# Pastebin rH7PsQ4q diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index ac9f0fb22c..039d5d01e7 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -75,13 +75,11 @@ CVE_CHECK_LAYER_INCLUDELIST ??= "" # set to "alphabetical" for version using single alphabetical character as increment release CVE_VERSION_SUFFIX ??= "" -def generate_json_report(out_path, link_path): - if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")): +def generate_json_report(out_path, link_path, index_file): + if os.path.exists(index_file): import json from oe.cve_check import cve_check_merge_jsons - bb.note("Generating JSON CVE summary") - index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH") summary = {"version":"1", "package": []} with open(index_file) as f: filename = f.readline() @@ -98,6 +96,9 @@ def generate_json_report(out_path, link_path): if os.path.exists(os.path.realpath(link_path)): os.remove(link_path) os.symlink(os.path.basename(out_path), link_path) + bb.plain("CVE report summary created at: %s" % link_name) + else: + bb.warn("Failed to create CVE JSON summary report: %s" % link_path) python cve_save_summary_handler () { import shutil @@ -123,10 +124,11 @@ python cve_save_summary_handler () { os.remove(cvefile_link) os.symlink(os.path.basename(cve_summary_file), cvefile_link) - json_summary_link_name = os.path.join(cvelogpath, d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON")) - json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % (cve_summary_name, timestamp)) - generate_json_report(json_summary_name, json_summary_link_name) - bb.plain("CVE report summary created at: %s" % json_summary_link_name) + if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": + json_summary_link_name = os.path.join(cvelogpath, d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON")) + json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % (cve_summary_name, timestamp)) + index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH") + generate_json_report(json_summary_name, json_summary_link_name, index_file) } addhandler cve_save_summary_handler @@ -202,11 +204,12 @@ python cve_check_write_rootfs_manifest () { os.symlink(os.path.basename(manifest_name), manifest_link) bb.plain("Image CVE report stored in: %s" % manifest_name) - link_path = os.path.join(deploy_dir, "%s.json" % link_name) - manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") - bb.note("Generating JSON CVE manifest") - generate_json_report(json_summary_name, json_summary_link_name) - bb.plain("Image CVE JSON report stored in: %s" % link_path) + if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": + link_path = os.path.join(deploy_dir, "%s.json" % link_name) + manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") + bb.note("Generating JSON CVE manifest") + index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH") + generate_json_report(manifest_path, link_path, index_file) } ROOTFS_POSTPROCESS_COMMAND_prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" -- 2.35.1