cmSbom: Add flag to automatically export sbom information

Source/cmExportCommand.cxx

@@ -84,7 +84,6 @@ static void AddExportGenerator(
   if (exportSet) {
     globalGenerator->AddBuildExportExportSet(exportGenerator.get());
   }
-
   makefile.AddExportBuildFileGenerator(std::move(exportGenerator));
 }
 
@@ -426,6 +425,7 @@ static bool HandleSbomMode(std::vector<std::string> const& args,
 
   using arg_t = cmSbomArguments;
   using gen_t = cmExportBuildSbomGenerator;
+  status.GetMakefile().SetExplicitlyGeneratesSbom(true);
   return HandleSpecialExportMode<arg_t, gen_t>(args, status);
 }
 

Source/cmGlobalGenerator.cxx

@@ -25,6 +25,7 @@
 #include "cm_codecvt_Encoding.hxx"
 
 #include "cmAlgorithms.h"
+#include "cmArgumentParserTypes.h"
 #include "cmBuildArgs.h"
 #include "cmCMakePath.h"
 #include "cmCPackPropertiesGenerator.h"
@@ -42,6 +43,7 @@
 #include "cmGeneratorTarget.h"
 #include "cmInstallGenerator.h"
 #include "cmInstallRuntimeDependencySet.h"
+#include "cmInstallSbomExportGenerator.h"
 #include "cmLinkLineComputer.h"
 #include "cmList.h"
 #include "cmListFileCache.h"
@@ -52,6 +54,7 @@
 #include "cmOutputConverter.h"
 #include "cmPolicies.h"
 #include "cmRange.h"
+#include "cmSbomArguments.h"
 #include "cmSourceFile.h"
 #include "cmState.h"
 #include "cmStateDirectory.h"
@@ -1569,6 +1572,37 @@ bool cmGlobalGenerator::Compute()
     return false;
   }
 
+#ifndef CMAKE_BOOTSTRAP
+  bool isTryCompile = this->GetGlobalSetting("IN_TRY_COMPILE").IsOn();
+  bool sbomEnabled = cmExperimental::HasSupportEnabled(
+    *this->Makefiles[0], cmExperimental::Feature::GenerateSbom);
+
+  // Automatically generate SBOM files if enabled.
+  cmValue sbomFormat = this->GetGlobalSetting("CMAKE_INSTALL_SBOM_FORMATS");
+  if (sbomFormat.IsSet() && !this->Makefiles[0]->ExplicitlyGeneratesSbom() &&
+      sbomEnabled && !isTryCompile) {
+    std::string location =
+      this->Makefiles[0]->GetSafeDefinition("CMAKE_INSTALL_LIBDIR");
+    if (location.empty()) {
+      location = "lib";
+    }
+
+    std::string projectName = this->LocalGenerators[0]->GetProjectName();
+    cmSbomArguments sbomDefaultArgs;
+    sbomDefaultArgs.ProjectName = projectName;
+    for (auto& exportSet : this->ExportSets) {
+      sbomDefaultArgs.PackageName = exportSet.first;
+      std::string dest = cmStrCat(location, "/sbom/", projectName);
+      this->Makefiles[0]->AddInstallGenerator(
+        cm::make_unique<cmInstallSbomExportGenerator>(
+          &exportSet.second, dest, "", std::vector<std::string>(), "",
+          cmInstallGenerator::SelectMessageLevel(this->Makefiles[0].get()),
+          false, std::move(sbomDefaultArgs), "",
+          this->Makefiles[0]->GetBacktrace()));
+    }
+  }
+#endif
+
   for (auto const& localGen : this->LocalGenerators) {
     cmMakefile* mf = localGen->GetMakefile();
     for (auto const& g : mf->GetInstallGenerators()) {

Source/cmInstallCommand.cxx

@@ -2584,6 +2584,7 @@ bool HandleSbomMode(std::vector<std::string> const& args,
   // specified
   helper.Makefile->GetGlobalGenerator()->AddInstallComponent(
     ica.GetComponent());
+  helper.Makefile->SetExplicitlyGeneratesSbom(true);
 
   // Create the export install generator.
   helper.Makefile->AddInstallGenerator(

Source/cmMakefile.cxx

@@ -1430,6 +1430,16 @@ void cmMakefile::AddTestGenerator(std::unique_ptr<cmTestGenerator> g)
   }
 }
 
