[yocto] [yocto-autobuilder-helper] [PATCH 2/5] scripts/run-patchmetrics: Split out CVE checks

Mon, 23 Oct 2023 08:44:05 -0700 

Split the CVE checks from the patch metrics script

Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
---
 config.json              |  6 +++++
 scripts/run-cvecheck     | 54 ++++++++++++++++++++++++++++++++++++++++
 scripts/run-patchmetrics | 36 ---------------------------
 3 files changed, 60 insertions(+), 36 deletions(-)
 create mode 100755 scripts/run-cvecheck

diff --git a/config.json b/config.json
index bebd999..f225148 100644
--- a/config.json
+++ b/config.json
@@ -1208,8 +1208,14 @@
                 "BB_SERVER_TIMEOUT = '0'"
             ],
             "step1" : {
+                "shortname" : "Generating patch metrics",
                 "EXTRACMDS" : 
["../../yocto-autobuilder-helper/scripts/run-patchmetrics ../ ../meta/ 
${HELPERRESULTSDIR}/../../patchmetrics ."]
+            },
+            "step2" : {
+                "shortname" : "Running CVE checks",
+                "EXTRACMDS" : 
["../../yocto-autobuilder-helper/scripts/run-cvecheck ../ ../meta/ 
${HELPERRESULTSDIR}/../../patchmetrics ."]
             }
+
         },
         "meta-mingw" : {
             "NEEDREPOS" : ["poky", "meta-mingw"],
diff --git a/scripts/run-cvecheck b/scripts/run-cvecheck
new file mode 100755
index 0000000..35c796b
--- /dev/null
+++ b/scripts/run-cvecheck
@@ -0,0 +1,54 @@
+#!/bin/bash
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+PARENTDIR=`realpath $1`
+TARGETDIR=`realpath $2`
+RESULTSDIR=`realpath -m $3`
+BUILDDIR=`realpath $4`
+OURDIR=`dirname $0`
+
+TIMESTAMP=`date +"%s"`
+
+#
+# CVE Checks
+#
+if [ ! -e $PARENTDIR/yocto-metrics ]; then
+    git clone ssh://g...@push.yoctoproject.org/yocto-metrics 
$PARENTDIR/yocto-metrics
+fi
+
+if [ ! -d $RESULTSDIR ]; then
+    mkdir $RESULTSDIR
+fi
+
+for branch in master mickledore langdale kirkstone dunfell; do
+    mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch/
+    git -C $PARENTDIR reset origin/$branch --hard
+    rm conf/local.conf
+    rm conf/bblayers.conf
+    rm -f conf/templateconf.cfg
+    rm tmp/ -rf
+    unset BB_ENV_PASSTHROUGH_ADDITIONS
+    unset BB_ENV_EXTRAWHITE
+    cd ..
+    . oe-init-build-env build
+    bitbake world --runall cve_check -R 
conf/distro/include/cve-extra-exclusions.inc
+    if [ -e tmp/log/cve/cve-summary.json ]; then
+        git -C $PARENTDIR/yocto-metrics rm cve-check/$branch/*.json
+        mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch
+        cp tmp/log/cve/cve-summary.json 
$PARENTDIR/yocto-metrics/cve-check/$branch/$TIMESTAMP.json
+        git -C $PARENTDIR/yocto-metrics add cve-check/$branch/$TIMESTAMP.json
+        git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder adding new 
CVE data for branch $branch"
+        git -C $PARENTDIR/yocto-metrics push
+        $OURDIR/cve-report.py tmp/log/cve/cve-summary.json > 
$RESULTSDIR/cve-status-$branch.txt
+    fi
+done
+
+mkdir -p $PARENTDIR/yocto-metrics/cve-check/
+$OURDIR/cve-generate-chartdata --json 
$PARENTDIR/yocto-metrics/cve-count-byday.json --resultsdir 
$PARENTDIR/yocto-metrics/cve-check/
+git -C $PARENTDIR/yocto-metrics add cve-count-byday.json
+git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder updating CVE counts"
+git -C $PARENTDIR/yocto-metrics push
+
+cp $PARENTDIR/yocto-metrics/cve-count-byday.json $RESULTSDIR
+cp $PARENTDIR/yocto-metrics/cve-count-byday-lastyear.json $RESULTSDIR
diff --git a/scripts/run-patchmetrics b/scripts/run-patchmetrics
index abe58c7..e45d463 100755
--- a/scripts/run-patchmetrics
+++ b/scripts/run-patchmetrics
@@ -27,39 +27,3 @@ fi
 $OURDIR/patchmetrics-generate-chartdata --json 
$PARENTDIR/yocto-metrics/patch-status.json --outputdir $RESULTSDIR
 cp $PARENTDIR/yocto-metrics/patch-status.json $RESULTSDIR
 cp $PARENTDIR/yocto-metrics/patch-status/* $RESULTSDIR
-
-#
-# CVE Checks
-#
-for branch in master mickledore langdale kirkstone dunfell; do
-    mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch/
-    git -C $PARENTDIR reset origin/$branch --hard
-    rm conf/local.conf
-    rm conf/bblayers.conf
-    rm -f conf/templateconf.cfg
-    rm tmp/ -rf
-    unset BB_ENV_PASSTHROUGH_ADDITIONS
-    unset BB_ENV_EXTRAWHITE
-    cd ..
-    . oe-init-build-env build
-    bitbake world --runall cve_check -R 
conf/distro/include/cve-extra-exclusions.inc
-    if [ -e tmp/log/cve/cve-summary.json ]; then
-        git -C $PARENTDIR/yocto-metrics rm cve-check/$branch/*.json
-        mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch
-        cp tmp/log/cve/cve-summary.json 
$PARENTDIR/yocto-metrics/cve-check/$branch/$TIMESTAMP.json
-        git -C $PARENTDIR/yocto-metrics add cve-check/$branch/$TIMESTAMP.json
-        git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder adding new 
CVE data for branch $branch"
-        git -C $PARENTDIR/yocto-metrics push
-        $OURDIR/cve-report.py tmp/log/cve/cve-summary.json > 
$RESULTSDIR/cve-status-$branch.txt
-    fi
-done
-
-mkdir -p $PARENTDIR/yocto-metrics/cve-check/
-$OURDIR/cve-generate-chartdata --json 
$PARENTDIR/yocto-metrics/cve-count-byday.json --resultsdir 
$PARENTDIR/yocto-metrics/cve-check/
-git -C $PARENTDIR/yocto-metrics add cve-count-byday.json
-git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder updating CVE counts"
-git -C $PARENTDIR/yocto-metrics push
-
-cp $PARENTDIR/yocto-metrics/cve-count-byday.json $RESULTSDIR
-cp $PARENTDIR/yocto-metrics/cve-count-byday-lastyear.json $RESULTSDIR
-
-- 
2.39.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#61455): https://lists.yoctoproject.org/g/yocto/message/61455
Mute This Topic: https://lists.yoctoproject.org/mt/102138009/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: 
https://lists.yoctoproject.org/g/yocto/leave/6691583/21656/737036229/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to