From e972652872a12ba1064b7903de0f74ae485d3123 Mon Sep 17 00:00:00 2001 From: Patrick Ziegler Date: Sat, 1 Jun 2024 15:19:41 +0200 Subject: [PATCH] Make Tycho SBOM mapper configurable w.r.t. the project packaging types Instead of being applied on all packaging types (even those where it doesn't make sense like the target platform), the user is now able to configure for which project types the Tycho model converter is used. By default (if nothing else is specified), this converter is only used for plugins and features, to avoid issues when the e.g. the target definition is defined in its own module or the the reactor contains non-Tycho packaging types (jar/pom/bundle/...). --- .../sbom/example.test1/META-INF/MANIFEST.MF | 8 ++ .../sbom/example.test1/build.properties | 5 ++ .../sbom/example.test2/META-INF/MANIFEST.MF | 8 ++ .../sbom/example.test2/build.properties | 5 ++ tycho-its/projects/sbom/pom.xml | 29 +++++- .../target-definition.target | 0 .../tycho/test/reactor/BomCreationTest.java | 3 + tycho-sbom/pom.xml | 9 ++ .../tycho/sbom/TychoModelConverter.java | 26 +++++- .../tycho/sbom/TychoSBOMConfiguration.java | 90 +++++++++++++++++++ 10 files changed, 181 insertions(+), 2 deletions(-) create mode 100644 tycho-its/projects/sbom/example.test1/META-INF/MANIFEST.MF create mode 100644 tycho-its/projects/sbom/example.test1/build.properties create mode 100644 tycho-its/projects/sbom/example.test2/META-INF/MANIFEST.MF create mode 100644 tycho-its/projects/sbom/example.test2/build.properties rename tycho-its/projects/sbom/{ => target-platform}/target-definition.target (100%) create mode 100644 tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoSBOMConfiguration.java diff --git a/tycho-its/projects/sbom/example.test1/META-INF/MANIFEST.MF b/tycho-its/projects/sbom/example.test1/META-INF/MANIFEST.MF new file mode 100644 index 0000000000..342ecc5e07 --- /dev/null +++ b/tycho-its/projects/sbom/example.test1/META-INF/MANIFEST.MF @@ -0,0 +1,8 @@ +Manifest-Version: 1.0 +Bundle-ManifestVersion: 2 +Bundle-Name: Test-Fragment with SBOM +Bundle-SymbolicName: example.test1 +Bundle-Version: 1.0.0.qualifier +Fragment-Host: example.plugin +Automatic-Module-Name: example.test1 +Bundle-RequiredExecutionEnvironment: JavaSE-17 diff --git a/tycho-its/projects/sbom/example.test1/build.properties b/tycho-its/projects/sbom/example.test1/build.properties new file mode 100644 index 0000000000..6027e91c70 --- /dev/null +++ b/tycho-its/projects/sbom/example.test1/build.properties @@ -0,0 +1,5 @@ +pom.model.packaging = eclipse-test-plugin +source.. = src/ +output.. = bin/ +bin.includes = META-INF/,\ + . diff --git a/tycho-its/projects/sbom/example.test2/META-INF/MANIFEST.MF b/tycho-its/projects/sbom/example.test2/META-INF/MANIFEST.MF new file mode 100644 index 0000000000..266cea4974 --- /dev/null +++ b/tycho-its/projects/sbom/example.test2/META-INF/MANIFEST.MF @@ -0,0 +1,8 @@ +Manifest-Version: 1.0 +Bundle-ManifestVersion: 2 +Bundle-Name: Test-Fragment with SBOM +Bundle-SymbolicName: example.test2 +Bundle-Version: 1.0.0.qualifier +Fragment-Host: example.plugin +Automatic-Module-Name: example.test2 +Bundle-RequiredExecutionEnvironment: JavaSE-17 diff --git a/tycho-its/projects/sbom/example.test2/build.properties b/tycho-its/projects/sbom/example.test2/build.properties new file mode 100644 index 0000000000..6027e91c70 --- /dev/null +++ b/tycho-its/projects/sbom/example.test2/build.properties @@ -0,0 +1,5 @@ +pom.model.packaging = eclipse-test-plugin +source.. = src/ +output.. = bin/ +bin.includes = META-INF/,\ + . diff --git a/tycho-its/projects/sbom/pom.xml b/tycho-its/projects/sbom/pom.xml index 6247a9b633..341b2bf16a 100644 --- a/tycho-its/projects/sbom/pom.xml +++ b/tycho-its/projects/sbom/pom.xml @@ -13,8 +13,11 @@ example.feature example.plugin + example.test1 + example.test2 product repository + target-platform @@ -31,7 +34,11 @@ ${tycho-version} - ../target-definition.target + + tycho-demo + target-definition + 1.0.0-SNAPSHOT + @@ -50,6 +57,14 @@ today + + org.eclipse.tycho + tycho-surefire-plugin + ${tycho-version} + + false + + org.cyclonedx cyclonedx-maven-plugin @@ -72,6 +87,18 @@ + + org.eclipse.tycho + tycho-sbom + ${tycho-version} + + + eclipse-plugin + eclipse-feature + eclipse-repository + + + diff --git a/tycho-its/projects/sbom/target-definition.target b/tycho-its/projects/sbom/target-platform/target-definition.target similarity index 100% rename from tycho-its/projects/sbom/target-definition.target rename to tycho-its/projects/sbom/target-platform/target-definition.target diff --git a/tycho-its/src/test/java/org/eclipse/tycho/test/reactor/BomCreationTest.java b/tycho-its/src/test/java/org/eclipse/tycho/test/reactor/BomCreationTest.java index 6ee02906bf..a8a9d3c6ab 100644 --- a/tycho-its/src/test/java/org/eclipse/tycho/test/reactor/BomCreationTest.java +++ b/tycho-its/src/test/java/org/eclipse/tycho/test/reactor/BomCreationTest.java @@ -40,6 +40,9 @@ public class BomCreationTest extends AbstractTychoIntegrationTest { public void setUp() throws Exception { if (verifier == null) { verifier = getVerifier("sbom", false); + // CycloneDX is logging an excessive amount of data on DEBUG level. + // Way too much for the verifier to handle properly... + verifier.getCliOptions().remove("-X"); verifier.executeGoal("verify"); verifyErrorFreeLog(verifier); } diff --git a/tycho-sbom/pom.xml b/tycho-sbom/pom.xml index 2db12b224e..78a8602e98 100644 --- a/tycho-sbom/pom.xml +++ b/tycho-sbom/pom.xml @@ -7,6 +7,7 @@ tycho-sbom Tycho SBOM model extension + maven-plugin @@ -50,6 +51,14 @@ + + + org.apache.maven.plugins + maven-plugin-plugin + + tycho-sbom + + \ No newline at end of file diff --git a/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoModelConverter.java b/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoModelConverter.java index 4cd9ca814a..b54cb51198 100644 --- a/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoModelConverter.java +++ b/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoModelConverter.java @@ -76,6 +76,7 @@ */ @Component(role = ModelConverter.class) public class TychoModelConverter extends DefaultModelConverter { + private static final String KEY_CONTEXT = TychoSBOMConfiguration.class.toString(); private static final Logger LOG = LoggerFactory.getLogger(TychoModelConverter.class); @Inject @@ -133,7 +134,8 @@ public String generateClassifierlessPackageUrl(Artifact artifact) { */ private String generatePackageUrl(Artifact artifact, boolean withVersion, boolean withClassifier, Supplier fallback) { - if (reactorReader.isTychoReactorArtifact(artifact)) { + TychoSBOMConfiguration sbomConfig = getOrCreateCurrentProjectConfiguration(); + if (sbomConfig.getIncludedPackagingTypes().contains(reactorReader.getPackagingType(artifact))) { ArtifactKey artifactKey = getQualifiedArtifactKey(artifact); IArtifactKey p2artifactKey = ArtifactTypeHelper.toP2ArtifactKey(artifactKey); boolean isReactorProject = reactorReader.getTychoReactorProject(artifact).isPresent(); @@ -299,4 +301,26 @@ private List getTargetRepositories(MavenProject currentProject) { return Collections.unmodifiableList(p2repositories); } + + /** + * The is created lazily based on the plugin configuration of this SBOM project. + * If is converter is used outside a project, a default configuration is + * returned. If no configuration has been created for the current project, a new + * instance is created and stored as context value, which is then returned on + * successive calls. + * + * @return The SBOM configuration of the current project. Never {@code null}. + */ + private