From f40f533f027e97e8a6edfbf9010d5eb201b52f74c7ae9dc3e0039442c9f8144e Mon Sep 17 00:00:00 2001 From: localhorst Date: Sat, 6 Sep 2025 11:55:19 +0200 Subject: [PATCH] cleanup Readme and generate SBOM --- .gitignore | 4 ++- CMakeLists.txt | 82 +++++++++++++++++++++++++++++++++++----------- LICENSE | 2 +- README.md | 2 ++ sbom.template.json | 44 +++++++++++++++++++++++++ 5 files changed, 112 insertions(+), 22 deletions(-) create mode 100644 sbom.template.json diff --git a/.gitignore b/.gitignore index 2c4bf08..89da9c6 100644 --- a/.gitignore +++ b/.gitignore @@ -256,4 +256,6 @@ cython_debug/ # PyPI configuration file .pypirc -pyupdi-env/ \ No newline at end of file +pyupdi-env/ + +sbom.spdx.json \ No newline at end of file diff --git a/CMakeLists.txt b/CMakeLists.txt index abb31a7..05d478c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,37 +1,79 @@ cmake_minimum_required(VERSION 3.13) - -# Project project(lezyne-rear-light-firmware C) # MCU and clock set(MCU attiny202) -set(F_CPU 5000000UL) # 5 MHz +set(F_CPU 5000000UL) -# Toolchain executables +# Toolchain set(CMAKE_SYSTEM_NAME Generic) set(CMAKE_C_COMPILER avr-gcc) set(OBJCOPY avr-objcopy) -# Compiler flags: optimize, warnings, treat warnings as errors -set(CMAKE_C_FLAGS "-mmcu=${MCU} -DF_CPU=${F_CPU} -Os -Wall -Werror") - # Sources add_executable(main.elf main.c) -# HEX file -add_custom_command( - OUTPUT main.hex +# Compiler and linker flags +target_compile_options(main.elf PRIVATE -mmcu=${MCU} -DF_CPU=${F_CPU} -Os -Wall -Werror) +set_target_properties(main.elf PROPERTIES LINK_FLAGS "-mmcu=${MCU}") + +# Create HEX and BIN after build +add_custom_command(TARGET main.elf POST_BUILD COMMAND ${OBJCOPY} -O ihex -R .eeprom main.elf main.hex - DEPENDS main.elf -) - -# BIN file -add_custom_command( - OUTPUT main.bin COMMAND ${OBJCOPY} -O binary -R .eeprom main.elf main.bin - DEPENDS main.elf ) -# Targets -add_custom_target(hex ALL DEPENDS main.hex) -add_custom_target(bin ALL DEPENDS main.bin) +# Optional: show size +find_program(SIZE_TOOL avr-size) +if(SIZE_TOOL) + add_custom_command(TARGET main.elf POST_BUILD + COMMAND ${SIZE_TOOL} --mcu=${MCU} --format=avr main.elf + ) +endif() + +# Flash target using pymcuprog +find_program(PYMCUPROG pymcuprog) +set(UPDI_PORT "/dev/ttyUSB0" CACHE STRING "Serial port for UPDI programming") + +if(PYMCUPROG) + add_custom_target(flash + COMMAND ${PYMCUPROG} -t uart -u ${UPDI_PORT} -d ${MCU} write -f main.hex + DEPENDS main.hex + COMMENT "Flashing ${MCU} with pymcuprog..." + ) +else() + message(WARNING "pymcuprog not found in PATH. 'make flash' will not be available.") +endif() + +# --- SBOM Generation (SPDX JSON) --- +find_package(Git REQUIRED) + +# Generate current timestamp in ISO 8601 format (UTC) +string(TIMESTAMP CMAKE_TIMESTAMP "%Y-%m-%dT%H:%M:%SZ" UTC) + +# Get current git hash +execute_process( + COMMAND ${GIT_EXECUTABLE} rev-parse HEAD + WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} + OUTPUT_VARIABLE GIT_HASH + OUTPUT_STRIP_TRAILING_WHITESPACE +) + +# Get avr-gcc version +execute_process( + COMMAND ${CMAKE_C_COMPILER} --version + OUTPUT_VARIABLE AVR_GCC_VERSION + OUTPUT_STRIP_TRAILING_WHITESPACE +) + +# Where to write SBOM +set(SBOM_FILE ${CMAKE_SOURCE_DIR}/sbom.spdx.json) + +# Generate from template +configure_file(${CMAKE_SOURCE_DIR}/sbom.template.json ${SBOM_FILE} @ONLY) + +# Always regenerate on build +add_custom_target(sbom ALL + DEPENDS ${SBOM_FILE} + COMMENT "Generating SPDX SBOM..." +) diff --git a/LICENSE b/LICENSE index 3cbd199..60e574c 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2025 localhorst +Copyright (c) 2025 Hendrik Schutter Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including diff --git a/README.md b/README.md index edea2fd..7dc0b68 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ **🚧 Work in progress. No complete firmware yet 🚧** +🚀 For pre-build binaries go to [Releases](https://git.mosad.xyz/localhorst/lezyne-rear-light-firmware/releases). + Open firmware for Lezyne bike rear lights based on ATTINY202 This repository contains a minimal firmware as a **C project** for the ATtiny202 microcontroller using **GCC**, **CMake**, and **VS Code**. It also includes instructions for programming the chip using an **FT232 USB-UART adapter** via the UPDI interface with `pymcuprog`. diff --git a/sbom.template.json b/sbom.template.json new file mode 100644 index 0000000..3166009 --- /dev/null +++ b/sbom.template.json @@ -0,0 +1,44 @@ +{ + "spdxVersion": "SPDX-2.3", + "dataLicense": "CC0-1.0", + "SPDXID": "SPDXRef-DOCUMENT", + "name": "lezyne-rear-light-firmware", + "documentNamespace": "https://git.mosad.xyz/localhorst/lezyne-rear-light-firmware/@GIT_HASH@", + "creationInfo": { + "created": "@CMAKE_TIMESTAMP@", + "creators": [ + "Tool: CMake+SPDX" + ] + }, + "packages": [ + { + "name": "main.c", + "SPDXID": "SPDXRef-mainc", + "downloadLocation": "https://git.mosad.xyz/localhorst/lezyne-rear-light-firmware/src/branch/main/main.c", + "filesAnalyzed": true, + "versionInfo": "@GIT_HASH@", + "licenseDeclared": "MIT License", + "homepage": "https://git.mosad.xyz/localhorst/lezyne-rear-light-firmware" + }, + { + "name": "avr-gcc", + "SPDXID": "SPDXRef-avrgcc", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "versionInfo": "@AVR_GCC_VERSION@", + "licenseDeclared": "GPL-3.0-or-later", + "supplier": "Organization: The GNU Project", + "homepage": "https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git" + }, + { + "name": "avr-libc", + "SPDXID": "SPDXRef-avrlibc", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "versionInfo": "2.2.1-1.2", + "licenseDeclared": "Modified BSD License", + "supplier": "Organization: AVRDUDES Authors", + "homepage": "https://github.com/avrdudes/avr-libc/" + } + ] +} \ No newline at end of file