Use same logic as in append-metadata so build doesn't fail in case of
missing build-key (it was previously failing on the buildbot runners).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
define Build/append-gl-metadata
$(if $(SUPPORTED_DEVICES),-echo $(call metadata_gl_json,$(SUPPORTED_DEVICES)) | fwtool -I - $@)
- [ ! -s "$(BUILD_KEY)" -o ! -s "$@" ] || { \
+ sha256sum "$@" | cut -d" " -f1 > "$@.sha256sum"
+ [ ! -s "$(BUILD_KEY)" -o ! -s "$(BUILD_KEY).ucert" -o ! -s "$@" ] || { \
+ cp "$(BUILD_KEY).ucert" "$@.ucert" ;\
usign -S -m "$@" -s "$(BUILD_KEY)" -x "$@.sig" ;\
- fwtool -S "$@.sig" "$@" ;\
+ ucert -A -c "$@.ucert" -x "$@.sig" ;\
+ fwtool -S "$@.ucert" "$@" ;\
}
endef