From: Jan Kiszka <jan.kiszka@siemens.com>
To: "Maxim Yu. Osipov" <mosipov@isar-build.org>, isar-users@googlegroups.com
Subject: Re: [PATCH v2 1/2] ci_build: Add signing cached repo test
Date: Tue, 27 Aug 2019 09:05:28 +0200 [thread overview]
Message-ID: <e7db9c00-7054-502f-7ac1-e7b1e4ee8e96@siemens.com> (raw)
In-Reply-To: <20190827064338.29404-1-mosipov@isar-build.org>
On 27.08.19 08:43, Maxim Yu. Osipov wrote:
> From: "Maxim Yu. Osipov" <mosipov@isag-build.org>
>
> Signed-off-by: Maxim Yu. Osipov <mosipov@isag-build.org>
> ---
> scripts/ci_build.sh | 31 ++++++++++++++-------
> testsuite/base-apt/test_priv.key | 58 ++++++++++++++++++++++++++++++++++++++++
> testsuite/base-apt/test_pub.key | 30 +++++++++++++++++++++
> 3 files changed, 110 insertions(+), 9 deletions(-)
> create mode 100644 testsuite/base-apt/test_priv.key
> create mode 100644 testsuite/base-apt/test_pub.key
>
> diff --git a/scripts/ci_build.sh b/scripts/ci_build.sh
> index f4a8b06..06b20ab 100755
> --- a/scripts/ci_build.sh
> +++ b/scripts/ci_build.sh
> @@ -50,7 +50,6 @@ REPRO_TARGETS_SET="\
> multiconfig:qemuamd64-stretch:isar-image-base \
> multiconfig:qemuarm-buster:isar-image-base"
>
> -
> show_help() {
> echo "This script builds the default Isar images."
> echo
> @@ -58,14 +57,14 @@ show_help() {
> echo " $0 [params]"
> echo
> echo "Parameters:"
> - echo " -b, --build BUILD_DIR set path to build directory. If not set,"
> - echo " the build will be started in current path."
> - echo " -c, --cross enable cross-compilation."
> - echo " -d, --debug enable debug bitbake output."
> - echo " -f, --fast cross build reduced set of configurations."
> - echo " -q, --quiet suppress verbose bitbake output."
> - echo " -r, --repro enable use of cached base repository."
> - echo " --help display this message and exit."
> + echo " -b, --build BUILD_DIR set path to build directory. If not set,"
> + echo " the build will be started in current path."
> + echo " -c, --cross enable cross-compilation."
> + echo " -d, --debug enable debug bitbake output."
> + echo " -f, --fast cross build reduced set of configurations."
> + echo " -q, --quiet suppress verbose bitbake output."
> + echo " -r, --repro [-s, --sign] enable use of cached base repository with optional signing."
> + echo " --help display this message and exit."
> echo
> echo "Exit status:"
> echo " 0 if OK,"
> @@ -103,6 +102,9 @@ do
> ;;
> -r|--repro)
> REPRO_BUILD="1"
> + case "$2" in
> + -s|--sign) SIGN_REPO='1'; shift ;;
> + esac
> ;;
> *)
> echo "error: invalid parameter '$key', please try '--help' to get list of supported parameters"
> @@ -113,6 +115,7 @@ do
> shift
> done
>
> +
Stray newline change.
> # Setup build folder for the current build
> if [ ! -d "$BUILD_DIR" ]; then
> mkdir -p "$BUILD_DIR"
> @@ -124,6 +127,13 @@ if [ -n "$CROSS_BUILD" ]; then
> fi
>
> if [ -n "$REPRO_BUILD" ]; then
> + if [ -n "$SIGN_REPO" ]; then
> + ISAR_TESTSUITE_GPG_PUB_KEY_FILE="$ISARROOT/testsuite/base-apt/test_pub.key"
> + ISAR_TESTSUITE_GPG_PRIV_KEY_FILE="$ISARROOT/testsuite/base-apt/test_priv.key"
> + export GNUPGHOME=$(mktemp -d)
> + gpg --import $ISAR_TESTSUITE_GPG_PUB_KEY_FILE $ISAR_TESTSUITE_GPG_PRIV_KEY_FILE
> + echo BASE_REPO_KEY=\"file://$ISAR_TESTSUITE_GPG_PUB_KEY_FILE\" >> conf/local.conf
> + fi
> # Enable use of cached base repository
> bitbake $BB_ARGS -c cache_base_repo $REPRO_TARGETS_SET
> while [ -e bitbake.sock ]; do sleep 1; done
> @@ -134,6 +144,9 @@ if [ -n "$REPRO_BUILD" ]; then
> # Cleanup and disable use of cached base repository
> sudo rm -rf tmp
> sed -i -e 's/ISAR_USE_CACHED_BASE_REPO ?= "1"/#ISAR_USE_CACHED_BASE_REPO ?= "1"/g' conf/local.conf
> + if [ -n "$SIGN_REPO" ]; then
> + sed -i -e 's/BASE_REPO_KEY/#BASE_REPO_KEY/g' conf/local.conf
> + fi
If you match on /^BASE_REPO_KEY/, you can make this unconditional.
> fi
>
> sed -i -e 's/#IMAGE_INSTALL += "isar-disable-apt-cache"/IMAGE_INSTALL += "isar-disable-apt-cache"/g' conf/local.conf
> diff --git a/testsuite/base-apt/test_priv.key b/testsuite/base-apt/test_priv.key
> new file mode 100644
> index 0000000..fd3b735
> --- /dev/null
> +++ b/testsuite/base-apt/test_priv.key
> @@ -0,0 +1,58 @@
> +-----BEGIN PGP PRIVATE KEY BLOCK-----
> +
> +lQOYBF07NAMBCAC4JSMwDUaUbkz0a/g7991xIUf40d55iZheylspfHuhmFVMlTTW
> +BDv1KOTffopA5TgCTHoHwFilogymPSoeUGwk1DOQmdy1vLXMB76TZFZhvWgZxHFL
> +OPn3ktFH/YuJ4c2a5q/sqwGr2ivsMR161AufecuyZjuymkN224B1qanaevqE3f7X
> +mQ6ceSS3GCVNgZTcPplhbZEgsNIc94HgTLWEB3xTBx4N7uJfZG6sLduzUTm8Qs0j
> +t1ijRB21HSFOTo309G5QnVdlBP7G92jj7I7JrQqoauVTlaJhZoAbYUjDdr0qkIFa
> +PYsTIvbNeLCEIOJTkIi9Res94AOe2kThIL9zABEBAAEAB/45PsZNGltuKkn/FA+T
> +6O6szClZJzkPtGArW6HyaDHw3u/pglruC1vuT1uzRN3K5dc/E7I99aQ5PYLMLSiK
> +SvsLifJLyiEsWDF175RlsqQN93lExWZo+ZnvxnML+7ykzQ8DUCKxosm+uHC+GNiu
> +xfulBJJ378MwNzew2/T33xogAmL6sWEgtyhNPzny7ezMwFyiE4QyTyov+BZTbN2o
> +Gj3ds/NBgs650p5CAkauhNX8TCqq7ouRQmmQa281Mb8gBb5vSuwqGlHEjOpdgrWu
> +y7xXlwbwnGJQ8YyegIHycr33aFBI4PQq/oGf2SzVTMsGNM6xcPtIOKhW1AgCkZIh
> +GtmBBADPWPMJhZBO3fo6TXR+5PXqu8F6Qjk6Ur3hg00Ql32dgwKj7IjfOi0As0hB
> +d1Fn16zzHkkaYD5b0FsOO64Cst/mkN0/o5soTI9N4kq91AgMABDaRoXpuUCy9P3q
> +ReC/WVDcdQTCWfUnYOPj9AHioPje0NWwL2Wa9MZQFtvEx3vQgQQA41p0kEgFtT2e
> +dWCJiU+lMuONHr9DdiWlNPly8LwtzjCH4i07aeZH1vI5aE9mH+t43O9e+Zcvsjgh
> +ahZzfpv5ZQbTexXZAK/lGkebVPbbcXmFMBEITHNP0gN+HECWfU/1UQwUlQPBQQSL
> +rQud92Jmv1jKdJ6WwV4WDZeRX8rfVfMD/RMmLgqd7VOsB2y9PWToTMcnbqQzGARE
> +wtqL5NV+wv+d7fVM3E04g/7AXXIt2vCN1weoe9KEd9ps/kmqAt/dVi3zioLgBcQ3
> +begyZMGKECT4HYkXP4OahaPLm70jzKIf/SabsSX0l93w0g5Rdn7LIkydrs5ubjha
> +Xl5vxeB2GxEbR4W0J0lTQVIgdGVzdHN1aXRlIDxkZXZudWxsQGlzYXItYnVpbGQu
> +b3JnPokBVAQTAQgAPhYhBNKDcKXylQBbbe7hQeBFQDWDfznIBQJdOzQDAhsDBQkD
> +wmcABQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEOBFQDWDfznIJp8H/j1lsnI/
> +mojhV6d302mBhn57Zyi2IlI59soFy6X7dZeVpr7evQSNiXZlctDT1K+JHzN0ZxJl
> +4lnHZceg6kfCijZNWYiLCyvGkx9j5/P37ZOb4ekr4/3UGPgY5i8RQ3sFrxO8Uv3A
> +42YJbBQFVo7v/u13eGTdII7wzQmJT+kPtTDsTk5EKZ2GuD4UqbjtH44BtjEpEDua
> +PAcyWeXR3Xdpn5wBVFXix5ntcxwxOxR9ikJP9QThof3rW8mWKKHRgLr53bV/+Usv
> +V5FRcGpuA0t4dH9Bj+DvdqFYUS9Xxxnu0pggnc2Ak/EoThpEW6Hmj0xZ9Qw1509u
> +31f/+ATeyBzZfAWdA5gEXTs0AwEIAMOSRpGeJqjoJllFxrvecevhNE274ERPTRtO
> +YhGQ7o9ikpF2b/9R0Aew5sO7w+F744ORGyPibMF8rZm5Ot3FSrkoq/N7hxG45OpE
> +NOqbYgSdh+qrxp8J5LRD0TnMbV2wjEJNEb5MtFjh/MoolvNI+0ScE4YS7drI9Pii
> +NpdiDDvdYRd/LDZaIGLXuHyOAOUtLePsQHrVBQi9CNXcxyu61QR4RuEVKfMuxjxk
> +lkKJKOSPwn2YJAEGdO941fmAAxCC4N/RwvX38whBHWWiW5qaco9tnnBHJSJDXoup
> +Vkmxhib9BFf4nlCia3v1o2K8QPYxwUMn4auvWav0tfMB3dx1BaEAEQEAAQAH+QGB
> +2AOG2iNHP09E9lLFC1Bt/WJF+uTXTi+/5q5L1UmwB7fajlDWDlxNYn+c9OgldVl7
> +uSibteYksg2FcrYMZkRhwO6jOpMKLRoHqYmYeEAgtmKDiNFC0AsxCS3TEWz9WK9g
> +H2Q9szwc+3WvGa63BHy3zcgkzw8tYAMUhqubkefaMKeIVtP08L00H7Vtv5AWtU3W
> +VBUVkHT1KQauhqrZNKi3CaQ+3wuXJXbyM+Ml/h6sthzHIWYpPveeSgHcSKRXo1ir
> +JgfPrSUN0ZcodHxKBASNsg9SYEp3LeCxq9lmxXuwbc4UgLxLRSdLn61QSruOR8kq
> +HSh0w/qF9hysiy6sDNkEAMYTeqFaqcR0odZeGPsKHBd44fJPCoP1BRpxfXK9h+Bd
> +pRaBBe21uoUDvcDGBymcVraOdSDY2GibN4wouRnQT49bqjx2EX+wAs/X6/TKa4fI
> +gudKsTNYP8nHhH9AJHm8eD1tm1i3fb8e6ymyNUKhdMF1oxKU8fmBCKsQDfY/Q/L9
> +BAD8w0mw1MhfMDU0IY5oA/wku2H110CU3p60glv3hYrtmIh//VL4hXnNZLMnyBc0
> +ILy4fSbCo1hzXNmuPhxsm7D/CE1nGEBU7M7LDJXRRlEn0YZx19n8zZPA2tGxdOhg
> +uC9fzSLlQM1W0NzMs4xKw0yhFZRuNQJOLC7zpbBP2GBYdQQAul6Q3dG7XnY7e/Ct
> +VMSxZ6tSBCXI5IKD+3h5THE+6BoeAUWe3fLOIadOuZA24gjFy9lGgUVWbLi7uG7s
> +cXugswz4vrzogGV1gn+4Bm3V//ckJrRkW7LWxY/h2f7hqegq12EXHBy4fzYdmkqz
> +RMOinPILoizk8JDFEqZhvXV7uZ9Cw4kBPAQYAQgAJhYhBNKDcKXylQBbbe7hQeBF
> +QDWDfznIBQJdOzQDAhsMBQkDwmcAAAoJEOBFQDWDfznIKHsH/RaJIDzUuHFTewwA
> +vKfdgduCU5Nhvz9/GXF9oZGvPUOK8/khudQ0nKWKKMsyc3dEelzsoioDbOXDeND0
> +oLGVeHPGVPYRUpfCbvs1t0wu9nIdIEu7FwItUYS0iYZdgxJ3FzTuip5dhBBbq2jl
> +OK1YX7o3/SfgT3qZgH37+jcZ7xbKUmrXxjVducdD0QxBhGyj3cZ9F8K7kJT5R0QV
> +z2ZUaFNMwu5qOqbMJs0cwy7h/NbOlk0bAJgUFRdYlfnuHAbGkfeu49kjEPTiiYYD
> +2zoZV1zOcjVd9cwIGKi4S225jD4dihzRfLkChE84e8Dfp4aMqJHEc+RaTBCKyxA4
> +5aiaZcY=
> +=oJ8J
> +-----END PGP PRIVATE KEY BLOCK-----
> diff --git a/testsuite/base-apt/test_pub.key b/testsuite/base-apt/test_pub.key
> new file mode 100644
> index 0000000..20735e4
> --- /dev/null
> +++ b/testsuite/base-apt/test_pub.key
> @@ -0,0 +1,30 @@
> +-----BEGIN PGP PUBLIC KEY BLOCK-----
> +
> +mQENBF07NAMBCAC4JSMwDUaUbkz0a/g7991xIUf40d55iZheylspfHuhmFVMlTTW
> +BDv1KOTffopA5TgCTHoHwFilogymPSoeUGwk1DOQmdy1vLXMB76TZFZhvWgZxHFL
> +OPn3ktFH/YuJ4c2a5q/sqwGr2ivsMR161AufecuyZjuymkN224B1qanaevqE3f7X
> +mQ6ceSS3GCVNgZTcPplhbZEgsNIc94HgTLWEB3xTBx4N7uJfZG6sLduzUTm8Qs0j
> +t1ijRB21HSFOTo309G5QnVdlBP7G92jj7I7JrQqoauVTlaJhZoAbYUjDdr0qkIFa
> +PYsTIvbNeLCEIOJTkIi9Res94AOe2kThIL9zABEBAAG0J0lTQVIgdGVzdHN1aXRl
> +IDxkZXZudWxsQGlzYXItYnVpbGQub3JnPokBVAQTAQgAPhYhBNKDcKXylQBbbe7h
> +QeBFQDWDfznIBQJdOzQDAhsDBQkDwmcABQsJCAcCBhUICQoLAgQWAgMBAh4BAheA
> +AAoJEOBFQDWDfznIJp8H/j1lsnI/mojhV6d302mBhn57Zyi2IlI59soFy6X7dZeV
> +pr7evQSNiXZlctDT1K+JHzN0ZxJl4lnHZceg6kfCijZNWYiLCyvGkx9j5/P37ZOb
> +4ekr4/3UGPgY5i8RQ3sFrxO8Uv3A42YJbBQFVo7v/u13eGTdII7wzQmJT+kPtTDs
> +Tk5EKZ2GuD4UqbjtH44BtjEpEDuaPAcyWeXR3Xdpn5wBVFXix5ntcxwxOxR9ikJP
> +9QThof3rW8mWKKHRgLr53bV/+UsvV5FRcGpuA0t4dH9Bj+DvdqFYUS9Xxxnu0pgg
> +nc2Ak/EoThpEW6Hmj0xZ9Qw1509u31f/+ATeyBzZfAW5AQ0EXTs0AwEIAMOSRpGe
> +JqjoJllFxrvecevhNE274ERPTRtOYhGQ7o9ikpF2b/9R0Aew5sO7w+F744ORGyPi
> +bMF8rZm5Ot3FSrkoq/N7hxG45OpENOqbYgSdh+qrxp8J5LRD0TnMbV2wjEJNEb5M
> +tFjh/MoolvNI+0ScE4YS7drI9PiiNpdiDDvdYRd/LDZaIGLXuHyOAOUtLePsQHrV
> +BQi9CNXcxyu61QR4RuEVKfMuxjxklkKJKOSPwn2YJAEGdO941fmAAxCC4N/RwvX3
> +8whBHWWiW5qaco9tnnBHJSJDXoupVkmxhib9BFf4nlCia3v1o2K8QPYxwUMn4auv
> +Wav0tfMB3dx1BaEAEQEAAYkBPAQYAQgAJhYhBNKDcKXylQBbbe7hQeBFQDWDfznI
> +BQJdOzQDAhsMBQkDwmcAAAoJEOBFQDWDfznIKHsH/RaJIDzUuHFTewwAvKfdgduC
> +U5Nhvz9/GXF9oZGvPUOK8/khudQ0nKWKKMsyc3dEelzsoioDbOXDeND0oLGVeHPG
> +VPYRUpfCbvs1t0wu9nIdIEu7FwItUYS0iYZdgxJ3FzTuip5dhBBbq2jlOK1YX7o3
> +/SfgT3qZgH37+jcZ7xbKUmrXxjVducdD0QxBhGyj3cZ9F8K7kJT5R0QVz2ZUaFNM
> +wu5qOqbMJs0cwy7h/NbOlk0bAJgUFRdYlfnuHAbGkfeu49kjEPTiiYYD2zoZV1zO
> +cjVd9cwIGKi4S225jD4dihzRfLkChE84e8Dfp4aMqJHEc+RaTBCKyxA45aiaZcY=
> +=kwGf
> +-----END PGP PUBLIC KEY BLOCK-----
>
BTW, do we consider -r -s as being part of a fast CI run? Then both should
likely be added to .gitlab-ci.yml.
Jan
--
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux
next prev parent reply other threads:[~2019-08-27 7:05 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-27 6:43 Maxim Yu. Osipov
2019-08-27 6:43 ` [PATCH v2 2/2] doc/user_manual: Add reference to GPG tutorial Maxim Yu. Osipov
2019-08-27 7:05 ` Jan Kiszka [this message]
2019-08-27 19:57 ` [PATCH v2 1/2] ci_build: Add signing cached repo test Maxim Yu. Osipov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e7db9c00-7054-502f-7ac1-e7b1e4ee8e96@siemens.com \
--to=jan.kiszka@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=mosipov@isar-build.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox