buildsystem iop:add support to generate CVE reports to iop

2026-01-28 01:47:19 +01:00 · 2019-10-14 16:59:28 +02:00 · 2019-10-14 16:59:28 +02:00 · df03c86b1d
commit df03c86b1d
parent 72aba70aaf
1 changed files with 36 additions and 0 deletions
--- a/iop/scripts/cve-check.sh
+++ b/iop/scripts/cve-check.sh
@ -0,0 +1,36 @@
+#!/bin/sh
+function cvecheck {
+    CVEDIR="/tmp/cve-indicator/"
+    CVEBIN="${CVEDIR}/bin"
+    REPORTS="reports"
+    mkdir -p $REPORTS
+
+    dpkg -s python3 python3-requests python3-yaml python3-mako python3-six &> /dev/null
+    if [ $? -ne 0 ]
+        then
+            echo "Missing dependencies"
+            sudo apt-get update
+            sudo apt-get install python3 python3-requests python3-yaml python3-mako python3-six
+
+        else
+            echo    "Dependecy check passed"
+    fi
+
+
+if [ -d "$CVEDIR" ]; then
+  ### Take action if $DIR exists ###
+  echo "${CVEDIR} exists running cvecheck"
+else
+  ###  Control will jump here if $DIR does NOT exists ###
+  echo "Error: cvecheck not found. getting from iopsys repo"
+  git clone git@dev.iopsys.eu:iopsys/cve-indicator.git /tmp/cve-indicator
+fi
+  CVEGENLIST=`${CVEBIN}/cve-indicator gen-list openwrt bin`
+  CVEGETCVES=`${CVEBIN}/cve-indicator get-cves $CVEGENLIST --api_url http://cve.circl.lu/api/cvefor/`
+  CVEGETRPRT=`${CVEBIN}/cve-indicator gen-rprt $CVEGETCVES`
+exit 0
+
+}
+
+
+register_command "cvecheck" "Generate a CVE report on latest build"