Lubuntu/livecd-rootfs
3
0
Fork 0
mirror of https://git.launchpad.net/livecd-rootfs synced 2025-05-05 07:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'jammy-cpc-sbom-everywhere' into ubuntu/jammy

Browse Source
This commit is contained in:
Michael Hudson-Doyle 2024-09-26 21:27:47 +12:00
commit a870c45621
18 changed files with 84 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
livecd-rootfs (2.765.51) jammy; urgency=medium
* add cpc-sbom to create_manifest calls to generate sboms (LP: #2077105)
-- jchittum <john.chittum@canonical.com> Wed, 28 Aug 2024 07:57:11 -0400
livecd-rootfs (2.765.50) jammy; urgency=medium livecd-rootfs (2.765.50) jammy; urgency=medium
* Replace some functionalities done by the windows launcher (which will * Replace some functionalities done by the windows launcher (which will

22
live-build/functions
View File

@ -37,6 +37,10 @@ create_empty_disk_image() {
create_manifest() { create_manifest() {
local chroot_root=${1} local chroot_root=${1}
local target_file=${2} local target_file=${2}
local base_default_sbom_name="ubuntu-cloud-image-$(grep "VERSION_ID" $chroot_root/etc/os-release | cut --delimiter "=" --field 2 | tr -d '"')-${ARCH}-$(date +%Y%m%dT%H:%M:%S)"
local sbom_file_name=${3:-"${base_default_sbom_name}.spdx"}
local sbom_document_name=${4:-"${base_default_sbom_name}"}
local sbom_log=${sbom_document_name}.log
echo "create_manifest chroot_root: ${chroot_root}" echo "create_manifest chroot_root: ${chroot_root}"
dpkg-query --show --admindir="${chroot_root}/var/lib/dpkg" > ${target_file} dpkg-query --show --admindir="${chroot_root}/var/lib/dpkg" > ${target_file}
echo "create_manifest call to dpkg-query finished." echo "create_manifest call to dpkg-query finished."
@ -45,7 +49,23 @@ create_manifest() {
if [ "$PROJECT" = ubuntu-cpc ]; then if [ "$PROJECT" = ubuntu-cpc ]; then
echo "create_manifest creating file listing." echo "create_manifest creating file listing."
local target_filelist=${2%.manifest}.filelist local target_filelist=${2%.manifest}.filelist
(cd "${chroot_root}" && find -xdev) > "${target_filelist}" (cd "${chroot_root}" && find -xdev) | sort > "${target_filelist}"
# only creating sboms for CPC project at this time
if [[ ! $(which cpc-sbom) ]]; then
# ensure the tool is installed
sudo snap install --classic --edge cpc-sbom
fi
# generate the SBOM
cpc-sbom --rootdir ${chroot_root} --ignore-copyright-parsing-errors --ignore-copyright-file-not-found-errors --document-name ${sbom_document_name} >"${sbom_file_name}" 2>"${sbom_log}"
SBOM_GENERATION_EXIT_CODE=$?
if [[ ${SBOM_GENERATION_EXIT_CODE} != "0" ]]; then
# check for failure and print log
echo "ERROR: SBOM generation failed. See ${sbom_log}"
cat "$sbom_log"
exit 1
else
echo "SBOM generation succeeded. see ${sbom_log} for details"
fi
fi fi
echo "create_manifest finished" echo "create_manifest finished"
} }

4
live-build/ubuntu-cpc/hooks.d/base/create-root-dir.binary
View File

@ -24,6 +24,6 @@ rm -rf $rootfs_dir/boot/grub
# Keep this as some derivatives mount a tempfs here # Keep this as some derivatives mount a tempfs here
mkdir -p $rootfs_dir/lib/modules mkdir -p $rootfs_dir/lib/modules
teardown_mountpoint $rootfs_dir create_manifest $rootfs_dir "livecd.ubuntu-cpc.rootfs.manifest" "livecd.ubuntu-cpc.rootfs.spdx" "cloud-image-rootfs-$ARCH-$(date +%Y%m%dT%H:%M:%S)"
create_manifest "${rootfs_dir}" "${rootfs_dir}.manifest" teardown_mountpoint $rootfs_dir

4
live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary
View File

@ -75,6 +75,10 @@ make_ext4_partition "${rootfs_dev_mapper}"
mkdir mountpoint mkdir mountpoint
mount "${rootfs_dev_mapper}" mountpoint mount "${rootfs_dev_mapper}" mountpoint
cp -a chroot/* mountpoint/ cp -a chroot/* mountpoint/
# the image has been modified from its disk-image-uefi base so the manifest and filelist should be regenerated
create_manifest "mountpoint/" "$PWD/livecd.ubuntu-cpc.disk-image.manifest" "$PWD/livecd.ubuntu-cpc.disk-image.spdx" "cloud-image-$ARCH-$(date +Y%m%dT%H:%M:%S)"
umount mountpoint umount mountpoint
rmdir mountpoint rmdir mountpoint

6
live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary
View File

@ -452,6 +452,11 @@ EOF
rm mountpoint/tmp/device.map rm mountpoint/tmp/device.map
umount mountpoint/boot/efi umount mountpoint/boot/efi
mount mount
# create sorted filelist as the very last step before unmounting
# explicitly generate manifest and sbom
create_manifest "mountpoint/" "$PWD/livecd.ubuntu-cpc.disk-uefi.manifest" "$PWD/livecd.ubuntu-cpc.disk-uefi.spdx" "cloud-image-$ARCH-$(date +%Y%m%dT%H:%M:%S)"
umount_partition mountpoint umount_partition mountpoint
rmdir mountpoint rmdir mountpoint
} }
@ -467,6 +472,7 @@ make_ext4_partition "${rootfs_dev_mapper}"
mkdir mountpoint mkdir mountpoint
mount "${rootfs_dev_mapper}" mountpoint mount "${rootfs_dev_mapper}" mountpoint
cp -a chroot/* mountpoint/ cp -a chroot/* mountpoint/
umount mountpoint umount mountpoint
rmdir mountpoint rmdir mountpoint

2
live-build/ubuntu-cpc/hooks.d/base/disk-image.binary
View File

@ -179,6 +179,8 @@ EOF
$ZIPL_EXTRA_PARAMS $ZIPL_EXTRA_PARAMS
fi fi
create_manifest "mountpoint/" "$PWD/livecd.ubuntu-cpc.disk-image.manifest" "$PWD/livecd.ubuntu-cpc.disk-image.spdx" "cloud-image-$ARCH-$(date +%Y%m%dT%H:%M:%S)"
if [ -n "$BOOT_MOUNTPOINT" ]; then if [ -n "$BOOT_MOUNTPOINT" ]; then
umount "mountpoint/$BOOT_MOUNTPOINT" umount "mountpoint/$BOOT_MOUNTPOINT"
fi fi

9
live-build/ubuntu-cpc/hooks.d/base/qcow2-image.binary
View File

@ -2,8 +2,17 @@
. config/functions . config/functions
qcow_file=${PWD}/livecd.ubuntu-cpc.qcow
if [ -f binary/boot/disk-uefi.ext4 ]; then if [ -f binary/boot/disk-uefi.ext4 ]; then
convert_to_qcow2 binary/boot/disk-uefi.ext4 livecd.ubuntu-cpc.img convert_to_qcow2 binary/boot/disk-uefi.ext4 livecd.ubuntu-cpc.img
uefi_file="livecd.ubuntu-cpc.disk-uefi"
cp ${uefi_file}.manifest ${qcow_file}.manifest
cp ${uefi_file}.filelist ${qcow_file}.filelist
cp ${uefi_file}.spdx ${qcow_file}.spdx
elif [ -f binary/boot/disk.ext4 ]; then elif [ -f binary/boot/disk.ext4 ]; then
convert_to_qcow2 binary/boot/disk.ext4 livecd.ubuntu-cpc.img convert_to_qcow2 binary/boot/disk.ext4 livecd.ubuntu-cpc.img
disk_file="livecd.ubuntu-cpc.disk-image"
cp ${disk_file}.manifest ${qcow_file}.manifest
cp ${disk_file}.filelist ${qcow_file}.filelist
cp ${disk_file}.spdx ${qcow_file}.spdx
fi fi

