From 630fb072192b345c42952dd0f274c66aedc67cff Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Tue, 3 May 2022 09:51:43 +0200 Subject: cve-check: add JSON format to summary output Create generate_json_report including all the code used to generate the JSON manifest file. Add to cve_save_summary_handler the ability to create the summary in JSON format. (From OE-Core rev: f2987891d315466b7ef180ecce81d15320ce8487) Signed-off-by: Davide Gardenal Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie --- meta/classes/cve-check.bbclass | 51 +++++++++++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 18 deletions(-) (limited to 'meta/classes/cve-check.bbclass') diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 7cf206299b..c74c717235 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -79,6 +79,30 @@ CVE_CHECK_LAYER_INCLUDELIST ??= "" # set to "alphabetical" for version using single alphabetical character as increment release CVE_VERSION_SUFFIX ??= "" +def generate_json_report(out_path, link_path): + if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")): + import json + from oe.cve_check import cve_check_merge_jsons + + bb.note("Generating JSON CVE summary") + index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH") + summary = {"version":"1", "package": []} + with open(index_file) as f: + filename = f.readline() + while filename: + with open(filename.rstrip()) as j: + data = json.load(j) + cve_check_merge_jsons(summary, data) + filename = f.readline() + + with open(out_path, "w") as f: + json.dump(summary, f, indent=2) + + if link_path != out_path: + if os.path.exists(os.path.realpath(link_path)): + os.remove(link_path) + os.symlink(os.path.basename(out_path), link_path) + python cve_save_summary_handler () { import shutil import datetime @@ -101,6 +125,11 @@ python cve_save_summary_handler () { if os.path.exists(os.path.realpath(cvefile_link)): os.remove(cvefile_link) os.symlink(os.path.basename(cve_summary_file), cvefile_link) + + json_summary_link_name = os.path.join(cvelogpath, d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON")) + json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % (cve_summary_name, timestamp)) + generate_json_report(json_summary_name, json_summary_link_name) + bb.plain("CVE report summary created at: %s" % json_summary_link_name) } addhandler cve_save_summary_handler @@ -175,25 +204,11 @@ python cve_check_write_rootfs_manifest () { os.symlink(os.path.basename(manifest_name), manifest_link) bb.plain("Image CVE report stored in: %s" % manifest_name) - if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")): - import json + link_path = os.path.join(deploy_dir, "%s.json" % link_name) + manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") bb.note("Generating JSON CVE manifest") - deploy_dir = d.getVar("DEPLOY_DIR_IMAGE") - link_name = d.getVar("IMAGE_LINK_NAME") - manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON") - index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH") - manifest = {"version":"1", "package": []} - with open(index_file) as f: - filename = f.readline() - while filename: - with open(filename.rstrip()) as j: - data = json.load(j) - cve_check_merge_jsons(manifest, data) - filename = f.readline() - - with open(manifest_name, "w") as f: - json.dump(manifest, f, indent=2) - bb.plain("Image CVE report stored in: %s" % manifest_name) + generate_json_report(json_summary_name, json_summary_link_name) + bb.plain("Image CVE JSON report stored in: %s" % link_path) } ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" -- cgit v1.2.3-54-g00ecf