From: Davide Gardenal <davidegarde2...@gmail.com>
Create generate_json_report including all the code used to generate the JSON
manifest file.
Add to cve_save_summary_handler the ability to create the summary in JSON
format.
Signed-off-by: Davide Gardenal <davide.garde...@huawei.com>
Signed-off-by: Luca Ceresoli <luca.ceres...@bootlin.com>
(cherry picked from commit f2987891d315466b7ef180ecce81d15320ce8487)
Signed-off-by: Steve Sakoman <st...@sakoman.com>
---
meta/classes/cve-check.bbclass | 51 ++++++++++++++++++++++------------
1 file changed, 33 insertions(+), 18 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 41b4eb2dbf..350ed8ec39 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -75,6 +75,30 @@ CVE_CHECK_LAYER_INCLUDELIST ??= ""
# set to "alphabetical" for version using single alphabetical character as
increment release
CVE_VERSION_SUFFIX ??= ""
+def generate_json_report(out_path, link_path):
+ if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
+ import json
+ from oe.cve_check import cve_check_merge_jsons
+
+ bb.note("Generating JSON CVE summary")
+ index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
+ summary = {"version":"1", "package": []}
+ with open(index_file) as f:
+ filename = f.readline()
+ while filename:
+ with open(filename.rstrip()) as j:
+ data = json.load(j)
+ cve_check_merge_jsons(summary, data)
+ filename = f.readline()
+
+ with open(out_path, "w") as f:
+ json.dump(summary, f, indent=2)
+
+ if link_path != out_path:
+ if os.path.exists(os.path.realpath(link_path)):
+ os.remove(link_path)
+ os.symlink(os.path.basename(out_path), link_path)
+
python cve_save_summary_handler () {
import shutil
import datetime
@@ -97,6 +121,11 @@ python cve_save_summary_handler () {
if os.path.exists(os.path.realpath(cvefile_link)):
os.remove(cvefile_link)
os.symlink(os.path.basename(cve_summary_file), cvefile_link)
+
+ json_summary_link_name = os.path.join(cvelogpath,
d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
+ json_summary_name = os.path.join(cvelogpath, "%s-%s.json" %
(cve_summary_name, timestamp))
+ generate_json_report(json_summary_name, json_summary_link_name)
+ bb.plain("CVE report summary created at: %s" % json_summary_link_name)
}
addhandler cve_save_summary_handler
@@ -170,25 +199,11 @@ python cve_check_write_rootfs_manifest () {
os.symlink(os.path.basename(manifest_name), manifest_link)
bb.plain("Image CVE report stored in: %s" % manifest_name)
- if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
- import json
+ link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+ manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
bb.note("Generating JSON CVE manifest")
- deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
- link_name = d.getVar("IMAGE_LINK_NAME")
- manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
- index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
- manifest = {"version":"1", "package": []}
- with open(index_file) as f:
- filename = f.readline()
- while filename:
- with open(filename.rstrip()) as j:
- data = json.load(j)
- cve_check_merge_jsons(manifest, data)
- filename = f.readline()
-
- with open(manifest_name, "w") as f:
- json.dump(manifest, f, indent=2)
- bb.plain("Image CVE report stored in: %s" % manifest_name)
+ generate_json_report(json_summary_name, json_summary_link_name)
+ bb.plain("Image CVE JSON report stored in: %s" % link_path)
}
ROOTFS_POSTPROCESS_COMMAND_prepend = "${@'cve_check_write_rootfs_manifest; '
if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165514):
https://lists.openembedded.org/g/openembedded-core/message/165514
Mute This Topic: https://lists.openembedded.org/mt/91042168/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
