summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2019-12-28 21:38:04 +0100
committerDaniil Baturin <daniil@baturin.org>2019-12-28 21:38:04 +0100
commit28684c3679b919936dbe3cf92e0a8b844e87e31c (patch)
treed6901638b8e19df6cd0e9cb574c0fddc01e56787
parentdb9419e62d3760c02561a9e7a3d017e4f6ff3f4f (diff)
downloadvyos-build-28684c3679b919936dbe3cf92e0a8b844e87e31c.tar.gz
vyos-build-28684c3679b919936dbe3cf92e0a8b844e87e31c.zip
Add a configure option for OVF signing key.
-rwxr-xr-xscripts/build-config3
-rwxr-xr-xscripts/build-vmware-image18
2 files changed, 13 insertions, 8 deletions
diff --git a/scripts/build-config b/scripts/build-config
index d35bc66e..617166c3 100755
--- a/scripts/build-config
+++ b/scripts/build-config
@@ -71,7 +71,8 @@ options = {
'pbuilder-debian-mirror': ('Debian repository mirror for pbuilder env bootstrap', lambda: build_defaults['debian_mirror'], None),
'vyos-mirror': ('VyOS package mirror', lambda: build_defaults["vyos_mirror"], None),
'build-type': ('Build type, release or development', lambda: 'development', lambda x: x in ['release', 'development']),
- 'version': ('Version number (release builds only)', None, None)
+ 'version': ('Version number (release builds only)', None, None),
+ 'ova-signing-key': ('Private key file for OVA signing', None, lambda f: os.path.exists(f))
}
# Create the option parser
diff --git a/scripts/build-vmware-image b/scripts/build-vmware-image
index 5ad6615a..2ce276e3 100755
--- a/scripts/build-vmware-image
+++ b/scripts/build-vmware-image
@@ -30,6 +30,15 @@ else
echo "Your system has ovftool."
fi
+private_key=$(../scripts/query-json build-config.json ova_signing_key)
+if [ ! -f $private_key ]; then
+ echo "OVA signing key $private_key not found!"
+ echo "Please generate a key and run ./configure --ova-signing-key <absolute path to the key> ..."
+ exit 1
+fi
+
+exit 1
+
lb bootstrap
lb chroot
@@ -196,15 +205,10 @@ openssl sha1 *.vmdk *.ovf > vyos_vmware_image.mf
# Convert the OVF to signed OVA...
echo 'Converting the OVF to signed OVA...'
-private_key=${PRIVATE_KEY_PATH:-"../../key/privatekey.pem"}
-if [ ! -f ${private_key} ]; then
- echo 'Please put your key to "key/privatekey.pem" in repository root, or set PRIVATE_KEY_PATH to environment variables.'
- exit 1
-fi
-ovftool --privateKey=${PRIVATE_KEY_PATH} vyos_vmware_image.ovf vyos_vmware_image-signed.ova
+ovftool --privateKey=$private_key vyos_vmware_image.ovf vyos_vmware_image-signed.ova
#ovftool vyos_vmware_image.ovf vyos_vmware_image-signed.ova
# Convert the OVF to signed OVF...
echo 'Converting the OVF to signed OVF...'
-ovftool --privateKey=${PRIVATE_KEY_PATH} vyos_vmware_image.ovf vyos_vmware_image-signed.ovf
+ovftool --privateKey=$private_key vyos_vmware_image.ovf vyos_vmware_image-signed.ovf
#ovftool vyos_vmware_image.ovf vyos_vmware_image-signed.ovf