CMake: Add a test for SBOM generation

Add a RunCMake test that exercises some of the basic SBOM API as it would be used in a user project. The 'minimal' case specifies the minimum arguments required to create an SBOM project, whereas the 'full' case specifies as many options as possible to _qt_internal_sbom_begin_project(). Add various target types and custom files. Pick-to: 6.8 6.9 6.10 Change-Id: Idcf9a3c7a06ae7a632bce256f009f9c7e217ed30 Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
2025-08-14 16:54:56 +02:00 · 2025-08-14 16:54:56 +02:00 · 8f46da87b0
parent 6980c6d88e
commit 8f46da87b0
16 changed files with 244 additions and 0 deletions
--- a/coin/instructions/prepare_building_env.yaml
+++ b/coin/instructions/prepare_building_env.yaml
@ -591,6 +591,8 @@ instructions:
  # Always pass the location of the python intrepreter meant to be used for SBOM generation,
  # because the Qt default has changed to always generate an SBOM.
  # Don't forget to adjust tests/auto/cmake/RunCMake/Sbom/RunCMakeTest.cmake
  # in case of changing / removing these args.
  - type: EnvironmentVariable
    variableName: SBOM_PYTHON_ARGS
    variableValue: >-
--- a/tests/auto/cmake/RunCMake/CMakeLists.txt
+++ b/tests/auto/cmake/RunCMake/CMakeLists.txt
@ -22,3 +22,11 @@ qt_internal_add_RunCMake_test(Qt6DirConfiguration ${extra_run_cmake_args})
 if(APPLE AND TARGET Qt::Gui)
    qt_internal_add_RunCMake_test(AppleFrameworkDeduplication)
 endif()
 if(TARGET Qt6::Platform)
    get_target_property(sbom_spdx_id Qt6::Platform _qt_sbom_spdx_id)
    # If the id is present and non-empty, that means we built Qt with sbom support.
    if(sbom_spdx_id)
        qt_internal_add_RunCMake_test(Sbom ${extra_run_cmake_args})
    endif()
 endif()
--- a/tests/auto/cmake/RunCMake/Sbom/CMakeLists.txt
+++ b/tests/auto/cmake/RunCMake/Sbom/CMakeLists.txt
@ -0,0 +1,3 @@
 cmake_minimum_required(VERSION 3.16)
 project(${RunCMake_TEST} LANGUAGES CXX)
 include(${RunCMake_TEST}.cmake)
--- a/tests/auto/cmake/RunCMake/Sbom/RunCMakeTest.cmake
+++ b/tests/auto/cmake/RunCMake/Sbom/RunCMakeTest.cmake
@ -0,0 +1,49 @@
 include(QtRunCMake)
 function(run_cmake_and_build case)
    # Set common build directory for configure and build
    set(RunCMake_TEST_BINARY_DIR ${RunCMake_BINARY_DIR}/${case}-build)
    set(options
        "-DQt6_DIR=${Qt6_DIR}"
        "-DCMAKE_INSTALL_PREFIX=${RunCMake_TEST_BINARY_DIR}/installed"
    )
    set(maybe_sbom_env_args "$ENV{SBOM_COMMON_ARGS}")
    if(maybe_sbom_env_args MATCHES "QT_INTERNAL_SBOM_DEFAULT_CHECKS=ON")
        list(APPEND options "-DQT_INTERNAL_SBOM_DEFAULT_CHECKS=ON")
    endif()
    if(maybe_sbom_env_args MATCHES "QT_INTERNAL_SBOM_AUDIT=ON")
        list(APPEND options "-DQT_INTERNAL_SBOM_AUDIT=ON")
    endif()
    if(maybe_sbom_env_args MATCHES "QT_INTERNAL_SBOM_AUDIT_NO_ERROR=ON")
        list(APPEND options "-DQT_INTERNAL_SBOM_AUDIT_NO_ERROR=ON")
    endif()
    # Need to pass the python interpreter paths, to avoid sbom2doc not found errors.
    # This mirrors what coin/instructions/prepare_building_env.yaml does.
    set(maybe_python3_path "$ENV{PYTHON3_PATH}")
    if(maybe_python3_path)
        list(APPEND options "-DQT_SBOM_PYTHON_INTERP=${maybe_python3_path}")
    endif()
    set(maybe_sbom_python_apps_path "$ENV{SBOM_PYTHON_APPS_PATH}")
    if(maybe_sbom_python_apps_path)
        list(APPEND options "-DQT_SBOM_PYTHON_APPS_PATH=${maybe_sbom_python_apps_path}")
    endif()
    run_cmake_with_options(${case} ${options})
    # Do not remove the current RunCMake_TEST_BINARY_DIR
    set(RunCMake_TEST_NO_CLEAN 1)
    # Merge output, because some of the spdx tooling outputs to stderr even when everything is
    # fine.
    set(RunCMake_TEST_OUTPUT_MERGE 1)
    run_cmake_command(${case}-build ${CMAKE_COMMAND} --build .)
    run_cmake_command(${case}-install ${CMAKE_COMMAND} --install .)
 endfunction()
 run_cmake_and_build(minimal)
 run_cmake_and_build(full)
--- a/tests/auto/cmake/RunCMake/Sbom/common_targets.cmake
+++ b/tests/auto/cmake/RunCMake/Sbom/common_targets.cmake
@ -0,0 +1,61 @@
 add_library(core_helper STATIC)
 target_sources(core_helper PRIVATE sources/core_helper.cpp)
 install(TARGETS core_helper
    ARCHIVE DESTINATION lib
 )
 _qt_internal_add_sbom(core_helper
    TYPE "LIBRARY"
    RUNTIME_PATH bin
    ARCHIVE_PATH lib
    LIBRARY_PATH lib
 )
 add_library(utils_helper STATIC)
 target_sources(utils_helper PRIVATE sources/utils_helper.cpp)
 install(TARGETS utils_helper
    ARCHIVE DESTINATION lib
 )
 _qt_internal_add_sbom(utils_helper
    TYPE "LIBRARY"
    RUNTIME_PATH bin
    ARCHIVE_PATH lib
    LIBRARY_PATH lib
 )
 add_library(gui_helper SHARED)
 target_sources(gui_helper PRIVATE sources/gui_helper.cpp)
 target_link_libraries(gui_helper PRIVATE core_helper Qt6::Core)
 install(TARGETS gui_helper
    LIBRARY DESTINATION lib
    RUNTIME DESTINATION bin
 )
 _qt_internal_add_sbom(gui_helper
    TYPE "LIBRARY"
    RUNTIME_PATH bin
    ARCHIVE_PATH lib
    LIBRARY_PATH lib
 )
 add_executable(app)
 target_sources(app PRIVATE sources/main.cpp)
 target_link_libraries(app PRIVATE gui_helper utils_helper)
 install(TARGETS app
    BUNDLE DESTINATION bin
 )
 _qt_internal_add_sbom(app
    TYPE "EXECUTABLE"
    RUNTIME_PATH bin
 )
 find_package(ZLIB)
 if(ZLIB_FOUND)
    _qt_internal_add_sbom(ZLIB::ZLIB
        TYPE SYSTEM_LIBRARY
    )
    _qt_internal_extend_sbom_dependencies(app
        SBOM_DEPENDENCIES ZLIB::ZLIB
    )
 endif()
 add_subdirectory(custom_files)
--- a/tests/auto/cmake/RunCMake/Sbom/custom_files/CMakeLists.txt
+++ b/tests/auto/cmake/RunCMake/Sbom/custom_files/CMakeLists.txt
@ -0,0 +1,50 @@
 set(resource_files
    sources/res1.txt
 )
 set(resources_source_files
    sources/res1_source.txt
 )
 set(resource_install_path "resources")
 _qt_internal_add_sbom(ResourceFiles
    TYPE RESOURCES
 )
 _qt_internal_sbom_add_files(ResourceFiles
    FILES "${resource_files}"
    SOURCE_FILES "${resource_source_files}"
    FILE_TYPE "RESOURCE"
    INSTALL_PATH "${resource_install_path}"
    INSTALL_PATH_DEBUG "${resource_install_path}/debug"
    INSTALL_PATH_RELEASE "${resource_install_path}/release"
 )
 install(FILES
    ${resource_files}
    DESTINATION "${resource_install_path}"
 )
 set(custom_files
    sources/custom1.txt
 )
 set(custom_source_files
    sources/custom1_source.txt
 )
 set(custom_install_path "custom")
 _qt_internal_add_sbom(CustomFiles
    TYPE CUSTOM
 )
 _qt_internal_sbom_add_files(CustomFiles
    FILES "${custom_files}"
    SOURCE_FILES "${custom_source_files}"
    FILE_TYPE "CUSTOM"
    INSTALL_PATH "${custom_install_path}"
    INSTALL_PATH_DEBUG "${custom_install_path}/debug"
    INSTALL_PATH_RELEASE "${custom_install_path}/release"
 )
 install(FILES
    ${custom_files}
    DESTINATION "${custom_install_path}"
 )
