From: Aleksandar Nikolic <aleksandar.nikolic010@gmail.com>
Date: Sun, 9 Jun 2024 19:56:54 +0000 (+0200)
Subject: cve-check: Introduce CVE_CHECK_MANIFEST_JSON_SUFFIX
X-Git-Tag: uninative-4.6~253
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d99eee76923659c0b95bf9ef415ae5d44f736d01;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git

cve-check: Introduce CVE_CHECK_MANIFEST_JSON_SUFFIX

The variable contains the suffix of the CVE JSON manifest file.
By default, this variable is set to 'json', so the current behavior
is not changed, but enables developers to use some other suffix,
e.g., cve.json (similar to spdx.json).

Signed-off-by: Aleksandar Nikolic <an010@live.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 56ba8bceefc..93a2a1413da 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -49,7 +49,8 @@ CVE_CHECK_DIR ??= "${DEPLOY_DIR}/cve"
 CVE_CHECK_RECIPE_FILE ?= "${CVE_CHECK_DIR}/${PN}"
 CVE_CHECK_RECIPE_FILE_JSON ?= "${CVE_CHECK_DIR}/${PN}_cve.json"
 CVE_CHECK_MANIFEST ?= "${IMGDEPLOYDIR}/${IMAGE_NAME}.cve"
-CVE_CHECK_MANIFEST_JSON ?= "${IMGDEPLOYDIR}/${IMAGE_NAME}.json"
+CVE_CHECK_MANIFEST_JSON_SUFFIX ?= "json"
+CVE_CHECK_MANIFEST_JSON ?= "${IMGDEPLOYDIR}/${IMAGE_NAME}.${CVE_CHECK_MANIFEST_JSON_SUFFIX}"
 CVE_CHECK_COPY_FILES ??= "1"
 CVE_CHECK_CREATE_MANIFEST ??= "1"
 
@@ -278,7 +279,8 @@ python cve_check_write_rootfs_manifest () {
         bb.plain("Image CVE report stored in: %s" % manifest_name)
 
     if enable_json:
-        link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+        manifest_name_suffix = d.getVar("CVE_CHECK_MANIFEST_JSON_SUFFIX")
+        link_path = os.path.join(deploy_dir, "%s.%s" % (link_name, manifest_name_suffix))
         manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
 
         with open(manifest_name, "w") as f: