From patchwork Tue Apr 2 17:28:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: kergoth@gmail.com X-Patchwork-Id: 3464 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Tue, 02 Apr 2024 19:29:07 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-yw1-f190.google.com (mail-yw1-f190.google.com [209.85.128.190]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 432HT5dk019575 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 2 Apr 2024 19:29:06 +0200 Received: by mail-yw1-f190.google.com with SMTP id 00721157ae682-615365a5ecfsf9136557b3.3 for ; Tue, 02 Apr 2024 10:29:06 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712078940; cv=pass; d=google.com; s=arc-20160816; b=fsXwfyx2pj8kiNwPr49ICh0/7dJhoSVcf/A0jtBhgIYIzO3hGM6Hf36KJh5nDS20aW vAJk9cwN4MVkm8rYLfsNPwKvsc3rU7xgbf7GZdNxocuwgRAeHnDjzNSzf9St/glIyGQI 7JbTSM5Q+Lzpt0C1+By0dS2sXLgB0liidn5J7LmWKVj55kG/elJfAd+PP7HJz32Z/Kxg s1FiowXJdWe8R4dqBEw1crTLwJ/NCQRa5Lamh3+qJzSb5K456qgxZ8SpVIebbC83ctOo S3A6VjIx1yCRcgOSR63X9KmXMMm1ZpWlYpQwmdB0RVc7lrwoFhjf8hDUKCbDFiPclEsH w88A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature :dkim-signature; bh=U9fLwQnnQXxurtfEPyHZg3O1kvYmUL82ATeUtVwPd38=; fh=TumyUueu3zDfjgk6L7MKi4OMl2+fTf/H5bQXYcNLRPA=; b=ZLXo9NQyCbGcQyo/4kQIOgfri36QDQrSIph1KkLa8ccm8sbllXCkQ5RVgDQiUmaasG cx0rrIAio2xKri5O6QpKN/eXqFvw92WIBrk1rk4faLSxtHokg8K/LJoqe9pSFQ/RbaFM oqKByzzKb9AV9OhmVkNqzXDb1HtjKCyCWkURs3GkpcfnyiV5Obk769eJiCf6rajl6B2T oZJWY365i4RU8jD9LvHA8TR1+B+3foSElL8yc3UBU1mmqlxlnVBKuE9Tb0OmKkgUL+ze GkxZzdEZxVv/aOs8JlWn0yKr7KQKZxoMir+yKXGZ7rwWBfbzMbj7fVcIYBUFaxMBObCw K1Rg==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=hD73dKSp; spf=pass (google.com: domain of kergoth@gmail.com designates 2607:f8b0:4864:20::432 as permitted sender) smtp.mailfrom=kergoth@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1712078940; x=1712683740; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id :reply-to; bh=U9fLwQnnQXxurtfEPyHZg3O1kvYmUL82ATeUtVwPd38=; b=YDY1VsXkPhOqYD862jXU9AXjQfzXI3s8Zgs0rDELqIVUiFdok4MMbVzFGmtuQUBbqy aUaMWO/j4gg3o/i4EHifT/CX02m+1AWAo0sCBUDLiCky8+WKOjnBlQfTybq60ei6/q9o OxQtReiEBjWY1tBCNlolzTBmbBMqeyPYFVJpn7pE+fgIkN3cDUCiWVIKmPhELSJYZsiB qbPMuRruSoOdEV2SL1nOBYXwBBqd+sFQgfwVPlwnQHojrdjgslSMvsb4I+Spw9tSqMhc m1CUQwwVkuy16t1Sb2n9uTJ779OdLptI1/wD+Bir4vxiP+BJIbFF62ctz3DJkI6Io3Yv Et4Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712078940; x=1712683740; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=U9fLwQnnQXxurtfEPyHZg3O1kvYmUL82ATeUtVwPd38=; b=UkbUbugmzVrtq+Gz1GySiYXvYg+4nFP7CE6UpwEJluyHilOO8V/xPbfgoOP+92Q+sX sypSscWEYV2oPVYbq4P1rwXg/1Q2dw61Wgpr1HFx93GVITThJZx8gOzmkO5bpV3Cg6LR bJXNufXg7j60xNbtorXeM3u16srIuU5LZtDAPQ+AJAdwHn8NwSmLZl3zK+wqcpCQifCn W/5A6CUjPLt8arnfvqmO2V8LUk9jF69XKWnGmepNOK5Npiw40C7YKVz44tyx5ETgMbQI 94GHfUQUXgu0d2gjo5UzIZvrkyB99M5pXP+dnPPvtdLn7HqootmQUf5ZFmM2W1y49FNT bxiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712078940; x=1712683740; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date :message-id:reply-to; bh=U9fLwQnnQXxurtfEPyHZg3O1kvYmUL82ATeUtVwPd38=; b=HfCW+ipPayWCEXCf9ehkKAPQE7Z+EXShNdqK02+r8/pSrgXyR3c3M2NdcFVj7lU4Q0 PNKSeYc9+88HZteVmytq4Z4MuwEfKUOBs6UwmDrE1ruScgw9oGtyVuYxI9owCvPpu/fx u7d5YEY5IKp06RT8fV/Q1Agt4QpMgTABmYc5HLy41Xh/AJ5KXswPX+GapAYfM8ryEyMO xwN39YaHdY3t1swVUl75ydWUSXftrAvUTUKlVZTZrL7bx3GFclnNfO1EO7ATqepBJCV7 RT7/8GQNXOTMW1qBCP/G4/UiUzSUH9noHEIHCfcr8/Cuynq3xi0MglDhlnZJbIwALbrh tv5g== Sender: isar-users@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCWaT5sJngsJT9NugXymJx09v5e2Eh0/E8k5ksvE+X59afOR9lNFn/zocYRr1Tl5YrbKRcIvDgusnjUmqq8T9AQq3fHCVkg= X-Gm-Message-State: AOJu0Yz5d0S4/SJIcNNgQVJqjCyGLvj9/kjU4K+ye5mvF5eseZyV362N VW4D7iAojAdgb8xi1EkktrG/ZSNLrEXDb86c+nkZ9zyqjES09VC4 X-Google-Smtp-Source: AGHT+IHG1jlHgqbybailfjfZK1bIdU1K4fixBrjZ51l2TQFjunM9rJF6RwrFpnxJCZ+V3/xoH6HmvQ== X-Received: by 2002:a5b:1d1:0:b0:dd1:48c9:53f3 with SMTP id f17-20020a5b01d1000000b00dd148c953f3mr219982ybp.60.1712078940016; Tue, 02 Apr 2024 10:29:00 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a25:6907:0:b0:dcb:b370:7d0c with SMTP id e7-20020a256907000000b00dcbb3707d0cls54998ybc.1.-pod-prod-02-us; Tue, 02 Apr 2024 10:28:59 -0700 (PDT) X-Received: by 2002:a25:a527:0:b0:dcd:4e54:9420 with SMTP id h36-20020a25a527000000b00dcd4e549420mr264390ybi.5.1712078938994; Tue, 02 Apr 2024 10:28:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1712078938; cv=none; d=google.com; s=arc-20160816; b=vlO95WWhZ9iu8CqEwNoU4G1RN4P9Sypmuvyp2US9SL7t4HtAEWbR/HjLb4GgW0pANf +GxtvG1POweokYaGrgbCvTNdtN2YYF5mgXnM4BUyqMbKeDOYK1kOBh6Gyt5ZlSYGve37 lbpY/pBSk9h3kHtSRpTzgso2hTjB1NISPJFkA22msdTnu5Oo6mJ7mFjn2i7Iwg7ah7Xq 5IStLWiFL83lgWSMaRSmVXs1Do564v38SFJ/qSU4W9PO0rlBYZmnD9lPyxk+RGdO+EWq lKevbH2nop49Izwxba/F7sVZN/b/MJFVDr0Pz9opOkyd9Aytshef4wCHIz8qfVnwFK35 E9JA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=ow62Wg0ahpKaQs4u9mNehenl79oACOFGAHG6dEm4EBI=; fh=oQsVBfLFKOCDpQI4v78XDUCp+c0vYPEMW+xCOFIgP4c=; b=Xsds3XFcVig1lqGSE02DB2FnIGdN4G3U9GCJMJGksj6NDGB/ppmcL8o3Xj6Jidgpz1 Qjnp35pd4gFRl3n7dgVreLvTuP0VVO8EZhooO6GHTXsrxzf15Jd/fkxbY4OyEoG4GhBp MIgPBspXNZsb37HyeOapH1hejEzG1ocTiGJqS6+JsXzkqVuVnrobHQBwhManNfKmCnuz oi6BZn3DLsVsDYPKsRJKfwLo+/Gii25K/HnqsCbClUEsO/8FRBM1814YxnvyAE5jdMG9 5bCI2tYX/GM5jiXqDjhYrHOC2xSahsD282LMsjp67qbbN24rZVZ2UVptBoRksHamx0hA EeCw==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=hD73dKSp; spf=pass (google.com: domain of kergoth@gmail.com designates 2607:f8b0:4864:20::432 as permitted sender) smtp.mailfrom=kergoth@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com. [2607:f8b0:4864:20::432]) by gmr-mx.google.com with ESMTPS id w77-20020a25df50000000b00dc619c1f82fsi942062ybg.4.2024.04.02.10.28.58 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 02 Apr 2024 10:28:58 -0700 (PDT) Received-SPF: pass (google.com: domain of kergoth@gmail.com designates 2607:f8b0:4864:20::432 