summaryrefslogtreecommitdiffstats
path: root/yocto-poky/meta/recipes-core/meta/signing-keys.bb
diff options
context:
space:
mode:
Diffstat (limited to 'yocto-poky/meta/recipes-core/meta/signing-keys.bb')
-rw-r--r--yocto-poky/meta/recipes-core/meta/signing-keys.bb94
1 files changed, 63 insertions, 31 deletions
diff --git a/yocto-poky/meta/recipes-core/meta/signing-keys.bb b/yocto-poky/meta/recipes-core/meta/signing-keys.bb
index cc401f3b6..e843301b2 100644
--- a/yocto-poky/meta/recipes-core/meta/signing-keys.bb
+++ b/yocto-poky/meta/recipes-core/meta/signing-keys.bb
@@ -3,43 +3,75 @@
DESCRIPTION = "Make public keys of the signing keys available"
LICENSE = "MIT"
-PACKAGES = ""
-
-do_fetch[noexec] = "1"
-do_unpack[noexec] = "1"
-do_patch[noexec] = "1"
-do_configure[noexec] = "1"
-do_compile[noexec] = "1"
-do_install[noexec] = "1"
-do_package[noexec] = "1"
-do_packagedata[noexec] = "1"
-do_package_write_ipk[noexec] = "1"
-do_package_write_rpm[noexec] = "1"
-do_package_write_deb[noexec] = "1"
-do_populate_sysroot[noexec] = "1"
+LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
+ file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+
+inherit allarch deploy
EXCLUDE_FROM_WORLD = "1"
+INHIBIT_DEFAULT_DEPS = "1"
+
+PACKAGES =+ "${PN}-ipk ${PN}-rpm ${PN}-packagefeed"
+
+FILES_${PN}-rpm = "${sysconfdir}/pki/rpm-gpg"
+FILES_${PN}-ipk = "${sysconfdir}/pki/ipk-gpg"
+FILES_${PN}-packagefeed = "${sysconfdir}/pki/packagefeed-gpg"
+
+python do_get_public_keys () {
+ from oe.gpg_sign import get_signer
-def export_gpg_pubkey(d, keyid, path):
- import bb
- gpg_bin = d.getVar('GPG_BIN', True) or \
- bb.utils.which(os.getenv('PATH'), "gpg")
- cmd = '%s --batch --yes --export --armor -o %s %s' % \
- (gpg_bin, path, keyid)
- status, output = oe.utils.getstatusoutput(cmd)
- if status:
- raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' %
- (keyid, output))
-
-python do_export_public_keys () {
if d.getVar("RPM_SIGN_PACKAGES", True):
# Export public key of the rpm signing key
- export_gpg_pubkey(d, d.getVar("RPM_GPG_NAME", True),
- d.getVar('RPM_GPG_PUBKEY', True))
+ signer = get_signer(d, d.getVar('RPM_GPG_BACKEND', True))
+ signer.export_pubkey(os.path.join(d.expand('${B}'), 'rpm-key'),
+ d.getVar('RPM_GPG_NAME', True))
+
+ if d.getVar("IPK_SIGN_PACKAGES", True):
+ # Export public key of the ipk signing key
+ signer = get_signer(d, d.getVar('IPK_GPG_BACKEND', True))
+ signer.export_pubkey(os.path.join(d.expand('${B}'), 'ipk-key'),
+ d.getVar('IPK_GPG_NAME', True))
if d.getVar('PACKAGE_FEED_SIGN', True) == '1':
# Export public key of the feed signing key
- export_gpg_pubkey(d, d.getVar("PACKAGE_FEED_GPG_NAME", True),
- d.getVar('PACKAGE_FEED_GPG_PUBKEY', True))
+ signer = get_signer(d, d.getVar('PACKAGE_FEED_GPG_BACKEND', True))
+ signer.export_pubkey(os.path.join(d.expand('${B}'), 'pf-key'),
+ d.getVar('PACKAGE_FEED_GPG_NAME', True))
+}
+do_get_public_keys[cleandirs] = "${B}"
+addtask get_public_keys before do_install
+
+do_install () {
+ if [ -f "${B}/rpm-key" ]; then
+ install -D -m 0644 "${B}/rpm-key" "${D}${sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-${DISTRO_VERSION}"
+ fi
+ if [ -f "${B}/ipk-key" ]; then
+ install -D -m 0644 "${B}/ipk-key" "${D}${sysconfdir}/pki/ipk-gpg/IPK-GPG-KEY-${DISTRO_VERSION}"
+ fi
+ if [ -f "${B}/pf-key" ]; then
+ install -D -m 0644 "${B}/pf-key" "${D}${sysconfdir}/pki/packagefeed-gpg/PACKAGEFEED-GPG-KEY-${DISTRO_VERSION}"
+ fi
+}
+
+sysroot_stage_all_append () {
+ sysroot_stage_dir ${D}${sysconfdir}/pki ${SYSROOT_DESTDIR}${sysconfdir}/pki
+}
+
+do_deploy () {
+ if [ -f "${B}/rpm-key" ]; then
+ install -D -m 0644 "${B}/rpm-key" "${DEPLOYDIR}/RPM-GPG-KEY-${DISTRO_VERSION}"
+ fi
+ if [ -f "${B}/ipk-key" ]; then
+ install -D -m 0644 "${B}/ipk-key" "${DEPLOYDIR}/IPK-GPG-KEY-${DISTRO_VERSION}"
+ fi
+ if [ -f "${B}/pf-key" ]; then
+ install -D -m 0644 "${B}/pf-key" "${DEPLOYDIR}/PACKAGEFEED-GPG-KEY-${DISTRO_VERSION}"
+ fi
}
-addtask do_export_public_keys before do_build
+do_deploy[sstate-outputdirs] = "${DEPLOY_DIR_RPM}"
+# cleandirs should possibly be in deploy.bbclass but we need it
+do_deploy[cleandirs] = "${DEPLOYDIR}"
+# clear stamp-extra-info since MACHINE is normally put there by deploy.bbclass
+do_deploy[stamp-extra-info] = ""
+addtask deploy after do_get_public_keys
OpenPOWER on IntegriCloud