2 files changed, 10 insertions, 5 deletions
diff --git a/meta/classes/sign_rpm.bbclass b/meta/classes/sign_rpm.bbclass
index c49406c74d..6796780ee4 100644
--- a/meta/classes/sign_rpm.bbclass
+++ b/meta/classes/sign_rpm.bbclass
@@ -19,9 +19,12 @@
 # GPG_BIN
 #           Optional variable for specifying the gpg binary/wrapper to use for
 #           signing.
+# RPM_GPG_SIGN_CHUNK
+#           Optional variable indicating the number of packages used per gpg
+#           invocation
 # GPG_PATH
 #           Optional variable for specifying the gnupg "home" directory:
-#
 inherit sanity
 RPM_SIGN_PACKAGES='1'
@@ -29,6 +32,7 @@ RPM_SIGN_FILES ?= '0'
 RPM_GPG_BACKEND ?= 'local'
 # SHA-256 is used by default
 RPM_FILE_CHECKSUM_DIGEST ?= '8'
+RPM_GPG_SIGN_CHUNK ?= "${BB_NUMBER_THREADS}"
 python () {
@@ -56,6 +60,7 @@ python sign_rpm () {
                     d.getVar('RPM_GPG_NAME'),
                     d.getVar('RPM_GPG_PASSPHRASE'),
                     d.getVar('RPM_FILE_CHECKSUM_DIGEST'),
+                     int(d.getVar('RPM_GPG_SIGN_CHUNK')),
                     d.getVar('RPM_FSK_PATH'),
                     d.getVar('RPM_FSK_PASSWORD'))
 }
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index 5c7985a856..008478dfeb 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -27,7 +27,7 @@ class LocalSigner(object):
            raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' %
                                      (keyid, output))
-    def sign_rpms(self, files, keyid, passphrase, digest, fsk=None, fsk_password=None):
+    def sign_rpms(self, files, keyid, passphrase, digest, sign_chunk, fsk=None, fsk_password=None):
        """Sign RPM files"""
        cmd = self.rpm_bin + " --addsign --define '_gpg_name %s'  " % keyid
@@ -45,9 +45,9 @@ class LocalSigner(object):
            if fsk_password:
                cmd += "--define '_file_signing_key_password %s' " % fsk_password
-        # Sign packages
+        # Sign in chunks
-        for f in files:
+        for i in range(0, len(files), sign_chunk):
-            status, output = oe.utils.getstatusoutput(cmd + ' ' + f)
+            status, output = oe.utils.getstatusoutput(cmd + ' '.join(files[i:i+sign_chunk]))
            if status:
                raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)

diff --git a/meta/classes/sign_rpm.bbclass b/meta/classes/sign_rpm.bbclass index c49406c74d..6796780ee4 100644 --- a/meta/classes/sign_rpm.bbclass +++ b/meta/classes/sign_rpm.bbclass
@@ -19,9 +19,12 @@
19	# GPG_BIN	19	# GPG_BIN
20	# Optional variable for specifying the gpg binary/wrapper to use for	20	# Optional variable for specifying the gpg binary/wrapper to use for
21	# signing.	21	# signing.
		22	# RPM_GPG_SIGN_CHUNK
		23	# Optional variable indicating the number of packages used per gpg
		24	# invocation
22	# GPG_PATH	25	# GPG_PATH
23	# Optional variable for specifying the gnupg "home" directory:	26	# Optional variable for specifying the gnupg "home" directory:
24	#	27
25	inherit sanity	28	inherit sanity
26		29
27	RPM_SIGN_PACKAGES='1'	30	RPM_SIGN_PACKAGES='1'
@@ -29,6 +32,7 @@ RPM_SIGN_FILES ?= '0'
29	RPM_GPG_BACKEND ?= 'local'	32	RPM_GPG_BACKEND ?= 'local'
30	# SHA-256 is used by default	33	# SHA-256 is used by default
31	RPM_FILE_CHECKSUM_DIGEST ?= '8'	34	RPM_FILE_CHECKSUM_DIGEST ?= '8'
		35	RPM_GPG_SIGN_CHUNK ?= "${BB_NUMBER_THREADS}"
32		36
33		37
34	python () {	38	python () {
@@ -56,6 +60,7 @@ python sign_rpm () {
56	d.getVar('RPM_GPG_NAME'),	60	d.getVar('RPM_GPG_NAME'),
57	d.getVar('RPM_GPG_PASSPHRASE'),	61	d.getVar('RPM_GPG_PASSPHRASE'),
58	d.getVar('RPM_FILE_CHECKSUM_DIGEST'),	62	d.getVar('RPM_FILE_CHECKSUM_DIGEST'),
		63	int(d.getVar('RPM_GPG_SIGN_CHUNK')),
59	d.getVar('RPM_FSK_PATH'),	64	d.getVar('RPM_FSK_PATH'),
60	d.getVar('RPM_FSK_PASSWORD'))	65	d.getVar('RPM_FSK_PASSWORD'))
61	}	66	}


diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py index 5c7985a856..008478dfeb 100644 --- a/meta/lib/oe/gpg_sign.py +++ b/meta/lib/oe/gpg_sign.py
@@ -27,7 +27,7 @@ class LocalSigner(object):
27	raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' %	27	raise bb.build.FuncFailed('Failed to export gpg public key (%s): %s' %
28	(keyid, output))	28	(keyid, output))
29		29
30	def sign_rpms(self, files, keyid, passphrase, digest, fsk=None, fsk_password=None):	30	def sign_rpms(self, files, keyid, passphrase, digest, sign_chunk, fsk=None, fsk_password=None):
31	"""Sign RPM files"""	31	"""Sign RPM files"""
32		32
33	cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid	33	cmd = self.rpm_bin + " --addsign --define '_gpg_name %s' " % keyid
@@ -45,9 +45,9 @@ class LocalSigner(object):
45	if fsk_password:	45	if fsk_password:
46	cmd += "--define '_file_signing_key_password %s' " % fsk_password	46	cmd += "--define '_file_signing_key_password %s' " % fsk_password
47		47
48	# Sign packages	48	# Sign in chunks
49	for f in files:	49	for i in range(0, len(files), sign_chunk):
50	status, output = oe.utils.getstatusoutput(cmd + ' ' + f)	50	status, output = oe.utils.getstatusoutput(cmd + ' '.join(files[i:i+sign_chunk]))
51	if status:	51	if status:
52	raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)	52	raise bb.build.FuncFailed("Failed to sign RPM packages: %s" % output)
53		53