diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2016-08-17 14:31:25 -0500 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2016-08-22 16:43:26 +0000 |
commit | 60f9d69e016b11c468c98ea75ba0a60c44afbbc4 (patch) | |
tree | ecb49581a9e41a37943c22cd9ef3f63451b20ee7 /import-layers/yocto-poky/meta/recipes-core/meta/signing-keys.bb | |
parent | e18c61205e0234b03697129c20cc69c9b3940efc (diff) | |
download | blackbird-openbmc-60f9d69e016b11c468c98ea75ba0a60c44afbbc4.tar.gz blackbird-openbmc-60f9d69e016b11c468c98ea75ba0a60c44afbbc4.zip |
yocto-poky: Move to import-layers subdir
We are going to import additional layers, so create a subdir to
hold all of the layers that we import with git-subtree.
Change-Id: I6f732153a22be8ca663035c518837e3cc5ec0799
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-core/meta/signing-keys.bb')
-rw-r--r-- | import-layers/yocto-poky/meta/recipes-core/meta/signing-keys.bb | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-core/meta/signing-keys.bb b/import-layers/yocto-poky/meta/recipes-core/meta/signing-keys.bb new file mode 100644 index 000000000..e843301b2 --- /dev/null +++ b/import-layers/yocto-poky/meta/recipes-core/meta/signing-keys.bb @@ -0,0 +1,77 @@ +# Copyright (C) 2015 Intel Corporation +# Released under the MIT license (see COPYING.MIT for the terms) + +DESCRIPTION = "Make public keys of the signing keys available" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + + +inherit allarch deploy + +EXCLUDE_FROM_WORLD = "1" +INHIBIT_DEFAULT_DEPS = "1" + +PACKAGES =+ "${PN}-ipk ${PN}-rpm ${PN}-packagefeed" + +FILES_${PN}-rpm = "${sysconfdir}/pki/rpm-gpg" +FILES_${PN}-ipk = "${sysconfdir}/pki/ipk-gpg" +FILES_${PN}-packagefeed = "${sysconfdir}/pki/packagefeed-gpg" + +python do_get_public_keys () { + from oe.gpg_sign import get_signer + + if d.getVar("RPM_SIGN_PACKAGES", True): + # Export public key of the rpm signing key + signer = get_signer(d, d.getVar('RPM_GPG_BACKEND', True)) + signer.export_pubkey(os.path.join(d.expand('${B}'), 'rpm-key'), + d.getVar('RPM_GPG_NAME', True)) + + if d.getVar("IPK_SIGN_PACKAGES", True): + # Export public key of the ipk signing key + signer = get_signer(d, d.getVar('IPK_GPG_BACKEND', True)) + signer.export_pubkey(os.path.join(d.expand('${B}'), 'ipk-key'), + d.getVar('IPK_GPG_NAME', True)) + + if d.getVar('PACKAGE_FEED_SIGN', True) == '1': + # Export public key of the feed signing key + signer = get_signer(d, d.getVar('PACKAGE_FEED_GPG_BACKEND', True)) + signer.export_pubkey(os.path.join(d.expand('${B}'), 'pf-key'), + d.getVar('PACKAGE_FEED_GPG_NAME', True)) +} +do_get_public_keys[cleandirs] = "${B}" +addtask get_public_keys before do_install + +do_install () { + if [ -f "${B}/rpm-key" ]; then + install -D -m 0644 "${B}/rpm-key" "${D}${sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-${DISTRO_VERSION}" + fi + if [ -f "${B}/ipk-key" ]; then + install -D -m 0644 "${B}/ipk-key" "${D}${sysconfdir}/pki/ipk-gpg/IPK-GPG-KEY-${DISTRO_VERSION}" + fi + if [ -f "${B}/pf-key" ]; then + install -D -m 0644 "${B}/pf-key" "${D}${sysconfdir}/pki/packagefeed-gpg/PACKAGEFEED-GPG-KEY-${DISTRO_VERSION}" + fi +} + +sysroot_stage_all_append () { + sysroot_stage_dir ${D}${sysconfdir}/pki ${SYSROOT_DESTDIR}${sysconfdir}/pki +} + +do_deploy () { + if [ -f "${B}/rpm-key" ]; then + install -D -m 0644 "${B}/rpm-key" "${DEPLOYDIR}/RPM-GPG-KEY-${DISTRO_VERSION}" + fi + if [ -f "${B}/ipk-key" ]; then + install -D -m 0644 "${B}/ipk-key" "${DEPLOYDIR}/IPK-GPG-KEY-${DISTRO_VERSION}" + fi + if [ -f "${B}/pf-key" ]; then + install -D -m 0644 "${B}/pf-key" "${DEPLOYDIR}/PACKAGEFEED-GPG-KEY-${DISTRO_VERSION}" + fi +} +do_deploy[sstate-outputdirs] = "${DEPLOY_DIR_RPM}" +# cleandirs should possibly be in deploy.bbclass but we need it +do_deploy[cleandirs] = "${DEPLOYDIR}" +# clear stamp-extra-info since MACHINE is normally put there by deploy.bbclass +do_deploy[stamp-extra-info] = "" +addtask deploy after do_get_public_keys |