StrixOS/build_soong
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restrict plugins to an existing allowlist

Browse Source 
Adds a singleton to do validation that can be disabled via a
BUILD_BROKEN_PLUGIN_VALIDATION flag.

Validation process:
For all go modules that are a plugin for soong_build:
* if path is in build/soong, allow
* if path is in vendor, outside of google paths, allow
* if path is in hardware, outside of google paths, allow
* if name is in allowlist of current plugins, allow

We extend the plugin the list for internal modules via
vendor/google/build/soong/internal_plugins.json

Ignore-AOSP-First: Requires an internal only change to not break when submitted
Test: CI
Change-Id: I264a89b3636043330711d6c996c0360b61f51d92
This commit is contained in:
Liz Kammer
2022-10-19 01:29:18 -04:00
parent 1eaab60474
commit 09ddb3a73e
5 changed files with 157 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
android/variable.go
View File

@@ -437,6 +437,7 @@ type productVariables struct {
ShippingApiLevel *string `json:",omitempty"`
BuildBrokenPluginValidation []string `json:",omitempty"`
BuildBrokenClangAsFlags bool `json:",omitempty"`
BuildBrokenClangCFlags bool `json:",omitempty"`
BuildBrokenClangProperty bool `json:",omitempty"`