope> | ||
</configuration> | ||
<executions> | ||
<execution> | ||
<goals> | ||
<goal>makeBom</goal> | ||
</goals> | ||
</execution> | ||
</executions> | ||
<dependencies> | ||
<dependency> | ||
<groupId>org.eclipse.tycho</groupId> | ||
<artifactId>tycho-sbom</artifactId> | ||
<version>${tycho-version}</version> | ||
</dependency> | ||
</dependencies> | ||
</plugin> | ||
</plugins> | ||
<pluginManagement> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.eclipse.tycho</groupId> | ||
<artifactId>tycho-p2-director-plugin</artifactId> | ||
<version>${tycho-version}</version> | ||
</plugin> | ||
</plugins> | ||
</pluginManagement> | ||
</build> | ||
</project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<?pde version="3.5"?> | ||
|
||
<product uid="example" version="1.0.0.qualifier" type="mixed" includeLaunchers="true" autoIncludeRequirements="false"> | ||
|
||
<configIni use="default"> | ||
</configIni> | ||
|
||
<launcherArgs> | ||
<vmArgsMac>-XstartOnFirstThread -Dorg.eclipse.swt.internal.carbon.smallFonts | ||
</vmArgsMac> | ||
</launcherArgs> | ||
|
||
<plugins> | ||
<plugin id="example.plugin"/> | ||
<plugin id="org.eclipse.core.databinding"/> | ||
<plugin id="org.eclipse.core.databinding.beans"/> | ||
<plugin id="org.eclipse.core.databinding.observable"/> | ||
<plugin id="org.eclipse.core.databinding.property"/> | ||
<plugin id="org.eclipse.equinox.common"/> | ||
<plugin id="org.eclipse.osgi"/> | ||
</plugins> | ||
|
||
<features> | ||
<feature id="example.feature" installMode="root"/> | ||
</features> | ||
|
||
|
||
</product> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<site> | ||
<feature id="example.feature"/> | ||
<bundle id="example.plugin"/> | ||
</site> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
<?xml version="1.0" encoding="UTF-8" standalone="no"?> | ||
<?pde version="3.8"?> | ||
<target name="target-definition"> | ||
<locations> | ||
<location includeAllPlatforms="false" includeConfigurePhase="true" includeMode="planner" includeSource="true" type="InstallableUnit"> | ||
<repository location="https://download.eclipse.org/releases/2023-12/"/> | ||
<unit id="org.eclipse.sdk.feature.group" version="0.0.0"/> | ||
<unit id="org.eclipse.equinox.sdk.feature.group" version="0.0.0"/> | ||
</location> | ||
</locations> | ||
</target> |
Oops, something went wrong.