mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-15 19:42:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/cmake/make_dist.cmake.in
Vladislav Vaintroub 2563839853 MDEV-34979 generate SBOM from server builds 
This commit adds the capability to generate a Software Bill of Materials
(SBOM) from server builds.

It introduces a new WITH_SBOM variable, which defaults to ON for package
builds (i.e if BUILD_CONFIG is used) and to OFF otherwise.

When enabled, the build process will produce an sbom.json document in
CycloneDX format, capturing information about various dependencies,
which is gathered from various sources.

We use git submodule information and CMake external projects properties
to gather version information for 3rd party code, but also handle
dependencies if external code is part of our repository
(zlib, or Connect storage engine's minizip)

The SBOM document is stored in the root build directory in sbom.json file,
but is not currently installed.
2025-01-15 14:37:43 +01:00

198 lines
6.5 KiB
CMake
Raw Permalink Blame History

# Copyright (c) 2009, 2015, Oracle and/or its affiliates.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA
# Make source distribution
# If bzr is present, run bzr export.
# Otherwise, just run cpack with source configuration.
SET(CMAKE_SOURCE_DIR "@CMAKE_SOURCE_DIR@")
SET(CMAKE_BINARY_DIR "@CMAKE_BINARY_DIR@")
SET(CPACK_SOURCE_PACKAGE_FILE_NAME "@CPACK_SOURCE_PACKAGE_FILE_NAME@")
SET(CMAKE_CPACK_COMMAND "@CMAKE_CPACK_COMMAND@")
SET(CMAKE_COMMAND "@CMAKE_COMMAND@")
SET(GIT_EXECUTABLE "@GIT_EXECUTABLE@")
SET(GTAR_EXECUTABLE "@GTAR_EXECUTABLE@")
SET(TAR_EXECUTABLE "@TAR_EXECUTABLE@")
SET(CMAKE_GENERATOR "@CMAKE_GENERATOR@")
SET(CMAKE_MAKE_PROGRAM "@CMAKE_MAKE_PROGRAM@")
SET(CMAKE_SYSTEM_NAME "@CMAKE_SYSTEM_NAME@")
SET(VERSION "@VERSION@")
SET(MYSQL_DOCS_LOCATION "@MYSQL_DOCS_LOCATION@")
SET(PACKAGE_DIR ${CMAKE_BINARY_DIR}/${CPACK_SOURCE_PACKAGE_FILE_NAME})
FILE(REMOVE_RECURSE ${PACKAGE_DIR})
FILE(REMOVE ${PACKAGE_DIR}.tar.gz )
IF(GIT_EXECUTABLE)
MESSAGE(STATUS "Running git checkout-index")
EXECUTE_PROCESS(
COMMAND "${GIT_EXECUTABLE}" checkout-index --all --prefix=${PACKAGE_DIR}/
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
RESULT_VARIABLE RESULT
)
IF(NOT RESULT EQUAL 0)
SET(GIT_EXECUTABLE)
ENDIF()
EXECUTE_PROCESS(
COMMAND "${GIT_EXECUTABLE}" submodule foreach "${GIT_EXECUTABLE} checkout-index --all --prefix=${PACKAGE_DIR}/$path/"
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
RESULT_VARIABLE RESULT
)
IF(NOT RESULT EQUAL 0)
SET(GIT_EXECUTABLE)
ENDIF()
EXECUTE_PROCESS(
COMMAND "${GIT_EXECUTABLE}" submodule foreach "${GIT_EXECUTABLE} checkout-index --all --prefix=${PACKAGE_DIR}/wsrep-lib/$path/"
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/wsrep-lib
RESULT_VARIABLE RESULT
)
IF(NOT RESULT EQUAL 0)
SET(GIT_EXECUTABLE)
ENDIF()
EXECUTE_PROCESS(
COMMAND "${GIT_EXECUTABLE}" submodule foreach "${GIT_EXECUTABLE} checkout-index --all --prefix=${PACKAGE_DIR}/storage/columnstore/columnstore/$path/"
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/storage/columnstore/columnstore
RESULT_VARIABLE RESULT
)
IF(NOT RESULT EQUAL 0)
SET(GIT_EXECUTABLE)
ENDIF()
ENDIF()
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/include/source_revision.h
${PACKAGE_DIR}/include/source_revision.h COPYONLY)
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/storage/rocksdb/rdb_source_revision.h
${PACKAGE_DIR}/storage/rocksdb/rdb_source_revision.h COPYONLY)
IF(NOT GIT_EXECUTABLE)
MESSAGE(STATUS "git not found or source dir is not a repo, use CPack")
IF(CMAKE_SOURCE_DIR STREQUAL CMAKE_BINARY_DIR)
# In-source build is the worst option, we have to cleanup source tree.
# Save bison output first.
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql/sql_yacc.cc
${CMAKE_BINARY_DIR}/sql_yacc.cc COPYONLY)
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql/sql_yacc.hh
${CMAKE_BINARY_DIR}/sql_yacc.hh COPYONLY)
IF(CMAKE_GENERATOR MATCHES "Makefiles")
# make clean
EXECUTE_PROCESS(
COMMAND ${CMAKE_MAKE_PROGRAM} clean
WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
)
ENDIF()
# Restore bison output
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql_yacc.cc
${CMAKE_BINARY_DIR}/sql/sql_yacc.cc COPYONLY)
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql_yacc.hh
${CMAKE_BINARY_DIR}/sql/sql_yacc.h COPYONLY)
FILE(REMOVE ${CMAKE_BINARY_DIR}/sql_yacc.cc)
FILE(REMOVE ${CMAKE_BINARY_DIR}/sql_yacc.hh)
ENDIF()
EXECUTE_PROCESS(
COMMAND ${CMAKE_CPACK_COMMAND} -G TGZ --config ./CPackSourceConfig.cmake
${CMAKE_BINARY_DIR}/CPackSourceConfig.cmake
WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
)
EXECUTE_PROCESS(
COMMAND ${CMAKE_COMMAND} -E tar xzf
${CPACK_SOURCE_PACKAGE_FILE_NAME}.tar.gz
${PACK_SOURCE_PACKAGE_FILE_NAME}
WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
)
ENDIF()
# Copy bison output
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql/yy_mariadb.hh
${PACKAGE_DIR}/sql/yy_mariadb.hh COPYONLY)
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql/yy_mariadb.cc
${PACKAGE_DIR}/sql/yy_mariadb.cc COPYONLY)
# Copy bison output
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql/yy_oracle.hh
${PACKAGE_DIR}/sql/yy_oracle.hh COPYONLY)
CONFIGURE_FILE(${CMAKE_BINARY_DIR}/sql/yy_oracle.cc
${PACKAGE_DIR}/sql/yy_oracle.cc COPYONLY)
# Add documentation, if user has specified where to find them
IF(MYSQL_DOCS_LOCATION)
MESSAGE("Copying documentation files from " ${MYSQL_DOCS_LOCATION})
EXECUTE_PROCESS(COMMAND ${CMAKE_COMMAND} -E copy_directory "${MYSQL_DOCS_LOCATION}" "${PACKAGE_DIR}")
ENDIF()
# Ensure there is an "INFO_SRC" file.
INCLUDE(${CMAKE_BINARY_DIR}/info_macros.cmake)
IF(NOT EXISTS ${PACKAGE_DIR}/Docs/INFO_SRC)
CREATE_INFO_SRC(${PACKAGE_DIR}/Docs)
ENDIF()
INCLUDE(${CMAKE_SOURCE_DIR}/cmake/generate_submodule_info.cmake)
GENERATE_SUBMODULE_INFO(${PACKAGE_DIR}/cmake/submodule_info.cmake)
# In case we used CPack, it could have copied some
# extra files that are not usable on different machines.
FILE(REMOVE ${PACKAGE_DIR}/CMakeCache.txt)
# When packing source, prefer gnu tar to "cmake -P tar"
# cmake does not preserve timestamps.gnuwin32 tar is broken, cygwin is ok
IF(CMAKE_SYSTEM_NAME MATCHES "Windows")
IF (EXISTS C:/cygwin/bin/tar.exe)
SET(TAR_EXECUTABLE C:/cygwin/bin/tar.exe)
ENDIF()
ENDIF()
IF(GTAR_EXECUTABLE)
SET(GNUTAR ${GTAR_EXECUTABLE})
ELSEIF(TAR_EXECUTABLE)
EXECUTE_PROCESS(
COMMAND "${TAR_EXECUTABLE}" --version
RESULT_VARIABLE RESULT OUTPUT_VARIABLE OUT ERROR_VARIABLE ERR
)
IF(RESULT EQUAL 0 AND OUT MATCHES "GNU")
SET(GNUTAR ${TAR_EXECUTABLE})
ENDIF()
ENDIF()
SET($ENV{GZIP} "--best")
IF(GNUTAR)
SET(PACK_COMMAND
${GNUTAR} cfz
${CPACK_SOURCE_PACKAGE_FILE_NAME}.tar.gz
${CPACK_SOURCE_PACKAGE_FILE_NAME}
)
ELSE()
SET(PACK_COMMAND ${CMAKE_COMMAND} -E tar cfz
${CPACK_SOURCE_PACKAGE_FILE_NAME}.tar.gz
${CPACK_SOURCE_PACKAGE_FILE_NAME}
)
ENDIF()
MESSAGE(STATUS "Creating source package")
EXECUTE_PROCESS(
COMMAND ${PACK_COMMAND}
)
MESSAGE(STATUS "Source package ${PACKAGE_DIR}.tar.gz created")
Reference in a new issue View git blame Copy permalink