Tested-by: Alex Kiernan <[email protected]> On Tue, May 17, 2022 at 8:55 AM Ernst Sjöstrand <[email protected]> wrote: > > Reviewed-by: Ernst Sjöstrand <[email protected]> > > Den tis 17 maj 2022 kl 08:01 skrev Marta Rybczynska <[email protected]>: >> >> The addition of summary output caused two issues: error when building >> an image and the fact that JSON output was generated even when >> CVE_CHECK_FORMAT_JSON. >> >> When generating an image it caused an error like: >> ERROR: core-image-minimal-1.0-r0 do_rootfs: Error executing a python >> function in exec_func_python() autogenerated: >> >> The stack trace of python calls that resulted in this exception/failure >> was: >> File: 'exec_func_python() autogenerated', lineno: 2, function: <module> >> 0001: >> *** 0002:cve_check_write_rootfs_manifest(d) >> 0003: >> File: '/home/alexk/poky/meta/classes/cve-check.bbclass', lineno: 213, >> function: cve_check_write_rootfs_manifest >> 0209: >> 0210: link_path = os.path.join(deploy_dir, "%s.json" % >> link_name) >> 0211: manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") >> 0212: bb.note("Generating JSON CVE manifest") >> *** 0213: generate_json_report(json_summary_name, >> json_summary_link_name) >> 0214: bb.plain("Image CVE JSON report stored in: %s" % >> link_path) >> 0215:} >> 0216: >> 0217:ROOTFS_POSTPROCESS_COMMAND:prepend = >> "${@'cve_check_write_rootfs_manifest; ' if >> d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" >> Exception: NameError: name 'json_summary_name' is not defined >> >> The fix is to pass the d variable to the pure python function >> generate_json_report >> to get correct values of variables and add conditions for the JSON >> output where needed. >> >> In addition clarify the message presenting the summary JSON file, >> which isn't related to an image. >> >> Uses partial fixes from Alex Kiernan, Ernst Sjöstrand (ernstp), >> and Davide Gardenal. >> >> Fixes: f2987891d315 ("cve-check: add JSON format to summary output") >> >> Signed-off-by: Marta Rybczynska <[email protected]> >> --- >> meta/classes/cve-check.bbclass | 18 ++++++++++-------- >> 1 file changed, 10 insertions(+), 8 deletions(-) >> >> diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass >> index 24ddb865ea..7cd98ae462 100644 >> --- a/meta/classes/cve-check.bbclass >> +++ b/meta/classes/cve-check.bbclass >> @@ -79,7 +79,7 @@ CVE_CHECK_LAYER_INCLUDELIST ??= "" >> # set to "alphabetical" for version using single alphabetical character as >> increment release >> CVE_VERSION_SUFFIX ??= "" >> >> -def generate_json_report(out_path, link_path): >> +def generate_json_report(d, out_path, link_path): >> if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")): >> import json >> from oe.cve_check import cve_check_merge_jsons >> @@ -127,10 +127,11 @@ python cve_save_summary_handler () { >> os.remove(cvefile_link) >> os.symlink(os.path.basename(cve_summary_file), cvefile_link) >> >> + if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": >> json_summary_link_name = os.path.join(cvelogpath, >> d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON")) >> json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % >> (cve_summary_name, timestamp)) >> - generate_json_report(json_summary_name, json_summary_link_name) >> - bb.plain("CVE report summary created at: %s" % >> json_summary_link_name) >> + generate_json_report(d, json_summary_name, json_summary_link_name) >> + bb.plain("Complete CVE JSON report summary created at: %s" % >> json_summary_link_name) >> } >> >> addhandler cve_save_summary_handler >> @@ -207,11 +208,12 @@ python cve_check_write_rootfs_manifest () { >> os.symlink(os.path.basename(manifest_name), manifest_link) >> bb.plain("Image CVE report stored in: %s" % manifest_name) >> >> - link_path = os.path.join(deploy_dir, "%s.json" % link_name) >> - manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") >> - bb.note("Generating JSON CVE manifest") >> - generate_json_report(json_summary_name, json_summary_link_name) >> - bb.plain("Image CVE JSON report stored in: %s" % link_path) >> + if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": >> + link_path = os.path.join(deploy_dir, "%s.json" % link_name) >> + manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") >> + bb.note("Generating JSON CVE manifest") >> + generate_json_report(d, manifest_path, link_path) >> + bb.plain("Image CVE JSON report stored in: %s" % link_path) >> } >> >> ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; >> ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" >> -- >> 2.33.0 >> >> >> >>
-- Alex Kiernan
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165719): https://lists.openembedded.org/g/openembedded-core/message/165719 Mute This Topic: https://lists.openembedded.org/mt/91158052/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
