diff options
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/image_types_ostree.bbclass | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index 5ebed81..dc14e4a 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass | |||
| @@ -11,7 +11,6 @@ do_image_ostree[depends] += "ostree-native:do_populate_sysroot \ | |||
| 11 | 11 | ||
| 12 | export OSTREE_REPO | 12 | export OSTREE_REPO |
| 13 | export OSTREE_BRANCHNAME | 13 | export OSTREE_BRANCHNAME |
| 14 | |||
| 15 | export GARAGE_TARGET_NAME | 14 | export GARAGE_TARGET_NAME |
| 16 | 15 | ||
| 17 | RAMDISK_EXT ?= ".ext4.gz" | 16 | RAMDISK_EXT ?= ".ext4.gz" |
| @@ -198,7 +197,9 @@ IMAGE_CMD_garagesign () { | |||
| 198 | fi | 197 | fi |
| 199 | 198 | ||
| 200 | rm -rf ${GARAGE_SIGN_REPO} | 199 | rm -rf ${GARAGE_SIGN_REPO} |
| 201 | garage-sign init --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS} | 200 | garage-sign init --repo tufrepo \ |
| 201 | --home-dir ${GARAGE_SIGN_REPO} \ | ||
| 202 | --credentials ${SOTA_PACKED_CREDENTIALS} | ||
| 202 | 203 | ||
| 203 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | 204 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) |
| 204 | 205 | ||
| @@ -206,11 +207,23 @@ IMAGE_CMD_garagesign () { | |||
| 206 | # in which case targets.json should be pulled again and the whole procedure repeated | 207 | # in which case targets.json should be pulled again and the whole procedure repeated |
| 207 | push_success=0 | 208 | push_success=0 |
| 208 | for push_retries in $( seq 3 ); do | 209 | for push_retries in $( seq 3 ); do |
| 209 | garage-sign targets pull --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} | 210 | garage-sign targets pull --repo tufrepo \ |
| 210 | garage-sign targets add --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} --name ${GARAGE_TARGET_NAME} --format OSTREE --version ${ostree_target_hash} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE} | 211 | --home-dir ${GARAGE_SIGN_REPO} |
| 211 | garage-sign targets sign --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} --key-name=targets | 212 | garage-sign targets add --repo tufrepo \ |
| 213 | --home-dir ${GARAGE_SIGN_REPO} \ | ||
| 214 | --name ${GARAGE_TARGET_NAME} \ | ||
| 215 | --format OSTREE \ | ||
| 216 | --version ${ostree_target_hash} \ | ||
| 217 | --length 0 \ | ||
| 218 | --url "https://example.com/" \ | ||
| 219 | --sha256 ${ostree_target_hash} \ | ||
| 220 | --hardwareids ${MACHINE} | ||
| 221 | garage-sign targets sign --repo tufrepo \ | ||
| 222 | --home-dir ${GARAGE_SIGN_REPO} \ | ||
| 223 | --key-name=targets | ||
| 212 | errcode=0 | 224 | errcode=0 |
| 213 | garage-sign targets push --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} || errcode=$? | 225 | garage-sign targets push --repo tufrepo \ |
| 226 | --home-dir ${GARAGE_SIGN_REPO} || errcode=$? | ||
| 214 | if [ "$errcode" -eq "0" ]; then | 227 | if [ "$errcode" -eq "0" ]; then |
| 215 | push_success=1 | 228 | push_success=1 |
| 216 | break | 229 | break |