mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-30 18:12:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

profiles/coreos/base: slsa: revise material uri to match SPDXDownloadLocation spec

Browse Source 
If the uri points to a path within the repo then the format is
git+https://repo@ref#path. ORIG_HEAD is actually the previous HEAD, so read
use that to extract the correct ref.
This commit is contained in:
Jeremi Piotrowski 2022-07-26 13:21:05 +02:00
parent b1ce3800a5
commit fbdbd1ac19
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/profile.bashrc.slsa-provenance vendored
View File

@ -58,8 +58,8 @@ __slsa_provenance_materials() {
# The ebuild. Since "configSource" in "invocation" cannot have more than one (top/level) entry # The ebuild. Since "configSource" in "invocation" cannot have more than one (top/level) entry
# we add the ebuild and git repo checksum here, as a material. # we add the ebuild and git repo checksum here, as a material.
csum="$(cat "/mnt/host/source/src/scripts/.git/modules/sdk_container/src/third_party/${repo}/ORIG_HEAD")" csum="$(cat "/mnt/host/source/src/scripts/.git/modules/sdk_container/src/third_party/${repo}/HEAD")"
uri="git+https://github.com/flatcar-linux/${repo}.git/${ebuild}" uri="git+https://github.com/flatcar-linux/${repo}.git@${csum}#${ebuild}"
echo -e " { \"uri\": \"${uri}\"," echo -e " { \"uri\": \"${uri}\","
echo -n " \"digest\": {\"sha1\":\"${csum}\"} }" echo -n " \"digest\": {\"sha1\":\"${csum}\"} }"
@ -106,10 +106,12 @@ __slsa_provenance_materials() {
fi fi
# Patches / files shipped with the ebuild (if any) # Patches / files shipped with the ebuild (if any)
uri="git+https://github.com/flatcar-linux/${repo}.git/${CATEGORY}/${PN}/files" csum="$(cat "/mnt/host/source/src/scripts/.git/modules/sdk_container/src/third_party/${repo}/HEAD")"
csum="$(cat "/mnt/host/source/src/scripts/.git/modules/sdk_container/src/third_party/${repo}/ORIG_HEAD")" uri="git+https://github.com/flatcar-linux/${repo}.git@${csum}#${CATEGORY}/${PN}/files"
if [ -d "${FILESDIR}" ] ; then if [ -d "${FILESDIR}" ] ; then
for file in $(cd "$FILESDIR" && find . -type f | sed 's:^./::') ; do for file in $(cd "$FILESDIR" && find . -type f | sed 's:^./::') ; do
csum="$(sha1sum - <"${FILESDIR}/${file}")"
csum="${csum%% *}"
einfo " Provenance: recording ebuild material (input) '${file}'" einfo " Provenance: recording ebuild material (input) '${file}'"
echo -e ",\n { \"uri\": \"${uri}/${file}\"," echo -e ",\n { \"uri\": \"${uri}/${file}\","
echo -n " \"digest\": {\"sha1\":\"$csum\"} }" echo -n " \"digest\": {\"sha1\":\"$csum\"} }"