From 13dafe10bdcae0f848ba6de44ef8ebf0b8df8796 Mon Sep 17 00:00:00 2001
From: Gabriel Valcazar <gabriel.valcazar@digi.com>
Date: Mon, 27 Feb 2023 14:07:56 +0100
Subject: [PATCH] meta-digi-arm: disable Vigiles CVE report generation by
 default

For now, we're only interested in generating the SBOM, which we can upload and
have Vigiles scan later on if needed. The report generation process adds some
overhead and can cause unwanted errors if the Vigiles server takes too long.

Enable report generation for our automated builds.

Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
---
 meta-digi-arm/conf/layer.conf | 3 +++
 sdk/build.sh                  | 1 +
 2 files changed, 4 insertions(+)

diff --git a/meta-digi-arm/conf/layer.conf b/meta-digi-arm/conf/layer.conf
index ba0758c8d..9b363fb63 100644
--- a/meta-digi-arm/conf/layer.conf
+++ b/meta-digi-arm/conf/layer.conf
@@ -46,3 +46,6 @@ LICENSE_PATH += "${LAYERDIR}/custom-licenses"
 DIGI_MTK_GIT ?= "git://stash.digi.com"
 DIGI_PKG_SRC ?= "https://ftp1.digi.com/support/digiembeddedyocto/source"
 DIGI_GITHUB_GIT ?= "git://github.com/digi-embedded"
+
+# Disable CVE report generation by default
+do_vigiles_check[noexec] = "1"
diff --git a/sdk/build.sh b/sdk/build.sh
index 79d1d2b9d..b7e77d486 100755
--- a/sdk/build.sh
+++ b/sdk/build.sh
@@ -46,6 +46,7 @@ RM_WORK_EXCLUDE += \"dey-image-qt dey-image-webkit linux-dey qtbase u-boot-dey\"
 "
 
 VIGILES_CFG="
+unset do_vigiles_check[noexec]
 VIGILES_KEY_FILE = \"${DY_VIGILES_DIR}/linuxlink_key.json\"
 VIGILES_DASHBOARD_CONFIG = \"##VIGILES_CONF_PATH##\"
 VIGILES_SUBFOLDER_NAME = \"${DY_REVISION}\"