diff mbox series

cve-update: log timestamps and add force update for future time

Message ID 20250826185922.20154-1-peter.marko@siemens.com
State New
Headers show
Series cve-update: log timestamps and add force update for future time | expand

Commit Message

Peter Marko Aug. 26, 2025, 6:59 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

CVE update is currently not working properly on autobuilder.
This improves logging for problem analysis.

Future time is something which could be reason for current autobuilder
problems since the DB was not updated for more than 3 months by now.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb   |  7 ++++++-
 meta/recipes-core/meta/cve-update-nvd2-native.bb | 11 ++++++++---
 2 files changed, 14 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 0c7bc5f4151..713c73e574f 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -57,7 +57,12 @@  python do_fetch() {
             if not os.path.exists(db_file):
                 bb.error("CVE database %s not present, database fetch/update skipped" % db_file)
             return
-        if time.time() - os.path.getmtime(db_file) < update_interval:
+        curr_time = time.time()
+        database_time = os.path.getmtime(db_file)
+        bb.note("Current time: %s; DB time: %s" % (time.ctime(curr_time), time.ctime(database_time)))
+        if curr_time < database_time:
+            bb.warn("Database time is in the future, force DB update")
+        elif curr_time - database_time < update_interval:
             bb.note("CVE database recently updated, skipping")
             return
 
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
index f7a306c995c..1411d16e20a 100644
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -71,10 +71,15 @@  python do_fetch() {
             if not os.path.exists(db_file):
                 bb.error("CVE database %s not present, database fetch/update skipped" % db_file)
             return
-        if time.time() - os.path.getmtime(db_file) < update_interval:
-            bb.note("CVE database recently updated, skipping")
-            return
+        curr_time = time.time()
         database_time = os.path.getmtime(db_file)
+        bb.note("Current time: %s; DB time: %s" % (time.ctime(curr_time), time.ctime(database_time)))
+        if curr_time < database_time:
+            bb.warn("Database time is in the future, force DB update")
+            database_time = 0
+        elif curr_time - database_time < update_interval:
+            bb.note("CVE database recently updated, skipping")
+            return
 
     except OSError:
         pass