Skip to content

Commit

Permalink
M1 mac sae builds (#857)
Browse files Browse the repository at this point in the history 
* M1 mac sae builds

Signed-off-by: Prabhu Subramanian <[email protected]>

* darwin amd64

Signed-off-by: Prabhu Subramanian <[email protected]>

---------

Signed-off-by: Prabhu Subramanian <[email protected]>
  • Loading branch information
@prabhu
prabhu authored Jan 31, 2024
1 parent 7e1fc4c commit 31410e9
Show file tree
Hide file tree
Showing 16 changed files with 280 additions and 133 deletions.
18 changes: 5 additions & 13 deletions .github/workflows/dockertests.yml
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,22 @@
name: docker tests

on:
push:
branches:
- master
paths-ignore:
- 'docs/**'
- '*.md'
workflow_dispatch:
pull_request:
paths-ignore:
- 'docs/**'
- '*.md'
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
linux-tests:
runs-on: ubuntu-latest
strategy:
matrix:
os: [ubuntu-latest]
node-version: ['21.x']
java-version: ['21']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
Expand All @@ -37,9 +35,7 @@ jobs:
- name: npm install, build and test
run: |
npm install
npm run build --if-present
npm test
npm install -g @cyclonedx/cdxgen-plugins-bin
mkdir -p bomresults repotests
env:
CI: true
Expand Down Expand Up @@ -90,8 +86,6 @@ jobs:
- name: npm install, build and test
run: |
npm install
npm run build --if-present
npm install -g @cyclonedx/cdxgen-plugins-bin
mkdir -p bomresults
env:
CI: true
Expand Down Expand Up @@ -130,9 +124,7 @@ jobs:
- name: npm install, build
run: |
npm install
npm run build --if-present
mkdir bomresults
npm install -g @cyclonedx/cdxgen-plugins-bin
env:
CI: true
- name: wintests
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/java-reachables-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ name: Reachables tests
on:
pull_request:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
strategy:
Expand Down
13 changes: 8 additions & 5 deletions .github/workflows/nodejs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ on:
- 'v*'
workflow_dispatch:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -80,9 +83,9 @@ jobs:
sae-builds:
strategy:
matrix:
os: [windows, macos, ubuntu]
os: [windows-latest, macos-14, ubuntu-latest]
include:
- os: windows
- os: windows-latest
build: |
npx caxa --input . --output "cdxgen.exe" -- "{{caxa}}/node_modules/.bin/node" "{{caxa}}/bin/cdxgen.js"
.\cdxgen.exe --version
Expand All @@ -93,7 +96,7 @@ jobs:
(Get-FileHash .\cdx-verify.exe).hash | Out-File -FilePath .\cdx-verify.exe.sha256
artifact: cdxgen.exe
vartifact: cdx-verify.exe
- os: macos
- os: macos-14
build: |
npx caxa --input . --output "cdxgen.app" -- "{{caxa}}/node_modules/.bin/node" "{{caxa}}/bin/cdxgen.js"
tar -czf "cdxgen.app.tgz" cdxgen.app
Expand All @@ -105,7 +108,7 @@ jobs:
shasum -a 256 cdx-verify.app.tgz > cdx-verify.app.tgz.sha256
artifact: cdxgen.app.tgz
vartifact: cdx-verify.app.tgz
- os: ubuntu
- os: ubuntu-latest
build: |
npx caxa --input . --output "cdxgen" -- "{{caxa}}/node_modules/.bin/node" "{{caxa}}/bin/cdxgen.js"
chmod +x cdxgen
Expand All @@ -119,7 +122,7 @@ jobs:
sha256sum cdx-verify > cdx-verify.sha256
artifact: cdxgen
vartifact: cdx-verify
runs-on: ${{ matrix.os }}-latest
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- name: Use Node.js
Expand Down
20 changes: 10 additions & 10 deletions .github/workflows/npm-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,23 +67,23 @@ jobs:
mv nydus-static/* /usr/local/bin/
rm -rf nydus-static-v2.2.4-linux-amd64.tgz nydus-static
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3
- name: Log in to the Container registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/cyclonedx/cdxgen
- name: Build and push Docker images
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: .
file: ci/Dockerfile
Expand All @@ -108,12 +108,12 @@ jobs:
continue-on-error: true
- name: Extract metadata (tags, labels) for Docker
id: meta2
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/cyclonedx/cdxgen-deno
- name: Build and push Docker images
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: .
file: ci/Dockerfile-deno
Expand All @@ -125,12 +125,12 @@ jobs:
cache-to: type=gha,mode=max,scope=cdxgen-deno
- name: Extract metadata (tags, labels) for Docker
id: meta3
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/cyclonedx/cdxgen-ppc64
- name: Build and push Docker images
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: .
file: ci/Dockerfile-ppc64
Expand All @@ -142,7 +142,7 @@ jobs:
cache-to: type=gha,mode=max,scope=cdxgen-ppc64
- name: Extract metadata (tags, labels) for Docker
id: meta4
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/cyclonedx/cdxgen-next
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/python-atom-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ name: Python atom tests
on:
workflow_dispatch:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
Expand Down
9 changes: 3 additions & 6 deletions .github/workflows/repotests.yml
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,14 @@
name: Repo tests

