build/assembly/generate_scrutiny_configs.gni - fuchsia - Git at Google

 # Copyright 2023 The Fuchsia Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 import("//build/compiled_action.gni")
 import("//build/python/python_action.gni")
 import("//build/testing/golden_files.gni")

 # Generates the platform configs to pass into scrutiny rules.
 #
 # Arguments
 #   platform_artifacts (required)
 #     [label] The GN label to a platform_artifacts()
 #
 #   build_type (required)
 #     [string] When provided, the assembly artifacts for the given build type
 #     will be included. Valid options are "userdebug" and "user".
 #
 #   static_packages_golden (optional)
 #     [path] The static packages list source-of-truth.
 #     This lists base, cache, flexible, and base_driver packages.
 #
 #   bootfs_packages_golden (optional)
 #     [path] The bootfs packages list source-of-truth.
 #
 #   bootfs_files_golden (optional)
 #     [path] The bootfs files list source-of-truth.
 #
 #   kernel_cmdline_golden (optional)
 #     [path] The kernel cmdline list source-of-truth.
 #
 template("generate_scrutiny_configs") {
   assert(defined(invoker.platform_artifacts),
          "Need to define platform_artifacts")
   assert(defined(invoker.build_type), "Need to defind build_type")

   build_type = invoker.build_type
   assert(build_type == "userdebug" || build_type == "user",
          "build_type must be either 'userdebug' or 'user'")

   files = {
     platform_artifacts =
         get_label_info(invoker.platform_artifacts, "target_out_dir") + "/" +
         get_label_info(invoker.platform_artifacts, "name") +
         "/platform_artifacts"

     static_packages = "${target_out_dir}/${target_name}/static_packages.txt"
     bootfs_packages = "${target_out_dir}/${target_name}/bootfs_packages.txt"
     bootfs_files = "${target_out_dir}/${target_name}/bootfs_files.txt"
     kernel_cmdline = "${target_out_dir}/${target_name}/kernel_cmdline.txt"
   }
   labels = {
     generate = "${target_name}_generate"
   }

   compiled_action(labels.generate) {
     testonly = true
     tool = "//build/assembly/tools/generate_assembly_scrutiny_configs"

     # The contents of these folders are dynamic, and managed entirely by this
     # action.  Further, this action will need to delete items from these
     # directories that are not added back (on an incremental build, if an item
     # is removed from one of these sets)
     hermetic_action_ignored_prefixes = [ files.platform_artifacts ]

     deps = [ invoker.platform_artifacts ]
     outputs = [
       files.static_packages,
       files.bootfs_packages,
       files.bootfs_files,
       files.kernel_cmdline,
     ]
     args = [
       "--static-packages",
       rebase_path(files.static_packages, root_build_dir),
       "--bootfs-packages",
       rebase_path(files.bootfs_packages, root_build_dir),
       "--bootfs-files",
       rebase_path(files.bootfs_files, root_build_dir),
       "--kernel-args",
       rebase_path(files.kernel_cmdline, root_build_dir),
       "--build-type",
       build_type,
       "--platform-artifacts",
       rebase_path(files.platform_artifacts, root_build_dir),
     ]
   }

   golden_files(target_name) {
     forward_variables_from(invoker, [ "visibility" ])
     testonly = true
     deps = [ ":${labels.generate}" ]
     comparisons = []
     if (defined(invoker.static_packages_golden)) {
       comparisons += [
         {
           golden = invoker.static_packages_golden
           candidate = files.static_packages
         },
       ]
     }
     if (defined(invoker.bootfs_packages_golden)) {
       comparisons += [
         {
           golden = invoker.bootfs_packages_golden
           candidate = files.bootfs_packages
         },
       ]
     }
     if (defined(invoker.bootfs_files_golden)) {
       comparisons += [
         {
           golden = invoker.bootfs_files_golden
           candidate = files.bootfs_files
         },
       ]
     }
     if (defined(invoker.kernel_cmdline_golden)) {
       comparisons += [
         {
           golden = invoker.kernel_cmdline_golden
           candidate = files.kernel_cmdline
         },
       ]
     }
   }
 }
	# Copyright 2023 The Fuchsia Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	import("//build/compiled_action.gni")
	import("//build/python/python_action.gni")
	import("//build/testing/golden_files.gni")

