Skip to content

Add build recipe generation to build.sh and integrate new workflows CLI into sbom.sh #4289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Lukisorisch wants to merge 2 commits into
base: master
Choose a base branch
from
+140 −0
Draft

Add build recipe generation to build.sh and integrate new workflows CLI into sbom.sh #4289

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8aed0fb
Add workflows CLI commands to build.sh and sbom.sh
Oct 28, 2025
2d3e557
Change build recipe workflow in sbom.sh to use actual build (meta)data
Dec 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions sbin/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1067,6 +1067,25 @@ generateSBoM() {
# Add CycloneDX versions
addCycloneDXVersions

local formulaName="formula_temurin_build_script_1.0_jdk21u"
Copy link
Contributor

@andrew-m-leonard andrew-m-leonard Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need to construct these names based on the given builds VERSION etc...
I suggest something like:

local formulaName="formula_temurin_build_script_${fullVer}"

fullVer from https://github.com/adoptium/temurin-build/blob/f4bcbeb80b2dc0a624721f09a91c925e6df2bc90/sbin/build.sh#L1010C9-L1010C16

local workflowRef="workflow_temurin_build_script_1.0_jdk21u"
local workflowUid="workflow_temurin_build_script_1.0_jdk21u"
local workflowName="temurin build script 1.0 for jdk21u"
local taskTypes="clone,build"

# Create workflow under the formula (formula/workflow are created if missing)
addSBOMWorkflow "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "${workflowUid}" "${workflowName}" "${taskTypes}"

# Steps
addSBOMWorkflowStep "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "clone repo" "clone repository"
addSBOMWorkflowStep "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "cd into repository" "cd into temurin-build"
addSBOMWorkflowStep "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "makejdk" "execute makejdk-anyplatform.sh"

# Commands
addSBOMWorkflowStepCmd "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "clone repo" "git clone [email protected]:adoptium/temurin-build"
Copy link
Contributor

@andrew-m-leonard andrew-m-leonard Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The clone needs to be for the exact temurin-build "commit" that is used for this build, so that in running this recipe it will exactly reproduce this build.
Use ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/buildSource.txt from

temurin-build/sbin/build.sh

Line 1128 in f4bcbeb

# Add buildRef as JDK Component Property

addSBOMWorkflowStepCmd "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "cd into repository" "cd temurin-build"
addSBOMWorkflowStepCmd "${javaHome}" "${classpath}" "${sbomJson}" "${formulaName}" "${workflowRef}" "makejdk" "bash ./makejdk-any-platform.sh jdk21u --with-version-string=21.0.2+13-202312052047 --with-vendor-version-string=202312052047"
Copy link
Contributor

@andrew-m-leonard andrew-m-leonard Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need this builds full exact makejdk-any-platform.sh params...

temurin-build/sbin/build.sh

Line 1145 in f4bcbeb

# Add makejdk_any_platform_args JDK Component Property


# Add Build Docker image SHA1
local buildimagesha=$(cat ${BUILD_CONFIG[WORKSPACE_DIR]}/${BUILD_CONFIG[TARGET_DIR]}/metadata/docker.txt)
# ${BUILD_CONFIG[CONTAINER_COMMAND]^} always set to false cannot rely on it.
Expand Down
39 changes: 39 additions & 0 deletions sbin/common/sbom.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,3 +205,42 @@ addSBOMComponentPropertyFromFile() {
fi
}

# Ref: https://cyclonedx.org/docs/1.6/json/#formulation_items_workflows
# Create or update a workflow entry under a given formula
addSBOMWorkflow() {
local javaHome="${1}"
local classpath="${2}"
local jsonFile="${3}"
local formulaName="${4}"
local workflowRef="${5}"
local workflowUid="${6}"
local workflowName="${7}"
local taskTypes="${8}"
"${javaHome}"/bin/java -cp "${classpath}" temurin.sbom.TemurinGenSBOM --addWorkflow --jsonFile "${jsonFile}" --formulaName "${formulaName}" --workflowRef "${workflowRef}" --workflowUid "${workflowUid}" --workflowName "${workflowName}" --taskTypes "${taskTypes}"
}

# Ref: https://cyclonedx.org/docs/1.6/json/#formulation_items_workflows_items_steps
# Create a step inside of a workflow
addSBOMWorkflowStep() {
local javaHome="${1}"
local classpath="${2}"
local jsonFile="${3}"
local formulaName="${4}"
local workflowRef="${5}"
local workflowStepName="${6}"
local description="${7}"
"${javaHome}"/bin/java -cp "${classpath}" temurin.sbom.TemurinGenSBOM --addWorkflowStep --jsonFile "${jsonFile}" --formulaName "${formulaName}" --workflowRef "${workflowRef}" --workflowStepName "${workflowStepName}" --description "${description}"
}

# Ref: https://cyclonedx.org/docs/1.6/json/#formulation_items_workflows_items_steps_items_commands
# Add a executed command to a specific workflow step
addSBOMWorkflowStepCmd() {
local javaHome="${1}"
local classpath="${2}"
local jsonFile="${3}"
local formulaName="${4}"
local workflowRef="${5}"
local workflowStepName="${6}"
local executed="${7}"
"${javaHome}"/bin/java -cp "${classpath}" temurin.sbom.TemurinGenSBOM --addWorkflowStepCmd --jsonFile "${jsonFile}" --formulaName "${formulaName}" --workflowRef "${workflowRef}" --workflowStepName "${workflowStepName}" --executed "${executed}"
}
Loading