blob: 8cb2947c21670ca357f64d1e8079ba96996911d8 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
# If this makefile is not generic enough to support a translation,
# please contact debian-www.
WMLBASE=../..
CUR_DIR=security/oval
SUBS=
PYTHON=/usr/bin/python3
include $(WMLBASE)/Make.lang
XMLFILES=$(shell for release in wheezy jessie stretch buster bullseye bookworm; do echo oval-definitions-$$release.xml.bz2; done)
XMLDESTFILES=$(patsubst %,$(HTMLDIR)/%,$(XMLFILES))
all:: check_empty_files $(XMLFILES)
install:: $(XMLDESTFILES)
../data/dsa.data:
cd ../data && make dsa.data
# JSON file to download with security tracker information
# This is a phony target, it will download it only if the file does not
# exist or if it is less than 1 hour old.
#
# Note: This is defined this way to prevent a 'make' build in an empty
# location from downloading the 20MB+ file $(CUR_YEAR)-1997+1 times!
#
DebianSecTracker.json:
@if ! test -e "$@" || test `find "$@" -mmin +60` ; then \
if test -d /etc/ssl/ca-debian; then \
wget --progress=dot:mega https://security-tracker.debian.org/tracker/data/json --ca-directory=/etc/ssl/ca-debian -O $@ ;\
else \
wget --progress=dot:mega https://security-tracker.debian.org/tracker/data/json -O $@; \
fi \
fi
oval-definitions-%.xml: DebianSecTracker.json ../data/dsa.data
@[ -e $(PYTHON) ] || { echo "ERROR: Required python binary $(PYTHON) is not available, aborting generation" >&2; exit 1; }
$(IGNORE)$(PYTHON) generate.py -q -d ../data/dsa.data -j DebianSecTracker.json -r $(patsubst oval-definitions-%.xml,%,$@) >$@
# Warn if empty files are generated
# Note: They cannot be removed or the install target will fail later
@[ -s $@ ] || echo "WARNING: OVAL Definition $@ is empty, please review script and/or DSAs"
oval-definitions-%.xml.bz2: oval-definitions-%.xml
bzip2 -f $<
$(XMLDESTFILES): $(HTMLDIR)/%: %
@test -d $(HTMLDIR) || mkdir -m g+w -p $(HTMLDIR)
install -m 664 -p $< $(HTMLDIR)
# TODO 'clean' could also remove the python-compiled files generated
# by Python when running the script
clean::
-rm -f oval-definitions-*.xml* DebianSecTracker.json
cleandest::
-rm -f $(HTMLDIR)/oval-definitions-*.xml*
# Remove empty files to force regeneration
check_empty_files:
@for file in oval-definitions-*.xml*; do \
if [ -e "$$file" -a ! -s "$$file" ] ; then \
rm $$file ; \
fi \
done
force:
.PHONY : check_empty_files force DebianSecTracker.json
|
