| # Copyright 2021 The Fuchsia Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import("//build/dev.gni") |
| import("//src/developer/ffx/build/ffx_action.gni") |
| |
| # Validates that all use statements for protocols & directories has a valid |
| # expose-offer-use chain and in the case of directories that the correct |
| # rights are provided. |
| # |
| # Parameters |
| # |
| # update_package_target (required) |
| # [string] The target that builds the update package, including the update |
| # package blobfs archive file. |
| # |
| # image_assembler_target (required) |
| # [string] The target that assembles system images, including the system |
| # blobfs archive file. |
| # |
| # assembly_image_name (required) |
| # [string] The image_name designated in the system assembly associated with |
| # image_assembler_target. |
| # |
| # allowlist (required) |
| # [list of strings] paths to allowlist files to be passed to |
| # `ffx scrutiny verify routes`. |
| # |
| # component_tree_config (optional) |
| # [string] paths to component tree configuration file to be passed to |
| # `ffx scrutiny verify routes`. |
| # |
| # testonly, deps, public_deps, data_deps, visibility (optional) |
| # Usual GN meaning. |
| |
| template("verify_routes") { |
| assert(defined(invoker.update_package_target), |
| "verify_routes() must specify update_package_target") |
| assert(defined(invoker.image_assembler_target), |
| "verify_routes() must specify image_assembler_target") |
| assert(defined(invoker.assembly_image_name), |
| "verify_routes() must specify assembly_image_name") |
| assert(defined(invoker.allowlist), "verify_routes() must specify allowlist") |
| |
| update_package_target_out_dir = |
| get_label_info(invoker.update_package_target, "target_out_dir") |
| update_package_target_name = |
| get_label_info(invoker.update_package_target, "name") |
| update_package_dir = |
| "$update_package_target_out_dir/$update_package_target_name" |
| |
| image_assembler_target_out_dir = |
| get_label_info(invoker.image_assembler_target, "target_out_dir") |
| assembly_image_name = invoker.assembly_image_name |
| image_assembler_dir = "$image_assembler_target_out_dir/$assembly_image_name" |
| |
| files = { |
| update_package = "$update_package_dir/update.far" |
| blobfs = [ |
| "$image_assembler_dir/blob.blk", |
| "$update_package_dir/gen/update.blob.blk", |
| ] |
| } |
| |
| ffx_action(target_name) { |
| forward_variables_from(invoker, |
| [ |
| "testonly", |
| "deps", |
| "public_deps", |
| "data_deps", |
| "visibility", |
| ]) |
| |
| depfile = "$target_out_dir/$target_name.d" |
| stamp_file = "$target_gen_dir/$target_name.verified" |
| |
| inputs = [ files.update_package ] + invoker.allowlist + files.blobfs |
| outputs = [ stamp_file ] |
| |
| args = [ |
| "scrutiny", |
| "verify", |
| "--depfile", |
| rebase_path(depfile, root_build_dir), |
| "--stamp", |
| rebase_path(stamp_file, root_build_dir), |
| "routes", |
| "--build-path", |
| rebase_path(root_build_dir, root_build_dir), |
| "--update", |
| rebase_path(files.update_package, root_build_dir), |
| ] |
| foreach(blobfs, files.blobfs) { |
| args += [ |
| "--blobfs", |
| rebase_path(blobfs, root_build_dir), |
| ] |
| } |
| if (defined(invoker.component_tree_config)) { |
| inputs += [ invoker.component_tree_config ] |
| args += [ |
| "--component-tree-config", |
| rebase_path(invoker.component_tree_config, root_build_dir), |
| ] |
| } |
| foreach(allowlist, invoker.allowlist) { |
| args += [ |
| "--allowlist", |
| rebase_path(allowlist, root_build_dir), |
| ] |
| } |
| |
| if (!defined(invoker.deps)) { |
| deps = [] |
| } |
| deps += [ |
| invoker.update_package_target, |
| invoker.image_assembler_target, |
| ] |
| } |
| } |
