CMake: Add a few more internal sbom helper functions

Add a few internal functions to allow - getting the sbom project supplier - project supplier url - project namespace - computing a project namespace - computing a project file name - getting a sanitized spdx id given a hint Pick-to: 6.8 Task-number: QTBUG-122899 Change-Id: I0dc3df274eaf6882a6af021aabee75501b5083f8 Reviewed-by: Moss Heim <moss.heim@qt.io> Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io> (cherry picked from commit dbf44b61c11d63a4e3242a62c3be34ebf1f3f012) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
2025-01-21 19:32:35 +01:00 · 2025-01-21 19:32:35 +01:00 · 7584fe901e
commit 7584fe901e
parent a1a77ea7d1
3 changed files with 126 additions and 12 deletions
--- a/cmake/QtPublicSbomGenerationHelpers.cmake
+++ b/cmake/QtPublicSbomGenerationHelpers.cmake
@ -239,6 +239,11 @@ Relationship: SPDXRef-DOCUMENT DESCRIBES ${project_spdx_id}
 ")
    file(GENERATE OUTPUT "${create_staging_file}" CONTENT "${content}")

+
+    set_property(GLOBAL PROPERTY _qt_sbom_project_supplier "${arg_SUPPLIER}")
+    set_property(GLOBAL PROPERTY _qt_sbom_project_supplier_url "${arg_SUPPLIER_URL}")
+    set_property(GLOBAL PROPERTY _qt_sbom_project_namespace "${arg_NAMESPACE}")
+
    set_property(GLOBAL PROPERTY _qt_sbom_project_name "${arg_PROJECT}")
    set_property(GLOBAL PROPERTY _qt_sbom_project_spdx_id "${project_spdx_id}")

--- a/cmake/QtPublicSbomHelpers.cmake
+++ b/cmake/QtPublicSbomHelpers.cmake
@ -124,17 +124,10 @@ function(_qt_internal_sbom_begin_project)
    if(arg_DOCUMENT_NAMESPACE)
        set(repo_spdx_namespace "${arg_DOCUMENT_NAMESPACE}")
    else()
-        # Used in external refs, either URI + UUID or URI + checksum. We use git version for now
-        # which is probably not conformat to spec.
-        set(repo_name_and_version "${repo_project_name_lowercase}-${QT_SBOM_GIT_VERSION}")
-        set(repo_spdx_namespace
-            "${repo_supplier_url}/spdxdocs/${repo_name_and_version}")
-    endif()
-
-    if(non_git_version)
-        set(version_suffix "-${non_git_version}")
-    else()
-        set(version_suffix "")
+        _qt_internal_sbom_compute_project_namespace(repo_spdx_namespace
+            PROJECT_NAME "${repo_project_name_lowercase}"
+            SUPPLIER_URL "${repo_supplier_url}"
+        )
    endif()

    if(arg_INSTALL_SBOM_DIR)
@ -153,8 +146,13 @@ function(_qt_internal_sbom_begin_project)
        set(install_prefix "\${CMAKE_INSTALL_PREFIX}")
    endif()

+    _qt_internal_sbom_compute_project_file_name(repo_project_file_name
+        PROJECT_NAME "${repo_project_name_lowercase}"
+        VERSION_SUFFIX "${non_git_version}"
+    )
+
    set(repo_spdx_relative_install_path
-        "${arg_INSTALL_SBOM_DIR}/${repo_project_name_lowercase}${version_suffix}.spdx")
+        "${arg_INSTALL_SBOM_DIR}/${repo_project_file_name}")

