Fix signing key file stuff
This commit is contained in:
parent
a7dd8fc0bd
commit
c9775e941d
|
|
@ -13,7 +13,7 @@ RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
|
|||
ARG KEYFILE
|
||||
COPY ${KEYFILE}.pub /etc/apk/keys/.
|
||||
RUN mkdir -p /home/${BUILD_USER}/.abuild/
|
||||
RUN echo "PACKAGER_PRIVKEY=/home/${BUILD_USER}/.abuild/signing-key.rsa" >> /home/${BUILD_USER}/.abuild/abuild.conf
|
||||
RUN echo "PACKAGER_PRIVKEY=/home/${BUILD_USER}/.abuild/${KEYFILE}" >> /home/${BUILD_USER}/.abuild/abuild.conf
|
||||
|
||||
USER ${BUILD_USER}
|
||||
WORKDIR /data
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ endif
|
|||
|
||||
ARCH?=aarch64
|
||||
DOCKER_ARCH=$(shell ./map_docker_arch.sh $(ARCH))
|
||||
KEYFILE?=$(CURDIR)/synit-apk-key
|
||||
KEYFILE?=synit-apk-key
|
||||
UID:=$(shell id -u)
|
||||
GID:=$(shell id -g)
|
||||
BUILD_USER?=build
|
||||
|
|
@ -25,17 +25,18 @@ DOCKER_CMD=\
|
|||
docker run --platform linux/$(DOCKER_ARCH) -it --rm \
|
||||
$(DOCKER_SQUID_OPTS) \
|
||||
-v `pwd`:/data \
|
||||
-v $(KEYFILE):/home/$(BUILD_USER)/.abuild/signing-key.rsa \
|
||||
-v `pwd`/$(KEYFILE):/home/$(BUILD_USER)/.abuild/$(KEYFILE) \
|
||||
-v $(CURDIR)/distfiles:/var/cache/distfiles \
|
||||
synit-build:$(ARCH)
|
||||
|
||||
build: build-image
|
||||
$(DOCKER_CMD) make -f Makefile.internal build
|
||||
|
||||
$(DOCKER_CMD) make -f Makefile.internal $@ KEYFILE=$(KEYFILE)
|
||||
sign: build-image
|
||||
$(DOCKER_CMD) make -f Makefile.internalsign
|
||||
|
||||
%.apk:
|
||||
$(DOCKER_CMD) make -f Makefile.internal $@ KEYFILE=$(KEYFILE)
|
||||
%.apk: build-image
|
||||
$(DOCKER_CMD) make -f Makefile.internal $@ KEYFILE=$(KEYFILE)
|
||||
%.checksum: build-image
|
||||
$(DOCKER_CMD) make -f Makefile.internal $@ KEYFILE=$(KEYFILE)
|
||||
|
||||
clean:
|
||||
rm -f .build-image.*
|
||||
|
|
@ -53,7 +54,7 @@ build-image: .build-image.$(ARCH)
|
|||
--platform=linux/$(DOCKER_ARCH) \
|
||||
--build-arg http_proxy=$(HTTP_PROXY) \
|
||||
--build-arg DOCKER_ARCH=$(DOCKER_ARCH) \
|
||||
--build-arg KEYFILE=$(KEYFILE:$(abspath $(dir $(KEYFILE)))/%=%) \
|
||||
--build-arg KEYFILE=$(KEYFILE) \
|
||||
--build-arg UID=$(UID) \
|
||||
--build-arg BUILD_USER=$(BUILD_USER) \
|
||||
-t synit-build:$(ARCH) .
|
||||
|
|
@ -63,6 +64,6 @@ keyfile: $(KEYFILE)
|
|||
|
||||
$(KEYFILE):
|
||||
docker run -it --rm \
|
||||
-v $(abspath $(dir $(KEYFILE))):/data \
|
||||
-v `pwd`:/data \
|
||||
alpine \
|
||||
sh -c "apk add abuild && echo /data/$(notdir $(KEYFILE)) | abuild-keygen && chown $(UID):$(GID) /data/$(notdir $(KEYFILE))*"
|
||||
sh -c "apk add abuild && echo /data/$(KEYFILE) | abuild-keygen && chown $(UID):$(GID) /data/$(KEYFILE)*"
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
TARGET = $(CURDIR)/target
|
||||
ARCH = $(shell apk --print-arch)
|
||||
ARCH_TARGET = $(TARGET)/packages/$(ARCH)
|
||||
SIGNING_KEY = $(HOME)/.abuild/signing-key.rsa
|
||||
SIGNING_KEY = $(HOME)/.abuild/$(KEYFILE)
|
||||
|
||||
PACKAGES = \
|
||||
squeak-vm.apk \
|
||||
|
|
@ -13,8 +13,6 @@ PACKAGES = \
|
|||
build: $(PACKAGES) sign
|
||||
|
||||
%.apk: $(ARCH_TARGET)
|
||||
@echo proxy $$http_proxy
|
||||
@cat ~/.abuild/abuild.conf
|
||||
@echo "Building $*..."
|
||||
@cd packages/$* && (unset MAKEFLAGS; abuild -F -P $(TARGET) deps && abuild -P $(TARGET))
|
||||
|
||||
|
|
@ -27,7 +25,7 @@ $(ARCH_TARGET):
|
|||
sign: $(ARCH_TARGET)
|
||||
rm -f $(ARCH_TARGET)/APKINDEX.tar.gz
|
||||
cd $(ARCH_TARGET) && apk index -o APKINDEX.tar.gz --rewrite-arch $(ARCH) *.apk
|
||||
abuild-sign -q -k $(HOME)/.abuild/signing-key.rsa $(ARCH_TARGET)/APKINDEX.tar.gz
|
||||
abuild-sign -q -k $(SIGNING_KEY) $(ARCH_TARGET)/APKINDEX.tar.gz
|
||||
|
||||
clean:
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue