diff options
| -rw-r--r-- | .gitlab-ci.yml | 5 | ||||
| -rw-r--r-- | kas/kas-security-base.yml | 1 | ||||
| -rw-r--r-- | kas/qemux86-harden.yml | 10 |
3 files changed, 16 insertions, 0 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 50bfe4f..f1c844f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml | |||
| @@ -136,6 +136,11 @@ qemuarm64-musl: | |||
| 136 | script: | 136 | script: |
| 137 | - kas build --target security-build-image kas/$CI_JOB_NAME.yml | 137 | - kas build --target security-build-image kas/$CI_JOB_NAME.yml |
| 138 | 138 | ||
| 139 | qemux86-harden: | ||
| 140 | extends: .build | ||
| 141 | script: | ||
| 142 | - kas build --target harden-image-minimal kas/$CI_JOB_NAME.yml | ||
| 143 | |||
| 139 | qemux86-test: | 144 | qemux86-test: |
| 140 | extends: .build | 145 | extends: .build |
| 141 | allow_failure: true | 146 | allow_failure: true |
diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml index 6a77af5..ba0e0f8 100644 --- a/kas/kas-security-base.yml +++ b/kas/kas-security-base.yml | |||
| @@ -10,6 +10,7 @@ repos: | |||
| 10 | meta-tpm: | 10 | meta-tpm: |
| 11 | meta-integrity: | 11 | meta-integrity: |
| 12 | meta-security-compliance: | 12 | meta-security-compliance: |
| 13 | meta-hardening: | ||
| 13 | 14 | ||
| 14 | poky: | 15 | poky: |
| 15 | url: https://git.yoctoproject.org/git/poky | 16 | url: https://git.yoctoproject.org/git/poky |
diff --git a/kas/qemux86-harden.yml b/kas/qemux86-harden.yml new file mode 100644 index 0000000..fb59dda --- /dev/null +++ b/kas/qemux86-harden.yml | |||
| @@ -0,0 +1,10 @@ | |||
| 1 | header: | ||
| 2 | version: 8 | ||
| 3 | includes: | ||
| 4 | - kas-security-base.yml | ||
| 5 | |||
| 6 | local_conf_header: | ||
| 7 | meta-security: | | ||
| 8 | DISTRO = "harden" | ||
| 9 | |||
| 10 | machine: qemux86 | ||