[OE-core] [PATCH v2 3/4] cve-check: clean cve-check recipe result before re-building
Peter Marko
peter.marko at siemens.com
Wed Jun 7 06:04:30 UTC 2017
If there is cve report for a recipe in previous build and there
is no result for current one, old cves are kept in CVE_CHECK_DIR.
This happens on version upgrade or when cve/recipe is whitelisted.
Signed-off-by: Peter Marko <peter.marko at siemens.com>
---
meta/classes/cve-check.bbclass | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 1f0b691..6f5b0f5 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -83,6 +83,11 @@ python cve_check_write_rootfs_manifest () {
import shutil
+ if d.getVar("CVE_CHECK_COPY_FILES") == "1":
+ deploy_file = os.path.join(d.getVar("CVE_CHECK_DIR"), d.getVar("PN"))
+ if os.path.exists(deploy_file):
+ bb.utils.remove(deploy_file)
+
if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")):
bb.note("Writing rootfs CVE manifest")
deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
--
2.1.4
More information about the Openembedded-core
mailing list