7
live-build/ubuntu-cpc/hooks.d/base/root-squashfs.binary
View File

@ -15,8 +15,11 @@ rootfs_dir=rootfs.dir
squashfs_f="$PWD/livecd.ubuntu-cpc.squashfs" squashfs_f="$PWD/livecd.ubuntu-cpc.squashfs"
cp $rootfs_dir.manifest $squashfs_f.manifest cp livecd.ubuntu-cpc.rootfs.manifest ${squashfs_f}.manifest
cp livecd.ubuntu-cpc.rootfs.filelist ${squashfs_f}.filelist
cp livecd.ubuntu-cpc.rootfs.spdx ${squashfs_f}.spdx
# fstab is omitted from the squashfs # fstab is omitted from the squashfs
grep -v '^/etc/fstab$' $rootfs_dir.filelist >$squashfs_f.filelist grep -v '^/etc/fstab$' livecd.ubuntu-cpc.rootfs.filelist >$squashfs_f.filelist
create_squashfs $rootfs_dir $squashfs_f create_squashfs $rootfs_dir $squashfs_f

2
live-build/ubuntu-cpc/hooks.d/base/root-xz.binary
View File

@ -11,6 +11,4 @@ fi
# This is the directory created by create-root-dir.binary # This is the directory created by create-root-dir.binary
rootfs_dir=rootfs.dir rootfs_dir=rootfs.dir
cp $rootfs_dir.manifest livecd.ubuntu-cpc.rootfs.manifest
cp $rootfs_dir.filelist livecd.ubuntu-cpc.rootfs.filelist
(cd $rootfs_dir/ && tar -c --sort=name --xattrs *) | xz > livecd.ubuntu-cpc.rootfs.tar.xz (cd $rootfs_dir/ && tar -c --sort=name --xattrs *) | xz > livecd.ubuntu-cpc.rootfs.tar.xz

3
live-build/ubuntu-cpc/hooks.d/base/series/disk-image
View File

@ -8,3 +8,6 @@ provides livecd.ubuntu-cpc.kernel-generic
provides livecd.ubuntu-cpc.kernel-generic-lpae provides livecd.ubuntu-cpc.kernel-generic-lpae
provides livecd.ubuntu-cpc.manifest provides livecd.ubuntu-cpc.manifest
provides livecd.ubuntu-cpc.filelist provides livecd.ubuntu-cpc.filelist
provides livecd.ubuntu-cpc.disk-image.manifest
provides livecd.ubuntu-cpc.disk-image.filelist
provides livecd.ubuntu-cpc.disk-image.spdx

3
live-build/ubuntu-cpc/hooks.d/base/series/disk-image-uefi
View File

@ -6,3 +6,6 @@ provides livecd.ubuntu-cpc.kernel-generic
provides livecd.ubuntu-cpc.kernel-generic-lpae provides livecd.ubuntu-cpc.kernel-generic-lpae
provides livecd.ubuntu-cpc.manifest provides livecd.ubuntu-cpc.manifest
provides livecd.ubuntu-cpc.filelist provides livecd.ubuntu-cpc.filelist
provides livecd.ubuntu-cpc.disk-uefi.manifest
provides livecd.ubuntu-cpc.disk-uefi.filelist
provides livecd.ubuntu-cpc.disk-uefi.spdx

3
live-build/ubuntu-cpc/hooks.d/base/series/qcow2
View File

@ -1,3 +1,6 @@
depends disk-image depends disk-image
base/qcow2-image.binary base/qcow2-image.binary
provides livecd.ubuntu-cpc.img provides livecd.ubuntu-cpc.img
provides livecd.ubuntu-cpc.qcow.manifest
provides livecd.ubuntu-cpc.qcow.filelist
provides livecd.ubuntu-cpc.qcow.spdx

1
live-build/ubuntu-cpc/hooks.d/base/series/squashfs
View File

@ -3,3 +3,4 @@ base/root-squashfs.binary
provides livecd.ubuntu-cpc.squashfs provides livecd.ubuntu-cpc.squashfs
provides livecd.ubuntu-cpc.squashfs.manifest provides livecd.ubuntu-cpc.squashfs.manifest
provides livecd.ubuntu-cpc.squashfs.filelist provides livecd.ubuntu-cpc.squashfs.filelist
provides livecd.ubuntu-cpc.squashfs.spdx