+bool cmMakefile::ExplicitlyGeneratesSbom() const
+{
+  return this->ExplicitSbomGenerator;
+}
+
+void cmMakefile::SetExplicitlyGeneratesSbom(bool status)
+{
+  this->ExplicitSbomGenerator = status;
+}
+
 void cmMakefile::PushFunctionScope(std::string const& fileName,
                                    cmPolicies::PolicyMap const& pm)
 {

Source/cmMakefile.h

@@ -854,6 +854,9 @@ public:
   //! Initialize a makefile from its parent
   void InitializeFromParent(cmMakefile* parent);
 
+  bool ExplicitlyGeneratesSbom() const;
+  void SetExplicitlyGeneratesSbom(bool status = true);
+
   void AddInstallGenerator(std::unique_ptr<cmInstallGenerator> g);
 
   std::vector<std::unique_ptr<cmInstallGenerator>>& GetInstallGenerators()
@@ -1239,6 +1242,7 @@ private:
   cmFindPackageStack FindPackageStack;
   unsigned int FindPackageStackNextIndex = 0;
 
+  bool ExplicitSbomGenerator = false;
   bool DebugFindPkg = false;
 
   bool CheckSystemVars;

Tests/RunCMake/CMakeLists.txt

@@ -1412,6 +1412,7 @@ add_RunCMake_test(AutoExportDll
 add_RunCMake_test(AndroidMK)
 add_RunCMake_test(ExportPackageInfo)
 add_RunCMake_test(ExportSbom)
+add_RunCMake_test(EnvSbom)
 add_RunCMake_test(InstallPackageInfo)
 add_RunCMake_test(InstallExportsAsPackageInfo)
 add_RunCMake_test(InstallSbom)

Tests/RunCMake/EnvSbom/ApplicationTarget-install-check.cmake

@@ -0,0 +1,2 @@
+file(READ "${RunCMake_TEST_INSTALL_DIR}/lib/sbom/test_project/application_targets.spdx.json" content)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/ApplicationTarget-install-check.cmake)

Tests/RunCMake/EnvSbom/ApplicationTarget.cmake

@@ -0,0 +1,2 @@
+project(test_project)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/ApplicationTarget.cmake)

Tests/RunCMake/EnvSbom/CMakeLists.txt

@@ -0,0 +1,3 @@
+cmake_minimum_required(VERSION 4.2)
+project(${RunCMake_TEST} NONE)
+include(${RunCMake_TEST}.cmake)

Tests/RunCMake/EnvSbom/InterfaceTarget-install-check.cmake

@@ -0,0 +1,2 @@
+file(READ "${RunCMake_TEST_INSTALL_DIR}/lib/sbom/test_project/interface_targets.spdx.json" content)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/InterfaceTarget-install-check.cmake)

Tests/RunCMake/EnvSbom/InterfaceTarget.cmake

@@ -0,0 +1,2 @@
+project(test_project)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/InterfaceTarget.cmake)

Tests/RunCMake/EnvSbom/MissingPackageNamespace-install-check.cmake

@@ -0,0 +1,2 @@
+file(READ "${RunCMake_TEST_INSTALL_DIR}/lib/sbom/test_project/test_targets.spdx.json" content)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/MissingPackageNamespace-install-check.cmake)

Tests/RunCMake/EnvSbom/MissingPackageNamespace.cmake

@@ -0,0 +1,2 @@
+project(test_project VERSION 1.0.2)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/MissingPackageNamespace.cmake)

Tests/RunCMake/EnvSbom/ProjectMetadata-install-check.cmake

@@ -0,0 +1,2 @@
+file(READ "${RunCMake_TEST_INSTALL_DIR}/lib/sbom/test_project/test_targets.spdx.json" content)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/ProjectMetadata-install-check.cmake)

Tests/RunCMake/EnvSbom/ProjectMetadata.cmake

@@ -0,0 +1,6 @@
+project(test_project LANGUAGES NONE
+  VERSION 1.3
+  DESCRIPTION "An eloquent description"
+  HOMEPAGE_URL "www.example.com"
+  SPDX_LICENSE "BSD-3")
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/ProjectMetadata.cmake)

Tests/RunCMake/EnvSbom/ReferencesNonExportedTarget-install-check.cmake

@@ -0,0 +1,2 @@
+file(READ "${RunCMake_TEST_INSTALL_DIR}/lib/sbom/test_project/dog.spdx.json" content)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/ReferencesNonExportedTarget-install-check.cmake)

Tests/RunCMake/EnvSbom/ReferencesNonExportedTarget.cmake

@@ -0,0 +1,2 @@
+project(test_project)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/ReferencesNonExportedTarget.cmake)

