import os
import re
+import base64
import subprocess
import ConfigParser
if ini.has_option("gpg", "passfile"):
gpg_passfile = ini.get("gpg", "passfile")
+usign_key = None
+usign_comment = "untrusted comment: " + repo_branch.replace("-", " ").title() + " key"
+
+if ini.has_option("usign", "key"):
+ usign_key = ini.get("usign", "key")
+
+if ini.has_option("usign", "comment"):
+ usign_comment = ini.get("usign", "comment")
+
repo_url = ini.get("repo", "url")
repo_branch = "master"
else:
return "/"
+def UsignSec2Pub(seckey, comment="untrusted comment: secret key"):
+ try:
+ seckey = base64.b64decode(seckey)
+ except:
+ return None
+
+ return "{}\n{}".format(re.sub(r"\bsecret key$", "public key", comment),
+ base64.b64encode(seckey[0:2] + seckey[32:40] + seckey[72:]))
+
c['builders'] = []
workdir = "build/sdk",
command = ["make", "-f", "getversion.mk"]))
- factory.addStep(FileDownload(mastersrc=home_dir+'/key-build', slavedest="sdk/key-build", mode=0600))
- factory.addStep(FileDownload(mastersrc=home_dir+'/key-build.pub', slavedest="sdk/key-build.pub", mode=0600))
+ # install build key
+ if usign_key is not None:
+ factory.addStep(StringDownload(
+ name = "dlkeybuildpub",
+ s = UsignSec2Pub(usign_key, usign_comment),
+ slavedest = "sdk/key-build.pub",
+ mode = 0600))
+
+ factory.addStep(StringDownload(
+ name = "dlkeybuild",
+ s = "# fake private key",
+ slavedest = "sdk/key-build",
+ mode = 0600))
+
+ factory.addStep(StringDownload(
+ name = "dlkeybuilducert",
+ s = "# fake certificate",
+ slavedest = "sdk/key-build.ucert",
+ mode = 0600))
factory.addStep(ShellCommand(
name = "mkdldir",
description = "Building packages",
workdir = "build/sdk",
timeout = 3600,
- command = ["make", WithProperties("-j%(jobs)d", jobs=GetNumJobs), "IGNORE_ERRORS=n m y", "BUILD_LOG=1", "CONFIG_SIGNED_PACKAGES=y", "CONFIG_AUTOREMOVE=y"],
+ command = ["make", WithProperties("-j%(jobs)d", jobs=GetNumJobs), "IGNORE_ERRORS=n m y", "BUILD_LOG=1", "CONFIG_AUTOREMOVE=y"],
env = {'CCACHE_BASEDIR': WithProperties("%(cwd)s", cwd=GetCwd)},
haltOnFailure = True))
name = "signfiles",
description = "Signing files",
command = ["%s/signall.sh" %(scripts_dir), "%s/signing/%s.tar.gz" %(home_dir, arch[0]), gpg_keyid, gpg_comment],
- env = {'GNUPGHOME': gpg_home, 'PASSFILE': gpg_passfile},
+ env = {'GNUPGHOME': gpg_home, 'PASSFILE': gpg_passfile, 'USIGNKEY': usign_key, 'USIGNCOMMENT': usign_comment},
+ logEnviron = False,
haltOnFailure = True
))
projects / buildbot.git / commitdiff