patchtest: Add tests from patchtest oe repo

Copy the core components of the patchtest-oe repo into meta/lib/patchtest in oe-core. (From OE-Core rev: 257f64f4e4414b78981104aec132b067beb5a92a) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Trevor Gamblin <tgamblin@baylibre.com> 2023-09-13 13:00:46 -0400
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-09-14 15:20:08 +0100
commit: 4a6f38c5327b40a45c340af49fee9a0d5cc890bd (patch)
tree: 669ae555ecc031990579baa207d40f38ab7e1335 /meta/lib/patchtest/tests/test_mbox_cve.py
parent: e12e6d94ecbea6e0dafc080f2f196e12228730eb (diff)
download: poky-4a6f38c5327b40a45c340af49fee9a0d5cc890bd.tar.gz
1 files changed, 49 insertions, 0 deletions
diff --git a/meta/lib/patchtest/tests/test_mbox_cve.py b/meta/lib/patchtest/tests/test_mbox_cve.py
new file mode 100644
index 0000000000..f99194c094
--- /dev/null
+++ b/meta/lib/patchtest/tests/test_mbox_cve.py
@@ -0,0 +1,49 @@
+# Checks related to the patch's CVE lines
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# SPDX-License-Identifier: GPL-2.0-or-later
+import base
+import os
+import parse_cve_tags
+import re
+class CVE(base.Base):
+    revert_shortlog_regex = re.compile('Revert\s+".*"')
+    prog = parse_cve_tags.cve_tag
+    def setUp(self):
+        if self.unidiff_parse_error:
+            self.skip('Parse error %s' % self.unidiff_parse_error)
+        # we are just interested in series that introduce CVE patches, thus discard other
+        # possibilities: modification to current CVEs, patch directly introduced into the
+        # recipe, upgrades already including the CVE, etc.
+        new_cves = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file]
+        if not new_cves:
+            self.skip('No new CVE patches introduced')
+    def test_cve_presence_in_commit_message(self):
+        for commit in CVE.commits:
+            # skip those patches that revert older commits, these do not required the tag presence
+            if self.revert_shortlog_regex.match(commit.shortlog):
+                continue
+            if not self.prog.search_string(commit.payload):
+                self.fail('Missing or incorrectly formatted CVE tag in mbox',
+                          'Correct or include the CVE tag in the mbox with format: "CVE: CVE-YYYY-XXXX"',
+                          commit)
author	Trevor Gamblin <tgamblin@baylibre.com>	2023-09-13 13:00:46 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-09-14 15:20:08 +0100
commit	4a6f38c5327b40a45c340af49fee9a0d5cc890bd (patch)
tree	669ae555ecc031990579baa207d40f38ab7e1335 /meta/lib/patchtest/tests/test_mbox_cve.py
parent	e12e6d94ecbea6e0dafc080f2f196e12228730eb (diff)
download	poky-4a6f38c5327b40a45c340af49fee9a0d5cc890bd.tar.gz

diff --git a/meta/lib/patchtest/tests/test_mbox_cve.py b/meta/lib/patchtest/tests/test_mbox_cve.py new file mode 100644 index 0000000000..f99194c094 --- /dev/null +++ b/meta/lib/patchtest/tests/test_mbox_cve.py
@@ -0,0 +1,49 @@
	1	# Checks related to the patch's CVE lines
	2	#
	3	# Copyright (C) 2016 Intel Corporation
	4	#
	5	# This program is free software; you can redistribute it and/or modify
	6	# it under the terms of the GNU General Public License version 2 as
	7	# published by the Free Software Foundation.
	8	#
	9	# This program is distributed in the hope that it will be useful,
	10	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	# GNU General Public License for more details.
	13	#
	14	# You should have received a copy of the GNU General Public License along
	15	# with this program; if not, write to the Free Software Foundation, Inc.,
	16	# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	17
	18	# SPDX-License-Identifier: GPL-2.0-or-later
	19
	20	import base
	21	import os
	22	import parse_cve_tags
	23	import re
	24
	25	class CVE(base.Base):
	26
	27	revert_shortlog_regex = re.compile('Revert\s+".*"')
	28	prog = parse_cve_tags.cve_tag
	29
	30	def setUp(self):
	31	if self.unidiff_parse_error:
	32	self.skip('Parse error %s' % self.unidiff_parse_error)
	33
	34	# we are just interested in series that introduce CVE patches, thus discard other
	35	# possibilities: modification to current CVEs, patch directly introduced into the
	36	# recipe, upgrades already including the CVE, etc.
	37	new_cves = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file]
	38	if not new_cves:
	39	self.skip('No new CVE patches introduced')
	40
	41	def test_cve_presence_in_commit_message(self):
	42	for commit in CVE.commits:
	43	# skip those patches that revert older commits, these do not required the tag presence
	44	if self.revert_shortlog_regex.match(commit.shortlog):
	45	continue
	46	if not self.prog.search_string(commit.payload):
	47	self.fail('Missing or incorrectly formatted CVE tag in mbox',
	48	'Correct or include the CVE tag in the mbox with format: "CVE: CVE-YYYY-XXXX"',
	49	commit)