Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 1 | # Copyright (C) 2015 Intel Corporation |
| 2 | # Released under the MIT license (see COPYING.MIT for the terms) |
| 3 | |
Patrick Williams | c0f7c04 | 2017-02-23 20:41:17 -0600 | [diff] [blame] | 4 | SUMMARY = "Makes public keys of the signing keys available" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 5 | LICENSE = "MIT" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 6 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 7 | |
| 8 | inherit allarch deploy |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 9 | |
| 10 | EXCLUDE_FROM_WORLD = "1" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 11 | INHIBIT_DEFAULT_DEPS = "1" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 12 | |
Patrick Williams | c0f7c04 | 2017-02-23 20:41:17 -0600 | [diff] [blame] | 13 | SYSROOT_DIRS += "${sysconfdir}/pki" |
| 14 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 15 | PACKAGES =+ "${PN}-ipk ${PN}-rpm ${PN}-packagefeed" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 16 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 17 | FILES:${PN}-rpm = "${sysconfdir}/pki/rpm-gpg" |
| 18 | FILES:${PN}-ipk = "${sysconfdir}/pki/ipk-gpg" |
| 19 | FILES:${PN}-packagefeed = "${sysconfdir}/pki/packagefeed-gpg" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 20 | |
Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame] | 21 | RDEPENDS:${PN}-dev = "" |
| 22 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 23 | python do_get_public_keys () { |
| 24 | from oe.gpg_sign import get_signer |
| 25 | |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 26 | if d.getVar("RPM_SIGN_PACKAGES"): |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 27 | # Export public key of the rpm signing key |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 28 | signer = get_signer(d, d.getVar('RPM_GPG_BACKEND')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 29 | signer.export_pubkey(os.path.join(d.expand('${B}'), 'rpm-key'), |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 30 | d.getVar('RPM_GPG_NAME')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 31 | |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 32 | if d.getVar("IPK_SIGN_PACKAGES"): |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 33 | # Export public key of the ipk signing key |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 34 | signer = get_signer(d, d.getVar('IPK_GPG_BACKEND')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 35 | signer.export_pubkey(os.path.join(d.expand('${B}'), 'ipk-key'), |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 36 | d.getVar('IPK_GPG_NAME')) |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 37 | |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 38 | if d.getVar('PACKAGE_FEED_SIGN') == '1': |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 39 | # Export public key of the feed signing key |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 40 | signer = get_signer(d, d.getVar('PACKAGE_FEED_GPG_BACKEND')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 41 | signer.export_pubkey(os.path.join(d.expand('${B}'), 'pf-key'), |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 42 | d.getVar('PACKAGE_FEED_GPG_NAME')) |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 43 | } |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 44 | do_get_public_keys[cleandirs] = "${B}" |
| 45 | addtask get_public_keys before do_install |
Brad Bishop | 316dfdd | 2018-06-25 12:45:53 -0400 | [diff] [blame] | 46 | do_get_public_keys[depends] += "gnupg-native:do_populate_sysroot" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 47 | |
| 48 | do_install () { |
| 49 | if [ -f "${B}/rpm-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 50 | install -D -m 0644 "${B}/rpm-key" "${D}${sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 51 | fi |
| 52 | if [ -f "${B}/ipk-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 53 | install -D -m 0644 "${B}/ipk-key" "${D}${sysconfdir}/pki/ipk-gpg/IPK-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 54 | fi |
| 55 | if [ -f "${B}/pf-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 56 | install -D -m 0644 "${B}/pf-key" "${D}${sysconfdir}/pki/packagefeed-gpg/PACKAGEFEED-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 57 | fi |
| 58 | } |
| 59 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 60 | do_deploy () { |
| 61 | if [ -f "${B}/rpm-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 62 | install -D -m 0644 "${B}/rpm-key" "${DEPLOYDIR}/RPM-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 63 | fi |
| 64 | if [ -f "${B}/ipk-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 65 | install -D -m 0644 "${B}/ipk-key" "${DEPLOYDIR}/IPK-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 66 | fi |
| 67 | if [ -f "${B}/pf-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 68 | install -D -m 0644 "${B}/pf-key" "${DEPLOYDIR}/PACKAGEFEED-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 69 | fi |
| 70 | } |
| 71 | do_deploy[sstate-outputdirs] = "${DEPLOY_DIR_RPM}" |
Brad Bishop | 316dfdd | 2018-06-25 12:45:53 -0400 | [diff] [blame] | 72 | # clear stamp-extra-info since MACHINE_ARCH is normally put there by |
| 73 | # deploy.bbclass |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 74 | do_deploy[stamp-extra-info] = "" |
| 75 | addtask deploy after do_get_public_keys |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 76 | |
| 77 | # Delete unnecessary tasks. In particular, "do_unpack" _must_ be deleted because |
| 78 | # it cleans ${B} and will wipe any keys exported by do_get_public_keys. |
| 79 | deltask do_fetch |
| 80 | deltask do_unpack |
| 81 | deltask do_patch |
| 82 | deltask do_configure |
| 83 | deltask do_compile |