synchronized TychoSBOMConfiguration getOrCreateCurrentProjectConfiguration() { + MavenProject currentProject = legacySupport.getSession().getCurrentProject(); + if (currentProject == null) { + return new TychoSBOMConfiguration(); + } + TychoSBOMConfiguration projectConfig = (TychoSBOMConfiguration) currentProject.getContextValue(KEY_CONTEXT); + if (projectConfig == null) { + projectConfig = new TychoSBOMConfiguration(currentProject); + currentProject.setContextValue(KEY_CONTEXT, projectConfig); + } + return projectConfig; + } } diff --git a/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoSBOMConfiguration.java b/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoSBOMConfiguration.java new file mode 100644 index 0000000000..664174c61c --- /dev/null +++ b/tycho-sbom/src/main/java/org/eclipse/tycho/sbom/TychoSBOMConfiguration.java @@ -0,0 +1,90 @@ +/******************************************************************************* + * Copyright (c) 2024 Patrick Ziegler and others. + * This program and the accompanying materials + * are made available under the terms of the Eclipse Public License 2.0 + * which accompanies this distribution, and is available at + * https://www.eclipse.org/legal/epl-2.0/ + * + * SPDX-License-Identifier: EPL-2.0 + * + * Contributors: + * Patrick Ziegler - initial API and implementation + *******************************************************************************/ +package org.eclipse.tycho.sbom; + +import java.util.Arrays; +import java.util.Set; +import java.util.stream.Collectors; + +import org.apache.maven.model.Plugin; +import org.apache.maven.project.MavenProject; +import org.codehaus.plexus.util.xml.Xpp3Dom; +import org.eclipse.tycho.PackagingType; + +/** + * Configuration of the {@code tycho-sbom} plugin to configure the packaging + * types for which the {@link TychoModelConverter} is used. By default only + * plug-ins and features are supported, but user may include additional types + * using this class. Example: + * + * 
+ * <configuration>
+ *   <includes>
+ *     <include>eclipse-plugin</include>
+ *     <include>eclipse-feature</include>
+ *     <include>eclipse-repository</include>
+ *   </includes>
+ * </configuration>>
+ *
+ */ +public class TychoSBOMConfiguration { + private static final Set DEFAULT_TYPES = Set.of(PackagingType.TYPE_ECLIPSE_FEATURE, + PackagingType.TYPE_ECLIPSE_PLUGIN); + private static final String KEY_INCLUDES = "includes"; + /** + * Contains all packaging types for which the {@link TychoModelConverter} should + * be used. Initialized with {@link #DEFAULT_TYPES} if no other configuration is + * specified. + */ + private Set includes = DEFAULT_TYPES; + + /** + * A default implementation that is used when used outside of a Maven project. + */ + public TychoSBOMConfiguration() { + // no-op + } + + /** + * Initializes the configuration based on the configuration of the + * {@code tycho-sbom} plugin. If no configuration exists, this configuration is + * initialized with its default values. + */ + public TychoSBOMConfiguration(MavenProject currentProject) { + Plugin plugin = currentProject.getPlugin("org.eclipse.tycho:tycho-sbom"); + if (plugin != null && plugin.getConfiguration() instanceof Xpp3Dom root) { + readIncludes(root.getChild(KEY_INCLUDES)); + } + } + + private void readIncludes(Xpp3Dom parent) { + if (parent == null) { + return; + } + // Overwrite default configuration + includes = Arrays.stream(parent.getChildren()) // + .map(Xpp3Dom::getValue) // + .collect(Collectors.toUnmodifiableSet()); + } + + /** + * Returns all packaging types for which the {@link TychoModelConverter} should + * be used. + * + * @return An unmodifiable list of {@link String}s. + */ + public Set getIncludedPackagingTypes() { + // Set is already immutable + return includes; + } +}