All of lore.kernel.org
 help / color / mirror / Atom feed
* [dunfell][PATCH] cve-check: Fix report generation
@ 2022-05-24 13:07 Mikko Rapeli
  2022-05-25  9:38 ` [OE-core] " Marta Rybczynska
  0 siblings, 1 reply; 3+ messages in thread
From: Mikko Rapeli @ 2022-05-24 13:07 UTC (permalink / raw)
  To: openembedded-core; +Cc: Mikko Rapeli, Marta Rybczynska, Richard Purdie

From: Mikko Rapeli <mikko.rapeli@bmw.de>

From: Marta Rybczynska <rybczynska@gmail.com>

The addition of summary output caused two issues: error when building
an image and the fact that JSON output was generated even when
CVE_CHECK_FORMAT_JSON.

When generating an image it caused an error like:
ERROR: core-image-minimal-1.0-r0 do_rootfs: Error executing a python function in exec_func_python() autogenerated:

  The stack trace of python calls that resulted in this exception/failure was:
  File: 'exec_func_python() autogenerated', lineno: 2, function: <module>
       0001:
   *** 0002:cve_check_write_rootfs_manifest(d)
       0003:
  File: '/home/alexk/poky/meta/classes/cve-check.bbclass', lineno: 213, function: cve_check_write_rootfs_manifest
       0209:
       0210:        link_path = os.path.join(deploy_dir, "%s.json" % link_name)
       0211:        manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
       0212:        bb.note("Generating JSON CVE manifest")
   *** 0213:        generate_json_report(json_summary_name, json_summary_link_name)
       0214:        bb.plain("Image CVE JSON report stored in: %s" % link_path)
       0215:}
       0216:
       0217:ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
  Exception: NameError: name 'json_summary_name' is not defined

The fix is to pass the d variable to the pure python function generate_json_report
to get correct values of variables and add conditions for the JSON
output where needed.

In addition clarify the message presenting the summary JSON file,
which isn't related to an image.

Uses partial fixes from Alex Kiernan, Ernst Sjöstrand (ernstp),
and Davide Gardenal.

Fixes: f2987891d315 ("cve-check: add JSON format to summary output")

(From OE-Core rev: 9015dec93233c7d45fd0c9885ff5d4ec23ad377d)

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/classes/cve-check.bbclass | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index ac9f0fb22c..34c38bdf2d 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -75,7 +75,7 @@ CVE_CHECK_LAYER_INCLUDELIST ??= ""
 # set to "alphabetical" for version using single alphabetical character as increment release
 CVE_VERSION_SUFFIX ??= ""
 
-def generate_json_report(out_path, link_path):
+def generate_json_report(d, out_path, link_path):
     if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
         import json
         from oe.cve_check import cve_check_merge_jsons
@@ -123,10 +123,11 @@ python cve_save_summary_handler () {
                     os.remove(cvefile_link)
                 os.symlink(os.path.basename(cve_summary_file), cvefile_link)
 
+    if d.getVar("CVE_CHECK_FORMAT_JSON") == "1":
         json_summary_link_name = os.path.join(cvelogpath, d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
         json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % (cve_summary_name, timestamp))
-        generate_json_report(json_summary_name, json_summary_link_name)
-        bb.plain("CVE report summary created at: %s" % json_summary_link_name)
+        generate_json_report(d, json_summary_name, json_summary_link_name)
+        bb.plain("Complete CVE JSON report summary created at: %s" % json_summary_link_name)
 }
 
 addhandler cve_save_summary_handler
@@ -202,11 +203,12 @@ python cve_check_write_rootfs_manifest () {
                 os.symlink(os.path.basename(manifest_name), manifest_link)
             bb.plain("Image CVE report stored in: %s" % manifest_name)
 
-        link_path = os.path.join(deploy_dir, "%s.json" % link_name)
-        manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
-        bb.note("Generating JSON CVE manifest")
-        generate_json_report(json_summary_name, json_summary_link_name)
-        bb.plain("Image CVE JSON report stored in: %s" % link_path)
+        if d.getVar("CVE_CHECK_FORMAT_JSON") == "1":
+            link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+            manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
+            bb.note("Generating JSON CVE manifest")
+            generate_json_report(d, manifest_path, link_path)
+            bb.plain("Image CVE JSON report stored in: %s" % link_path)
 }
 
 ROOTFS_POSTPROCESS_COMMAND_prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [OE-core] [dunfell][PATCH] cve-check: Fix report generation
  2022-05-24 13:07 [dunfell][PATCH] cve-check: Fix report generation Mikko Rapeli
@ 2022-05-25  9:38 ` Marta Rybczynska
  2022-05-25 14:01   ` Steve Sakoman
  0 siblings, 1 reply; 3+ messages in thread
From: Marta Rybczynska @ 2022-05-25  9:38 UTC (permalink / raw)
  To: Mikko Rapeli; +Cc: OE-core, Marta Rybczynska, Richard Purdie

On Tue, May 24, 2022 at 3:07 PM Mikko Rapeli <mikko.rapeli@bmw.de> wrote:
>
> From: Mikko Rapeli <mikko.rapeli@bmw.de>
>
> From: Marta Rybczynska <rybczynska@gmail.com>
>
> The addition of summary output caused two issues: error when building
> an image and the fact that JSON output was generated even when
> CVE_CHECK_FORMAT_JSON.
>

Hello Mikko,
This patch has been already picked up by Steve. We're waiting for
the final review now. It should land in dunfell (very) soon.

Kind regards,
Marta


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [OE-core] [dunfell][PATCH] cve-check: Fix report generation
  2022-05-25  9:38 ` [OE-core] " Marta Rybczynska
@ 2022-05-25 14:01   ` Steve Sakoman
  0 siblings, 0 replies; 3+ messages in thread
From: Steve Sakoman @ 2022-05-25 14:01 UTC (permalink / raw)
  To: Marta Rybczynska; +Cc: Mikko Rapeli, OE-core, Marta Rybczynska, Richard Purdie

On Tue, May 24, 2022 at 11:38 PM Marta Rybczynska <rybczynska@gmail.com> wrote:
>
> On Tue, May 24, 2022 at 3:07 PM Mikko Rapeli <mikko.rapeli@bmw.de> wrote:
> >
> > From: Mikko Rapeli <mikko.rapeli@bmw.de>
> >
> > From: Marta Rybczynska <rybczynska@gmail.com>
> >
> > The addition of summary output caused two issues: error when building
> > an image and the fact that JSON output was generated even when
> > CVE_CHECK_FORMAT_JSON.
> >
>
> Hello Mikko,
> This patch has been already picked up by Steve. We're waiting for
> the final review now. It should land in dunfell (very) soon.

Actually it landed yesterday:

https://git.yoctoproject.org/poky/commit/?h=dunfell&id=232b5533de22bba7a747f73f684d609e217531f9

I'll be sending the pull request containing the kirkstone version later today.

Steve


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-05-25 14:01 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-24 13:07 [dunfell][PATCH] cve-check: Fix report generation Mikko Rapeli
2022-05-25  9:38 ` [OE-core] " Marta Rybczynska
2022-05-25 14:01   ` Steve Sakoman

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.