[vigiles.bbclass] add default values to mandatory fields in SBOM

Added "set_package_field_defaults" to set default values to missing mandatory fields. Linuxlink expects these fields in the SBOM and would return 500 if these are missing.
TimesysGit · Jul 13, 2023 · a0c1f04 · a0c1f04
1 parent 05bc6a4
commit a0c1f04
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/classes/vigiles.bbclass b/classes/vigiles.bbclass
@@ -563,6 +563,22 @@ def vigiles_image_collect(d):
                     elif "runtime" in component_type_list:
                         dict_out['packages'][dep]["comment"] = dependency_only_comment["runtime"]
 
+    def set_package_field_defaults(manifest):
+        for pkg, pkg_dict in manifest.get("packages", {}).items():
+            if not pkg_dict.get("version", ""):
+                pkg_dict["version"] = "unset"
+            if not pkg_dict.get("cve_version", ""):
+                pkg_dict["cve_version"] = pkg_dict["version"]
+            if not pkg_dict.get("name", ""):
+                pkg_dict["name"] = pkg
+            if not pkg_dict.get("cve_product", ""):
+                pkg_dict["cve_product"] = pkg
+            if not pkg_dict.get("license", ""):
+                pkg_dict["license"] = "unknown"
+            if not pkg_dict.get("checksums", ""):
+                pkg_dict["checksums"] = []
+        return manifest
+
     sys_dict = vigiles_get_build_dict(d)
 
     backfill_list = d.getVar('VIGILES_BACKFILL', True).split()
@@ -619,6 +635,9 @@ def vigiles_image_collect(d):
     for key in pkg_list:
         add_dependencies(key)
 
+    # Add default package fields
+    dict_out = set_package_field_defaults(dict_out)
+
     return dict_out
 
 python do_vigiles_image() {