On 5/3/23 7:44 AM, Richard Purdie wrote:
On Wed, 2023-05-03 at 07:19 -0400, Armin Kuster wrote:
Its time we add the CPE_NAME to os-release.
The vendor field is hardcoded to "openembedded" as it is the base
framework. We will use "DISTRO" to identify which variation of
openembedded is being used.
Signed-off-by: Armin Kuster <[email protected]>
---
meta/recipes-core/os-release/os-release.bb | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/meta/recipes-core/os-release/os-release.bb
b/meta/recipes-core/os-release/os-release.bb
index 860ee97224..aa37dec7c7 100644
--- a/meta/recipes-core/os-release/os-release.bb
+++ b/meta/recipes-core/os-release/os-release.bb
@@ -16,6 +16,7 @@ do_configure[noexec] = "1"
# HOME_URL SUPPORT_URL BUG_REPORT_URL
OS_RELEASE_FIELDS = "\
ID ID_LIKE NAME VERSION VERSION_ID VERSION_CODENAME PRETTY_NAME \
+ CPE_NAME \
"
OS_RELEASE_UNQUOTED_FIELDS = "ID VERSION_ID VARIANT_ID"
@@ -25,6 +26,13 @@ VERSION = "${DISTRO_VERSION}${@' (%s)' % DISTRO_CODENAME if 'DISTRO_CODENAME' in
VERSION_ID = "${DISTRO_VERSION}"
VERSION_CODENAME = "${DISTRO_CODENAME}"
PRETTY_NAME = "${DISTRO_NAME} ${VERSION}"
+
+# The vendor field is hardcoded to "openembedded" as it is the base
+# framework for all derivatives Distos.
+# We use "DISTRO" to identify which variation of openembedded core
+# is being used.
+CPE_NAME="cpe:/o:openembedded:${DISTRO}:${VERSION_ID}"
+
BUILD_ID ?= "${DATETIME}"
BUILD_ID[vardepsexclude] = "DATETIME"
I know a bit more about the context of this and I don't think it is
clear in the above comment. I'd like to suggest something a little
stronger, how about:
"""
The vendor field is hardcoded to "openembedded" deliberately. We'd
advise developers leave it as this value to clearly identify the
underlying build environment from which the OS was constructed. We
understand people will want to identify themselves as the people who
built the image, we'd suggest using the DISTRO element to do this, so
that is customisable.
This end result combines to mean systems can be traced back to both who
built them and which system was used, which is ultimately the goal of
the CPE.
"""
Works for me.
Perhaps we'd also want to do:
CPE_DISTRO ??= "${DISTRO}"
CPE_NAME="cpe:/o:openembedded:${CPE_DISTRO}:${VERSION_ID}"
Like this better.
to make it clear we're suggesting which bit be customised?
Thanks for the review. v2 shortly.
-armin
Cheers,
Richard
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#180818):
https://lists.openembedded.org/g/openembedded-core/message/180818
Mute This Topic: https://lists.openembedded.org/mt/98659304/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
