From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6771003125431009280
X-Received: by 2002:a05:6402:1764:: with SMTP id da4mr3639819edb.24.1576497015533;
        Mon, 16 Dec 2019 03:50:15 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a17:907:104a:: with SMTP id oy10ls1616870ejb.3.gmail; Mon,
 16 Dec 2019 03:50:14 -0800 (PST)
X-Google-Smtp-Source: APXvYqwS65A5uXeTbm/xfqP5QcfJ8smpdLzPWWS5SvkxrN2VefvOt50lQkz85lTqAI+uC9z/2ZY4
X-Received: by 2002:a17:906:2296:: with SMTP id p22mr33389709eja.269.1576497014802;
        Mon, 16 Dec 2019 03:50:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1576497014; cv=none;
        d=google.com; s=arc-20160816;
        b=nsp7OIkxdG3eCaB7ccWc17ykak7iKXTTCoWIYDP+Yx3w3tE3G3v8UjvUEx/BETFekh
         Duk5l41TfHCoqV643oQGh3OOcI5NxhRIWGQOypKDCoAeNt+/Mi9PEEeGUp+jns5cwQrH
         98q6gKhgLqA1Rm+WpaGaE5XpnxAWqvMzMtlyMp/Q6RYcjuZkdi0dt8Ga8alQcU13sWPq
         7gL5Pig3qxoI3JBe7ihpNYR2VKsPKphOy9DH9TlQdKWYDHRMcSbBEiHOhvUroRBMzC69
         OIRE52JWy+Lrac4s9GZTc3PEOpZayP61+fig6gl+njkgXUef5tP2m3hB1SYMag4Mgq3g
         S2IA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from;
        bh=EEwi8zoSrR+n2GbLc9z+o70uXWjkh9jdttgItTCOxFU=;
        b=py/fl+GQNWmxkpHRBmGM2DBw29PBIYWEIFGHGyPj6s4sBID2cf1tCvv6w4z6njGgQX
         ucFS0kDqK+ilp+gT1hbdBpKOFPYljz60PwYufZlyMj+MqM3xqahwpB4WD2rW+Wz1Zewv
         lzqShRTICQsZQxDLAkJspW6SI/dHIzNSQuz5A79Opegt5LNErYAzzPgxJpY63Fv/kaBn
         Kr/nTprBpMsM3gsfr+R1kKtGzLi/iNUZXa7VSC41fm+SeRlxV/wMkujsWlOqedzpt+59
         t0WleBNEEzQFqFUHgMMrqnACH6R9pzCNlzCfBID2xUIpjWfxpgNnt4YDQn0g7i46WKdM
         C6JQ==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Return-Path: <henning.schild@siemens.com>
Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2])
        by gmr-mx.google.com with ESMTPS id n21si718765eja.0.2019.12.16.03.50.14
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 16 Dec 2019 03:50:14 -0800 (PST)
Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66])
	by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id xBGBoD4N016914
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Mon, 16 Dec 2019 12:50:14 +0100
Received: from md1za8fc.ad001.siemens.net ([139.25.69.101])
	by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id xBGBoDWR009084;
	Mon, 16 Dec 2019 12:50:13 +0100
From: Henning Schild <henning.schild@siemens.com>
To: isar-users@googlegroups.com
Cc: Jan Kiszka <jan.kiszka@siemens.com>, Baurzhan Ismagulov <ibr@radix50.net>,
        chombourger@gmail.com, Henning Schild <henning.schild@siemens.com>
Subject: [PATCHv2 06/25] base-apt: do not skip gpg check when it is signed
Date: Mon, 16 Dec 2019 12:49:52 +0100
Message-Id: <20191216115011.17664-7-henning.schild@siemens.com>
X-Mailer: git-send-email 2.24.1
In-Reply-To: <20191216115011.17664-1-henning.schild@siemens.com>
References: <20191216115011.17664-1-henning.schild@siemens.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TUID: 3mQdjTDlktvv

From: Henning Schild <henning.schild@siemens.com>

We used to have "trusted=yes" hardcoded even for a signed base-apt. Make
that flag depend on whether it is signed and generate that file with two
echos, it is simple enough.

Signed-off-by: Henning Schild <henning.schild@siemens.com>
---
 .../isar-bootstrap/files/base-apt-sources        |  2 --
 .../isar-bootstrap/isar-bootstrap.inc            | 16 ++++++++--------
 2 files changed, 8 insertions(+), 10 deletions(-)
 delete mode 100644 meta/recipes-core/isar-bootstrap/files/base-apt-sources

diff --git a/meta/recipes-core/isar-bootstrap/files/base-apt-sources b/meta/recipes-core/isar-bootstrap/files/base-apt-sources
deleted file mode 100644
index 2a4ab2c..0000000
--- a/meta/recipes-core/isar-bootstrap/files/base-apt-sources
+++ /dev/null
@@ -1,2 +0,0 @@
-deb [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main
-deb-src [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index 5dd571e..cfcf7b8 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -12,8 +12,7 @@ SRC_URI = " \
     file://isar-apt.conf \
     file://isar-apt-fallback.conf \
     file://locale \
-    file://chroot-setup.sh \
-    file://base-apt-sources"
+    file://chroot-setup.sh"
 PV = "1.0"
 
 DEBOOTSTRAP ?= "qemu-debootstrap"
@@ -21,7 +20,6 @@ ROOTFSDIR = "${WORKDIR}/rootfs"
 APTPREFS = "${WORKDIR}/apt-preferences"
 APTSRCS = "${WORKDIR}/apt-sources"
 APTSRCS_INIT = "${WORKDIR}/apt-sources-init"
-BASEAPTSRCS = "${WORKDIR}/base-apt-sources"
 DISTRO_BOOTSTRAP_KEYFILES = ""
 THIRD_PARTY_APT_KEYFILES = ""
 DEPLOY_ISAR_BOOTSTRAP ?= ""
@@ -266,13 +264,15 @@ isar_bootstrap() {
                              "${ROOTFSDIR}/etc/apt/preferences.d/bootstrap"
             mkdir -p "${ROOTFSDIR}/etc/apt/sources.list.d"
             if [ "${ISAR_USE_CACHED_BASE_REPO}" = "1" ]; then
-                sed -e "s#{BASE_DISTRO}#"${BASE_DISTRO}"#g" \
-                    -e "s#{BASE_DISTRO_CODENAME}#"${BASE_DISTRO_CODENAME}"#g" \
-	            -i ${BASEAPTSRCS}
+                line="file:///base-apt/${BASE_DISTRO} ${BASE_DISTRO_CODENAME} main"
+                if [ -z "${BASE_REPO_KEY}" ]; then
+                    line="[trusted=yes] ${line}"
+                fi
+                echo "deb ${line}" >  "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
+                echo "deb-src ${line}" >>  "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
+
                 mkdir -p ${ROOTFSDIR}/base-apt
                 sudo mount --bind ${REPO_BASE_DIR} ${ROOTFSDIR}/base-apt
-                install -v -m644 "${BASEAPTSRCS}" \
-                                 "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
             else
                 install -v -m644 "${APTSRCS}" \
                                  "${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list"
-- 
2.24.1