mkosi-obs: support multiple mkosi.postoutput invocations

When multiple images are built mkosi.postoutput runs once
per image, so add access to output directory and ensure
the hashes.cpio.rsasign archive accumulates the hashes for
all images before proceeding to the next stage

diff --git a/mkosi/resources/mkosi-obs/mkosi.conf b/mkosi/resources/mkosi-obs/mkosi.conf
index 378383f216d588b65ea175c9b3a0f1703ba4d2f8..d44afb8aff4d1ee6d9d3f296d155230b028944c1 100644 (file)
--- a/mkosi/resources/mkosi-obs/mkosi.conf
+++ b/mkosi/resources/mkosi-obs/mkosi.conf
@@ -1,6 +1,7 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
 [Build]
 SandboxTrees=/usr/src/packages/SOURCES:/usr/src/packages/SOURCES
+BuildSources=/usr/src/packages/OTHER:/usr/src/packages/OTHER
 ToolsTree=
 History=no
 CacheDirectory=

diff --git a/mkosi/resources/mkosi-obs/mkosi.postoutput b/mkosi/resources/mkosi-obs/mkosi.postoutput
index 6ddf8a21bcedb91b426ca45420d8dac8e3912b45..1857c8273a331b5b1cc5855fca1f45fec213acb2 100755 (executable)
--- a/mkosi/resources/mkosi-obs/mkosi.postoutput
+++ b/mkosi/resources/mkosi-obs/mkosi.postoutput
@@ -29,6 +29,14 @@ rm -rf "$nss_db"
 mkdir -p "$nss_db" hashes
 certutil -N -d sql:"$nss_db" --empty-password
 
+# When a single build has multiple images, postoutput is called for each image,
+# so make sure the hashes.cpio from the previous stages gets its content preserved
+if [ -f /usr/src/packages/OTHER/hashes.cpio.rsasign ]; then
+    pushd hashes
+    cpio -idm </usr/src/packages/OTHER/hashes.cpio.rsasign
+    popd
+fi
+
 for f in "${UKIS[@]}"; do
     test -f "${OUTPUTDIR}/${f}" || continue
     if [ -f "${OUTPUTDIR}/${f%.efi}.pcrs" ]; then