    # Prepend DESTDIR, to allow relocating installed sbom. Needed for CI.
    set(repo_spdx_install_path
@ -1716,3 +1714,84 @@ function(_qt_internal_get_configure_line out_var)

    set(${out_var} "${content}" PARENT_SCOPE)
 endfunction()
+
+function(_qt_internal_sbom_compute_project_namespace out_var)
+    set(opt_args "")
+    set(single_args
+        SUPPLIER_URL
+        PROJECT_NAME
+        VERSION_SUFFIX
+    )
+    set(multi_args "")
+
+    cmake_parse_arguments(PARSE_ARGV 1 arg "${opt_args}" "${single_args}" "${multi_args}")
+    _qt_internal_validate_all_args_are_parsed(arg)
+
+    if(NOT arg_PROJECT_NAME)
+        message(FATAL_ERROR "PROJECT_NAME must be set")
+    endif()
+
+    if(NOT arg_SUPPLIER_URL)
+        message(FATAL_ERROR "SUPPLIER_URL must be set")
+    endif()
+
+    string(TOLOWER "${arg_PROJECT_NAME}" project_name_lowercase)
+
+    set(version_suffix "")
+
+    if(arg_VERSION_SUFFIX)
+        set(version_suffix "-${arg_VERSION_SUFFIX}")
+    else()
+        _qt_internal_sbom_get_git_version_vars()
+        if(QT_SBOM_GIT_VERSION)
+            set(version_suffix "-${QT_SBOM_GIT_VERSION}")
+        endif()
+    endif()
+
+    # Used in external refs, it should be either aa URI + UUID or a URI + checksum.
+    # We currently use a URI + git version, which is probably not conformant to the spec.
+    set(repo_name_and_version "${project_name_lowercase}${version_suffix}")
+    set(repo_spdx_namespace
+        "${arg_SUPPLIER_URL}/spdxdocs/${repo_name_and_version}")
+
+    set(${out_var} "${repo_spdx_namespace}" PARENT_SCOPE)
+endfunction()
+
+function(_qt_internal_sbom_compute_project_file_name out_var)
+    set(opt_args
+        EXTENSION_JSON
+    )
+    set(single_args
+        PROJECT_NAME
+        VERSION_SUFFIX
+    )
+    set(multi_args "")
+
+    cmake_parse_arguments(PARSE_ARGV 1 arg "${opt_args}" "${single_args}" "${multi_args}")
+    _qt_internal_validate_all_args_are_parsed(arg)
+
+    if(NOT arg_PROJECT_NAME)
+        message(FATAL_ERROR "PROJECT_NAME must be set")
+    endif()
+
+    string(TOLOWER "${arg_PROJECT_NAME}" project_name_lowercase)
+
+    set(version_suffix "")
+
+    if(arg_VERSION_SUFFIX)
+        set(version_suffix "-${arg_VERSION_SUFFIX}")
+    elseif(QT_REPO_MODULE_VERSION)
+        set(version_suffix "-${QT_REPO_MODULE_VERSION}")
+    endif()
+
+    if(arg_EXTENSION_JSON)
+        set(extension "spdx.json")
+    else()
+        set(extension "spdx")
+    endif()
+
+    set(result
+        "${project_name_lowercase}${version_suffix}.${extension}")
+
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()
--- a/cmake/QtSbomHelpers.cmake
+++ b/cmake/QtSbomHelpers.cmake
@ -105,3 +105,33 @@ endfunction()
 macro(qt_internal_sbom_get_git_version_vars)
    _qt_internal_sbom_get_git_version_vars()
 endmacro()
+
+function(qt_internal_sbom_get_project_supplier out_var)
+    get_property(result GLOBAL PROPERTY _qt_sbom_project_supplier)
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()
+
+function(qt_internal_sbom_get_project_supplier_url out_var)
+    get_property(result GLOBAL PROPERTY _qt_sbom_project_supplier_url)
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()
+
+function(qt_internal_sbom_get_project_namespace out_var)
+    get_property(result GLOBAL PROPERTY _qt_sbom_project_namespace)
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()
+
+function(qt_internal_sbom_compute_project_namespace out_var)
+    _qt_internal_sbom_compute_project_namespace(result ${ARGN})
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()
+
+function(qt_internal_sbom_compute_project_file_name out_var)
+    _qt_internal_sbom_compute_project_file_name(result ${ARGN})
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()
+
+function(qt_internal_sbom_get_sanitized_spdx_id out_var hint)
+    _qt_internal_sbom_get_sanitized_spdx_id(result "${hint}")
+    set(${out_var} "${result}" PARENT_SCOPE)
+endfunction()