Restore kiwi layers for Release v1.7.x

configuration/build_config.yaml

@@ -7,6 +7,7 @@ Layers:
   - ../layers/base
   - ../layers/yocto
   - ../layers/pbuilder
+  - ../layers/helper
   - ../layers/appdev
   - ../layers/build_tools
   - ../layers/vscode

layers/helper/Dockerfile

@@ -0,0 +1,17 @@
+FROM ubuntu:latest
+
+ARG CONTAINER_USER="ebcl"
+
+# "Activate" Python env
+ENV VIRTUAL_ENV=/build/venv
+ENV PATH="$VIRTUAL_ENV/bin:$PATH"
+
+USER $CONTAINER_USER
+WORKDIR /build
+
+# copy apt helper scripts
+COPY scripts/apt/* /build/bin/
+
+# copy gpg helper scripts
+COPY scripts/gpg/* /build/bin/
+

layers/helper/scripts/apt/gen_app_apt_repo

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# Generate the apt repo metadata
+cd /build/results/packages
+
+mkdir -p dists/local/main/{binary-arm64,binary-amd64}
+
+dpkg-scanpackages -m -a amd64 . /dev/null > dists/local/main/binary-amd64/Packages
+dpkg-scanpackages -m -a arm64 . /dev/null > dists/local/main/binary-arm64/Packages
+dpkg-scanpackages -m -a amd64 . /dev/null | gzip -9c > dists/local/main/binary-amd64/Packages.gz
+dpkg-scanpackages -m -a arm64 . /dev/null | gzip -9c > dists/local/main/binary-arm64/Packages.gz
+dpkg-scanpackages -m -a amd64 . /dev/null | xz -9 > dists/local/main/binary-amd64/Packages.xz
+dpkg-scanpackages -m -a arm64 . /dev/null | xz -9 > dists/local/main/binary-arm64/Packages.xz
+
+# generate the release file
+cd dists/local
+
+do_hash() {
+    HASH_NAME=$1
+    HASH_CMD=$2
+    echo "${HASH_NAME}:"
+    for f in $(find -type f -name "Packages*"); do
+        f=$(echo $f | cut -c3-) # remove ./ prefix
+        if [ "$f" = "Release" ]; then
+            continue
+        fi
+        echo " $(${HASH_CMD} ${f}  | cut -d" " -f1) $(wc -c $f)"
+    done
+}
+
+cat > Release << EOF
+Origin: EBcL workspace local repository
+Label: LocalRepo
+Suite: local
+Codename: local
+Version: 1.0
+Architectures: amd64 arm64
+Description: An example software repository
+Components: main
+Date: $(date -Ru)
+EOF
+
+do_hash "MD5Sum" "md5sum" >> Release
+do_hash "SHA1" "sha1sum" >> Release
+do_hash "SHA256" "sha256sum" >> Release
+
+# Generate Release signature
+gpg -b --output Release.gpg  --armor Release
+
+# Generate InRelease file
+gpg --clearsign -o InRelease Release
+
+# Export signing key
+gpg --export $DEBMAIL > Release.key
+
+# Update local apt config
+sudo cp Release.key /etc/apt/trusted.gpg.d/local.gpg
+sudo bash -c "echo 'deb file:/build/results/packages local main' > /etc/apt/sources.list.d/local.list"

layers/helper/scripts/apt/serve_packages

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+if [ -z "$APT_PATH" ]; then
+    export APT_PATH="/build/results/packages"
+fi
+
+if [ -n "$1" ]; then
+    APT_PATH=$1
+    # complete apt path
+    if [[ "${APT_PATH}" != "/"* ]]; then
+        # handle relative path
+        if [ ! -d "${APT_PATH}" ]; then
+            # relative path from current folder does not exist
+            # use relative path in workspace apps folder
+            APT_PATH="/build/workspace/${APT_PATH}"
+        else
+            APT_PATH=$(realpath $APT_PATH)
+        fi
+    fi
+    export APT_PATH=${APT_PATH}
+fi
+
+# serve the apt repo
+echo "Now serving the local apt repository from ${APT_PATH}."
+echo "Press Strg + C to stop the server."
+python3 -m http.server --directory ${APT_PATH}

layers/helper/scripts/apt/stop_server

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+PROC=$(lsof -i :8000 | grep LISTEN)
+if [ $? -eq 0 ]; then
+    echo "Killing process ${PROC}."
+    PID=$(lsof -i :8000 | grep LISTEN | awk '{print $2}')
+    kill $PID
+fi

layers/helper/scripts/gpg/gen_key_script

@@ -0,0 +1,9 @@
+Key-Type: 1
+Key-Length: 4096
+Subkey-Type: 1
+Subkey-Length: 4096
+Name-Real: DEBFULLNAME
+Name-Email: DEBEMAIL
+Expire-Date: 0
+%no-ask-passphrase
+%no-protection

layers/helper/scripts/gpg/gen_sign_key

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Ensure env is up-to-date
+source /workspace/identity/env
+GNUPGHOME="/workspace/gpg-keys/.gnupg"
+export GNUPGHOME
+
+# prepare folder if not exists
+mkdir -p $GNUPGHOME
+chmod -R 700 $GNUPGHOME
+
+# generate gnupg script
+mkdir -p /workspace/gpg-keys
+cp /build/bin/gen_key_script /workspace/gpg-keys/
+sed -i "s/DEBFULLNAME/${DEBFULLNAME}/g" /workspace/gpg-keys/gen_key_script
+sed -i "s/DEBEMAIL/${DEBEMAIL}/g" /workspace/gpg-keys/gen_key_script
+
+# test if key already exists
+gpg --list-secret-keys $DEBEMAIL
+# get appliance name
+if [ $? -ne 0 ]; then
+    gpg --batch --gen-key /workspace/gpg-keys/gen_key_script
+fi
+
+gpg --list-keys
+gpg --list-secret-keys
+
+sudo chown -R ebcl:ebcl $GNUPGHOME
+sudo chmod -R 700 $GNUPGHOME