@@ -1208,8 +1208,14 @@
"BB_SERVER_TIMEOUT = '0'"
],
"step1" : {
+ "shortname" : "Generating patch metrics",
"EXTRACMDS" : ["../../yocto-autobuilder-helper/scripts/run-patchmetrics ../ ../meta/ ${HELPERRESULTSDIR}/../../patchmetrics ."]
+ },
+ "step2" : {
+ "shortname" : "Running CVE checks",
+ "EXTRACMDS" : ["../../yocto-autobuilder-helper/scripts/run-cvecheck ../ ../meta/ ${HELPERRESULTSDIR}/../../patchmetrics ."]
}
+
},
"meta-mingw" : {
"NEEDREPOS" : ["poky", "meta-mingw"],
new file mode 100755
@@ -0,0 +1,54 @@
+#!/bin/bash
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+PARENTDIR=`realpath $1`
+TARGETDIR=`realpath $2`
+RESULTSDIR=`realpath -m $3`
+BUILDDIR=`realpath $4`
+OURDIR=`dirname $0`
+
+TIMESTAMP=`date +"%s"`
+
+#
+# CVE Checks
+#
+if [ ! -e $PARENTDIR/yocto-metrics ]; then
+ git clone ssh://git@push.yoctoproject.org/yocto-metrics $PARENTDIR/yocto-metrics
+fi
+
+if [ ! -d $RESULTSDIR ]; then
+ mkdir $RESULTSDIR
+fi
+
+for branch in master mickledore langdale kirkstone dunfell; do
+ mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch/
+ git -C $PARENTDIR reset origin/$branch --hard
+ rm conf/local.conf
+ rm conf/bblayers.conf
+ rm -f conf/templateconf.cfg
+ rm tmp/ -rf
+ unset BB_ENV_PASSTHROUGH_ADDITIONS
+ unset BB_ENV_EXTRAWHITE
+ cd ..
+ . oe-init-build-env build
+ bitbake world --runall cve_check -R conf/distro/include/cve-extra-exclusions.inc
+ if [ -e tmp/log/cve/cve-summary.json ]; then
+ git -C $PARENTDIR/yocto-metrics rm cve-check/$branch/*.json
+ mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch
+ cp tmp/log/cve/cve-summary.json $PARENTDIR/yocto-metrics/cve-check/$branch/$TIMESTAMP.json
+ git -C $PARENTDIR/yocto-metrics add cve-check/$branch/$TIMESTAMP.json
+ git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder adding new CVE data for branch $branch"
+ git -C $PARENTDIR/yocto-metrics push
+ $OURDIR/cve-report.py tmp/log/cve/cve-summary.json > $RESULTSDIR/cve-status-$branch.txt
+ fi
+done
+
+mkdir -p $PARENTDIR/yocto-metrics/cve-check/
+$OURDIR/cve-generate-chartdata --json $PARENTDIR/yocto-metrics/cve-count-byday.json --resultsdir $PARENTDIR/yocto-metrics/cve-check/
+git -C $PARENTDIR/yocto-metrics add cve-count-byday.json
+git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder updating CVE counts"
+git -C $PARENTDIR/yocto-metrics push
+
+cp $PARENTDIR/yocto-metrics/cve-count-byday.json $RESULTSDIR
+cp $PARENTDIR/yocto-metrics/cve-count-byday-lastyear.json $RESULTSDIR
@@ -27,39 +27,3 @@ fi
$OURDIR/patchmetrics-generate-chartdata --json $PARENTDIR/yocto-metrics/patch-status.json --outputdir $RESULTSDIR
cp $PARENTDIR/yocto-metrics/patch-status.json $RESULTSDIR
cp $PARENTDIR/yocto-metrics/patch-status/* $RESULTSDIR
-
-#
-# CVE Checks
-#
-for branch in master mickledore langdale kirkstone dunfell; do
- mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch/
- git -C $PARENTDIR reset origin/$branch --hard
- rm conf/local.conf
- rm conf/bblayers.conf
- rm -f conf/templateconf.cfg
- rm tmp/ -rf
- unset BB_ENV_PASSTHROUGH_ADDITIONS
- unset BB_ENV_EXTRAWHITE
- cd ..
- . oe-init-build-env build
- bitbake world --runall cve_check -R conf/distro/include/cve-extra-exclusions.inc
- if [ -e tmp/log/cve/cve-summary.json ]; then
- git -C $PARENTDIR/yocto-metrics rm cve-check/$branch/*.json
- mkdir -p $PARENTDIR/yocto-metrics/cve-check/$branch
- cp tmp/log/cve/cve-summary.json $PARENTDIR/yocto-metrics/cve-check/$branch/$TIMESTAMP.json
- git -C $PARENTDIR/yocto-metrics add cve-check/$branch/$TIMESTAMP.json
- git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder adding new CVE data for branch $branch"
- git -C $PARENTDIR/yocto-metrics push
- $OURDIR/cve-report.py tmp/log/cve/cve-summary.json > $RESULTSDIR/cve-status-$branch.txt
- fi
-done
-
-mkdir -p $PARENTDIR/yocto-metrics/cve-check/
-$OURDIR/cve-generate-chartdata --json $PARENTDIR/yocto-metrics/cve-count-byday.json --resultsdir $PARENTDIR/yocto-metrics/cve-check/
-git -C $PARENTDIR/yocto-metrics add cve-count-byday.json
-git -C $PARENTDIR/yocto-metrics commit -asm "Autobuilder updating CVE counts"
-git -C $PARENTDIR/yocto-metrics push
-
-cp $PARENTDIR/yocto-metrics/cve-count-byday.json $RESULTSDIR
-cp $PARENTDIR/yocto-metrics/cve-count-byday-lastyear.json $RESULTSDIR
-
Split the CVE checks from the patch metrics script Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> --- config.json | 6 +++++ scripts/run-cvecheck | 54 ++++++++++++++++++++++++++++++++++++++++ scripts/run-patchmetrics | 36 --------------------------- 3 files changed, 60 insertions(+), 36 deletions(-) create mode 100755 scripts/run-cvecheck