From 97c6c1870873ae9c79d514c0ce2658f2899bcc04 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Fri, 3 Nov 2023 12:45:19 +0000
Subject: [PATCH] scripts/run-cvecheck: pull before updating metrics

Do another git-pull in the metrics repository before updating the
metrics, in case other metrics jobs running in parallel have updated the
repositories since they were cloned.  There will always be possibility
of racing metrics jobs, but this should reduce the chance of it
happening.

An alternative would be to commit and then rebase before pushing, but I
fear that a git-merge could produce invalid JSON and we'd have to
manually fix up the repository.  In my opinion, a wasted metrics run is
preferable to potentially corrupted repositories.

[RP: Moved to after the bitbke invocation]

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 scripts/run-cvecheck | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/scripts/run-cvecheck b/scripts/run-cvecheck
index 711bec2..373f57c 100755
--- a/scripts/run-cvecheck
+++ b/scripts/run-cvecheck
@@ -77,6 +77,12 @@ set +u
 set -u
 bitbake world --runall cve_check -R conf/distro/include/cve-extra-exclusions.inc
 
+# Do another pull to make sure we're as up to date as possible.  This is
+# preferable to committing and rebasing before pushing as it would be better to
+# waste some time repeating work than commit potentially corrupted files from a
+# git merge gone wrong.
+git -C $METRICSDIR pull
+
 if [ -e tmp/log/cve/cve-summary.json ]; then
     git -C $METRICSDIR rm --ignore-unmatch cve-check/$BRANCH/*.json
     mkdir -p $METRICSDIR/cve-check/$BRANCH/