diff options
| author | André Draszik <git@andred.net> | 2016-09-28 13:05:44 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-09-28 15:02:14 +0100 |
| commit | 1bf0137ac84e5d324fd84dadfa962fbc166b5d4b (patch) | |
| tree | 11157c068f4feb91c4fac4d38fa10b316f7d967c | |
| parent | cdaafc3729700778d95afc2413553d7b41c1317b (diff) | |
| download | openembedded-core-1bf0137ac84e5d324fd84dadfa962fbc166b5d4b.tar.gz openembedded-core-1bf0137ac84e5d324fd84dadfa962fbc166b5d4b.tar.bz2 openembedded-core-1bf0137ac84e5d324fd84dadfa962fbc166b5d4b.zip | |
cve-check-tool: convert do_populate_cve_db() from python to sh
This will allow us to easily incorporate progress support
via bb.process.run()
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb | 45 |
1 files changed, 19 insertions, 26 deletions
diff --git a/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb b/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb index 116555962c..5bb22d16db 100644 --- a/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb +++ b/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb @@ -22,35 +22,28 @@ inherit pkgconfig autotools EXTRA_OECONF = "--disable-coverage" CFLAGS_append = " -Wno-error=pedantic" -python do_populate_cve_db () { - import subprocess - import time - - if d.getVar("BB_NO_NETWORK", True) == "1": - bb.error("BB_NO_NETWORK is set; Can't update cve-check-tool database, " - "CVEs won't be checked") +do_populate_cve_db() { + if [ "${BB_NO_NETWORK}" = "1" ] ; then + bberror "BB_NO_NETWORK is set; Can't update cve-check-tool database, CVEs won't be checked" return + fi - bb.utils.export_proxies(d) # In case we don't inherit cve-check class, use default values defined in the class. - cve_dir = d.getVar("CVE_CHECK_DB_DIR", True) or d.expand("${DL_DIR}/CVE_CHECK") - cve_file = d.getVar("CVE_CHECK_TMP_FILE", True) or d.expand("${TMPDIR}/cve_check") - cve_cmd = "cve-check-update" - cmd = [cve_cmd, "-d", cve_dir] - bb.debug(1, "Updating cve-check-tool database located in %s" % cve_dir) - try: - output = subprocess.check_output(cmd, stderr=subprocess.STDOUT) - bb.debug(2, "Command '%s' returned:\n%s" % ("\n".join(cmd), output)) - time_utc = time.gmtime(time.time()) - time_format = "%Y-%m-%d %H:%M:%S" - with open(cve_file, "w") as f: - f.write("CVE database was updated on %s UTC\n\n" - % time.strftime(time_format, time_utc)) - - except subprocess.CalledProcessError as e: - bb.warn("Error in executing cve-check-update: %s (output %s)" % (e, e.output)) - if bb.data.inherits_class('cve-check', d): - bb.warn("Failed to update cve-check-tool database, CVEs won't be checked") + cve_dir="${CVE_CHECK_DB_DIR}" + cve_file="${CVE_CHECK_TMP_FILE}" + + [ -z "${cve_dir}" ] && cve_dir="${DL_DIR}/CVE_CHECK" + [ -z "${cve_file}" ] && cve_file="${TMPDIR}/cve_check" + + bbdebug 2 "Updating cve-check-tool database located in $cve_dir" + if cve-check-update -d "$cve_dir" ; then + printf "CVE database was updated on %s UTC\n\n" "$(LANG=C date --utc +'%F %T')" > "$cve_file" + else + bbwarn "Error in executing cve-check-update" + if [ "${@'1' if bb.data.inherits_class('cve-check', d) else '0'}" -ne 0 ] ; then + bbwarn "Failed to update cve-check-tool database, CVEs won't be checked" + fi + fi } addtask populate_cve_db after do_populate_sysroot |