for var in ('PACKAGE_FEED_GPG_NAME', 'PACKAGE_FEED_GPG_PASSPHRASE_FILE'):
if not d.getVar(var, True):
raise_sanity_error("You need to define %s in the config" % var, d)
-
- # Set expected location of the public key
- d.setVar('PACKAGE_FEED_GPG_PUBKEY',
- os.path.join(d.getVar('STAGING_ETCDIR_NATIVE', False),
- 'PACKAGE-FEED-GPG-PUBKEY'))
}
-do_package_index[depends] += "signing-keys:do_export_public_keys"
-do_rootfs[depends] += "signing-keys:do_export_public_keys"
+do_package_index[depends] += "signing-keys:do_deploy"
+do_rootfs[depends] += "signing-keys:do_populate_sysroot"
raise_sanity_error("You need to define %s in the config" % var, d)
# Set the expected location of the public key
- d.setVar('RPM_GPG_PUBKEY', os.path.join(d.getVar('STAGING_ETCDIR_NATIVE', False),
- 'RPM-GPG-PUBKEY'))
+ d.setVar('RPM_GPG_PUBKEY', os.path.join(d.getVar('STAGING_DIR_TARGET', False),
+ d.getVar('sysconfdir', False),
+ 'pki',
+ 'rpm-gpg',
+ 'RPM-GPG-KEY-${DISTRO_VERSION}'))
}
python sign_rpm () {
d.getVar('RPM_GPG_PASSPHRASE_FILE', True))
}
-do_package_index[depends] += "signing-keys:do_export_public_keys"
-do_rootfs[depends] += "signing-keys:do_export_public_keys"
+do_package_index[depends] += "signing-keys:do_deploy"
+do_rootfs[depends] += "signing-keys:do_populate_sysroot"
signer.detach_sign(repomd,
self.d.getVar('PACKAGE_FEED_GPG_NAME', True),
self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True))
- # Copy pubkey(s) to repo
- distro_version = self.d.getVar('DISTRO_VERSION', True) or "oe.0"
- if self.d.getVar('RPM_SIGN_PACKAGES', True) == '1':
- shutil.copy2(self.d.getVar('RPM_GPG_PUBKEY', True),
- os.path.join(self.deploy_dir,
- 'RPM-GPG-KEY-%s' % distro_version))
- if self.d.getVar('PACKAGE_FEED_SIGN', True) == '1':
- shutil.copy2(self.d.getVar('PACKAGE_FEED_GPG_PUBKEY', True),
- os.path.join(self.deploy_dir,
- 'REPODATA-GPG-KEY-%s' % distro_version))
class OpkgIndexer(Indexer):
DESCRIPTION = "Make public keys of the signing keys available"
LICENSE = "MIT"
-PACKAGES = ""
-
-do_fetch[noexec] = "1"
-do_unpack[noexec] = "1"
-do_patch[noexec] = "1"
-do_configure[noexec] = "1"
-do_compile[noexec] = "1"
-do_install[noexec] = "1"
-do_package[noexec] = "1"
-do_packagedata[noexec] = "1"
-do_package_write_ipk[noexec] = "1"
-do_package_write_rpm[noexec] = "1"
-do_package_write_deb[noexec] = "1"
-do_populate_sysroot[noexec] = "1"
+LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
+ file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+
+inherit allarch deploy
EXCLUDE_FROM_WORLD = "1"
+INHIBIT_DEFAULT_DEPS = "1"
+
+PACKAGES =+ "${PN}-rpm ${PN}-packagefeed"
+FILES_${PN}-rpm = "${sysconfdir}/pki/rpm-gpg"
+FILES_${PN}-packagefeed = "${sysconfdir}/pki/packagefeed-gpg"
-python do_export_public_keys () {
+python do_get_public_keys () {
from oe.gpg_sign import get_signer
if d.getVar("RPM_SIGN_PACKAGES", True):
# Export public key of the rpm signing key
signer = get_signer(d, d.getVar('RPM_GPG_BACKEND', True))
- signer.export_pubkey(d.getVar('RPM_GPG_PUBKEY', True),
+ signer.export_pubkey(os.path.join(d.expand('${B}'), 'rpm-key'),
d.getVar('RPM_GPG_NAME', True))
if d.getVar('PACKAGE_FEED_SIGN', True) == '1':
# Export public key of the feed signing key
signer = get_signer(d, d.getVar('PACKAGE_FEED_GPG_BACKEND', True))
- signer.export_pubkey(d.getVar('PACKAGE_FEED_GPG_PUBKEY', True),
+ signer.export_pubkey(os.path.join(d.expand('${B}'), 'pf-key'),
d.getVar('PACKAGE_FEED_GPG_NAME', True))
}
-addtask do_export_public_keys before do_build
+do_get_public_keys[cleandirs] = "${B}"
+addtask get_public_keys before do_install
+
+do_install () {
+ if [ -f "${B}/rpm-key" ]; then
+ install -D -m 0644 "${B}/rpm-key" "${D}${sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-${DISTRO_VERSION}"
+ fi
+ if [ -f "${B}/pf-key" ]; then
+ install -D -m 0644 "${B}/pf-key" "${D}${sysconfdir}/pki/packagefeed-gpg/PACKAGEFEED-GPG-KEY-${DISTRO_VERSION}"
+ fi
+}
+
+sysroot_stage_all_append () {
+ sysroot_stage_dir ${D}${sysconfdir}/pki ${SYSROOT_DESTDIR}${sysconfdir}/pki
+}
+
+do_deploy () {
+ if [ -f "${B}/rpm-key" ]; then
+ install -D -m 0644 "${B}/rpm-key" "${DEPLOYDIR}/RPM-GPG-KEY-${DISTRO_VERSION}"
+ fi
+ if [ -f "${B}/pf-key" ]; then
+ install -D -m 0644 "${B}/pf-key" "${DEPLOYDIR}/PACKAGEFEED-GPG-KEY-${DISTRO_VERSION}"
+ fi
+}
+do_deploy[sstate-outputdirs] = "${DEPLOY_DIR_RPM}"
+# cleandirs should possibly be in deploy.bbclass but we need it
+do_deploy[cleandirs] = "${DEPLOYDIR}"
+# clear stamp-extra-info since MACHINE is normally put there by deploy.bbclass
+do_deploy[stamp-extra-info] = ""
+addtask deploy after do_get_public_keys
value = d.getVar(field, True)
if value:
f.write('{0}="{1}"\n'.format(field, value))
- if d.getVar('RPM_SIGN_PACKAGES', True) == '1':
- rpm_gpg_pubkey = d.getVar('RPM_GPG_PUBKEY', True)
- bb.utils.mkdirhier('${B}/rpm-gpg')
- distro_version = d.getVar('DISTRO_VERSION', True) or "oe.0"
- shutil.copy2(rpm_gpg_pubkey, d.expand('${B}/rpm-gpg/RPM-GPG-KEY-%s' % distro_version))
}
do_compile[vardeps] += "${OS_RELEASE_FIELDS}"
-do_compile[depends] += "signing-keys:do_export_public_keys"
do_install () {
install -d ${D}${sysconfdir}
install -m 0644 os-release ${D}${sysconfdir}/
-
- if [ -d "rpm-gpg" ]; then
- install -d "${D}${sysconfdir}/pki"
- cp -r "rpm-gpg" "${D}${sysconfdir}/pki/"
- fi
}
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
