[yocto] Issues related generation of an image build with signed rpm packages

[Iván Castell]

Hello forum.

In order to generate a distro image with support for signed rpm packages, I
generated a pair of GPG keys, and setup my custom distro.conf file so Yocto
can sign packages it generates. My distro.conf file includes this:

    INHERIT += "sign_rpm"
    RPM_GPG_NAME = "gpgyocto"
    RPM_GPG_PASSPHRASE = "passphrase"

The repo configuration file "yocto-rpm.repo" is deployed using a
dnf_%.bbappend file that copies config file into /etc/yum.repos.d:

    $ cat recipes-devtools/dnf/files/yocto-rpm.repo
    [yocto-rpm]
    name=Rocko Yocto Repo
    baseurl=http://<REPO_IP>/rpm
    enabled=1
    gpgcheck=1

Whenever I try to build the image, the building process generates this
error when the http web server (serving signed packages) is not running (it
is disabled):

    ERROR: myimage-1.0-r0 do_rootfs: [log_check] myimage: found 1 error
message in the logfile:
    [log_check] Failed to synchronize cache for repo 'yocto-rpm', disabling.


However, the image is built fine in two different scenarios:

1) when setting enabled=0 on "yocto-rpm.repo" file
2) when setting enabled=1 and running/starting the http web server.


Two questions related:

1) What? Is yocto taking into account files from the generated image
(yocto-rpm.repo) to decide how the generated image is built?
2) Why yocto needs connecting to http web server to build the image? It
shouldn't be a completely decoupled process?


Can some of you explain a bit more about this process?

Thank you in advance! :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20180326/8c1ba3e3/attachment.html>