	# Generates the platform configs to pass into scrutiny rules.
	#
	# Arguments
	# platform_artifacts (required)
	# [label] The GN label to a platform_artifacts()
	#
	# build_type (required)
	# [string] When provided, the assembly artifacts for the given build type
	# will be included. Valid options are "userdebug" and "user".
	#
	# static_packages_golden (optional)
	# [path] The static packages list source-of-truth.
	# This lists base, cache, flexible, and base_driver packages.
	#
	# bootfs_packages_golden (optional)
	# [path] The bootfs packages list source-of-truth.
	#
	# bootfs_files_golden (optional)
	# [path] The bootfs files list source-of-truth.
	#
	# kernel_cmdline_golden (optional)
	# [path] The kernel cmdline list source-of-truth.
	#
	template("generate_scrutiny_configs") {
	assert(defined(invoker.platform_artifacts),
	"Need to define platform_artifacts")
	assert(defined(invoker.build_type), "Need to defind build_type")

	build_type = invoker.build_type
	assert(build_type == "userdebug" \|\| build_type == "user",
	"build_type must be either 'userdebug' or 'user'")

	files = {
	platform_artifacts =
	get_label_info(invoker.platform_artifacts, "target_out_dir") + "/" +
	get_label_info(invoker.platform_artifacts, "name") +
	"/platform_artifacts"

	static_packages = "${target_out_dir}/${target_name}/static_packages.txt"
	bootfs_packages = "${target_out_dir}/${target_name}/bootfs_packages.txt"
	bootfs_files = "${target_out_dir}/${target_name}/bootfs_files.txt"
	kernel_cmdline = "${target_out_dir}/${target_name}/kernel_cmdline.txt"
	}
	labels = {
	generate = "${target_name}_generate"
	}

	compiled_action(labels.generate) {
	testonly = true
	tool = "//build/assembly/tools/generate_assembly_scrutiny_configs"

	# The contents of these folders are dynamic, and managed entirely by this
	# action. Further, this action will need to delete items from these
	# directories that are not added back (on an incremental build, if an item
	# is removed from one of these sets)
	hermetic_action_ignored_prefixes = [ files.platform_artifacts ]

	deps = [ invoker.platform_artifacts ]
	outputs = [
	files.static_packages,
	files.bootfs_packages,
	files.bootfs_files,
	files.kernel_cmdline,
	]
	args = [
	"--static-packages",
	rebase_path(files.static_packages, root_build_dir),
	"--bootfs-packages",
	rebase_path(files.bootfs_packages, root_build_dir),
	"--bootfs-files",
	rebase_path(files.bootfs_files, root_build_dir),
	"--kernel-args",
	rebase_path(files.kernel_cmdline, root_build_dir),
	"--build-type",
	build_type,
	"--platform-artifacts",
	rebase_path(files.platform_artifacts, root_build_dir),
	]
	}

	golden_files(target_name) {
	forward_variables_from(invoker, [ "visibility" ])
	testonly = true
	deps = [ ":${labels.generate}" ]
	comparisons = []
	if (defined(invoker.static_packages_golden)) {
	comparisons += [
	{
	golden = invoker.static_packages_golden
	candidate = files.static_packages
	},
	]
	}
	if (defined(invoker.bootfs_packages_golden)) {
	comparisons += [
	{
	golden = invoker.bootfs_packages_golden
	candidate = files.bootfs_packages
	},
	]
	}
	if (defined(invoker.bootfs_files_golden)) {
	comparisons += [
	{
	golden = invoker.bootfs_files_golden
	candidate = files.bootfs_files
	},
	]
	}
	if (defined(invoker.kernel_cmdline_golden)) {
	comparisons += [
	{
	golden = invoker.kernel_cmdline_golden
	candidate = files.kernel_cmdline
	},
	]
	}
	}
	}