diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2016-11-09 21:53:57 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2016-11-14 20:10:39 +0000 |
| commit | 41b10e1aa4a669b8baea6ca23fa350bff1dbc4a0 (patch) | |
| tree | 66321d933b101dda32d980e319cbe90f8cf3afcf /scripts/mkimage.sh | |
| parent | 1a2a03519b7258ee9c3683f43422cb53daeec81f (diff) | |
| download | aports-41b10e1aa4a669b8baea6ca23fa350bff1dbc4a0.tar.bz2 aports-41b10e1aa4a669b8baea6ca23fa350bff1dbc4a0.tar.xz | |
scripts/mkimage: automatically add pubkey from abuild
the boot repositry needs to be signed with a key. We explicitly copy
this to initramfs so users don't need use --hostkeys which requires
access to /etc/apk/keys/
without the key in intramfs the boot repository will be useless
Diffstat (limited to 'scripts/mkimage.sh')
| -rw-r--r-- | scripts/mkimage.sh | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/scripts/mkimage.sh b/scripts/mkimage.sh index 50d067fa54..806247213b 100644 --- a/scripts/mkimage.sh +++ b/scripts/mkimage.sh @@ -209,6 +209,14 @@ req_arch=${req_arch:-${default_arch}} [ "$req_arch" != "all" ] || req_arch="${all_arch}" [ "$req_profiles" != "all" ] || req_profiles="${all_profiles}" +# get abuild pubkey used to sign the apkindex +# we need inject this to the initramfs or we will not be able to use the +# boot repository +if [ -z "$_hostkeys" ]; then + _pub=${PACKAGER_PRIVKEY:+${PACKAGER_PRIVKEY}.pub} + _abuild_pubkey="${PACKAGER_PUBKEY:-$_pub}" +fi + # create images for ARCH in $req_arch; do APKROOT="$WORKDIR/apkroot-$ARCH" |