> On 27 Jul 2019, at 11:12, Richard Purdie <richard.pur...@linuxfoundation.org> > wrote: > > On Fri, 2019-07-26 at 11:26 +0000, Joshua Lock via Openembedded-core > wrote: >> This change ensures that the task signatures changes, and therefore >> sstate tasks are rerun, when signing is enabled. This has the >> positive outcome that if signing is enabled new signed shared state >> objects will be produced, rather than just signing shared state >> objects for tasks where no work has been performed yet. >> >> The downside of this change is that enabling/disabling sstate object >> signing alters the taskhash and results in rebuilding the world. >> >> Signed-off-by: Joshua Lock <jl...@vmware.com> >> --- >> meta/classes/sstate.bbclass | 10 ++++++++-- >> meta/lib/oe/gpg_sign.py | 10 ++++++++++ >> 2 files changed, 18 insertions(+), 2 deletions(-) >> >> diff --git a/meta/classes/sstate.bbclass >> b/meta/classes/sstate.bbclass >> index 3342c5ef50..b060e15053 100644 >> --- a/meta/classes/sstate.bbclass >> +++ b/meta/classes/sstate.bbclass >> @@ -659,8 +659,12 @@ def sstate_package(ss, d): >> if d.getVar('SSTATE_SKIP_CREATION') == '1': >> return >> >> + sstate_create_package = ['sstate_report_unihash', >> 'sstate_create_package'] >> + if d.getVar('SSTATE_SIG_KEY'): >> + sstate_create_package.append('sstate_sign_package') >> + >> for f in (d.getVar('SSTATECREATEFUNCS') or '').split() + \ >> - ['sstate_report_unihash', 'sstate_create_package', >> 'sstate_sign_package'] + \ >> + sstate_create_package + \ >> (d.getVar('SSTATEPOSTCREATEFUNCS') or '').split(): >> # All hooks should run in SSTATE_BUILDDIR. >> bb.build.exec_func(f, d, (sstatebuild,)) >> @@ -774,7 +778,7 @@ sstate_create_package () { >> } >> >> python sstate_sign_package () { >> - from oe.gpg_sign import get_signer >> + from oe.gpg_sign import get_signer, SignFailedError >> >> if d.getVar('SSTATE_SIG_KEY'): >> signer = get_signer(d, 'local') >> @@ -783,6 +787,8 @@ python sstate_sign_package () { >> os.unlink(sstate_pkg + '.sig') >> signer.detach_sign(sstate_pkg, d.getVar('SSTATE_SIG_KEY', >> False), None, >> d.getVar('SSTATE_SIG_PASSPHRASE'), >> armor=False) >> + else: >> + raise SignFailedError("Can't sign sstate packages without >> key, SSTATE_SIG_KEY empty") >> } >> >> python sstate_report_unihash() { >> diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py >> index 2fd8c3b1ac..ec5ace0dd0 100644 >> --- a/meta/lib/oe/gpg_sign.py >> +++ b/meta/lib/oe/gpg_sign.py >> @@ -123,6 +123,16 @@ class LocalSigner(object): >> return ret >> >> >> +class SignFailedError(bb.build.FuncFailed): >> + def __init__(self, description, name=None, logfile=None): >> + self.description = description >> + self.name = name >> + self.logfile = logfile >> + >> + def __str__(self): >> + return 'Signing failed: %s' % self.description >> + >> + > > Whilst this subclass is quite pythonic, I'm not sure we want to do > this. At the back of my mind is the feeling that FuncFailed is a bit > pointless :/.
This is pointless in more ways than one, because above I changed the SSTATECREATEFUNCS to only include sstate_sign_package if SSTATE_SIG_KEY is set this exception shouldn’t ever be raised. I’ll send an update series with this class and its usage dropped. Joshua > Put differently, what does this buy us that bb.fatal() doesn't? > > We do have a few users of FuncFailed in OECore but not many (about > 8)... > > Cheers, > > Richard > > > -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core