Track the missing dependencies on SPDX documents#1109
Merged
ricardosalveti merged 15 commits intofoundriesio:mainfrom May 9, 2023
Merged
Track the missing dependencies on SPDX documents#1109ricardosalveti merged 15 commits intofoundriesio:mainfrom
ricardosalveti merged 15 commits intofoundriesio:mainfrom
Conversation
Member
|
Please extend the commit messages to avoid patches with just the subject line (add more details as part of the commit body message). |
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
from
cca557e to
fa73062
Compare
Member
Author
|
I reduce this PR only with the fix and move the refactor to a new one. |
Contributor
|
in the commit msg: |
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
2 times, most recently
from
5ef29b2 to
9576f23
Compare
Member
Author
fixed! thanks |
angolini
approved these changes
Apr 18, 2023
| python () { | ||
| # we need to set the DEPENDS as well to produce valid SPDX documents | ||
| for tasks in d.getVarFlag('do_install', 'depends').split(): | ||
| d.appendVar('DEPENDS', " %s" % tasks.split(":")[0]) |
Contributor
There was a problem hiding this comment.
Setting DEPENDS usually goes on the top of the file. Is there any reason it must be at the bottom in this case?
Member
Author
There was a problem hiding this comment.
Nothing special, only because it is using a non common anonymous python.
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
2 times, most recently
from
0abef67 to
ee4404e
Compare
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
3 times, most recently
from
83a8b45 to
c1eb5f5
Compare
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
2 times, most recently
from
91f39ab to
48dd890
Compare
Member
Author
|
validated on foundriesio/lmp-manifest#318 |
quaresmajose
changed the title
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
from
48dd890 to
c6be850
Compare
| for depend in depends: | ||
| recipe, task = depend.split(':') | ||
| if task == 'do_deploy' and recipe not in d.getVar('DEPENDS'): | ||
| bb.error("Task '%s' depends on '%s' but '%s' is not in DEPENDS" % (taskname, depend, recipe)) |
Member
There was a problem hiding this comment.
I think it is better for us to warn by default instead of calling an error here, as this might have side effects in customer related recipes and cause certain builds to fail.
While we do want to have SPDX in a correct form, we shouldn't just yet enforce this on every recipe (we can have as a warn first and on another release move to error, for example).
Member
Author
There was a problem hiding this comment.
I put a new commit 25a255e wih this that is simpler to reference later.
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
2 times, most recently
from
0783ed6 to
0ba3026
Compare
…n depends This handler will generate an ERROR when there are 'do_deploy' dependencies without setting the DEPENDS. One of the side effect of this issues is SPDX documents not including the correct dependencies. / | ERROR: lmp-boot-firmware-0-r0 do_install: Task 'do_install' depends on 'virtual/bootloader:do_deploy' but 'virtual/bootloader' is not in DEPENDS | ERROR: lmp-boot-firmware-0-r0 do_install: Task 'do_install' depends on 'virtual/trusted-firmware-a:do_deploy' but 'virtual/trusted-firmware-a' is not in DEPENDS \ Signed-off-by: Jose Quaresma <[email protected]>
Setting DEPENDS create dependency loops so skip the check Signed-off-by: Jose Quaresma <[email protected]>
Setting DEPENDS create dependency loops so skip the check Signed-off-by: Jose Quaresma <[email protected]>
… task[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. The following example is for the lmp-base-console-image on stm32mp15-disco machine: / | grep -E "u-boot|tf-a" deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json | deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json: "documentNamespace": "http://spdx.org/spdxdoc/recipe-tf-a-fio-546ca65d-3ceb-5456-93cd-e8acffa32a17", | deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json: "filename": "recipe-tf-a-fio.spdx.json", | deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json: "documentNamespace": "http://spdx.org/spdxdoc/recipe-tf-a-tools-native-52687ea6-9f82-5a2d-a8ab-f4e90f31e6fd", | deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json: "filename": "recipe-tf-a-tools-native.spdx.json", | deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json: "documentNamespace": "http://spdx.org/spdxdoc/recipe-u-boot-fio-cfb5b3c2-fc87-5d33-a223-5b46ae9bb0f5", | deploy/images/stm32mp15-disco/lmp-base-console-image-stm32mp15-disco.spdx.index.json: "filename": "recipe-u-boot-fio.spdx.json", \ Signed-off-by: Jose Quaresma <[email protected]>
…pends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…nce on task[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…sk[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…k[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
… on task[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…nds] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
… on task[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…epends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…o_deploy' presence on task[depends] Explicit adds the dependencies of the 'do_deploy' in the task[depends]. With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image. Signed-off-by: Jose Quaresma <[email protected]>
…f an error It is better for us to warn by default instead of calling an error here, as this might have side effects in customer related recipes and cause certain builds to fail. While we do want to have SPDX in a correct form, we shouldn't just yet enforce this on every recipe (we can have as a warn first and on another release move to error, for example). Signed-off-by: Jose Quaresma <[email protected]>
Signed-off-by: Jose Quaresma <[email protected]>
quaresmajose
force-pushed
the
lmp-boot-firmware
branch
from
0ba3026 to
3b12a43
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This handler will generate an ERROR when there are 'do_deploy' dependencies without setting the DEPENDS.
One of the side effect of this issues is SPDX documents not including the correct dependencies.
Explicit adds the dependencies of the 'do_deploy' in the task[depends].
With this patch the missed dependencies are now in the SPDX documents of the package as well as in the final SPDX of the combined image.
The following example is for the lmp-base-console-image on stm32mp15-disco machine: