From: Leonardo Sandoval Date: Thu, 17 Aug 2017 17:12:27 +0000 (-0700) Subject: sign_rpm: Allow pkg signing by chunks through RPM_GPG_SIGN_CHUNK X-Git-Tag: lucaceresoli/bug-15201-perf-libtraceevent-missing~20341 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f7f78e73f1cd15f4233a231364b14438af758628;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git sign_rpm: Allow pkg signing by chunks through RPM_GPG_SIGN_CHUNK Commit d58b1d196 moved from chunk to serial signing, but neither of both approaches allowed the user to select the chunks size. This patch allows the user to select a chunk size through RPM_GPG_SIGN_CHUNK defaulting to BB_NUMBER_THREADS, considered a good default. Indirectly, this change reduces the number of processes spawn to number-of-packages/RPM_GPG_SIGN_CHUNK. Signed-off-by: Leonardo Sandoval Signed-off-by: Richard Purdie --- diff --git a/meta/classes/sign_rpm.bbclass b/meta/classes/sign_rpm.bbclass index c49406c74d2..6796780ee49 100644 --- a/meta/classes/sign_rpm.bbclass +++ b/meta/classes/sign_rpm.bbclass @@ -19,9 +19,12 @@ # GPG_BIN # Optional variable for specifying the gpg binary/wrapper to use for # signing. +# RPM_GPG_SIGN_CHUNK +# Optional variable indicating the number of packages used per gpg +# invocation # GPG_PATH # Optional variable for specifying the gnupg "home" directory: -# + inherit sanity RPM_SIGN_PACKAGES='1' @@ -29,6 +32,7 @@ RPM_SIGN_FILES ?= '0' RPM_GPG_BACKEND ?= 'local' # SHA-256 is used by default RPM_FILE_CHECKSUM_DIGEST ?= '8' +RPM_GPG_SIGN_CHUNK ?= "${BB_NUMBER_THREADS}" python () { @@ -56,6 +60,7 @@ python sign_rpm () { d.getVar('RPM_GPG_NAME'), d.getVar('RPM_GPG_PASSPHRASE'), d.getVar('RPM_FILE_CHECKSUM_DIGEST'), + int(d.getVar('RPM_GPG_SIGN_CHUNK')), d.getVar('RPM_FSK_PATH'), d.getVar('RPM_FSK_PASSWORD')) } diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py index 5c7985a8567..008478dfeb8 100644 --- a/meta/lib/oe/gpg_sign.py +++ b/meta/lib/oe/gpg_sign.py @@ -27,7 +27,7 @@ class LocalSigner(object): raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' % (keyid, output)) - def sign_rpms(self, files, keyid, passphrase, digest, fsk=None, fsk_password=None): + def sign_rpms(self, files, keyid, passphrase, digest, sign_chunk, fsk=None, fsk_password=None): """Sign RPM files""" cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid @@ -45,9 +45,9 @@ class LocalSigner(object): if fsk_password: cmd += "--define '_file_signing_key_password %s' " % fsk_password - # Sign packages - for f in files: - status, output = oe.utils.getstatusoutput(cmd + ' ' + f) + # Sign in chunks + for i in range(0, len(files), sign_chunk): + status, output = oe.utils.getstatusoutput(cmd + ' '.join(files[i:i+sign_chunk])) if status: raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)