diff --git a/build-all-targets.sh b/build-all-targets.sh deleted file mode 100755 index e602ddd6..00000000 --- a/build-all-targets.sh +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2023 Contributors to the Eclipse Foundation -# -# Building all currently supported targets. -# Uses cross for cross-compiling. Needs to be executed -# before docker build, as docker collects the artifacts -# created by this script -# this needs the have cross, cargo-license and createbom dependencies installed -# -# SPDX-License-Identifier: Apache-2.0 - -# exit on error, to not waste any time -set -e - -SCRIPT_PATH=$(realpath "$0") -SCRIPT_DIR=$(dirname "$SCRIPT_PATH") - -CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse - -# Check if a certai feature set was requested -if [ -z "$KUKSA_DATABROKER_FEATURES" ]; then - # If not set, assign a default value - KUKSA_DATABROKER_FEATURES="databroker/default" -fi - -echo "Building with features: $KUKSA_DATABROKER_FEATURES" - - -# We need to clean this folder in target, otherwise we get weird side -# effects building for different archs, complaining libc crate can not find -# GLIBC, i.e -# Compiling libc v0.2.149 -#error: failed to run custom build command for `libc v0.2.149` -# -#Caused by: -# process didn't exit successfully: `/target/release/build/libc-2dd22ab6b5fb9fd2/#build-script-build` (exit status: 1) -# --- stderr -# /target/release/build/libc-2dd22ab6b5fb9fd2/build-script-build: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.29' not found (required by /target/release/build/libc-2dd22ab6b5fb9fd2/build-script-build) -# -# It seems cross/cargo is reusing something from previous builds it shouldn't. -# the finished artifact resides in ../target/x86_64-unknown-linux-musl/release -# so deleting the temporary files in target/releae is no problem -cleanup_target_release_dir() { - echo "Clean up target dir..." - rm -rf "$SCRIPT_DIR/target/release" -} - -# Create thirdparty bom -rm -rf "$SCRIPT_DIR/databroker/thirdparty" || true -pushd createbom/ -python3 createbom.py ../databroker -popd - -# Building AMD46 -echo "Building AMD64" -cleanup_target_release_dir -cross build --target x86_64-unknown-linux-musl --features $KUKSA_DATABROKER_FEATURES --bin databroker --release - -# Building ARM64 -echo "Building ARM64" -cleanup_target_release_dir -cross build --target aarch64-unknown-linux-musl --features $KUKSA_DATABROKER_FEATURES --bin databroker --release - -# Build RISCV64, this is a glibc based build, as musl is not -# yet supported -echo "Building RISCV64" -cleanup_target_release_dir -cross build --target riscv64gc-unknown-linux-gnu --features $KUKSA_DATABROKER_FEATURES --bin databroker --release - -# Prepare dist folders -echo "Prepare amd64 dist folder" -mkdir -p "$SCRIPT_DIR/dist/amd64" -cp "$SCRIPT_DIR/target/x86_64-unknown-linux-musl/release/databroker" "$SCRIPT_DIR/dist/amd64" -cp -r "$SCRIPT_DIR/databroker/thirdparty" "$SCRIPT_DIR/dist/amd64" - -echo "Prepare arm64 dist folder" -mkdir -p "$SCRIPT_DIR/dist/arm64" -cp "$SCRIPT_DIR/target/aarch64-unknown-linux-musl/release/databroker" "$SCRIPT_DIR/dist/arm64" -cp -r "$SCRIPT_DIR/databroker/thirdparty" "$SCRIPT_DIR/dist/arm64" - -echo "Prepare riscv64 dist folder" -mkdir -p "$SCRIPT_DIR/dist/riscv64" -cp "$SCRIPT_DIR/target/riscv64gc-unknown-linux-gnu/release/databroker" "$SCRIPT_DIR/dist/riscv64" -cp -r "$SCRIPT_DIR/databroker/thirdparty" "$SCRIPT_DIR/dist/riscv64" diff --git a/build-databroker.sh b/build-databroker.sh new file mode 100755 index 00000000..4947b9ed --- /dev/null +++ b/build-databroker.sh @@ -0,0 +1,159 @@ +#!/bin/bash +# +# Copyright (c) 2023 Contributors to the Eclipse Foundation +# +# Building all currently supported targets. +# Uses cross for cross-compiling. Needs to be executed +# before docker build, as docker collects the artifacts +# created by this script +# this needs the have cross, cargo-license and createbom dependencies installed +# +# SPDX-License-Identifier: Apache-2.0 + + +# This script will build databroker for different architectures uing cross +# (https://github.com/cross-rs/cross) +# Artifacts will be out in the directory ./dist in the form required for the +# Dockerfile +# +# You run it like +# +# ./build-databroker.sh plattforms +# +# where platform can be one or more of +# +# arm64, amd64, riscv64, i.e. the following are valid commandlines +# +# ./build-databroker.sh amd64 +# ./build-databroker.sh amd64 arm64 riscv64 +# +# you can enable features that will be passed to cargo +# by setting the environment variable KUKSA_DATABROKER_FEATURES, i.e. +# +# KUKSA_DATABROKER_FEATURES=databroker/viss,databroker/tls +# +# If you want generate an SBOM and assemble a list of licenses set +# KUKSA_DATABROKER_SBOM to "yes" or "true", +# +# KUKSA_DATABROKER_SBOM=y +# +# This will generate a Cyclone DX SBOM and collect license. For +# this to work it expects cargo-cyclonedx to be installed and it +# requires the collectlicensefiles from +# https://github.com/eclipse-kuksa/kuksa-common/tree/main/sbom-tools +# to be available +# + + +# exit on error, to not waste any time +set -e + +SCRIPT_PATH=$(realpath "$0") +SCRIPT_DIR=$(dirname "$SCRIPT_PATH") + +# need a key value matching but no bash 4 an macOS +# so this nice hack works on bash 3 as well +tmprefix=$(basename -- "$0") +TARGET_MAP=$(mktemp -dt ${tmprefix}XXXXX) +echo >${TARGET_MAP}/arm64 aarch64-unknown-linux-musl +echo >${TARGET_MAP}/amd64 x86_64-unknown-linux-musl +# RISCV64 is a glibc based build, as musl is not +# yet supported +echo >${TARGET_MAP}/riscv64 riscv64gc-unknown-linux-gnu + +CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse + +# Check if a certain feature set was requested +if [ -z "$KUKSA_DATABROKER_FEATURES" ]; then + # If not set, assign a default value + KUKSA_DATABROKER_FEATURES="databroker/default" +fi + +SBOM=0 +# Check whether to build SBOM +if [ ! -z "$KUKSA_DATABROKER_SBOM" ]; then + # If set, check whether it is "y" + if [[ $KUKSA_DATABROKER_SBOM =~ ^[Yy](es)?$ || $KUKSA_DATABROKER_SBOM =~ ^[Tt](rue)?$ ]]; then + SBOM=1 + fi +fi + +if [[ $SBOM -eq 1 ]]; then + echo "Will create SBOM" +else + echo "Will not create SBOM" +fi + +echo "Building with features: $KUKSA_DATABROKER_FEATURES" + + + + +# Builds for a given target and collects data to be distirbuted in docker. Needs +# Rust target triplett (i.e. x86_64-unknown-linux-musl) and the corresponding docker +# architecture (i.e. amd64) as input +function build_target() { + target_rust=$1 + target_docker=$2 + + echo "Building databroker for target $target_rust" + cross build --target $target_rust --features $KUKSA_DATABROKER_FEATURES --bin databroker --release + + echo "Prepare $target_docker dist folder" + mkdir ./dist/$target_docker + cp ./target/$target_rust/release/databroker ./dist/$target_docker + + if [[ $SBOM -eq 1 ]]; then + echo "Create $target_rust SBOM" + cargo cyclonedx -v -f json --describe binaries --spec-version 1.4 --target $target_rust --manifest-path ./Cargo.toml + cp ./databroker/databroker_bin.cdx.json ./dist/$target_docker/sbom.json + rm -rf ./dist/$target_docker/thirdparty-licenses || true + collectlicensefiles ./databroker/databroker_bin.cdx.json ./dist/$target_docker/thirdparty-licenses --curation ./licensecuration.yaml + fi + + # We need to clean this folder in target, otherwise we get weird side + # effects building the aarch image, complaining libc crate can not find + # GLIBC, i.e + # Compiling libc v0.2.149 + #error: failed to run custom build command for `libc v0.2.149` + # + #Caused by: + # process didn't exit successfully: `/target/release/build/libc-2dd22ab6b5fb9fd2/#build-script-build` (exit status: 1) + # --- stderr + # /target/release/build/libc-2dd22ab6b5fb9fd2/build-script-build: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.29' not found (required by /target/release/build/libc-2dd22ab6b5fb9fd2/build-script-build) + # + # It seems cross/cargo is reusing something from previous builds it shouldn't. + # the finished artifact resides in ../target/x86_64-unknown-linux-musl/release + # so deleting the temporary files in target/releae is no problem + echo "Cleaning up...." + rm -rf ./target/release +} + + +# Check valid platforms +for platform in "$@" +do + if [ ! -f ${TARGET_MAP}/$platform ]; then + echo "Invalid platform \"$platform\"" + echo "Supported platforms:" + echo "$(ls ${TARGET_MAP})" + rm -rf ${TARGET_MAP} + exit 1 + fi +done + + +# Starting a fresh build +echo "Cargo clean, to start fresh..." +cargo clean +rm -rf ./dist || true +mkdir ./dist + +for platform in "$@" +do + target=$(cat ${TARGET_MAP}/$platform) + build_target $target $platform +done + +rm -rf ${TARGET_MAP} +echo "All done." diff --git a/licensecuration.yaml b/licensecuration.yaml new file mode 100644 index 00000000..a5ecc7ac --- /dev/null +++ b/licensecuration.yaml @@ -0,0 +1,22 @@ + +# Curation file for thirdparty licenses +# Will be used by collectlicensefromcyclonedx tool +# to inform it about choosing the correct license +# artifacts to be stored in deliverables + +components: + # ring is based on the standard OpenSSL and BoringSSL + # projects, thus licensing of the codebase is complex depending + # on parts. This makes sure that except the explanatory text + # in ring (and thus in the generated CycloneDX file) are copied + # as well as the vanilla text of the ISC and OPENSSL license + # OpenSSL seems to be in the process to move to Apache-2.0, but this + # may take some time + ring: + expression: "ring AND ISC AND OPENSSL" + + +expressions: + # LLVM exception not relevant for the project, thus in situation + # like this we choose to use vanilla Apache-2.0 terms + "Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT": "Apache-2.0" \ No newline at end of file