From: Henning Schild <henning.schild@siemens.com>
To: isar-users@googlegroups.com
Cc: Vijai Kumar K <vijaikumar.kanagarajan@gmail.com>,
Baurzhan Ismagulov <ibr@radix50.net>,
Jan Kiszka <jan.kiszka@siemens.com>,
Henning Schild <henning.schild@siemens.com>
Subject: [PATCHv7 06/29] base-apt: do not skip gpg check when it is signed
Date: Sat, 21 Mar 2020 09:31:25 +0100 [thread overview]
Message-ID: <20200321083148.26160-7-henning.schild@siemens.com> (raw)
In-Reply-To: <20200321083148.26160-1-henning.schild@siemens.com>
From: Henning Schild <henning.schild@siemens.com>
We used to have "trusted=yes" hardcoded even for a signed base-apt. Make
that flag depend on whether it is signed and generate that file with two
echos, it is simple enough.
Signed-off-by: Henning Schild <henning.schild@siemens.com>
---
.../isar-bootstrap/files/base-apt-sources | 2 --
.../isar-bootstrap/isar-bootstrap.inc | 16 ++++++++--------
2 files changed, 8 insertions(+), 10 deletions(-)
delete mode 100644 meta/recipes-core/isar-bootstrap/files/base-apt-sources
diff --git a/meta/recipes-core/isar-bootstrap/files/base-apt-sources b/meta/recipes-core/isar-bootstrap/files/base-apt-sources
deleted file mode 100644
index 2a4ab2c4..00000000
--- a/meta/recipes-core/isar-bootstrap/files/base-apt-sources
+++ /dev/null
@@ -1,2 +0,0 @@
-deb [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main
-deb-src [trusted=yes] file:///base-apt/{BASE_DISTRO} {BASE_DISTRO_CODENAME} main
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
index 16b4395b..cf3df407 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
@@ -12,8 +12,7 @@ SRC_URI = " \
file://isar-apt.conf \
file://isar-apt-fallback.conf \
file://locale \
- file://chroot-setup.sh \
- file://base-apt-sources"
+ file://chroot-setup.sh"
PV = "1.0"
DEBOOTSTRAP ?= "qemu-debootstrap"
@@ -21,7 +20,6 @@ ROOTFSDIR = "${WORKDIR}/rootfs"
APTPREFS = "${WORKDIR}/apt-preferences"
APTSRCS = "${WORKDIR}/apt-sources"
APTSRCS_INIT = "${WORKDIR}/apt-sources-init"
-BASEAPTSRCS = "${WORKDIR}/base-apt-sources"
DISTRO_BOOTSTRAP_KEYFILES = ""
THIRD_PARTY_APT_KEYFILES = ""
DEPLOY_ISAR_BOOTSTRAP ?= ""
@@ -266,13 +264,15 @@ isar_bootstrap() {
"${ROOTFSDIR}/etc/apt/preferences.d/bootstrap"
mkdir -p "${ROOTFSDIR}/etc/apt/sources.list.d"
if [ "${ISAR_USE_CACHED_BASE_REPO}" = "1" ]; then
- sed -e "s#{BASE_DISTRO}#"${BASE_DISTRO}"#g" \
- -e "s#{BASE_DISTRO_CODENAME}#"${BASE_DISTRO_CODENAME}"#g" \
- -i ${BASEAPTSRCS}
+ line="file:///base-apt/${BASE_DISTRO} ${BASE_DISTRO_CODENAME} main"
+ if [ -z "${BASE_REPO_KEY}" ]; then
+ line="[trusted=yes] ${line}"
+ fi
+ echo "deb ${line}" > "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
+ echo "deb-src ${line}" >> "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
+
mkdir -p ${ROOTFSDIR}/base-apt
mount --bind ${REPO_BASE_DIR} ${ROOTFSDIR}/base-apt
- install -v -m644 "${BASEAPTSRCS}" \
- "${ROOTFSDIR}/etc/apt/sources.list.d/base-apt.list"
else
install -v -m644 "${APTSRCS}" \
"${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list"
--
2.24.1
next prev parent reply other threads:[~2020-03-21 8:32 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-21 8:31 [PATCHv7 00/29] base-apt-rework Henning Schild
2020-03-21 8:31 ` [PATCHv7 01/29] repository: new class to deal with repos Henning Schild
2020-03-21 8:31 ` [PATCHv7 02/29] dpkg-base: add download caching of apt:// downloads Henning Schild
