@@ -43,28 +43,24 @@ SBOM_CVE_CHECK_EXPORT_SUMMARY[doc] = "Export configuration to generate a human-r
SBOM_CVE_CHECK_EXPORT_SUMMARY[type] ?= "summary"
SBOM_CVE_CHECK_EXPORT_SUMMARY[ext] ?= ".cve.txt"
-python do_sbom_cve_check() {
- """
- Task: Run sbom-cve-check analysis on SBOM.
- """
+
+def run_sbom_cve_check(d, recipe_name, link_name=None):
import os
import bb
- from oe.cve_check import update_symlinks
if not bb.data.inherits_class("create-spdx-3.0", d):
- bb.fatal("Cannot execute sbom-cve-check missing create-spdx-3.0 inherit.")
+ bb.fatal("Cannot execute sbom-cve-check: missing create-spdx-3.0 inherit.")
- sbom_path = d.expand("${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.spdx.json")
+ image_deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
+ sbom_path = d.expand(f"{image_deploy_dir}/{recipe_name}.spdx.json")
dl_db_dir = d.getVar("SBOM_CVE_CHECK_DEPLOY_DB_DIR")
- deploy_dir = d.getVar("SBOM_CVE_CHECK_DEPLOYDIR")
- img_link_name = d.getVar("IMAGE_LINK_NAME")
- img_name = d.getVar("IMAGE_NAME")
+ out_deploy_dir = d.getVar("SBOM_CVE_CHECK_DEPLOYDIR")
export_files = []
for export_var in d.getVar("SBOM_CVE_CHECK_EXPORT_VARS").split():
export_ext = d.getVarFlag(export_var, "ext")
- export_path = f"{deploy_dir}/{img_name}{export_ext}"
- export_link = f"{deploy_dir}/{img_link_name}{export_ext}"
+ export_path = f"{out_deploy_dir}/{recipe_name}{export_ext}"
+ export_link = f"{out_deploy_dir}/{link_name}{export_ext}" if link_name else None
export_type = d.getVarFlag(export_var, "type")
export_files.append((export_type, export_path, export_link))
@@ -96,6 +92,15 @@ python do_sbom_cve_check() {
bb.note(f"sbom-cve-check exported: {export_file}")
if export_link:
update_symlinks(export_file, export_link)
+
+
+python do_sbom_cve_check() {
+ """
+ Task: Run sbom-cve-check analysis on SBOM.
+ """
+ image_name = d.getVar("IMAGE_NAME")
+ link_name = d.getVar("IMAGE_LINK_NAME")
+ run_sbom_cve_check(d, image_name, link_name, sbom_path)
}
addtask do_sbom_cve_check after do_create_image_sbom_spdx before do_build
Extract the bulk of the logic to a separate function, so the task just has to pass a few variables. Signed-off-by: Ross Burton <ross.burton@arm.com> --- meta/classes-recipe/sbom-cve-check.bbclass | 29 +++++++++++++--------- 1 file changed, 17 insertions(+), 12 deletions(-)