os-release: add the public package-signing key

Adds the public package-signing key into this package. It will be
installed under /etc/pki/rpm-gpg if the RPM signing feature is used. The
key file is not currently directly used by anything in the target
system. It is merely there for possible later use.

[YOCTO #8134]

Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-core/os-release/os-release.bb b/meta/recipes-core/os-release/os-release.bb
index 10a4570492e32fc44d11ce2def66e7bc8a1e7402..cc431d2cdcd12eec36fa5a47fdb9515b65eafc95 100644 (file)
--- a/meta/recipes-core/os-release/os-release.bb
+++ b/meta/recipes-core/os-release/os-release.bb
@@ -24,15 +24,26 @@ BUILD_ID ?= "${DATETIME}"
 BUILD_ID[vardepsexclude] = "DATETIME"
 
 python do_compile () {
+    import shutil
     with open(d.expand('${B}/os-release'), 'w') as f:
         for field in d.getVar('OS_RELEASE_FIELDS', True).split():
             value = d.getVar(field, True)
             if value:
                 f.write('{0}={1}\n'.format(field, value))
+    if d.getVar('RPM_SIGN_PACKAGES', True) == '1':
+        rpm_gpg_pubkey = d.getVar('RPM_GPG_PUBKEY', True)
+        os.mkdir('${B}/rpm-gpg')
+        distro_version = self.d.getVar('DISTRO_VERSION', True) or "oe.0"
+        shutil.copy2(rpm_gpg_pubkey, d.expand('${B}/rpm-gpg/RPM-GPG-KEY-%s' % distro_version))
 }
 do_compile[vardeps] += "${OS_RELEASE_FIELDS}"
 
 do_install () {
     install -d ${D}${sysconfdir}
     install -m 0644 os-release ${D}${sysconfdir}/
+
+    if [ -d "rpm-gpg" ]; then
+        install -d "${D}${sysconfdir}/pki"
+        cp -r "rpm-gpg" "${D}${sysconfdir}/pki/"
+    fi
 }