| Message ID | 20251022153921.2494749-10-felix.moessbauer@siemens.com |
|---|---|
| State | Under Review |
| Headers | show
Return-Path: <isar-users+bncBCYIZ4M3XAKRBSXV4PDQMGQEGIP7QUA@googlegroups.com>
Received: from shymkent.ilbers.de ([unix socket])
by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA;
Wed, 22 Oct 2025 17:40:02 +0200
X-Sieve: CMU Sieve 2.4
Received: from mail-pg1-f187.google.com (mail-pg1-f187.google.com
[209.85.215.187])
by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id
59MFe123021656
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <iupwgm@isar-build.org>; Wed, 22 Oct 2025 17:40:01 +0200
Received: by mail-pg1-f187.google.com with SMTP id
41be03b00d2f7-b63038a6350sf762664a12.0
for <iupwgm@isar-build.org>; Wed, 22 Oct 2025 08:40:01 -0700 (PDT)
ARC-Seal: i=3; a=rsa-sha256; t=1761147595; cv=pass;
d=google.com; s=arc-20240605;
b=N/ZYPq1Ry13rInENfBb+UihD9gTM3X9t1yPQdzOlNh/aj3DVuCH+vg2qEwhScT44rN
2saeKSpCUN4+oMQRNDg+Jce7W8IKMg0ti+/aqDqZR2a64v7flq+6zfbQKQwnKigpOMCQ
NNKRoln81YdmdONmnX5GXVkDkGs4Cj2J73nIhNm2uLylUKA1Owq7D/KT6SI1X3hgTgap
WPT6fhsPacEWtIvHcUhrBi+QgokCLpCdNWz50p+bkd5vvlPyv2qPn84odM2p1Zjfr70K
g6e9xJa2z+SGCkQhw+NG3GL5t2ANjw0jf+yCgF1AOHqC1dM+ya0+ksrIIMWw+cJslUfy
hDKw==
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to:mime-version:references
:in-reply-to:message-id:date:subject:cc:to:from:dkim-signature;
bh=/edBlQU+BmGNg0E8sKiC/z9bt0MTtF7NO/OQAuwnwLI=;
fh=LJvJTM1SNOeh0JoPzvECfoSK73jA+riqiIXUj1mEk8Q=;
b=Rej8FMGIc/MjpBachzyJzyXyUvXTqYBFKeQvFEFKHr7kaNm8uRgBuuAcXizGpNcpY0
qDYIy9ZnTAHT+X5PfRXOUf4uUdqJwmflRiB7aoSHpNyTWL0inaUhbMQwxMIlI8FlKel0
Bs/SHeIAemlpB6xetCZR5/t7PNCMQSHPEnXuohRXNsII3872vH9bSZEDPExqPGjHM4Mq
797sSxeOOiz/Zo0eHdwHSUCQBdZs1z2kBxZQTQOtNHm9I2i2L1/peU28vc2Jrg5CQfyl
JpdhR2PQQwUfRg/Bk/xt3W5R+7V/Jp6X3nxUPsVQhkGO+4TmLeE3TD3/F/Ye/RZOAyKs
1wAA==;
darn=isar-build.org
ARC-Authentication-Results: i=3; gmr-mx.google.com;
dkim=pass header.i=@siemens.com header.s=selector2 header.b=hS29kdkJ;
arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass
dkdomain=siemens.com dmarc=pass fromdomain=siemens.com);
spf=pass (google.com: domain of felix.moessbauer@siemens.com designates
2a01:111:f403:c20a::7 as permitted sender)
smtp.mailfrom=felix.moessbauer@siemens.com;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1761147595; x=1761752395;
darn=isar-build.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from:from:to
:cc:subject:date:message-id:reply-to;
bh=/edBlQU+BmGNg0E8sKiC/z9bt0MTtF7NO/OQAuwnwLI=;
b=JE44xk3FUldeHSa0tn2lMX/QqMdo9ZUSSPuUb/HvNg3MTkK1/WdBSHuy/DNrgddQYU
rL+rVYVnxD8fsANQa0PCfU6yMKxAnoaEJ+6p1NIF2eNHfAb4oiHisltEnoF3m14t8a+6
GhhNWWTG7wMK15LxsiaNXF2hf9OLN561/XF4Hi1vMh4FSbPwi3S/RAZ7rRXdZJBbmmLt
Lihak5AVNP5RH2HmWCCWXEOFPLkL8L+vIi3nSYI+s1QBJYp9oIL81RUtyhY4s7vQgrIl
61C+lT0p3oEz6ikOC+LzXGxmnBfPPB/IE6KtBfXcfnXk8K6BFhx52d+8/zJwB+wvM2dO
rnnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1761147595; x=1761752395;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=/edBlQU+BmGNg0E8sKiC/z9bt0MTtF7NO/OQAuwnwLI=;
b=UxFurukfVhIiGOA+XJfK7KCierzYEKCnFJAz99/t87LP4z/zlkxKGD0pkqy1p1ODeo
6dyfFMzrRYMTO2Us8l3s/a7Y76agt36fHGs9e/T5Yrxy6K2Fywn65sMdn2eUxmKaRP88
ilm78iRqutf3UxxRpVB++l2WD/qpyATUccCFm/s3bg3fJCnuSD/E/uvP3lHY1Vnyydld
4u/JHo+7jThiB855tUokRyorF0KSFqtgbqR5TE15HJ4sFHE4kZpukcvToigIaiRt1dM6
TAbLGe2R0gBqMkMdwE0oOJ3RV2LXcg99jYh4ezxRnpmTkqE+j/WSE0I1i0nppevXTr7H
d/LQ==
X-Forwarded-Encrypted: i=3;
AJvYcCVMFT8vBa2zaKLifykvbx9edxduCiXoRFHhbEsnXQ4/srkzsmerSnka1cbZXqFzr2DKvrhyZME=@isar-build.org
X-Gm-Message-State: AOJu0YzM4CLm2MGjrHFrDChQu5Nn+3L9RmsSHEtzct4u1p3HU6MLo8UQ
3zJ5d2CRl8VMekFVYBn6EvY84IBxo9dt81hyly7LYW+LdOlaIgZm9Oqe
X-Google-Smtp-Source:
AGHT+IECHx/Du+SPlj2U3SYypb+X7r6/L4REkmsJtR8OCYsgmfI0GRo4BNa4daxlpvcljGFS63y6Tg==
X-Received: by 2002:a17:903:11cd:b0:24b:1585:6350 with SMTP id
d9443c01a7336-292ffbd1396mr47043365ad.11.1761147594742;
Wed, 22 Oct 2025 08:39:54 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com;
h="ARHlJd5AOVC1kKWwMfnxsLlAKGzD2yWk3WijOcG7OFDnq5JNOA=="
Received: by 2002:a17:903:9cc:b0:264:a0dd:421e with SMTP id
d9443c01a7336-293000cfebfls7016435ad.1.-pod-prod-00-us-canary; Wed, 22 Oct
2025 08:39:53 -0700 (PDT)
X-Received: by 2002:a17:903:1c8:b0:26c:4085:e3ef with SMTP id
d9443c01a7336-292ffc32e89mr46736655ad.21.1761147593191;
Wed, 22 Oct 2025 08:39:53 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1761147593; cv=pass;
d=google.com; s=arc-20240605;
b=BfZylz5JgnItwoWovfCyb08uw0hDQNcFNVpz/0Qjrzwr+zNY7RVZdmOmtj1KMoEhy1
6Xgk/dC637hDCURvi1j/nDa2QHqjsHK8tPq+CKVHAYkzQSKVn25Ims1R9g4fXnZKGvX2
BrOQqxANNR4o7FR03/AT8mlJiA1Sdp+tCqyyRQsopPXdhzqaeP9p7WXm7tfJ36Zq28aB
F1GYY1/z4cUo1pIhAyyDtJbd1lvemu+Bf8Zkayx4xnTt61F3jmgMmjqmCT3vf57jllIT
KAeqid0OFlwkXvEekSyQH46ErPk5hQIFsANneKdg93MLAa4xDkHj6ybYZ2f6SwApVaYO
QOUg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=mime-version:content-transfer-encoding:references:in-reply-to
:message-id:date:subject:cc:to:from:dkim-signature;
bh=KmD/VCbg8DIjmMEj4FzBXAasYKGpR6S8DAiMqU41/vk=;
fh=U8bm4dTYQmv4LpgB7HlcKSsNa947JBNKOeDeOLKSao8=;
b=WzCZ+21rhtVa9/w0wpide50lPVbx/R3MPxbzjiOKowei4P53EdmLcS9HlIiw1fOFAE
SjZKVv5AK6uyYC+j84baMecrmeuyf9GrL7XhA7aeoXrB36lhuh6RRnt01Jb58fgpZwoz
p/huuedsNQ1vFriLGhbr5EeP2sRLxJ49angSUDfoh9QUmAJy6mhyMV2y8kx4XRzsK411