1
live-build/ubuntu-cpc/hooks.d/base/series/tarball
View File

@ -3,3 +3,4 @@ base/root-xz.binary
provides livecd.ubuntu-cpc.rootfs.tar.xz provides livecd.ubuntu-cpc.rootfs.tar.xz
provides livecd.ubuntu-cpc.rootfs.manifest provides livecd.ubuntu-cpc.rootfs.manifest
provides livecd.ubuntu-cpc.rootfs.filelist provides livecd.ubuntu-cpc.rootfs.filelist
provides livecd.ubuntu-cpc.rootfs.spdx

3
live-build/ubuntu-cpc/hooks.d/base/series/vagrant
View File

@ -1,3 +1,6 @@
depends disk-image depends disk-image
base/vagrant.binary base/vagrant.binary
provides livecd.ubuntu-cpc.vagrant.box provides livecd.ubuntu-cpc.vagrant.box
provides livecd.ubuntu-cpc.vagrant.manifest
provides livecd.ubuntu-cpc.vagrant.filelist
provides livecd.ubuntu-cpc.vagrant.spdx

3
live-build/ubuntu-cpc/hooks.d/base/series/vmdk
View File

@ -3,3 +3,6 @@ base/vmdk-image.binary
base/vmdk-ova-image.binary base/vmdk-ova-image.binary
provides livecd.ubuntu-cpc.vmdk provides livecd.ubuntu-cpc.vmdk
provides livecd.ubuntu-cpc.ova provides livecd.ubuntu-cpc.ova
provides livecd.ubuntu-cpc.vmdk.manifest
provides livecd.ubuntu-cpc.vmdk.filelist
provides livecd.ubuntu-cpc.vmdk.spdx

2
live-build/ubuntu-cpc/hooks.d/base/vagrant.binary
View File

@ -80,6 +80,8 @@ EOF
chroot ${mount_d} chown -R vagrant:vagrant /home/vagrant/.ssh chroot ${mount_d} chown -R vagrant:vagrant /home/vagrant/.ssh
chroot ${mount_d} chmod 700 /home/vagrant/.ssh chroot ${mount_d} chmod 700 /home/vagrant/.ssh
create_manifest $mount_d "livecd.ubuntu-cpc.vagrant.manifest" "livecd.ubuntu-cpc.vagrant.spdx" "cloud-image-vagrant-$ARCH-$(date +%Y%m%dT%H:%M:%S)"
umount_disk_image "$mount_d" umount_disk_image "$mount_d"
rmdir "$mount_d" rmdir "$mount_d"

10
live-build/ubuntu-cpc/hooks.d/base/vmdk-image.binary
View File

@ -20,8 +20,18 @@ esac
. config/functions . config/functions
vmdk_file="$PWD/livecd.ubuntu-cpc.vmdk"
if [ -e binary/boot/disk-uefi.ext4 ]; then if [ -e binary/boot/disk-uefi.ext4 ]; then
create_vmdk binary/boot/disk-uefi.ext4 livecd.ubuntu-cpc.vmdk create_vmdk binary/boot/disk-uefi.ext4 livecd.ubuntu-cpc.vmdk
uefi_file="livecd.ubuntu-cpc.disk-uefi"
cp ${uefi_file}.manifest ${vmdk_file}.manifest
cp ${uefi_file}.filelist ${vmdk_file}.filelist
cp ${uefi_file}.spdx ${vmdk_file}.spdx
elif [ -f binary/boot/disk.ext4 ]; then elif [ -f binary/boot/disk.ext4 ]; then
create_vmdk binary/boot/disk.ext4 livecd.ubuntu-cpc.vmdk create_vmdk binary/boot/disk.ext4 livecd.ubuntu-cpc.vmdk
disk_file="livecd.ubuntu-cpc.disk-image"
cp ${disk_file}.manifest ${vmdk_file}.manifest
cp ${disk_file}.filelist ${vmdk_file}.filelist
cp ${disk_file}.spdx ${vmdk_file}.spdx
fi fi