Add keyring if supplied
When building with debootstrap, debootstrap will use the key to check that everything is properly signed. It will not `apt-key add` the key into the final environment, however. Early adding the key after debootstrap before we need to read from the private repo again prevents unsigned issues. This also maintains the integrity of the packages in the environment throughout the build. Change-Id: I5ca75ae4620c9fb26b512cb30f8cd79fa7a0373a
This commit is contained in:
parent
927e8115f6
commit
c144246cc9
@ -24,6 +24,11 @@ fi
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
# NOTE(SamYaple): Add the keyring deboostrap used if specified
|
||||
if [ -n "${DIB_APT_KEYRING:-${DIB_DEBIAN_KEYRING:-}}" ]; then
|
||||
cat $DIB_APT_KEYRING | sudo chroot $TARGET_ROOT /usr/bin/apt-key add -
|
||||
fi
|
||||
|
||||
# Writes the apt sources files.
|
||||
# The description is passed in via line coded elements.
|
||||
# (The approach using associative arrays for configuration faild,
|
||||
|
@ -21,6 +21,11 @@ fi
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
# NOTE(SamYaple): Add the keyring deboostrap used if specified
|
||||
if [ -n "${DIB_APT_KEYRING:-${DIB_DEBIAN_KEYRING:-}}" ]; then
|
||||
cat $DIB_APT_KEYRING | sudo chroot $TARGET_ROOT /usr/bin/apt-key add -
|
||||
fi
|
||||
|
||||
# We should manage this in a betterer way
|
||||
sudo bash -c "cat << EOF >$TARGET_ROOT/etc/apt/sources.list
|
||||
deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE ${DIB_DEBIAN_COMPONENTS//,/ }
|
||||
|
Loading…
Reference in New Issue
Block a user