build.sh: fix error when applying CVE layer

In our previous commit, we changed the CVE scan class from "vigiles" to
"digi_ccss" if we plan on building images with the CVE layer. However, we
make this change in conf/local.conf and then run "bitbake-layers add-layer" to
add said layer. Since the bbclass is exclusive to the CVE layer, bitbake isn't
able to recognize it and fails.

Add the CVE layer to the project before adding the Vigiles configuration
template to conf/local.conf.

Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>

sdk/build.sh

@@ -281,6 +281,8 @@ for platform in ${DY_PLATFORMS}; do
 			if [ "${DY_MFG_IMAGE}" = "true" ] && ! grep -qs "meta-digi-mfg" conf/bblayers.conf; then
 				sed -i -e "/meta-digi-dey/a\  ${YOCTO_INST_DIR}/sources/meta-digi-mfg \\\\" conf/bblayers.conf
 			fi
+			# Apply CVE layer if needed (do so before potentially inheriting "digi_ccss" to avoid errors)
+			[ "${DY_USE_CVE_LAYER}" = "true" ] && bitbake-layers add-layer ${YOCTO_INST_DIR}/sources/meta-digi-security
 			# If we want to generate a CVE report, update conf/local.conf
 			if [ "${DY_CVE_REPORT}" = "true" ]; then
 				# Build Vigiles config path using platform and patch status
@@ -292,8 +294,6 @@ for platform in ${DY_PLATFORMS}; do
 				[ ! -f "${VIGILES_CONF_PATH}" ] && error "Cannot find Vigiles config file ${VIGILES_CONF_PATH}"
 				printf "%s" "${VIGILES_CFG}" | sed -e "s,##VIGILES_CONF_PATH##,${VIGILES_CONF_PATH},g" -e "s,##VIGILES_BBCLASS##,${bbclass},g" >> conf/local.conf
 			fi
-			# Apply CVE layer if needed
-			[ "${DY_USE_CVE_LAYER}" = "true" ] && bitbake-layers add-layer ${YOCTO_INST_DIR}/sources/meta-digi-security
 			printf "\n[INFO] Show customized local.conf.\n"
 			cat conf/local.conf