bAe0nGR/pn/suyQ5Dk1NaUP+SLErypABy+zMYEjvfvSRC8GzCFpdN8g+RaHT6Bo11ucN
qaWwZuHaeoMTz++4S+eeWtB2becdVmI+4V//qndn6C0/M/CwGiU06n/9fZjVylS8o6lt
VawA==;
dara=google.com
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@siemens.com header.s=selector2 header.b=hS29kdkJ;
arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass
dkdomain=siemens.com dmarc=pass fromdomain=siemens.com);
spf=pass (google.com: domain of felix.moessbauer@siemens.com designates
2a01:111:f403:c20a::7 as permitted sender)
smtp.mailfrom=felix.moessbauer@siemens.com;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com
Received: from PA4PR04CU001.outbound.protection.outlook.com
(mail-francecentralazlp170130007.outbound.protection.outlook.com.
[2a01:111:f403:c20a::7])
by gmr-mx.google.com with ESMTPS id
d9443c01a7336-292470a6980si9842635ad.4.2025.10.22.08.39.53
for <isar-users@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 22 Oct 2025 08:39:53 -0700 (PDT)
Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com
designates 2a01:111:f403:c20a::7 as permitted sender)
client-ip=2a01:111:f403:c20a::7;
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
b=NU7KCdH0LIQaLYDbtEIc0iLSje4VzztcniT48tdY+HgjyRoqg2h2KkY/d0aCYsldfxNDhBeI6Mof+OK28MjE7riZ6Xb3qj/ZDCkfz7+K44LLNpX0uqyKZs2HFi7Sq+GWhZKmsC1G728FY7F6R0+pINKejsPFMOckzKirO6lyc7nRh1FzicbBIjW6aJYfa4FfymKPC8sPSqmkISnSvH3l5BgmXJDknRsxHeZ1PvL+AHCpTWEbu7En4/LVSLbaBmkLzRJwr0WfLz9R6JyTYI/Hm/UiuPHB42KNnHK/EVPsVQ+jtU4WKxtm9+2HB+HSyS+x1C2F9pVWPJVLca6PUgcKig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector10001;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=KmD/VCbg8DIjmMEj4FzBXAasYKGpR6S8DAiMqU41/vk=;
b=Ab7JzsH9BwGno63JId42a4QRDK53uYY4ZHUgH94+3MB0pfO/YEjED4mGBpuw9ORHAmf4666xPED63QmXe2MrLzWqVk2hyGehmD4VOpAsgIE6CxHvFweZSe/xqyFtRpZnrf8OEJCiipaLsVTABzT2eVOjcjtQf2leCkeo8DJLgKvlkdr4AfUDoWFkfhlBezWDFUjvo5wGt4SdX4IFNGf7B7WWmNvzblYUSzPntNVYmlV0B6NYZcT8iXTu9BbM6ZZMVa3p65egWVu0/0M0x+fFkKITdhC/HgCn+q8XiX28FCGIbFHJGZS8H+c4NtX3N8nJcG64oKhCOfYcsoKBM6cdRQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com;
dkim=pass header.d=siemens.com; arc=none
Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13)
by PRAPR10MB5178.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:27b::8) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9253.12; Wed, 22 Oct
2025 15:39:51 +0000
Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM
([fe80::8198:b4e0:8d12:3dfe]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM
([fe80::8198:b4e0:8d12:3dfe%4]) with mapi id 15.20.9253.011; Wed, 22 Oct 2025
15:39:51 +0000
From: "'Felix Moessbauer' via isar-users" <isar-users@googlegroups.com>
To: isar-users@googlegroups.com
Cc: christoph.steiger@siemens.com, cedric.hombourger@siemens.com,
jan.kiszka@siemens.com,
Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [PATCH v3 09/10] imager: create SBOM of IMAGER_BOM packages
Date: Wed, 22 Oct 2025 17:39:20 +0200
Message-ID: <20251022153921.2494749-10-felix.moessbauer@siemens.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251022153921.2494749-1-felix.moessbauer@siemens.com>
References: <20251022153921.2494749-1-felix.moessbauer@siemens.com>
Content-Type: text/plain; charset="UTF-8"
X-ClientProxiedBy: CH0PR03CA0035.namprd03.prod.outlook.com
(2603:10b6:610:b3::10) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM
(2603:10a6:10:47f::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|PRAPR10MB5178:EE_
X-MS-Office365-Filtering-Correlation-Id: 3d7d7ba1-bc75-4079-de57-08de11813d8c
X-MS-Exchange-AtpMessageProperties: SA
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024;
X-Microsoft-Antispam-Message-Info:
Dax7Oz1GkeaDFfC1gwErCPiYBu4xdqArsE8WLUAp2Q/gnH2Fc+B8P1qQ1RFrocAIlaNlLoADlz/vEtzvedJ36pNSZjmVPaQr4kjYCYx9tTAYjXdhqmeE5dUvpN8U5aHP3btfwRVlQD7Nf2Z7VeA0asUE+JuskkRdgS7BMP6iwt2kqJhRTi9CTY+J9zv93Bj73PPVyM8hiy1e6ZYmcAd8vAQsJLmZlVtgYNV/eaKcbQV3WeADVQRj4s8ViLXctTBwQ4lKkHFHJOvvYx2S4/vDz8k37JzlfFOVTCkJUgfhP/PukDF1ZZv3xddfmcF3XK6+gZaqBFkFE2XGHHMANMiz2BT3nRbWqYrgt0YB10O2qvN2ND19vcuf8vwtKl/OwCccBnesUKPa46QeYulN6MxdQqfDBov+nNeSGO9tGznmfifV9P2WxyJ1kf4HdBhhdXnN9QyeSPHj73rdVDoYgxJHICt6D61d3vFnqCDVTeKfQOjhIBIsXkB4ynaBIRPifFgmmKJyNotTXli0HVjy69/AMo6sBzhRcVk4sh6rcc5fi4JjaQBeyRd/DfagCxiHorhAfh/GtDsRy2a1dsmSIrG91etuZ4gLkubXrkN9e7PbZZhy0zsiEHiiI3J6srmZUwDh09c66Q+zYKhrj61MpYaa9WhIaijRA4SB7OCgW88LzWAY1KLkivqHJdosS/dsxcFkzmZtliso/+v0xbfjIssXw0gmIS5h9pqIv7iI1+lI/7n6Yz2ylr7BM8yTdXCRn1ZCLT/HmNzrvNav1M9Ug2uYRiIHnC6BKT4hI0+k/+0D9iCjFGFemhdl6CUteJNzS+nuRLBQh6a2WA9+U+qf2OO8bK0yAKLKo0R5AS1jyVX6kLoXOpFHi4aCZlCZ2wkhZG9WL5dm+xWLKG9o2cHU5RMx39jJmm12TPpzADRT13nbt9hPVeG+thEAPEi4SvCNnKWrLyij1s1o19ZtsFf1DgH/lk0Axv97RTPyhw6Pd0ru/Z1pzOG0r2mwL4MW1N1KtC+nBQ87P3vAP9vUWA5W7bQI4YahzisTN/raroWGzoBJx2LwdaiufngZgyg6SV8l0X3FR0FB24vXQcsJ3JsP9ltQrDhss1fjKZwkLdsTX0FIFNJbK+SG1VEhym00xy9ie3QbWaEmJHTACef3zUn/WDNjKXK4uD4cqnA1tAqFVICLmWM32SjAhZOsvyY6HnWQsg5CGkXldayeXm3FpkMwCr9jIxV5UFmeNQ90kTj/appsEJIRvcKf3YZA2HKBRWXQ0Fo6Fqx6shlC2MSBbyA3VkDGaF2tspFrDC+y2tZGn9g0GrCaCGn7grdHUkqh4Sr4/+zIBZeeghwBedIsEQiP2mCceFZzNUKqwDlt5nseAqy+BiMUh85mkB5qXY9isETtvkXJFvcy5iQESbYtLWDhiDzUiugdSq5e825ve4UQqdo4na7APrF7LmdAId25Wvk7w7Qm
X-Forefront-Antispam-Report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0:
C02MiEGyP3WFgq0v6r13is8hf03fI0Iq8oTQjvC+Q/V8W55qUadk8BJDaNz6MFB6JVe60fRftexDMdO+vZRiswkBPUZI4NbQdf+bx+8apZm51PcFGhbD1uE00Dx6TzS1SZiPdhodiEVWiSUXMN340Kh4W6eDaulB2Zsdcv94ZYQVqvGxhCZNycCOqC2Ydqom4Qd6FXYo3xZKzfJ7JATuZUN4jE1JsoGpFkldBLgWtMQnr2sGzEzR1nFR4Nul7e3NDiAt5qdITtOuNlkOiMGjjwmbjQkwD+nWTAQssAaU21g4uW/YNnxy8sWL0ikYhYXaH83kEL3ugfqEdljTA+9KRmAb1uNdhtetcbGfQTaf9iyEgWkiJ1zJEB7lke2HWKdOKmFU5+geXiEc88wPk3GY3wZzq/RdzC2At3raKYGpUZz5kpnRS903Au16rmgM7TpdSQJpQ8+vqmdZpQGoIqmK/1wcsHdzJ3VYsBQ7PawsRtfR6xX2ks1qNKiQCUB6ZcUS/vxLLFeZDYZgh4TrK4q9jzdwlotTJ7qjerqmzM9Tw0UbMJX4Tj/PR20fM8RBw8BJug8Z6d4yp+6g9iZLGmio71kgJIqGPABPfdFdM3oe5KNvlYnMUHaoUb/wCN0gSCiFj3dLjVtNXqaKTY2pf57cJeFwMrWdS+qMkfaeE79RvLpdDaVosLFpogmp9z4Xwb0YJ2pxA/NFkmPfapaKyuYFWnLjKl21ekVJL1AiPfFp+aRl+UT7mKdJEPvJtusloC6oR7R28ntpSxIJ4nqo0GXPOIJLGo2WFvi5Y83WanAjy7OT+z4JwlhxgEGBL0ZThkEVyEEW6uobu3U9KKMFPpZhYpC8k9Mr2BHsSBM+cIFB9Cj9WnSE5pm6bKR4wBrVD61NV3BGLxMSMNzPpjueiNX3GusAjfhOoLWhgc9dYodeOBQlSw7jp+yeopjfJN5ognnxQcRfiRriYh0FSE8AleoG1NPHIxnwkCw405oSINv9WLPLpbA/Lu7eXnDUh+hD1u7NmKrMAmNeyjrTQCJc3NltIOLHhmpZBwgu8t6X8d+ngBDovCGD/8j+B14y6MF+v62e2vX10BC7LVBOrIG9br2X3/rnkXaE4hekX2frMhYUe0xPcDWbw+m2piN9GXDdDxaM5IZiopbN86YDStgkTZWbPnVivs4trAEol/sPJ/1jh7i+mUNXpwjFPnQmXsxqKiase3iqZ0Tzy22ViTIhy2pnWQZ4IE0iUP/beHeWbOieHIHqp7+ZrkzKtLq5ZwLagbFZW1VHY5Wxh/XxE35N+/UxnZUhvXiCoxpmTKcVilOAPGiyzCSjLL4LTvnfFf0J9W07amVh/LVhffwNC42CgJXPkkUvHu492nsJUpMoUO4UuM2X7d5wHvlNOmSEmEBwva1RUrnVhJ3ME39VJmiM8N2qu0P+52QycrdMRy9Rv8uMuz/3K5rKpIyhBV3JIgCvpVOgMCHIS3JExJi6Hgy9VHeMW//s8daPL6A5dToqFnIJmtVKXXIl7bUvem2kjW/IPAHTlnrMD1+nwz8fUgjXJgXSL5D6E20XAII9vb/hLLm4wsbuQThmH6CuOg/if2ucbiQRPLj/5B8kl2g2cBvFP34zFA==
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-Network-Message-Id:
3d7d7ba1-bc75-4079-de57-08de11813d8c
X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Oct 2025 15:39:51.6654
(UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName:
CXTichvEwuIyX4R5fzZ6LSdkX7WVvxMdrNU/yo8nJ+krnymysQIXCSDUlAcAYGjoPjb0p1Kv3PhXQ5fs5qGgCwK1jBkRhWldbcBlrXZR5GI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PRAPR10MB5178
X-Original-Sender: felix.moessbauer@siemens.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@siemens.com header.s=selector2 header.b=hS29kdkJ; arc=pass
(i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass
fromdomain=siemens.com); spf=pass (google.com: domain of
felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted
sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass
(p=REJECT sp=REJECT dis=NONE) header.from=siemens.com
X-Original-From: Felix Moessbauer <felix.moessbauer@siemens.com>
Reply-To: Felix Moessbauer <felix.moessbauer@siemens.com>
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
contact isar-users+owners@googlegroups.com
List-ID: <isar-users.googlegroups.com>
X-Spam-Checked-In-Group: isar-users@googlegroups.com
X-Google-Group-Id: 914930254986
List-Post: <https://groups.google.com/group/isar-users/post>,
<mailto:isar-users@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
<mailto:isar-users+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/isar-users
List-Subscribe: <https://groups.google.com/group/isar-users/subscribe>,
<mailto:isar-users+subscribe@googlegroups.com>
List-Unsubscribe:
<mailto:googlegroups-manage+914930254986+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/isar-users/subscribe>
X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,
RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS
autolearn=unavailable autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
|
| Series |
Add SBOM generation with debsbom
|
expand
|
diff --git a/meta/classes/image-tools-extension.bbclass b/meta/classes/image-tools-extension.bbclass index 65258a5a..2576c5ef 100644 --- a/meta/classes/image-tools-extension.bbclass +++ b/meta/classes/image-tools-extension.bbclass @@ -75,6 +75,8 @@ EOAPT schroot -r -c ${session_id} -d / -- \ dpkg-query -W -f='${source:Package}|${source:Version}|${Package}:${Architecture}|${Version}\n' ${local_bom} > \ ${WORKDIR}/imager.manifest + + ${@bb.utils.contains('ROOTFS_FEATURES', 'generate-sbom', 'generate_imager_sbom', '', d)} fi schroot -e -c ${session_id} @@ -82,3 +84,23 @@ EOAPT remove_mounts schroot_delete_configs } + +generate_imager_sbom() { + TIMESTAMP=$(date --iso-8601=s -d @${SOURCE_DATE_EPOCH}) + sbom_document_uuid="${@d.getVar('SBOM_DOCUMENT_UUID') or generate_document_uuid(d, False)}" + bwrap \ + --unshare-user \ + --unshare-pid \ + --bind ${SBOM_CHROOT} / \ + --bind $schroot_dir /mnt/rootfs \ + --bind ${WORKDIR} /mnt/deploy-dir \ + -- debsbom -vv generate ${SBOM_DEBSBOM_TYPE_ARGS} \ + --from-pkglist -r /mnt/rootfs -o /mnt/deploy-dir/'${PN}-${DISTRO}-${MACHINE}-imager' \ + --distro-name '${SBOM_DISTRO_NAME}-Imager' --distro-supplier '${SBOM_DISTRO_SUPPLIER}' \ + --distro-version '${SBOM_DISTRO_VERSION}' --distro-arch '${DISTRO_ARCH}' \ + --base-distro-vendor '${SBOM_BASE_DISTRO_VENDOR}' \ + --cdx-serialnumber $sbom_document_uuid \ + --spdx-namespace '${SBOM_SPDX_NAMESPACE_PREFIX}'-$sbom_document_uuid \ + --timestamp $TIMESTAMP \ + < ${WORKDIR}/imager.manifest +}
This uses the same interface as the .manifest file, but adds the packagse to an SBOM. Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com> --- meta/classes/image-tools-extension.bbclass | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+)