openembedded-core-contrib - OpenEmbedded Core user contribution trees

Age	Commit message (Collapse)	Author
2018-04-07	classes: Use ${MACHINE_ARCH} instead of ${MACHINE} for stamp-extra-info task ↵	Peter Kjellerstedt
	flag Without this change, there will be two sstate index files in tmp/sstate-control for any machine that contains a dash in the name. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-01-10	gnupg: use native version for signing, rather than one provided by host	Alexander Kanavin
	Using host gpg has been problematic, and particularly this removes the need to serialize package creation, as long as --auto-expand-secmem is passed to gpg-agent, and gnupg >= 2.2.4 is in use (https://dev.gnupg.org/T3530). Sadly, gpg-agent itself is single-threaded, so in the longer run we might want to seek alternatives: https://lwn.net/Articles/742542/ (a smaller issue is that rpm itself runs the gpg fronted in a serial fashion, which slows down the build in cases of recipes with very large amount of packages, e.g. glibc-locale) Note that sstate signing and verification continues to use host gpg, as depending on native gpg would create circular dependencies. [YOCTO #12022] Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-30	signing-keys: do not use DISTRO_VERSION in key names	Alexander Kanavin
	DISTRO_VERSION may contain the current date, and so is prone to mismatches particularly when keys are created on one date, and dnf is configured to use the keys on another date. [YOCTO #11983] Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-08-16	signing-keys: delete unused tasks	Markus Lehtonen
	In particular, do_unpack needs to be deleted as it was causing missing subpackages. Do_unpack cleans the builddir and if it was run after do_get_public_keys it cleaned up all keys causing no packages to be built. Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-12-16	meta: remove True option to getVar calls	Joshua Lock
	getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Search made with the following regex: getVar ?$( ?[^,()]*), True$ Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-10-28	Remove LIC_FILES_CHKSUM from recipes without SRC_URI	Olaf Mandel
	LICENSE and LIC_FILES_CHKSUM apply to the sources specified by SRC_URI, not to the recipe itself. As such a license declaration for a source-less recipe makes little sense. The LICENSE declaration is mandatory, but LIC_FILES_CHKSUM can be removed in such cases. Remove the LIC_FILES_CHKSUM declarations from all recipes that do not need it. CC: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Olaf Mandel <o.mandel@menlosystems.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-05-30	signing-keys: set SUMMARY instead of DESCRIPTION	Paul Eggleton
	Short descriptions should go into SUMMARY (DESCRIPTION will get the same value if not set. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-05-13	signing-keys: Use SYSROOT_DIRS to add dirs to stage in sysroot	Peter Kjellerstedt
	Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-03-11	signing-keys: create ipk package	Ioan-Adrian Ratiu
	Store the ascii armored pubkey generated using gpg_sign.export_pubkey() in its own package. Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-02-26	signing-keys: Make signing keys the only publisher of keys	Randy Witt
	Previously the keys were put into the os-release package. The package indexing code was also deploying the keys rather than only using the keys. This change makes signing-keys.bb the only publisher of the keys and also uses standard tasks that already have sstate. Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-02-18	sign_rpm.bbclass: do not store key details in signer instance	Markus Lehtonen
	Refactor the LocalSigner class. Do not store keyid or passphrase file in the signer object as they are only needed for some of the methods. For example, the newly added verify() method does not need any key parameters and export_pubkey only uses keyid. Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-26	meta/lib: new module for handling GPG signing	Markus Lehtonen
	Add a new Python module (oe.gpg_sign) for handling GPG signing operations, i.e. currently package and package feed signing. The purpose is to be able to more easily support various signing backends and to be able to centralise signing functionality into one place (e.g. package signing and sstate signing). Currently, only local signing with gpg is implemented. [YOCTO #8755] Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-10-24	package signing: automatically export public keys	Markus Lehtonen
	Automatically export public key(s) of the signing key(s) from the gpg keyring. Adds a new simple recipe that does the actual task of exporting the keys. This patch makes the RPM_GPG_PUBKEY and PACKAGE_FEED_GPG PUBKEY settings obsolete. Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>