cve-check: clean cve-check recipe result before re-building

If there is cve report for a recipe in previous build and there is no result for current one, old cves are kept in CVE_CHECK_DIR. This happens on version upgrade or when cve/recipe is whitelisted. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
author: Peter Marko <peter.marko@siemens.com> 2017-06-07 08:04:30 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-06-12 15:04:08 +0100
commit: 85b4941c71a0e3c08a8c48d52a94dfe2897d2c92 (patch)
tree: b96197278ba96d0e120acb4c206769625cfe9dcf /meta/classes/cve-check.bbclass
parent: 06bea09755ebda9bcfa49bf87249f80cb019157e (diff)
download: openembedded-core-contrib-85b4941c71a0e3c08a8c48d52a94dfe2897d2c92.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 3a9e227288..09487f1174 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -83,6 +83,11 @@ python cve_check_write_rootfs_manifest () {
 
     import shutil
 
+    if d.getVar("CVE_CHECK_COPY_FILES") == "1":
+        deploy_file = os.path.join(d.getVar("CVE_CHECK_DIR"), d.getVar("PN"))
+        if os.path.exists(deploy_file):
+            bb.utils.remove(deploy_file)
+
     if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")):
         bb.note("Writing rootfs CVE manifest")
         deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
author	Peter Marko <peter.marko@siemens.com>	2017-06-07 08:04:30 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-06-12 15:04:08 +0100
commit	85b4941c71a0e3c08a8c48d52a94dfe2897d2c92 (patch)
tree	b96197278ba96d0e120acb4c206769625cfe9dcf /meta/classes/cve-check.bbclass
parent	06bea09755ebda9bcfa49bf87249f80cb019157e (diff)
download	openembedded-core-contrib-85b4941c71a0e3c08a8c48d52a94dfe2897d2c92.tar.gz