gitlab-ci: add meta-hardening build image

Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Armin Kuster <akuster808@gmail.com> 2020-10-18 20:21:56 -0700
committer: Armin Kuster <akuster808@gmail.com> 2020-10-19 18:14:23 -0700
commit: 9a4de56ad5ec191c036ea1fcdf887700bbc2677f (patch)
tree: 8f0462e6a24e9cac327a94f89fbb7f4d63903e0b
parent: 58c17d008de404f52f4adb0bc42abc1b637249ae (diff)
download: meta-security-9a4de56ad5ec191c036ea1fcdf887700bbc2677f.tar.gz
3 files changed, 16 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 50bfe4f..f1c844f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -136,6 +136,11 @@ qemuarm64-musl:
  script:
  - kas build --target security-build-image kas/$CI_JOB_NAME.yml 
+qemux86-harden:
+  extends: .build
+  script:
+  - kas build --target harden-image-minimal kas/$CI_JOB_NAME.yml 
 qemux86-test:
  extends: .build
  allow_failure: true
diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml
index 6a77af5..ba0e0f8 100644
--- a/kas/kas-security-base.yml
+++ b/kas/kas-security-base.yml
@@ -10,6 +10,7 @@ repos:
      meta-tpm:
      meta-integrity:
      meta-security-compliance:
+      meta-hardening:
  poky:
    url: https://git.yoctoproject.org/git/poky
diff --git a/kas/qemux86-harden.yml b/kas/qemux86-harden.yml
new file mode 100644
index 0000000..fb59dda
--- /dev/null
+++ b/kas/qemux86-harden.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO = "harden"
+machine: qemux86
author	Armin Kuster <akuster808@gmail.com>	2020-10-18 20:21:56 -0700
committer	Armin Kuster <akuster808@gmail.com>	2020-10-19 18:14:23 -0700
commit	9a4de56ad5ec191c036ea1fcdf887700bbc2677f (patch)
tree	8f0462e6a24e9cac327a94f89fbb7f4d63903e0b
parent	58c17d008de404f52f4adb0bc42abc1b637249ae (diff)
download	meta-security-9a4de56ad5ec191c036ea1fcdf887700bbc2677f.tar.gz

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 50bfe4f..f1c844f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml
@@ -136,6 +136,11 @@ qemuarm64-musl:
136	script:	136	script:
137	- kas build --target security-build-image kas/$CI_JOB_NAME.yml	137	- kas build --target security-build-image kas/$CI_JOB_NAME.yml
138		138
		139	qemux86-harden:
		140	extends: .build
		141	script:
		142	- kas build --target harden-image-minimal kas/$CI_JOB_NAME.yml
		143
139	qemux86-test:	144	qemux86-test:
140	extends: .build	145	extends: .build
141	allow_failure: true	146	allow_failure: true


diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml index 6a77af5..ba0e0f8 100644 --- a/kas/kas-security-base.yml +++ b/kas/kas-security-base.yml
@@ -10,6 +10,7 @@ repos:
10	meta-tpm:	10	meta-tpm:
11	meta-integrity:	11	meta-integrity:
12	meta-security-compliance:	12	meta-security-compliance:
		13	meta-hardening:
13		14
14	poky:	15	poky:
15	url: https://git.yoctoproject.org/git/poky	16	url: https://git.yoctoproject.org/git/poky


diff --git a/kas/qemux86-harden.yml b/kas/qemux86-harden.yml new file mode 100644 index 0000000..fb59dda --- /dev/null +++ b/kas/qemux86-harden.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO = "harden"
		9
		10	machine: qemux86