build: allow signing keys to exist in CONFIGDIR

This commit is contained in:
Franco Fichtner 2016-07-05 08:55:27 +02:00
parent 483dbce9d8
commit 6c00be225f
3 changed files with 17 additions and 13 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
/config/*/repo.key
/config/*/repo.pub

View File

@ -35,8 +35,6 @@ MIRRORS?= https://opnsense.c0urier.net \
http://mirror.ams1.nl.leaseweb.net/opnsense
_VERSION!= date '+%Y%m%d%H%M'
VERSION?= ${_VERSION}
PRIVKEY?= /root/repo.key
PUBKEY?= /root/repo.pub
STAGEDIRPREFIX?=/usr/obj
PORTSREFDIR?= /usr/freebsd-ports
PLUGINSDIR?= /usr/plugins
@ -78,8 +76,8 @@ ${STEP}: lint
@cd ${.CURDIR}/build && sh ${VERBOSE_FLAGS} ./${.TARGET}.sh \
-f ${FLAVOUR} -n ${NAME} -v ${VERSION} -s ${SETTINGS} \
-S ${SRCDIR} -P ${PORTSDIR} -p ${PLUGINSDIR} -T ${TOOLSDIR} \
-C ${COREDIR} -R ${PORTSREFDIR} -t ${TYPE} -k ${PRIVKEY} \
-K ${PUBKEY} -l "${SIGNCHK}" -L "${SIGNCMD}" -d ${DEVICE} \
-C ${COREDIR} -R ${PORTSREFDIR} -t ${TYPE} -k "${PRIVKEY}" \
-K "${PUBKEY}" -l "${SIGNCHK}" -L "${SIGNCMD}" -d ${DEVICE} \
-m ${MIRRORS:Ox:[1]} -o "${STAGEDIRPREFIX}" -c ${SPEED} \
${${STEP}_ARGS}
.endfor

View File

@ -59,11 +59,15 @@ while getopts C:c:d:f:K:k:L:l:m:n:o:P:p:R:S:s:T:t:v: OPT; do
SCRUB_ARGS=${SCRUB_ARGS};shift;shift
;;
K)
export PRODUCT_PUBKEY=${OPTARG}
if [ -n "${OPTARG}" ]; then
export PRODUCT_PUBKEY=${OPTARG}
fi
SCRUB_ARGS=${SCRUB_ARGS};shift;shift
;;
k)
export PRODUCT_PRIVKEY=${OPTARG}
if [ -n "${OPTARG}" ]; then
export PRODUCT_PRIVKEY=${OPTARG}
fi
SCRUB_ARGS=${SCRUB_ARGS};shift;shift
;;
L)
@ -136,8 +140,6 @@ if [ -z "${PRODUCT_NAME}" -o \
-z "${PRODUCT_VERSION}" -o \
-z "${PRODUCT_SETTINGS}" -o \
-z "${PRODUCT_MIRROR}" -o \
-z "${PRODUCT_PRIVKEY}" -o \
-z "${PRODUCT_PUBKEY}" -o \
-z "${PRODUCT_DEVICE}" -o \
-z "${PRODUCT_SPEED}" -o \
-z "${TOOLSDIR}" -o \
@ -149,11 +151,6 @@ if [ -z "${PRODUCT_NAME}" -o \
usage
fi
# automatically expanded product stuff
export PRODUCT_SIGNCMD=${PRODUCT_SIGNCMD:-"${TOOLSDIR}/scripts/pkg_sign.sh ${PRODUCT_PUBKEY} ${PRODUCT_PRIVKEY}"}
export PRODUCT_SIGNCHK=${PRODUCT_SIGNCHK:-"${TOOLSDIR}/scripts/pkg_fingerprint.sh ${PRODUCT_PUBKEY}"}
export PRODUCT_RELEASE="${PRODUCT_NAME}-${PRODUCT_VERSION}-${PRODUCT_FLAVOUR}"
# misc. foo
export CONFIG_PKG="/usr/local/etc/pkg/repos/origin.conf"
export CPUS=$(sysctl kern.smp.cpus | awk '{ print $2 }')
@ -174,6 +171,13 @@ export IMAGESDIR="/tmp/images"
export SETSDIR="/tmp/sets"
mkdir -p ${IMAGESDIR} ${SETSDIR}
# automatically expanded product stuff
export PRODUCT_PRIVKEY=${PRODUCT_PRIVKEY:-"${CONFIGDIR}/repo.key"}
export PRODUCT_PUBKEY=${PRODUCT_PUBKEY:-"${CONFIGDIR}/repo.pub"}
export PRODUCT_SIGNCMD=${PRODUCT_SIGNCMD:-"${TOOLSDIR}/scripts/pkg_sign.sh ${PRODUCT_PUBKEY} ${PRODUCT_PRIVKEY}"}
export PRODUCT_SIGNCHK=${PRODUCT_SIGNCHK:-"${TOOLSDIR}/scripts/pkg_fingerprint.sh ${PRODUCT_PUBKEY}"}
export PRODUCT_RELEASE="${PRODUCT_NAME}-${PRODUCT_VERSION}-${PRODUCT_FLAVOUR}"
# print environment to showcase all of our variables
env | sort