From: Chris Laplante Date: Tue, 29 Sep 2020 15:57:45 +0000 (-0400) Subject: cve-check: introduce CVE_CHECK_RECIPE_FILE variable to allow changing of per-recipe... X-Git-Tag: 2020-10-gatesgarth~129 X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=0d40f1482c6d87785ae47c46c2305e1df46f459a;p=openembedded-core.git cve-check: introduce CVE_CHECK_RECIPE_FILE variable to allow changing of per-recipe check file The addition of this variable also makes it possible to change the output suffix of the check files, e.g. in local.conf: CVE_CHECK_MANIFEST_append = ".txt" CVE_CHECK_RECIPE_FILE_append = ".txt" Signed-off-by: Chris Laplante Signed-off-by: Richard Purdie --- diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 02fef7c205..df28a93687 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -36,6 +36,7 @@ CVE_CHECK_SUMMARY_FILE_NAME ?= "cve-summary" CVE_CHECK_SUMMARY_FILE ?= "${CVE_CHECK_SUMMARY_DIR}/${CVE_CHECK_SUMMARY_FILE_NAME}" CVE_CHECK_DIR ??= "${DEPLOY_DIR}/cve" +CVE_CHECK_RECIPE_FILE ?= "${CVE_CHECK_DIR}/${PN}" CVE_CHECK_MANIFEST ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve" CVE_CHECK_COPY_FILES ??= "1" CVE_CHECK_CREATE_MANIFEST ??= "1" @@ -118,7 +119,7 @@ python cve_check_write_rootfs_manifest () { import shutil if d.getVar("CVE_CHECK_COPY_FILES") == "1": - deploy_file = os.path.join(d.getVar("CVE_CHECK_DIR"), d.getVar("PN")) + deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE") if os.path.exists(deploy_file): bb.utils.remove(deploy_file) @@ -355,9 +356,8 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data): f.write(write_string) if d.getVar("CVE_CHECK_COPY_FILES") == "1": - cve_dir = d.getVar("CVE_CHECK_DIR") - bb.utils.mkdirhier(cve_dir) - deploy_file = os.path.join(cve_dir, d.getVar("PN")) + deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE") + bb.utils.mkdirhier(os.path.dirname(deploy_file)) with open(deploy_file, "w") as f: f.write(write_string)