Re: [OE-core] [master][kirkstone][PATCH] cve-check: add JSON format to summary output

Mon, 02 May 2022 07:13:01 -0700 

On Sun, May 1, 2022 at 11:08 PM Jose Quaresma <quaresma.j...@gmail.com> wrote:
>
> Hi Davide,
>
> This patch needs to be sent first for the master branch and backported for 
> kirkstone only after that.

He's tagged [master] in the subject in addition to [kirkstone], so
this is fine.  I appreciate the heads up that I should keep an eye out
for the master commit.

Steve

> Davide Gardenal <davidegarde2...@gmail.com> escreveu no dia segunda, 
> 2/05/2022 à(s) 08:43:
>>
>> Create generate_json_report including all the code used to generate the JSON
>> manifest file.
>> Add to cve_save_summary_handler the ability to create the summary in JSON 
>> format.
>>
>> Signed-off-by: Davide Gardenal <davide.garde...@huawei.com>
>> ---
>>  meta/classes/cve-check.bbclass | 50 +++++++++++++-------
>>  1 file changed, 32 insertions(+), 18 deletions(-)
>>
>> diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
>> index 78516d0..64875d7 100644
>> --- a/meta/classes/cve-check.bbclass
>> +++ b/meta/classes/cve-check.bbclass
>> @@ -79,6 +79,29 @@ CVE_CHECK_LAYER_INCLUDELIST ??= ""
>>  # set to "alphabetical" for version using single alphabetical character as 
>> increment release
>>  CVE_VERSION_SUFFIX ??= ""
>>
>> +def generate_json_report(out_path, link_path):
>> +    if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
>> +        import json
>> +        from oe.cve_check import cve_check_merge_jsons
>> +
>> +        bb.note("Generating JSON CVE summary")
>> +        index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
>> +        summary = {"version":"1", "package": []}
>> +        with open(index_file) as f:
>> +            filename = f.readline()
>> +            while filename:
>> +                with open(filename.rstrip()) as j:
>> +                    data = json.load(j)
>> +                    cve_check_merge_jsons(summary, data)
>> +                filename = f.readline()
>> +
>> +        with open(out_path, "w") as f:
>> +            json.dump(summary, f, indent=2)
>> +
>> +        if os.path.exists(os.path.realpath(link_path)):
>> +            os.remove(link_path)
>> +        os.symlink(os.path.basename(out_path), link_path)
>> +
>>  python cve_save_summary_handler () {
>>      import shutil
>>      import datetime
>> @@ -101,6 +124,11 @@ python cve_save_summary_handler () {
>>              if os.path.exists(os.path.realpath(cvefile_link)):
>>                  os.remove(cvefile_link)
>>              os.symlink(os.path.basename(cve_summary_file), cvefile_link)
>> +
>> +        json_summary_link_name = os.path.join(cvelogpath, 
>> d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
>> +        json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % 
>> (cve_summary_name, timestamp))
>> +        generate_json_report(json_summary_name, json_summary_link_name)
>> +        bb.plain("CVE report summary created at: %s" % 
>> json_summary_link_name)
>>  }
>>
>>  addhandler cve_save_summary_handler
>> @@ -175,25 +203,11 @@ python cve_check_write_rootfs_manifest () {
>>              os.symlink(os.path.basename(manifest_name), manifest_link)
>>              bb.plain("Image CVE report stored in: %s" % manifest_name)
>>
>> -    if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
>> -        import json
>> +        link_path = os.path.join(deploy_dir, "%s.json" % link_name)
>> +        manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
>>          bb.note("Generating JSON CVE manifest")
>> -        deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
>> -        link_name = d.getVar("IMAGE_LINK_NAME")
>> -        manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
>> -        index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
>> -        manifest = {"version":"1", "package": []}
>> -        with open(index_file) as f:
>> -            filename = f.readline()
>> -            while filename:
>> -                with open(filename.rstrip()) as j:
>> -                    data = json.load(j)
>> -                    cve_check_merge_jsons(manifest, data)
>> -                filename = f.readline()
>> -
>> -        with open(manifest_name, "w") as f:
>> -            json.dump(manifest, f, indent=2)
>> -        bb.plain("Image CVE report stored in: %s" % manifest_name)
>> +        generate_json_report(json_summary_name, json_summary_link_name)
>> +        bb.plain("Image CVE JSON report stored in: %s" % link_path)
>>  }
>>
>>  ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; 
>> ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
>> --
>> 2.32.0
>>
>>
>>
>>
>
>
> --
> Best regards,
>
> José Quaresma
>
> 
>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165168): 
https://lists.openembedded.org/g/openembedded-core/message/165168
Mute This Topic: https://lists.openembedded.org/mt/90830880/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to