buildbot/scripts, branch v27

scripts: signall: skip updating hash of previous kmods/

2024-11-18T08:08:57Z

Handle case where a sha256sums might contain previous kmods/. In such case packages.adb for previous kmods/ needs to be skipped as not included in the sign tar and already signed by previous runs. Skip is limited to kmods/ entry as those are the only entry expected to be present in the sha256sums but not included in sign tar. Signed-off-by: Christian Marangi

Allow signing of artifacts with key provided by GPG agent

2024-11-05T05:07:59Z

In our case the GPG agent serves 0x1D53D1877742E911 key stored on Nitrokey3 USB dongle. GPG key is bind mounted from the host. References: https://lists.openwrt.org/pipermail/openwrt-devel/2023-May/041044.html Signed-off-by: Petr Štetiar

scripts: signall: silence pushd/popd directory changes

2024-11-04T20:35:37Z

Its not needed to have those visible in the job output as it might be misleading. Signed-off-by: Petr Štetiar

scripts: signall: fix finish function not called when apk adbsign failed

2024-09-29T18:21:02Z

The `finish 3` was not being called when the `apk adbsign` command failed within the `find` command using `-exec`. This happened because `find` does not exit with a non-zero status when the command executed by `-exec` fails, so the `|| finish 3` condition was not triggered. So lets replace the `find ... -exec ...` construct with a loop and call `finish 3` immediately if it fails. Fixes: a94d4e15fdc1 ("add APK signing logic") Signed-off-by: Petr Štetiar

scripts: signall: fix wrong sha256sum on apk packages.adb index

2024-09-29T17:59:15Z

Currently the sha256sum verification of apk's packages.adb index fails as the file is modified with `apk adbsign`. So lets update sha256sum of all packages.adb indexes after they were signed with `apk adbsign`. While at it fix formatting. Fixes: a94d4e15fdc1 ("add APK signing logic") Signed-off-by: Petr Štetiar

scripts: sha2rsync: add apk package index signature files

2024-09-29T06:15:39Z

Currently additional_files list is missing signature files for apk's package index, so lets add those to get them rsync-ed as well. Signed-off-by: Petr Štetiar

scripts: sha2rsync: fix missing feeds in additional_files list

2024-09-29T06:13:23Z

Currently only packages feeds are being handled in phase2, so lets add the other missing feeds. Fixes: c3ddb0db167d ("phase2: use sha2rsync.pl for 'targetupload'") Signed-off-by: Petr Štetiar

scripts: signall: fix wrong GPG signature on apk packages.adb index

2024-09-28T17:10:39Z

Currently the GPG signature verification of apk's packages.adb index fails as the file is modified with `apk adbsign` after its GPG signed. So lets fix it by moving the `apk adbsign` before the GPG signing step. Fixes: a94d4e15fdc1 ("add APK signing logic") Signed-off-by: Petr Štetiar

add APK signing logic

2024-08-10T11:19:10Z

With this commit it's possible to sign APK package indexes (packages.adb) via the `signall.sh` script, which is run on the buildmaster. As a consequence `apk` must be available on the buildmaster. This is the final step to replace OPKG with APK. Signed-off-by: Paul Spooren

phase1,phase2: s/master/main for phase{1,2}

2024-04-13T04:52:44Z

More and more projects are switching their repositories to use the 'main' branch instead of the 'master' branch. This also includes many Linux upstream trees as well. Some trees are even removing their 'master' branches already. I think this is becoming more and more mainstream and expected of projects, so we should do the same. References: https://openwrt.org/voting/2023-02-27 Signed-off-by: Paul Spooren Signed-off-by: Petr Štetiar [commit facelift]