vex: fix rootfs manifest

Message ID	20250505102756.2474521-1-peter.marko@siemens.com
State	New
Headers	show Return-Path: <peter.marko@siemens.com> ip: 185.136.64.227, mailfrom: fm-256628-20250505102856c4965406cb41b8ec20-dvmvad@rts-flowmailer.siemens.com) From: Peter Marko <peter.marko@siemens.com> To: openembedded-core@lists.openembedded.org Cc: rybczynska@gmail.com, Peter Marko <peter.marko@siemens.com> Subject: [PATCH] vex: fix rootfs manifest Date: Mon, 5 May 2025 12:27:56 +0200 Message-Id: <20250505102756.2474521-1-peter.marko@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Feedback-ID: 519:519-256628:519-21489:flowmailer
Series	vex: fix rootfs manifest \| expand vex: fix rootfs manifest

Message ID

20250505102756.2474521-1-peter.marko@siemens.com

State

New

Headers

From: Peter Marko <peter.marko@siemens.com>
To: openembedded-core@lists.openembedded.org
Cc: rybczynska@gmail.com,
	Peter Marko <peter.marko@siemens.com>
Subject: [PATCH] vex: fix rootfs manifest
Date: Mon,  5 May 2025 12:27:56 +0200
Message-Id: <20250505102756.2474521-1-peter.marko@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Feedback-ID: 519:519-256628:519-21489:flowmailer

Series

vex: fix rootfs manifest | expand

Commit Message

Marko, Peter May 5, 2025, 10:27 a.m. UTC

From: Peter Marko <peter.marko@siemens.com>

Rootfs VEX file is created by gathering files from CVE_CHECK_DIR
(deploy directory), however recipes generate the files only in
CVE_CHECK_DIR (log directory).
This make the rootfs VEX be always empty without any message.

The code is copied from cve_check class, which writes to both, so let
keep them aligned and make also vex write both files.

Also add a warning for case that a cve file would be still missing.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/classes/vex.bbclass | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/classes/vex.bbclass b/meta/classes/vex.bbclass
index 905d67b47d..402d8e0d96 100644
--- a/meta/classes/vex.bbclass
+++ b/meta/classes/vex.bbclass
@@ -196,6 +196,8 @@  python vex_write_rootfs_manifest () {
             with open(pkgfilepath) as j:
                 data = json.load(j)
                 cve_check_merge_jsons(json_data, data)
+        else:
+            bb.warn("Missing cve file for %s" % pkg)
 
     d.setVar("PN", save_pn)
 
@@ -290,9 +292,12 @@  def cve_write_data_json(d, cve_data, cve_status):
     cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR")
     index_path = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
     bb.utils.mkdirhier(cvelogpath)
+    bb.utils.mkdirhier(os.path.dirname(deploy_file))
     fragment_file = os.path.basename(deploy_file)
     fragment_path = os.path.join(cvelogpath, fragment_file)
     with open(fragment_path, "w") as f:
         f.write(write_string)
+    with open(deploy_file, "w") as f:
+        f.write(write_string)
     with open(index_path, "a+") as f:
         f.write("%s\n" % fragment_path)

vex: fix rootfs manifest

Commit Message

Patch