Build failed, no CVE check done

#!/bin/sh
#
# Combine CVE reports for rzn1 and soca9
#

set -e

#
# Did the build succeed? Check for logfiles:
#   axis-MACHINE: rzn1d, soca9
#   files: cve-rzn1-snarc.txt, cve-snarc-soca9.txt
#
if ! test \
-e $JENKINS_HOME/jobs/$JOB_NAME/configurations/axis-DISTRO/dip/axis-MACHINE/rzn1d/axis-label/docker-buster-amd64/builds/$BUILD_NUMBER/archive/cve-rzn1-snarc.txt -a \
-e $JENKINS_HOME/jobs/$JOB_NAME/configurations/axis-DISTRO/dip/axis-MACHINE/soca9/axis-label/docker-buster-amd64/builds/$BUILD_NUMBER/archive/cve-snarc-soca9.txt
then
	echo '<h1>Build failed, no CVE check done</h1>' > cve.html
	echo 'Build failed, no CVE check done' > cve.sum
	exit
fi

#
# Combine the reports using sort/uniq.
# Note the wildcard for MACHINE (rzn1/soca9).
#
ARCHIVE="$JENKINS_HOME/jobs/$JOB_NAME/configurations/axis-DISTRO/dip/axis-MACHINE/*/axis-label/docker-buster-amd64/builds/$BUILD_NUMBER/archive"
sort -uV $ARCHIVE/cve-*.txt      > cve.txt
sort -uV $ARCHIVE/base-cve-*.txt > base-cve.txt

#
# Detailed report in HTML format. Will be attached to email.
# Perl helper converts tab-delimited text to nested <ul> elements.
#
htmlify() {
	perl -F'\t' -lane '
		my ($type, $cve, $pkg, $url, @rest) = @F;
		sub list {
			return @_ ? join("", "<ul>\n", map("<li>$_</li>\n", @_), "</ul>") : ""
		};
		push @{$line{$type}}, ("<a href=\"$url\">$cve</a> $pkg" . list(@rest));
		END { foreach (reverse sort keys %line) {
			print "<b>$_ CVEs</b>", list(@{$line{$_}}) if @{$line{$_}}
		}}' $1
}
(
	echo "<h1>CVE changes</h1>"
	echo "<p>Submodule update strategy: <code>$SUBMODULES</code>.</p>"
	echo "<h2>Since last build</h2>"
	htmlify cve.txt
	echo "<h2>Since baseline</h2>"
	htmlify base-cve.txt
) > cve.html

#
# Summary report in plain text, gets embedded in the email.
# This just prints a count of each type of CVE.
#
summary() { #
	local NEW=`grep -c ^NEW $1`
	local CHANGED=`grep -c ^CHANGED $1`
	local FIXED=`grep -c ^FIXED $1`
	printf "%2d NEW, %2d CHANGED, %2d FIXED\n" $NEW $CHANGED $FIXED
}
(
	echo -n "  - since last build: "
	summary cve.txt
	echo -n "  - since baseline:   "
	summary base-cve.txt
	echo "  - submodule update strategy was $SUBMODULES"
	echo "  - see attached report for details"
) > cve.sum

# Clean up
rm -f cve.txt base-cve.txt