2020-03-21 8:31 ` [PATCHv7 03/29] meta: dpkg-base: convert "exit" into "return 0" Henning Schild
2020-03-21 8:31 ` [PATCHv7 04/29] base-apt: change the sources.list to also offer deb-src Henning Schild
2020-03-21 8:31 ` [PATCHv7 05/29] base-apt: add deb-src packages as well Henning Schild
2020-03-21 8:31 ` Henning Schild [this message]
2020-03-21 8:31 ` [PATCHv7 07/29] ci: conf: add "hello" to the sample config and every build Henning Schild
2020-03-21 8:31 ` [PATCHv7 08/29] meta: split all apt-get invocations into download and execution Henning Schild
2020-03-21 8:31 ` [PATCHv7 09/29] meta: create DL_DIR support for all apt-get downloaded .debs Henning Schild
2020-03-21 8:31 ` [PATCHv7 10/29] meta: import DL_DIR debs before apt-get download steps Henning Schild
2020-03-21 8:31 ` [PATCHv7 11/29] meta: include DL_DIR deb import/export into bootstrap Henning Schild
2020-03-21 8:31 ` [PATCHv7 12/29] base-apt: populate from DEBDIR as well Henning Schild
2020-03-21 8:31 ` [PATCHv7 13/29] base-apt: drop the "apt_cache" feature Henning Schild
2020-03-21 8:31 ` [PATCHv7 14/29] base-apt: do not copy debs directly out of rootfss anymore Henning Schild
2020-03-21 8:31 ` [PATCHv7 15/29] base-apt: rework base-apt population Henning Schild
2020-03-21 8:31 ` [PATCHv7 16/29] base-apt: move class "base-apt-helper" into only user Henning Schild
2020-03-21 8:31 ` [PATCHv7 17/29] CI: include "isar-disable-apt-cache" into all CI images Henning Schild
2020-03-21 8:31 ` [PATCHv7 18/29] CI: include "cowsay" into default build to test dpkg-gbp Henning Schild
2020-03-21 8:31 ` [PATCHv7 19/29] CI: set BB_NO_NETWORK for cached rebuild Henning Schild
2020-03-21 8:31 ` [PATCHv7 20/29] meta: repository: implement repo_contains_package and use it in base_apt Henning Schild
2020-03-21 8:31 ` [PATCHv7 21/29] meta: repository: simplify the matching of packages Henning Schild
2020-03-21 8:31 ` [PATCHv7 22/29] meta: deb-dl-dir: do not cache debs from isar-apt Henning Schild
2020-03-21 8:31 ` [PATCHv7 23/29] base-apt: pull base-apt population to the front of the build chain Henning Schild
2020-03-21 8:31 ` [PATCHv7 24/29] meta: base-apt: remove isar-apt check from population Henning Schild
2020-03-21 8:31 ` [PATCHv7 25/29] meta: deb-dl-dir: only export newly downloaded files Henning Schild
2020-03-21 8:31 ` [PATCHv7 26/29] CI: test a custom kernel build in the base-apt offline rebuild Henning Schild
2020-03-21 8:31 ` [PATCHv7 27/29] meta/deb-dl-dir: make subshell verbose and fail on error Henning Schild
2020-03-21 8:31 ` [PATCHv7 28/29] meta: deb-dl-dir: fix "command not found" error when excluding pkgs Henning Schild
2020-03-21 8:31 ` [PATCHv7 29/29] RECIPE-API-CHANGELOG: add a few bits on the base-apt caching changes Henning Schild
2020-03-21 8:41 ` [PATCHv7 00/29] base-apt-rework Henning Schild
2020-03-23 10:56 ` Baurzhan Ismagulov
2020-03-23 11:01 ` Jan Kiszka
2020-03-23 12:22 ` Baurzhan Ismagulov
2020-03-23 15:25 ` Henning Schild
2020-03-24 10:49 ` Baurzhan Ismagulov
2020-03-25 10:35 ` Henning Schild
2020-03-25 11:13 ` Jan Kiszka
2020-03-25 11:25 ` Henning Schild
2020-03-25 11:14 ` Baurzhan Ismagulov
2020-03-26 12:53 ` Henning Schild
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200321083148.26160-7-henning.schild@siemens.com \
--to=henning.schild@siemens.com \
--cc=ibr@radix50.net \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
--cc=vijaikumar.kanagarajan@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox