starlingx/jenkins-pipelines
Code Issues Proposed changes

Prepare secureboot signatures before ISO creation

Browse Source 
Secureboot signing process requires an additional script to be called
prior to creating the ISO. Add this extra step to Jenkins.

See also: https://review.opendev.org/q/topic:secure_boot_enhancement

Task: 2010226
Story: 47695

Depends-On: https://review.opendev.org/c/starlingx/root/+/878173
Signed-off-by: Davlet Panech <davlet.panech@windriver.com>
Change-Id: I832914dcd2f9dc3b2ec3e338f89f35f59b77d7a3
This commit is contained in:
Davlet Panech 2023-03-21 15:45:33 -04:00
parent 186fc0af4c
commit f4232d02d6
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/build-iso.sh
View File

@ -16,5 +16,10 @@ load_build_env
$BUILD_ISO || bail "BUILD_ISO=false, bailing out"
if [[ -n "$SIGNING_SERVER" ]] ; then
notice "preparing secureboot signatures"
stx_docker_cmd $DRY_RUN_ARG "SIGNING_SERVER=${SIGNING_USER:-signing}@${SIGNING_SERVER} PATH=\$MY_REPO/build-tools:\$PATH sign-secure-boot_debian"
fi
notice "building STD ISO"
stx_docker_cmd $DRY_RUN_ARG "build-image"