diff mbox series

[1/4] CI: remove cve.yml and NVDCVE_API_KEY

Message ID 20260617124333.437665-1-ross.burton@arm.com
State New
Headers show
Series [1/4] CI: remove cve.yml and NVDCVE_API_KEY | expand

Commit Message

Ross Burton June 17, 2026, 12:43 p.m. UTC 
This yml fragment wasn't actually used by our CI, and the cve-check class
no longer exists.

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 .gitlab-ci.yml |  2 --
 ci/cve.yml     | 20 --------------------
 2 files changed, 22 deletions(-)
 delete mode 100644 ci/cve.yml
diff mbox series

Patch

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c5bb96c997..577935366e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -15,8 +15,6 @@  variables:
   MIRROR_GHCR: ghcr.io
   # The list of extra Kas fragments to be used when building
   EXTRA_KAS_FILES: ""
-  # The NVD API key to use when fetching CVEs
-  NVDCVE_API_KEY: ""
 
 stages:
   - prep
diff --git a/ci/cve.yml b/ci/cve.yml
deleted file mode 100644
index 5ac2e41241..0000000000
--- a/ci/cve.yml
+++ /dev/null
@@ -1,20 +0,0 @@ 
-# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
-
-header:
-  version: 14
-
-local_conf_header:
-  cve: |
-    INHERIT += "cve-check"
-
-    # Allow the runner environment to provide an API key
-    NVDCVE_API_KEY = "${@d.getVar('BB_ORIGENV').getVar('NVDCVE_API_KEY') or ''}"
-
-    # Just show the warnings for our layers
-    CVE_CHECK_SHOW_WARNINGS = "0"
-    CVE_CHECK_SHOW_WARNINGS:layer-arm-toolchain = "1"
-    CVE_CHECK_SHOW_WARNINGS:layer-meta-arm = "1"
-    CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-bsp = "1"
-
-    # Ignore the kernel, we sometime carry kernels in meta-arm
-    CVE_CHECK_SHOW_WARNINGS:pn-linux-yocto = "0"