Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 1 | # Copyright (C) 2015 Intel Corporation |
| 2 | # Released under the MIT license (see COPYING.MIT for the terms) |
| 3 | |
Patrick Williams | c0f7c04 | 2017-02-23 20:41:17 -0600 | [diff] [blame] | 4 | SUMMARY = "Makes public keys of the signing keys available" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 5 | LICENSE = "MIT" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 6 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 7 | |
| 8 | inherit allarch deploy |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 9 | |
| 10 | EXCLUDE_FROM_WORLD = "1" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 11 | INHIBIT_DEFAULT_DEPS = "1" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 12 | |
Patrick Williams | c0f7c04 | 2017-02-23 20:41:17 -0600 | [diff] [blame] | 13 | SYSROOT_DIRS += "${sysconfdir}/pki" |
| 14 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 15 | PACKAGES =+ "${PN}-ipk ${PN}-rpm ${PN}-packagefeed" |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 16 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 17 | FILES:${PN}-rpm = "${sysconfdir}/pki/rpm-gpg" |
| 18 | FILES:${PN}-ipk = "${sysconfdir}/pki/ipk-gpg" |
| 19 | FILES:${PN}-packagefeed = "${sysconfdir}/pki/packagefeed-gpg" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 20 | |
| 21 | python do_get_public_keys () { |
| 22 | from oe.gpg_sign import get_signer |
| 23 | |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 24 | if d.getVar("RPM_SIGN_PACKAGES"): |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 25 | # Export public key of the rpm signing key |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 26 | signer = get_signer(d, d.getVar('RPM_GPG_BACKEND')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 27 | signer.export_pubkey(os.path.join(d.expand('${B}'), 'rpm-key'), |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 28 | d.getVar('RPM_GPG_NAME')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 29 | |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 30 | if d.getVar("IPK_SIGN_PACKAGES"): |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 31 | # Export public key of the ipk signing key |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 32 | signer = get_signer(d, d.getVar('IPK_GPG_BACKEND')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 33 | signer.export_pubkey(os.path.join(d.expand('${B}'), 'ipk-key'), |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 34 | d.getVar('IPK_GPG_NAME')) |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 35 | |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 36 | if d.getVar('PACKAGE_FEED_SIGN') == '1': |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 37 | # Export public key of the feed signing key |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 38 | signer = get_signer(d, d.getVar('PACKAGE_FEED_GPG_BACKEND')) |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 39 | signer.export_pubkey(os.path.join(d.expand('${B}'), 'pf-key'), |
Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 40 | d.getVar('PACKAGE_FEED_GPG_NAME')) |
Patrick Williams | f1e5d69 | 2016-03-30 15:21:19 -0500 | [diff] [blame] | 41 | } |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 42 | do_get_public_keys[cleandirs] = "${B}" |
| 43 | addtask get_public_keys before do_install |
Brad Bishop | 316dfdd | 2018-06-25 12:45:53 -0400 | [diff] [blame] | 44 | do_get_public_keys[depends] += "gnupg-native:do_populate_sysroot" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 45 | |
| 46 | do_install () { |
| 47 | if [ -f "${B}/rpm-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 48 | install -D -m 0644 "${B}/rpm-key" "${D}${sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 49 | fi |
| 50 | if [ -f "${B}/ipk-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 51 | install -D -m 0644 "${B}/ipk-key" "${D}${sysconfdir}/pki/ipk-gpg/IPK-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 52 | fi |
| 53 | if [ -f "${B}/pf-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 54 | install -D -m 0644 "${B}/pf-key" "${D}${sysconfdir}/pki/packagefeed-gpg/PACKAGEFEED-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 55 | fi |
| 56 | } |
| 57 | |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 58 | do_deploy () { |
| 59 | if [ -f "${B}/rpm-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 60 | install -D -m 0644 "${B}/rpm-key" "${DEPLOYDIR}/RPM-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 61 | fi |
| 62 | if [ -f "${B}/ipk-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 63 | install -D -m 0644 "${B}/ipk-key" "${DEPLOYDIR}/IPK-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 64 | fi |
| 65 | if [ -f "${B}/pf-key" ]; then |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 66 | install -D -m 0644 "${B}/pf-key" "${DEPLOYDIR}/PACKAGEFEED-GPG-KEY-${DISTRO}-${DISTRO_CODENAME}" |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 67 | fi |
| 68 | } |
| 69 | do_deploy[sstate-outputdirs] = "${DEPLOY_DIR_RPM}" |
Brad Bishop | 316dfdd | 2018-06-25 12:45:53 -0400 | [diff] [blame] | 70 | # clear stamp-extra-info since MACHINE_ARCH is normally put there by |
| 71 | # deploy.bbclass |
Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 72 | do_deploy[stamp-extra-info] = "" |
| 73 | addtask deploy after do_get_public_keys |
Brad Bishop | d7bf8c1 | 2018-02-25 22:55:05 -0500 | [diff] [blame] | 74 | |
| 75 | # Delete unnecessary tasks. In particular, "do_unpack" _must_ be deleted because |
| 76 | # it cleans ${B} and will wipe any keys exported by do_get_public_keys. |
| 77 | deltask do_fetch |
| 78 | deltask do_unpack |
| 79 | deltask do_patch |
| 80 | deltask do_configure |
| 81 | deltask do_compile |