In rpm-sequoia, some default paths in test code (OUT_DIR,
CARGO_MANIFEST_DIR) are invalid at runtime and cause test failures.
To fix this, patch the test code (symbols.rs) to support overriding these
paths via optional environment variables: FORCE_RUNTIME_PATH_LIB and
FORCE_RUNTIME_PATH_SRC.
Also make -ptest package RDEPEND on -dev package.
Tests take less than a second so this is added to PTEST_FAST.
ptest result:
|root@qemux86-64:~# ptest-runner rpm-sequoia
|START: ptest-runner
|2025-05-02T15:57
|BEGIN: /usr/lib/rpm-sequoia/ptest
|
|running 1 test
|test symbols ... ok
|
|test result: ok. 1 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s
|
|
|running 2 tests
|test tests::merge_certs_mismatch ... ok
|test tests::merge_certs ... ok
|
|test result: ok. 2 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.01s
|
|DURATION: 0
|END: /usr/lib/rpm-sequoia/ptest
|2025-05-02T15:57
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
(From OE-Core rev: 16499cf903718e6bf022a13baa09df610cd43d62)
Signed-off-by: Ines KCHELFI <ines.kchelfi@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rpm-sequoia-crypto-policy tries to validate the configuration files
using host tools. For the Strongswan policy, it uses
"ipsec readwriteconf" which is not available on Debian 12 with
Strongswan installed.
To fix this, add and use an option to skip the problematic validation.
(From OE-Core rev: d10ca0fe194b62b2f383be880a008cde2bd0fd4f)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building this recipe may fail on hosts with an old GnuTLS version,
like Ubuntu 20.04.6 LTS.
Add OLD_GNUTLS=1 to disable validation for this policy variant
that isn't needed anyway.
(From OE-Core rev: f9bf1bbe25b625cc1bf54fdf6ed174499fc79571)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Tested-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rely on host-provided coreutils and make.
openssl-native is not needed either, as the build scripts
use crypto functionality via python.
Python 3.11+ is needed by the python build scripts, which is
ensured by "inherit python3native".
(From OE-Core rev: 34fc028a8a3a6628b11c6ee67676532012f55f47)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
rpm 4.20 removed the built-in code to handle signed packages
and uses rpm-sequoia as a more feature complete library.
Runtime-depend on rpm-sequoia-crypto-policy.
(From OE-Core rev: d8b01b436d37f4deb2de5d234e8f04c957719ca3)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This ships a crypto policy file for rpm-sequoia.
(From OE-Core rev: 8e499cefab6bfb40b40ae3eb811ca3eb51a7d4bc)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
