reproducible_lede: create a workaround for signing keys - jenkins.debian.net

diff options

author	Alexander Couzens <lynxis@fe80.eu>	2017-06-09 01:11:44 +0200
committer	Holger Levsen <holger@layer-acht.org>	2017-06-09 13:55:19 +0200
commit	e495d90c5c07137bc8b17336b864a103f08e55af (patch)
tree	5feacb3db7c87fcbc21db4be2e804ae0e7e1159a /bin/reproducible_lede.sh
parent	0aed29c2c17e5296ea520f31d1e83b523975de24 (diff)
download	jenkins.debian.net-e495d90c5c07137bc8b17336b864a103f08e55af.tar.xz

reproducible_lede: create a workaround for signing keys

LEDE signs the release with a signing key, but generate the signing key if not present. To have a reproducible release we need to take care of signing keys. LEDE will also put the key-build.pub into the resulting image (pkg: base-files)! At the end of the build it will use the key-build to sign the Packages repo list. Use a workaround this problem: key-build.pub contains the pubkey of LEDE buildbot key-build contains our build key Meaning only signed files will be different but not the images. Packages.sig is unreproducible. Signed-off-by: Holger Levsen <holger@layer-acht.org>

Diffstat (limited to 'bin/reproducible_lede.sh')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: