1 files changed, 48 insertions, 19 deletions
diff --git a/meta/lib/oeqa/selftest/cases/signing.py b/meta/lib/oeqa/selftest/cases/signing.py
index 97e9cfd44d..76c587a5c2 100644
--- a/meta/lib/oeqa/selftest/cases/signing.py
+++ b/meta/lib/oeqa/selftest/cases/signing.py
@@ -1,10 +1,12 @@
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars
 import os
+import oe
 import glob
 import re
 import shutil
 import tempfile
+from contextlib import contextmanager
 from oeqa.core.decorator.oeid import OETestID
 from oeqa.utils.ftools import write_file
@@ -16,9 +18,7 @@ class Signing(OESelftestTestCase):
    secret_key_path = ""
    def setup_gpg(self):
-        # Check that we can find the gpg binary and fail early if we can't
+        bitbake('gnupg-native -c addto_recipe_sysroot')
-        if not shutil.which("gpg"):
-            self.skipTest('gpg binary not found')
        self.gpg_dir = tempfile.mkdtemp(prefix="oeqa-signing-")
        self.track_for_cleanup(self.gpg_dir)
@@ -26,7 +26,30 @@ class Signing(OESelftestTestCase):
        self.pub_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.pub")
        self.secret_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.secret")
-        runCmd('gpg --batch --homedir %s --import %s %s' % (self.gpg_dir, self.pub_key_path, self.secret_key_path))
+        nsysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native")
+        runCmd('gpg --batch --homedir %s --import %s %s' % (self.gpg_dir, self.pub_key_path, self.secret_key_path), native_sysroot=nsysroot)
+        return nsysroot + get_bb_var("bindir_native")
+    @contextmanager
+    def create_new_builddir(self, builddir, newbuilddir):
+        bb.utils.mkdirhier(newbuilddir)
+        oe.path.copytree(builddir + "/conf", newbuilddir + "/conf")
+        oe.path.copytree(builddir + "/cache", newbuilddir + "/cache")
+        origenv = os.environ.copy()
+        for e in os.environ:
+            if builddir in os.environ[e]:
+                os.environ[e] = os.environ[e].replace(builddir, newbuilddir)
+        os.chdir(newbuilddir)
+        try:
+            yield
+        finally:
+            for e in origenv:
+                os.environ[e] = origenv[e]
+            os.chdir(builddir)
    @OETestID(1362)
    def test_signing_packages(self):
@@ -105,13 +128,12 @@ class Signing(OESelftestTestCase):
        test_recipe = 'ed'
-        builddir = os.environ.get('BUILDDIR')
+        # Since we need gpg but we can't use gpg-native for sstate signatures, we 
+        # build gpg-native in our original builddir then run the tests in a second one.
+        builddir = os.environ.get('BUILDDIR') + "-testsign"
        sstatedir = os.path.join(builddir, 'test-sstate')
-        self.setup_gpg()
+        nsysroot = self.setup_gpg()
-        self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
-        self.add_command_to_tearDown('rm -rf %s' % sstatedir)
        feature = 'SSTATE_SIG_KEY ?= "testuser"\n'
        feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n'
@@ -123,19 +145,26 @@ class Signing(OESelftestTestCase):
        self.write_config(feature)
-        bitbake('-c clean %s' % test_recipe)
+        with self.create_new_builddir(os.environ['BUILDDIR'], builddir):
-        bitbake(test_recipe)
+            os.environ["PATH"] = nsysroot + ":" + os.environ["PATH"]
+            self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
+            self.add_command_to_tearDown('rm -rf %s' % sstatedir)
+            self.add_command_to_tearDown('rm -rf %s' % builddir)
+            bitbake('-c clean %s' % test_recipe)
+            bitbake(test_recipe)
-        recipe_sig = glob.glob(sstatedir + '/*/*:ed:*_package.tgz.sig')
+            recipe_sig = glob.glob(sstatedir + '/*/*:ed:*_package.tgz.sig')
-        recipe_tgz = glob.glob(sstatedir + '/*/*:ed:*_package.tgz')
+            recipe_tgz = glob.glob(sstatedir + '/*/*:ed:*_package.tgz')
-        self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
+            self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
-        self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
+            self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
-        ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
+            ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
-        # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
+            # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
-        # gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
+            # gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
-        self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')
+            self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')
 class LockedSignatures(OESelftestTestCase):

diff --git a/meta/lib/oeqa/selftest/cases/signing.py b/meta/lib/oeqa/selftest/cases/signing.py index 97e9cfd44d..76c587a5c2 100644 --- a/meta/lib/oeqa/selftest/cases/signing.py +++ b/meta/lib/oeqa/selftest/cases/signing.py
@@ -1,10 +1,12 @@
1	from oeqa.selftest.case import OESelftestTestCase	1	from oeqa.selftest.case import OESelftestTestCase
2	from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars	2	from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars
3	import os	3	import os
		4	import oe
4	import glob	5	import glob
5	import re	6	import re
6	import shutil	7	import shutil
7	import tempfile	8	import tempfile
		9	from contextlib import contextmanager
8	from oeqa.core.decorator.oeid import OETestID	10	from oeqa.core.decorator.oeid import OETestID
9	from oeqa.utils.ftools import write_file	11	from oeqa.utils.ftools import write_file
10		12
@@ -16,9 +18,7 @@ class Signing(OESelftestTestCase):
16	secret_key_path = ""	18	secret_key_path = ""
17		19
18	def setup_gpg(self):	20	def setup_gpg(self):
19	# Check that we can find the gpg binary and fail early if we can't	21	bitbake('gnupg-native -c addto_recipe_sysroot')
20	if not shutil.which("gpg"):
21	self.skipTest('gpg binary not found')
22		22
23	self.gpg_dir = tempfile.mkdtemp(prefix="oeqa-signing-")	23	self.gpg_dir = tempfile.mkdtemp(prefix="oeqa-signing-")
24	self.track_for_cleanup(self.gpg_dir)	24	self.track_for_cleanup(self.gpg_dir)
@@ -26,7 +26,30 @@ class Signing(OESelftestTestCase):
26	self.pub_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.pub")	26	self.pub_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.pub")
27	self.secret_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.secret")	27	self.secret_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.secret")
28		28
29	runCmd('gpg --batch --homedir %s --import %s %s' % (self.gpg_dir, self.pub_key_path, self.secret_key_path))	29	nsysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native")
		30	runCmd('gpg --batch --homedir %s --import %s %s' % (self.gpg_dir, self.pub_key_path, self.secret_key_path), native_sysroot=nsysroot)
		31	return nsysroot + get_bb_var("bindir_native")
		32
		33
		34	@contextmanager
		35	def create_new_builddir(self, builddir, newbuilddir):
		36	bb.utils.mkdirhier(newbuilddir)
		37	oe.path.copytree(builddir + "/conf", newbuilddir + "/conf")
		38	oe.path.copytree(builddir + "/cache", newbuilddir + "/cache")
		39
		40	origenv = os.environ.copy()
		41
		42	for e in os.environ:
		43	if builddir in os.environ[e]:
		44	os.environ[e] = os.environ[e].replace(builddir, newbuilddir)
		45
		46	os.chdir(newbuilddir)
		47	try:
		48	yield
		49	finally:
		50	for e in origenv:
		51	os.environ[e] = origenv[e]
		52	os.chdir(builddir)
30		53
31	@OETestID(1362)	54	@OETestID(1362)
32	def test_signing_packages(self):	55	def test_signing_packages(self):
@@ -105,13 +128,12 @@ class Signing(OESelftestTestCase):
105		128
106	test_recipe = 'ed'	129	test_recipe = 'ed'
107		130
108	builddir = os.environ.get('BUILDDIR')	131	# Since we need gpg but we can't use gpg-native for sstate signatures, we
		132	# build gpg-native in our original builddir then run the tests in a second one.
		133	builddir = os.environ.get('BUILDDIR') + "-testsign"
109	sstatedir = os.path.join(builddir, 'test-sstate')	134	sstatedir = os.path.join(builddir, 'test-sstate')
110		135
111	self.setup_gpg()	136	nsysroot = self.setup_gpg()
112
113	self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
114	self.add_command_to_tearDown('rm -rf %s' % sstatedir)
115		137
116	feature = 'SSTATE_SIG_KEY ?= "testuser"\n'	138	feature = 'SSTATE_SIG_KEY ?= "testuser"\n'
117	feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n'	139	feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n'
@@ -123,19 +145,26 @@ class Signing(OESelftestTestCase):
123		145
124	self.write_config(feature)	146	self.write_config(feature)
125		147
126	bitbake('-c clean %s' % test_recipe)	148	with self.create_new_builddir(os.environ['BUILDDIR'], builddir):
127	bitbake(test_recipe)	149
		150	os.environ["PATH"] = nsysroot + ":" + os.environ["PATH"]
		151	self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe)
		152	self.add_command_to_tearDown('rm -rf %s' % sstatedir)
		153	self.add_command_to_tearDown('rm -rf %s' % builddir)
		154
		155	bitbake('-c clean %s' % test_recipe)
		156	bitbake(test_recipe)
128		157
129	recipe_sig = glob.glob(sstatedir + '//:ed:*_package.tgz.sig')	158	recipe_sig = glob.glob(sstatedir + '//:ed:*_package.tgz.sig')
130	recipe_tgz = glob.glob(sstatedir + '//:ed:*_package.tgz')	159	recipe_tgz = glob.glob(sstatedir + '//:ed:*_package.tgz')
131		160
132	self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')	161	self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
133	self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')	162	self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
134		163
135	ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))	164	ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
136	# gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30	165	# gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
137	# gpg: Good signature from "testuser (nocomment) <testuser@email.com>"	166	# gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
138	self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')	167	self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')
139		168
140		169
141	class LockedSignatures(OESelftestTestCase):	170	class LockedSignatures(OESelftestTestCase):