diff options
author | Marta Rybczynska <rybczynska@gmail.com> | 2022-06-03 11:09:56 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-06-11 10:06:09 +0100 |
commit | e8738403178293999a064ac5a4ba9cfe8281d029 (patch) | |
tree | d7afc242037fb9f3b3d7c13f88ac6a92dbd4b8e6 /meta/recipes-core/meta/cve-update-db-native.bb | |
parent | 9868f9914901210e4586194750905e93256fb372 (diff) | |
download | poky-e8738403178293999a064ac5a4ba9cfe8281d029.tar.gz |
cve-update-db-native: make it possible to disable database updates
Make it possible to disable the database update completely by using
a negative update interval CVE_DB_UPDATE_INTERVAL.
Disabling the update is useful when running multiple parallel builds
when we want to have a control on the database version. This allows
coherent cve-check results without an database update for only
some of the builds.
(From OE-Core rev: 487a53522a739b9a52720c4c40b93f88ad77d242)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b5c2269240327c2a8f93b9e55354698f52c976f3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/meta/cve-update-db-native.bb')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 594bf947c8..a49f446a53 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -14,6 +14,7 @@ deltask do_populate_sysroot | |||
14 | 14 | ||
15 | # CVE database update interval, in seconds. By default: once a day (24*60*60). | 15 | # CVE database update interval, in seconds. By default: once a day (24*60*60). |
16 | # Use 0 to force the update | 16 | # Use 0 to force the update |
17 | # Use a negative value to skip the update | ||
17 | CVE_DB_UPDATE_INTERVAL ?= "86400" | 18 | CVE_DB_UPDATE_INTERVAL ?= "86400" |
18 | 19 | ||
19 | python () { | 20 | python () { |
@@ -51,8 +52,9 @@ python do_fetch() { | |||
51 | try: | 52 | try: |
52 | import time | 53 | import time |
53 | update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) | 54 | update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) |
54 | if (update_interval < 0): | 55 | if update_interval < 0: |
55 | update_interval = 0 | 56 | bb.note("CVE database update skipped") |
57 | return | ||
56 | if time.time() - os.path.getmtime(db_file) < update_interval: | 58 | if time.time() - os.path.getmtime(db_file) < update_interval: |
57 | return | 59 | return |
58 | 60 | ||