utils/generate-cyclonedx: add project name and version options
Add options to customize the project name and version in the generated SBOM metadata and set buildroot generate-cyclonedx as a tool in the metadata section. Signed-off-by: Fabien Lehoussel <fabien.lehoussel@smile.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabien Lehoussel
committed by
Peter Korsgaard
Peter Korsgaard
parent
6098cc45d6
commit
9cbbc47762
@@ -279,6 +279,10 @@ def main():
|
||||
default=sys.stdout)
|
||||
parser.add_argument("--virtual", default=False, action='store_true',
|
||||
help="This option includes virtual packages to the CycloneDX output")
|
||||
parser.add_argument("--project-name", type=str, default="buildroot",
|
||||
help="Specify the project name to use in the SBOM metadata (default:'buildroot')")
|
||||
parser.add_argument("--project-version", type=str, default=f"{BR2_VERSION_FULL}",
|
||||
help="Specify the project version to use in the SBOM metadata (default: builroot version)")
|
||||
|
||||
args = parser.parse_args()
|
||||
|
||||
@@ -299,11 +303,27 @@ def main():
|
||||
"specVersion": f"{CYCLONEDX_VERSION}",
|
||||
"metadata": {
|
||||
"component": {
|
||||
"bom-ref": "buildroot",
|
||||
"name": "buildroot",
|
||||
"bom-ref": args.project_name,
|
||||
"name": args.project_name,
|
||||
"version": args.project_version,
|
||||
"type": "firmware",
|
||||
"version": f"{BR2_VERSION_FULL}",
|
||||
},
|
||||
"tools": {
|
||||
"components": [
|
||||
{
|
||||
"type": "application",
|
||||
"name": "Buildroot generate-cyclonedx",
|
||||
"version": f"{BR2_VERSION_FULL}",
|
||||
"licenses": [
|
||||
{
|
||||
"license": {
|
||||
"id": "GPL-2.0"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
}
|
||||
},
|
||||
"components": [
|
||||
cyclonedx_component(name, comp) for name, comp in filtered_show_info_dict.items()
|
||||
|
||||
Reference in New Issue
Block a user