Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

build.sh: change name of class used for CVE scan depending on layers used 

Our CVE layer now includes a new bbclass that extends the logic of the
"vigiles" bbclass. Use this new class if we are building images with the CVE
layer.

https://onedigi.atlassian.net/browse/DEL-8939

Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>
This commit is contained in:
Gabriel Valcazar 2024-03-11 14:51:58 +01:00
parent d013c4c0b1
commit 190e7a8df1
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sdk/build.sh
View File

@ -51,7 +51,7 @@ unset do_vigiles_check[noexec]
VIGILES_KEY_FILE = \"${DY_VIGILES_DIR}/linuxlink_key.json\" VIGILES_KEY_FILE = \"${DY_VIGILES_DIR}/linuxlink_key.json\"
VIGILES_DASHBOARD_CONFIG = \"##VIGILES_CONF_PATH##\" VIGILES_DASHBOARD_CONFIG = \"##VIGILES_CONF_PATH##\"
VIGILES_SUBFOLDER_NAME = \"${DY_REVISION}\" VIGILES_SUBFOLDER_NAME = \"${DY_REVISION}\"
INHERIT += \"vigiles\" INHERIT += \"##VIGILES_BBCLASS##\"
" "
ZIP_INSTALLER_CFG=" ZIP_INSTALLER_CFG="
@ -285,11 +285,12 @@ for platform in ${DY_PLATFORMS}; do
if [ "${DY_CVE_REPORT}" = "true" ]; then if [ "${DY_CVE_REPORT}" = "true" ]; then
# Build Vigiles config path using platform and patch status # Build Vigiles config path using platform and patch status
status="non-patched" status="non-patched"
[ "${DY_USE_CVE_LAYER}" = "true" ] && status="patched" bbclass="vigiles"
[ "${DY_USE_CVE_LAYER}" = "true" ] && { status="patched"; bbclass="digi_ccss"; }
VIGILES_CONF_PATH="${DY_VIGILES_DIR}/configs/${platform}_${status}_config" VIGILES_CONF_PATH="${DY_VIGILES_DIR}/configs/${platform}_${status}_config"
# Return error if config file doesn't exist # Return error if config file doesn't exist
[ ! -f "${VIGILES_CONF_PATH}" ] && error "Cannot find Vigiles config file ${VIGILES_CONF_PATH}" [ ! -f "${VIGILES_CONF_PATH}" ] && error "Cannot find Vigiles config file ${VIGILES_CONF_PATH}"
printf "%s" "${VIGILES_CFG}" | sed -e "s,##VIGILES_CONF_PATH##,${VIGILES_CONF_PATH},g" >> conf/local.conf printf "%s" "${VIGILES_CFG}" | sed -e "s,##VIGILES_CONF_PATH##,${VIGILES_CONF_PATH},g" -e "s,##VIGILES_BBCLASS##,${bbclass},g" >> conf/local.conf
fi fi
# Apply CVE layer if needed # Apply CVE layer if needed
[ "${DY_USE_CVE_LAYER}" = "true" ] && bitbake-layers add-layer ${YOCTO_INST_DIR}/sources/meta-digi-security [ "${DY_USE_CVE_LAYER}" = "true" ] && bitbake-layers add-layer ${YOCTO_INST_DIR}/sources/meta-digi-security