79f77e0a1a
For IP disclosure proposes create a csv file listing the deb packages included in the ISO file. Story: 2011336 Task: 51624 TEST PLAN PASS: executing the script against a valid input file produces the expected CSV file PASS: executing the script against invalid input file prints warning without producing a failure Change-Id: Ibdda4efe1208e7145da34b468c2cc3490c05d397
41 lines
1.3 KiB
Bash
Executable File
41 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
#
|
|
# Copyright (c) 2022 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
|
|
set -e
|
|
source $(dirname "$0")/lib/job_utils.sh
|
|
|
|
require_job_env BUILD_HOME
|
|
require_job_env BUILD_ISO
|
|
|
|
load_build_env
|
|
|
|
require_job_env SECUREBOOT_FORMAL
|
|
require_job_env SIGN_ISO_FORMAL
|
|
|
|
$BUILD_ISO || bail "BUILD_ISO=false, bailing out"
|
|
|
|
if $SECUREBOOT_FORMAL ; then
|
|
notice "signing secureboot packages"
|
|
[[ -n "$SIGNING_SERVER" ]] || die "SECUREBOOT_FORMAL requires SIGNING_SERVER"
|
|
sign_secure_boot_env="SIGNING_SERVER=${SIGNING_USER:-signing}@${SIGNING_SERVER}"
|
|
stx_docker_cmd $DRY_RUN_ARG "$sign_secure_boot_env PATH=\$MY_REPO/build-tools:\$PATH sign-secure-boot_debian"
|
|
fi
|
|
|
|
build_img_args=
|
|
# Job is configured to sign the ISO with official keys.
|
|
if $SIGN_ISO_FORMAL ; then
|
|
[[ -n "$SIGNING_SERVER" ]] || die "SIGN_ISO_FORMAL requires SIGNING_SERVER"
|
|
# Don't sign ISO with developer keys; we will sign it separately
|
|
# in sign-iso.sh
|
|
build_img_args+=" --no-sign"
|
|
fi
|
|
notice "building STD ISO"
|
|
stx_docker_cmd $DRY_RUN_ARG "build-image $build_img_args"
|
|
|
|
python3 $(dirname "$0")/lib/packages_parser.py --input "$BUILD_HOME"/localdisk/workdir/starlingx/packages.yaml --csv-dest "$BUILD_HOME"/localdisk/deploy/iso-packages.csv || true
|
|
# errors on the script are ignored |