Tup: generate rules from sbom.json
This commit is contained in:
parent
92dd48b528
commit
12ed9cd35b
6
Tupfile
6
Tupfile
|
@ -1,2 +1,8 @@
|
||||||
include_rules
|
include_rules
|
||||||
|
|
||||||
: sbom.json |> !sbom-to-nix |> | ./<lock>
|
: sbom.json |> !sbom-to-nix |> | ./<lock>
|
||||||
|
run ./Tuprules.jq sbom.json
|
||||||
|
|
||||||
|
: foreach {bin} |> !assert_built |>
|
||||||
|
: $(BIN_DIR)/msg |> !symlink |> $(BIN_DIR)/beep
|
||||||
|
: $(BIN_DIR)/msg |> !symlink |> $(BIN_DIR)/assert
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
#! /usr/bin/env -S jq --raw-output --from-file
|
||||||
|
.metadata.component.properties as $props |
|
||||||
|
$props |
|
||||||
|
["."] + (
|
||||||
|
map( select(.name | .[0:10] == "nim:srcDir") ) +
|
||||||
|
map( select(.name | .[0:10] == "nim:binDir") ) |
|
||||||
|
map(.value)) | .[-1] as $binDir |
|
||||||
|
|
||||||
|
$props |
|
||||||
|
map( select(.name | .[0:8] == "nim:bin:") ) |
|
||||||
|
map( ": \($binDir)/\(.value).nim |> !nim_bin |> $(BIN_DIR)/\(.name[8:]) {bin}" ) |
|
||||||
|
join("\n")
|
|
@ -1,4 +1,8 @@
|
||||||
include ../syndicate-nim/depends.tup
|
include ../syndicate-nim/depends.tup
|
||||||
|
PROJECT_DIR = $(TUP_CWD)
|
||||||
|
|
||||||
NIM = $(DIRENV) $(NIM)
|
NIM = $(DIRENV) $(NIM)
|
||||||
NIM_FLAGS += --path:$(TUP_CWD)/../syndicate-nim/src
|
NIM_FLAGS += --path:$(PROJECT_DIR)/../syndicate-nim/src
|
||||||
NIM_GROUPS += $(TUP_CWD)/<lock>
|
NIM_GROUPS += $(SYNDICATE_PROTOCOL)
|
||||||
|
NIM_GROUPS += $(PROJECT_DIR)/<lock>
|
||||||
|
NIM_GROUPS += $(PROJECT_DIR)/<schema>
|
||||||
|
|
22
default.nix
22
default.nix
|
@ -5,15 +5,13 @@ with pkgs;
|
||||||
let
|
let
|
||||||
buildNimSbom = pkgs.callPackage (import <build-nim-sbom.nix>) { };
|
buildNimSbom = pkgs.callPackage (import <build-nim-sbom.nix>) { };
|
||||||
in
|
in
|
||||||
buildNimSbom ./sbom.json (
|
buildNimSbom (finalAttrs: {
|
||||||
final: prev: {
|
src = if lib.inNixShell then null else lib.cleanSource ./.;
|
||||||
src = if lib.inNixShell then null else lib.cleanSource ./.;
|
buildInputs = [
|
||||||
buildInputs = [
|
postgresql.out
|
||||||
postgresql.out
|
sqlite
|
||||||
sqlite
|
libxml2
|
||||||
libxml2
|
libxslt
|
||||||
libxslt
|
openssl
|
||||||
openssl
|
];
|
||||||
];
|
}) ./sbom.json
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
include_rules
|
|
||||||
: foreach *.nim | $(SYNDICATE_PROTOCOL) ./<schema> |> !nim_bin |> {bin}
|
|
||||||
: foreach {bin} |> !assert_built |>
|
|
||||||
: $(BIN_DIR)/msg |> !symlink |> $(BIN_DIR)/beep
|
|
||||||
: $(BIN_DIR)/msg |> !symlink |> $(BIN_DIR)/assert
|
|
|
@ -1,2 +1,2 @@
|
||||||
include_rules
|
include_rules
|
||||||
: foreach ../../*.prs |> !preserves_schema_nim |> %B.nim | ../<schema>
|
: foreach ../../*.prs |> !preserves_schema_nim |> %B.nim | $(PROJECT_DIR)/<schema>
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
include_rules
|
include_rules
|
||||||
: foreach *.nim | $(SYNDICATE_PROTOCOL) ../<schema> |> !nim_bin |> {bin}
|
: foreach *.nim |> !nim_bin |> {bin}
|
||||||
: foreach {bin} |> !assert_built |>
|
: foreach {bin} |> !assert_built |>
|
||||||
|
|
|
@ -9,7 +9,7 @@ proc lookupComponent(sbom: JsonNode; bomRef: string): JsonNode =
|
||||||
result = newJNull()
|
result = newJNull()
|
||||||
|
|
||||||
let
|
let
|
||||||
sbom = "sbom.json".readFile.parseJson
|
sbom = (getPkgDir() & "/sbom.json").readFile.parseJson
|
||||||
comp = sbom{"metadata", "component"}
|
comp = sbom{"metadata", "component"}
|
||||||
bomRef = comp{"bom-ref"}.getStr
|
bomRef = comp{"bom-ref"}.getStr
|
||||||
|
|
||||||
|
@ -41,7 +41,7 @@ for prop in comp{"properties"}.getElems.items:
|
||||||
add(backend, val)
|
add(backend, val)
|
||||||
else:
|
else:
|
||||||
if key.startsWith "nim:bin:":
|
if key.startsWith "nim:bin:":
|
||||||
namedBin[key[9..key.high]] = val
|
namedBin[key[8..key.high]] = val
|
||||||
|
|
||||||
for depend in sbom{"dependencies"}.items:
|
for depend in sbom{"dependencies"}.items:
|
||||||
if depend{"ref"}.getStr == bomRef:
|
if depend{"ref"}.getStr == bomRef:
|
||||||
|
|
Loading…
Reference in New Issue