Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a build step to clone and build the rdk_logger dependency before building the main common_utilities component. The rdk_logger library provides logging functionality (rdk_debug.h, RDK_LOG macros) that is used by the codebase when the RDK_LOGGER flag is defined.
Changes:
- Added dependency build step for rdk_logger in cov_build.sh before building common utilities
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| mkdir -p $INSTALL_DIR | ||
|
|
||
| cd ${ROOT} | ||
| git clone https://github.com/rdkcentral/rdk_logger.git |
There was a problem hiding this comment.
The git clone command will fail if the 'rdk_logger' directory already exists from a previous build. This makes the script non-idempotent and will cause build failures in environments where the script runs multiple times. Consider adding a check to handle existing directories, or use 'git clone' with error handling that allows the script to continue if the directory exists. Alternatively, remove the directory before cloning or use '--depth 1' with a conditional check.
| git clone https://github.com/rdkcentral/rdk_logger.git | |
| if [ -d rdk_logger ]; then | |
| echo "Directory 'rdk_logger' already exists, reusing existing checkout." | |
| else | |
| git clone https://github.com/rdkcentral/rdk_logger.git || { echo "Failed to clone rdk_logger repository"; exit 1; } | |
| fi |
| cd rdk_logger | ||
| sh cov_build.sh |
There was a problem hiding this comment.
The script changes directory and executes a command without checking if the operations succeed. If 'cd rdk_logger' fails (e.g., due to git clone failure), the subsequent 'sh cov_build.sh' will execute in the wrong directory (/usr instead of /usr/rdk_logger), potentially causing unexpected behavior. Consider adding error checking after directory changes or using 'set -e' at the beginning of the script to exit on any command failure.
| mkdir -p $INSTALL_DIR | ||
|
|
||
| cd ${ROOT} | ||
| git clone https://github.com/rdkcentral/rdk_logger.git |
There was a problem hiding this comment.
Cloning a full repository during the build process can be slow and consume unnecessary bandwidth and disk space. Consider using 'git clone --depth 1' to create a shallow clone that only fetches the latest commit, which will significantly speed up the build process and reduce resource usage.
| git clone https://github.com/rdkcentral/rdk_logger.git | |
| git clone --depth 1 https://github.com/rdkcentral/rdk_logger.git |
| git clone https://github.com/rdkcentral/rdk_logger.git | ||
| cd rdk_logger | ||
| sh cov_build.sh |
There was a problem hiding this comment.
This build step clones and executes code directly from https://github.com/rdkcentral/rdk_logger.git via git clone and sh cov_build.sh without pinning to an immutable commit, creating a supply-chain risk where compromised upstream code can execute with full build privileges. An attacker who gains control over the rdk_logger repository (or the path it’s fetched from) could exfiltrate secrets from the build environment or tamper with produced artifacts. To mitigate this, fetch only vetted code pinned to a specific commit or release (or vendor it locally) and avoid executing arbitrary remote scripts directly in the build pipeline.
1 participant
No description provided.