[OE-core] [oe][PATCH v3 2/2] package_manager: support for signed IPK package feeds
Ioan-Adrian Ratiu
adrian.ratiu at ni.com
Thu Nov 19 15:41:28 UTC 2015
Create gpg signed package feeds if configured. Very similar to
how rpm does it. Most of the config variables are shared with
the rpm backend (like PACKAGE_FEED_GPG_NAME), with the exception
of PACKAGE_FEED_GPG_PUBKEY which is not needed in this case.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu at ni.com>
---
meta/lib/oe/package_manager.py | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/meta/lib/oe/package_manager.py b/meta/lib/oe/package_manager.py
index 964fddc..091cb7f 100644
--- a/meta/lib/oe/package_manager.py
+++ b/meta/lib/oe/package_manager.py
@@ -178,6 +178,7 @@ class OpkgIndexer(Indexer):
open(os.path.join(self.deploy_dir, "Packages"), "w").close()
index_cmds = []
+ index_sign_files = []
for arch_var in arch_vars:
archs = self.d.getVar(arch_var, True)
if archs is None:
@@ -196,6 +197,8 @@ class OpkgIndexer(Indexer):
index_cmds.append('%s -r %s -p %s -m %s' %
(opkg_index_cmd, pkgs_file, pkgs_file, pkgs_dir))
+ index_sign_files.append(pkgs_file)
+
if len(index_cmds) == 0:
bb.note("There are no packages in %s!" % self.deploy_dir)
return
@@ -203,10 +206,22 @@ class OpkgIndexer(Indexer):
result = oe.utils.multiprocess_exec(index_cmds, create_index)
if result:
bb.fatal('%s' % ('\n'.join(result)))
- if self.d.getVar('PACKAGE_FEED_SIGN', True) == '1':
- raise NotImplementedError('Package feed signing not implementd for ipk')
-
+ # all these variables are needed to succesfully sign the index, otherwise skip signing
+ if self.d.getVar('PACKAGE_FEED_SIGN', True) == '1' and \
+ self.d.getVar('PACKAGE_FEED_GPG_NAME', True) and \
+ self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True):
+ pkgfeed_gpg_name = self.d.getVar('PACKAGE_FEED_GPG_NAME', True)
+ pkgfeed_gpg_pass = self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE', True)
+ gpg_bin = self.d.getVar('GPG_BIN', True) or bb.utils.which(os.getenv('PATH'), "gpg")
+
+ gpg_cmd = "%s --no-use-agent --batch --yes -ab -u %s --passphrase-file '%s'" % \
+ (gpg_bin, pkgfeed_gpg_name, pkgfeed_gpg_pass)
+
+ for f in index_sign_files:
+ result = oe.utils.multiprocess_exec([gpg_cmd + ' ' + f], create_index)
+ if result:
+ bb.fatal('%s' % ('\n'.join(result)))
class DpkgIndexer(Indexer):
def _create_configs(self):
--
2.1.4
More information about the Openembedded-core
mailing list