on:
push:
branches:
- master
paths-ignore:
- 'docs/**'
- '*.md'
workflow_dispatch:
pull_request:
paths-ignore:
- 'docs/**'
- '*.md'
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
strategy:
Expand Down
2 changes: 1 addition & 1 deletion bin/repl.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -468,6 +468,7 @@ cdxgenRepl.defineCommand("osinfocategories", {
"docker_volumes",
"etc_hosts",
"firefox_addons",
"vscode_extensions",
"homebrew_packages",
"installed_applications",
"interface_addresses",
Expand All @@ -494,7 +495,6 @@ cdxgenRepl.defineCommand("osinfocategories", {
"windows_shared_resources",
"yum_sources",
"appcompat_shims",
"atom_packages",
"browser_plugins",
"certificates",
"chocolatey_packages",
Expand Down
23 changes: 21 additions & 2 deletions binary.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,17 @@ switch (arch) {
arch = "amd64";
if (platform === "windows") {
pluginsBinSuffix = "-windows-amd64";
} else if (platform === "darwin") {
pluginsBinSuffix = "-darwin-amd64";
}
break;
case "arm64":
pluginsBinSuffix = "-arm64";
if (platform === "windows") {
pluginsBinSuffix = "-windows-arm64";
} else if (platform === "darwin") {
pluginsBinSuffix = "-darwin-arm64";
}
break;
case "ppc64":
arch = "ppc64le";
Expand Down Expand Up @@ -169,18 +176,23 @@ if (existsSync(join(CDXGEN_PLUGINS_DIR, "osquery"))) {
"osquery",
"osqueryi-" + platform + "-" + arch + extn
);
// osqueryi-darwin-amd64.app/Contents/MacOS/osqueryd
if (platform === "darwin") {
OSQUERY_BIN = `${OSQUERY_BIN}.app/Contents/MacOS/osqueryd`;
}
} else if (process.env.OSQUERY_CMD) {
OSQUERY_BIN = process.env.OSQUERY_CMD;
}
let DOSAI_BIN = null;
if (existsSync(join(CDXGEN_PLUGINS_DIR, "dosai"))) {
let platformToUse = platform;
if (platform === "darwin") {
platform = "osx";
platformToUse = "osx";
}
DOSAI_BIN = join(
CDXGEN_PLUGINS_DIR,
"dosai",
"dosai-" + platform + "-" + arch + extn
"dosai-" + platformToUse + "-" + arch + extn
);
} else if (process.env.DOSAI_CMD) {
DOSAI_BIN = process.env.DOSAI_CMD;
Expand Down Expand Up @@ -679,6 +691,13 @@ export const executeOsQuery = (query) => {
query = query + ";";
}
const args = ["--json", query];
// On darwin, we need to disable the safety check and run cdxgen with sudo
// https://github.com/osquery/osquery/issues/1382
if (platform === "darwin") {
args.push("--allow_unsafe");
args.push("--disable_logging");
args.push("--disable_events");
}
if (DEBUG_MODE) {
console.log("Executing", OSQUERY_BIN, args.join(" "));
}
Expand Down
1 change: 1 addition & 0 deletions data/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ Contents of data directory and their purpose.
| python-stdlib.json | Standard libraries that can be filtered out in python |
| queries-win.json | osquery used to generate obom for windows |
| queries.json | osquery used to generate obom for linux |
| queries-darwin.json | osquery used to generate obom for darwin |
| spdx-licenses.json | valid spdx id |
| spdx.schema.json | jsonschema for validation |
| vendor-alias.json | List to correct the group names. Used while parsing .jar files |
Expand Down
Loading

0 comments on commit 31410e9

Please sign in to comment.