--- a/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/custom1.txt
+++ b/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/custom1.txt
@ -0,0 +1 @@
 custom1
--- a/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/custom1_source.txt
+++ b/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/custom1_source.txt
@ -0,0 +1 @@
 custom1_source
--- a/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/res1.txt
+++ b/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/res1.txt
@ -0,0 +1 @@
 res1
--- a/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/res1_source.txt
+++ b/tests/auto/cmake/RunCMake/Sbom/custom_files/sources/res1_source.txt
@ -0,0 +1 @@
 res1_source
--- a/tests/auto/cmake/RunCMake/Sbom/full.cmake
+++ b/tests/auto/cmake/RunCMake/Sbom/full.cmake
@ -0,0 +1,24 @@
 # Needed to make the sbom functions available.
 find_package(Qt6 REQUIRED Core)
 _qt_internal_setup_sbom(
    GENERATE_SBOM_DEFAULT "TRUE"
 )
 _qt_internal_sbom_begin_project(
    SBOM_PROJECT_NAME "${PROJECT_NAME}Project"
    SUPPLIER "QtProjectTest"
    SUPPLIER_URL "https://qt-project.org/SbomTest"
    LICENSE_EXPRESSION "LGPL-3.0-only"
    COPYRIGHTS "2025 The Qt Company Ltd."
    INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}"
    INSTALL_SBOM_DIR "sbom"
    DOWNLOAD_LOCATION "https://download.qt.io/sbom"
    CPE "cpe:2.3:a:qt:qtprojecttest:1.0.0:*:*:*:*:*:*:*"
    VERSION "1.0.0"
 )
 include(common_targets.cmake)
 _qt_internal_sbom_end_project()
--- a/tests/auto/cmake/RunCMake/Sbom/minimal.cmake
+++ b/tests/auto/cmake/RunCMake/Sbom/minimal.cmake
@ -0,0 +1,17 @@
 # Needed to make the sbom functions available.
 find_package(Qt6 REQUIRED Core)
 _qt_internal_setup_sbom(
    GENERATE_SBOM_DEFAULT "TRUE"
 )
 _qt_internal_sbom_begin_project(
    SUPPLIER "QtProjectTest"
    SUPPLIER_URL "https://qt-project.org/SbomTest"
    VERSION "1.0.0"
 )
 include(common_targets.cmake)
 _qt_internal_sbom_end_project()
--- a/tests/auto/cmake/RunCMake/Sbom/sources/core_helper.cpp
+++ b/tests/auto/cmake/RunCMake/Sbom/sources/core_helper.cpp
@ -0,0 +1,4 @@
 // Copyright (C) 2025 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
 int core_helper_func() { return 0; };
--- a/tests/auto/cmake/RunCMake/Sbom/sources/gui_helper.cpp
+++ b/tests/auto/cmake/RunCMake/Sbom/sources/gui_helper.cpp
@ -0,0 +1,9 @@
 // Copyright (C) 2025 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
 #include <QtCore/QtGlobal>
 int core_helper_func();
 // Exported function needed to create .lib on Windows.
 Q_DECL_EXPORT int gui_helper_func() { return core_helper_func() + 1; }
--- a/tests/auto/cmake/RunCMake/Sbom/sources/main.cpp
+++ b/tests/auto/cmake/RunCMake/Sbom/sources/main.cpp
@ -0,0 +1,9 @@
 // Copyright (C) 2025 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
 int gui_helper_func();
 int utils_helper_func();
 int main(int argc, char **argv) {
    return utils_helper_func() + gui_helper_func();
 }
--- a/tests/auto/cmake/RunCMake/Sbom/sources/utils_helper.cpp
+++ b/tests/auto/cmake/RunCMake/Sbom/sources/utils_helper.cpp
@ -0,0 +1,4 @@
 // Copyright (C) 2025 The Qt Company Ltd.
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
 int utils_helper_func() { return 0; };