Tests/RunCMake/EnvSbom/RunCMakeTest.cmake

@@ -0,0 +1,34 @@
+include(RunCMake)
+
+set(common_test_options
+  -Wno-dev
+  "-DCMAKE_EXPERIMENTAL_GENERATE_SBOM:STRING=ca494ed3-b261-4205-a01f-603c95e4cae0"
+  "-DCMAKE_EXPERIMENTAL_FIND_CPS_PACKAGES:STRING=e82e467b-f997-4464-8ace-b00808fff261"
+  "-DCMAKE_EXPERIMENTAL_EXPORT_PACKAGE_INFO:STRING=7fa7d13b-8308-4dc7-af39-9e450456d68f"
+  "-DCMAKE_INSTALL_SBOM_FORMATS:STRING=JSON"
+  "-DCMAKE_INSTALL_LIBDIR=lib"
+)
+
+function(run_cmake_install test)
+  set(extra_options ${ARGN})
+  set(RunCMake_TEST_BINARY_DIR ${RunCMake_BINARY_DIR}/${test}-build)
+  set(RunCMake_TEST_INSTALL_DIR ${RunCMake_BINARY_DIR}/${test}-install)
+  set(RunCMake_TEST_OPTIONS ${common_test_options} ${extra_options})
+  list(APPEND RunCMake_TEST_OPTIONS -DCMAKE_INSTALL_PREFIX=${RunCMake_TEST_INSTALL_DIR})
+  if(NOT RunCMake_GENERATOR_IS_MULTI_CONFIG)
+    list(APPEND RunCMake_TEST_OPTIONS -DCMAKE_BUILD_TYPE=DEBUG)
+  endif()
+
+  run_cmake(${test})
+  set(RunCMake_TEST_NO_CLEAN TRUE)
+  run_cmake_command(${test}-build ${CMAKE_COMMAND} --build . --config Debug)
+  run_cmake_command(${test}-install ${CMAKE_COMMAND} --install . --config Debug)
+endfunction()
+
+run_cmake_install(ApplicationTarget)
+run_cmake_install(InterfaceTarget)
+run_cmake_install(SharedTarget)
+
+run_cmake_install(MissingPackageNamespace)
+run_cmake_install(ReferencesNonExportedTarget)
+run_cmake_install(ProjectMetadata)

Tests/RunCMake/EnvSbom/SharedTarget-install-check.cmake

@@ -0,0 +1,2 @@
+file(READ "${RunCMake_TEST_INSTALL_DIR}/lib/sbom/test_project/shared_targets.spdx.json" content)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/SharedTarget-install-check.cmake)

Tests/RunCMake/EnvSbom/SharedTarget.cmake

@@ -0,0 +1,2 @@
+project(test_project)
+include(${CMAKE_CURRENT_LIST_DIR}/../Sbom/SharedTarget.cmake)

Tests/RunCMake/Sbom/ApplicationTarget.cmake

@@ -16,4 +16,5 @@ target_link_libraries(application PUBLIC bar::bar)
 install(
   TARGETS application
   EXPORT application_targets
+  DESTINATION .
 )

Tests/RunCMake/Sbom/InterfaceTarget.cmake

@@ -16,4 +16,5 @@ target_link_libraries(interface INTERFACE bar::bar)
 install(
   TARGETS interface
   EXPORT interface_targets
+  DESTINATION .
 )

Tests/RunCMake/Sbom/MissingPackageNamespace.cmake

@@ -18,4 +18,5 @@ target_link_libraries(test PUBLIC baz)
 install(
   TARGETS test
   EXPORT test_targets
+  DESTINATION .
 )

Tests/RunCMake/Sbom/ProjectMetadata.cmake

@@ -8,4 +8,5 @@ add_library(test INTERFACE)
 install(
   TARGETS test
   EXPORT test_targets
+  DESTINATION .
 )

Tests/RunCMake/Sbom/ReferencesNonExportedTarget.cmake

@@ -8,4 +8,3 @@ add_library(canine INTERFACE)
 target_link_libraries(canine INTERFACE mammal)
 
 install(TARGETS canine EXPORT dog DESTINATION .)
-install(SBOM dog EXPORT dog DESTINATION .)

Tests/RunCMake/Sbom/SharedTarget.cmake

@@ -11,4 +11,5 @@ target_link_libraries(shared PUBLIC foo::foo)
 install(
   TARGETS shared
   EXPORT shared_targets
+  DESTINATION .
 )