[PATCH 05/17] base-apt: do not skip gpg check when it is signed

public inbox for isar-users@googlegroups.com
 help / color / mirror / Atom feed

From: Henning Schild <henning.schild@siemens.com>
To: isar-users@googlegroups.com
Cc: Henning Schild <henning.schild@siemens.com>
Subject: [PATCH 05/17] base-apt: do not skip gpg check when it is signed
Date: Mon, 28 Oct 2019 18:01:20 +0100	[thread overview]
Message-ID: <20191028170132.28072-6-henning.schild@siemens.com> (raw)
In-Reply-To: <20191028170132.28072-1-henning.schild@siemens.com>

From: Henning Schild <henning.schild@siemens.com>

We used to have "trusted=yes" hardcoded even for a signed base-apt. Make
that flag depend on whether it is signed and generate that file with two
echos, it is simple enough.

Signed-off-by: Henning Schild <henning.schild@siemens.com>
---
 .../isar-bootstrap/files/base-apt-sources        |  2 --
 .../isar-bootstrap/isar-bootstrap.inc            | 16 ++++++++--------
 2 files changed, 8 insertions(+), 10 deletions(-)
 delete mode 100644 meta/recipes-core/isar-bootstrap/files/base-apt-sources

diff --git a/meta/recipes-core/isar-bootstrap/files/base-apt-sources b/meta/recipes-core/isar-bootstrap/files/base-apt-sources
deleted file mode 100644
index 2a4ab2c..0000000
--- a/meta/recipes-core/isar-bootstrap/files/base-apt-sources
+++ /dev/null
@@ -1,2 +0,0 @@
-deb [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main
-deb-src [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index 5aaecd1..cc12378 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -12,8 +12,7 @@ SRC_URI = " \
     file://isar-apt.conf \
     file://isar-apt-fallback.conf \
     file://locale \
-    file://chroot-setup.sh \
-    file://base-apt-sources"
+    file://chroot-setup.sh"
 PV = "1.0"
 
 DEBOOTSTRAP ?= "qemu-debootstrap"
@@ -21,7 +20,6 @@ ROOTFSDIR = "${WORKDIR}/rootfs"
 APTPREFS = "${WORKDIR}/apt-preferences"
 APTSRCS = "${WORKDIR}/apt-sources"
 APTSRCS_INIT = "${WORKDIR}/apt-sources-init"
-BASEAPTSRCS = "${WORKDIR}/base-apt-sources"
 DISTRO_BOOTSTRAP_KEYFILES = ""
 THIRD_PARTY_APT_KEYFILES = ""
 DEPLOY_ISAR_BOOTSTRAP ?= ""
@@ -265,13 +263,15 @@ isar_bootstrap() {
                              "${ROOTFSDIR}/etc/apt/preferences.d/bootstrap"
             mkdir -p "${ROOTFSDIR}/etc/apt/sources.list.d"
             if [ "${ISAR_USE_CACHED_BASE_REPO}" = "1" ]; then
-                sed -e "s#{BASE_DISTRO}#"${BASE_DISTRO}"#g" \
-                    -e "s#{BASE_DISTRO_CODENAME}#"${BASE_DISTRO_CODENAME}"#g" \
-	            -i ${BASEAPTSRCS}
+                line="file:///base-apt/${BASE_DISTRO} ${BASE_DISTRO_CODENAME} main"
+                if [ -z "${BASE_REPO_KEY}" ]; then
+                    line="[trusted=yes] ${line}"
+                fi
+                echo "deb ${line}" >  "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
+                echo "deb-src ${line}" >>  "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
+
                 mkdir -p ${ROOTFSDIR}/base-apt
                 sudo mount --bind ${REPO_BASE_DIR} ${ROOTFSDIR}/base-apt
-                install -v -m644 "${BASEAPTSRCS}" \
-                                 "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
             else
                 install -v -m644 "${APTSRCS}" \
                                  "${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list"
-- 
2.23.0

next prev parent reply	other threads:[~2019-10-28 17:01 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-28 17:01 [PATCH 00/17] base-apt rework Henning Schild
2019-10-28 17:01 ` [PATCH 01/17] repository: new class to deal with repos Henning Schild
2019-11-24 15:29   ` Baurzhan Ismagulov
2019-11-25 12:03     ` Henning Schild
2019-10-28 17:01 ` [PATCH 02/17] dpkg-base: add download caching of apt:// downloads Henning Schild
2019-10-29 12:57   ` chombourger
2019-10-29 16:03     ` Henning Schild
2019-11-08 11:39     ` Henning Schild
2019-11-24 15:30   ` Baurzhan Ismagulov
2019-11-25 10:32     ` Henning Schild
2019-10-28 17:01 ` [PATCH 03/17] base-apt: change the sources.list to also offer deb-src Henning Schild
2019-10-28 17:01 ` [PATCH 04/17] base-apt: add deb-src packages as well Henning Schild
2019-10-30 19:23   ` Henning Schild
2019-10-28 17:01 ` Henning Schild [this message]
2019-11-24 15:35   ` [PATCH 05/17] base-apt: do not skip gpg check when it is signed Baurzhan Ismagulov
2019-11-25 10:30     ` Henning Schild
2019-10-28 17:01 ` [PATCH 06/17] ci: conf: add "hello" to the sample config and every build Henning Schild
2019-10-28 17:01 ` [PATCH 07/17] meta: split all apt-get invocations into download and execution Henning Schild
2019-11-24 15:41   ` Baurzhan Ismagulov
2019-11-25 10:20     ` Henning Schild
2019-10-28 17:01 ` [PATCH 08/17] meta: create DL_DIR support for all apt-get downloaded .debs Henning Schild
2019-10-29 12:48   ` chombourger
2019-10-29 16:02     ` Henning Schild
2019-11-06 13:19     ` Henning Schild
2019-11-24 15:57   ` Baurzhan Ismagulov
2019-11-25 10:15     ` Henning Schild
2019-10-28 17:01 ` [PATCH 09/17] meta: import DL_DIR debs before apt-get download steps Henning Schild
2019-10-30 19:21   ` Henning Schild
2019-11-06 13:17     ` Henning Schild
2019-11-24 20:20       ` Baurzhan Ismagulov
2019-11-25 10:13         ` Henning Schild
2019-10-28 17:01 ` [PATCH 10/17] base-apt: populate from DEBDIR as well Henning Schild
2019-10-28 17:01 ` [PATCH 11/17] base-apt: drop the "apt_cache" feature Henning Schild
2019-10-28 17:01 ` [PATCH 12/17] base-apt: do not copy debs directly out of rootfss anymore Henning Schild
2019-10-28 17:01 ` [PATCH 13/17] base-apt: rework base-apt population Henning Schild
2019-10-28 17:01 ` [PATCH 14/17] base-apt: move class "base-apt-helper" into only user Henning Schild
2019-10-28 17:01 ` [PATCH 15/17] CI: include "isar-disable-apt-cache" into all CI images Henning Schild
2019-10-28 17:01 ` [PATCH 16/17] CI: include "cowsay" into default build to test dpkg-gbp Henning Schild
2019-10-28 17:01 ` [PATCH 17/17] CI: set BB_NO_NETWORK for cached rebuild Henning Schild
2019-11-06 16:00 ` [PATCH 00/17] base-apt rework Jan Kiszka
2019-11-24 13:21 ` Baurzhan Ismagulov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191028170132.28072-6-henning.schild@siemens.com \
    --to=henning.schild@siemens.com \
    --cc=isar-users@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox