summaryrefslogtreecommitdiffstats
path: root/meta-integrity/classes
Commit message (Collapse)AuthorAgeFilesLines
* sign_rpm_ext: make sure all target recipes are signedJia Zhang2017-08-241-0/+26
| | | | | | | | Placing the key import logic under signing-keys cannot ensure all target recipes are always signed. Instead, place it before do_package_write_rpm. Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext: define the location of default gpg keyring to TMPDIRJia Zhang2017-08-201-1/+1
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext: fix permission warningJia Zhang2017-08-201-1/+1
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext.bbclass: clean upJia Zhang2017-08-191-9/+1
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext: Fix the GPG_PATH directory not exist issue (#4)Guojian2017-08-191-8/+7
| | | | | | | | | | | | | | | If "GPG_PATH" is set in the init script, then "signing-keys" get_public_keys task will execute failed. So the "GPG_PATH" directory would be created when "GPG_PATH" is set. The do_get_public_keys failed to import gpg key error information is as following: ---------------------------------------------------------------------------------------- ERROR: signing-keys-1.0-r0 do_get_public_keys: Function failed: Failed to import gpg key (layers/meta-secure-core/meta-signing-key/files/rpm_keys/RPM-GPG-PRIVKEY-SecureCore): gpg: fatal: can't create directory `tmp/deploy/images/intel-corei7-64/.gnupg': No such file or directory Signed-off-by: Guojian Zhou <guojian.zhou@windriver.com>
* sign_rpm_ext.bbclass: use the default setting from meta-signing-keyJia Zhang2017-08-191-2/+3
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext: set default GPG_PATH if it is not specified (#2)yunguowei2017-08-191-0/+15
| | | | | | | | | | | commit 52bf3b6636f95a(meta-integrity: move gpg keyring initialization to signing-keys) tried to initialize keyring in the task check_public_keys of the recipe signing-keys. However, it does work with the recipe signing-keys only, and GPG_PATH can't be passed to other recipes. We bring the python anonymous function back, and it makes sure GPG_PATH is set before signing the packages for every recipe. Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
* meta-integrity: move gpg keyring initialization to signing-keysJia Zhang2017-08-171-38/+0
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext: support RPM signingLans Zhang2017-08-171-6/+45
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* sign_rpm_ext: remove the test linesLans Zhang2017-07-191-4/+0
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: enable RPM file signing if ima is configuredLans Zhang2017-07-191-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-integrity: enable sign_rpm_ext to support rpm and file signingLans Zhang2017-07-111-0/+20
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: clean up IMA signingLans Zhang2017-07-111-156/+0
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: initial commitLans Zhang2017-06-221-0/+156
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-04 12:17:07 +0000