as permitted sender) client-ip=2607:f8b0:4864:20::432; Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-6eafbcc5392so2506613b3a.1 for ; Tue, 02 Apr 2024 10:28:58 -0700 (PDT) X-Received: by 2002:a05:6a20:728a:b0:1a7:1c9:8c7c with SMTP id o10-20020a056a20728a00b001a701c98c7cmr599735pzk.43.1712078938069; Tue, 02 Apr 2024 10:28:58 -0700 (PDT) Received: from dc4670097af0.alm.mentorg.com (nat-mam.mentorg.com. [139.181.8.34]) by smtp.googlemail.com with ESMTPSA id bt19-20020a17090af01300b002a2313f62dcsm66705pjb.0.2024.04.02.10.28.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Apr 2024 10:28:57 -0700 (PDT) From: kergoth@gmail.com To: isar-users@googlegroups.com Cc: Christopher Larson , Christopher Larson Subject: [PATCH 2/9] isar-ci-ssh-setup: avoid abs path in signatures Date: Tue, 2 Apr 2024 17:28:06 +0000 Message-Id: <20240402172813.418770-3-chris.larson@siemens.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240402172813.418770-1-chris.larson@siemens.com> References: <20240402172813.418770-1-chris.larson@siemens.com> MIME-Version: 1.0 X-Original-Sender: kergoth@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=hD73dKSp; spf=pass (google.com: domain of kergoth@gmail.com designates 2607:f8b0:4864:20::432 as permitted sender) smtp.mailfrom=kergoth@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= From: Christopher Larson TESTSUITEDIR is a full absolute path to the testsuite directory in isar, as set in the environment by the build setup scripts. This is referenced in the install task, which prevents shared state reuse for this package. While this is predominently used in CI, it's still a good idea to avoid absolute paths in signatures, so we can reuse shared state for this package in other contexts. Rather than excluding the TESTSUITEDIR from signatures entirely with vardepsexclude, we can retain some information about the path by using os.path.relpath to make it relative to the top directory of the build. This is the same approach used by isar-bootstrap for the keys, and the vardepvalue approach is also used elsewhere for layer paths. Signed-off-by: Christopher Larson --- .../recipes-ci/isar-ci-ssh-setup/isar-ci-ssh-setup_0.1.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-test/recipes-ci/isar-ci-ssh-setup/isar-ci-ssh-setup_0.1.bb b/meta-test/recipes-ci/isar-ci-ssh-setup/isar-ci-ssh-setup_0.1.bb index 4693f647..89100444 100644 --- a/meta-test/recipes-ci/isar-ci-ssh-setup/isar-ci-ssh-setup_0.1.bb +++ b/meta-test/recipes-ci/isar-ci-ssh-setup/isar-ci-ssh-setup_0.1.bb @@ -13,6 +13,9 @@ DEBIAN_DEPENDS = "adduser, apt (>= 0.4.2), network-manager, sshd-regen-keys" inherit dpkg-raw +# Avoid absolute paths in signatures which prevent shared state reuse +TESTSUITEDIR[vardepvalue] = "${@os.path.relpath('${TESTSUITEDIR}', '${TOPDIR}')}" + do_install() { # Install authorized SSH keys install -v -d ${D}/var/lib/isar-ci/.ssh/