diff --git a/.circleci/Dockerfile b/.circleci/Dockerfile index c763074354..b2914c38b9 100644 --- a/.circleci/Dockerfile +++ b/.circleci/Dockerfile @@ -9,6 +9,7 @@ FROM debian:10 # v1.0.4 - Add support for Python3 # v1.0.5 - Add 19.07 public keys, verify keys # v1.0.6 - Add 21.02 public keys, update Debian image to version 10, add rsync +# v1.0.7 - Add 22.03 public keys, 18.06 v2 gpg key, 18.06 usign key RUN apt update && apt install -y \ build-essential \ @@ -51,6 +52,11 @@ RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/17E1CE16.asc && gpg --fingerprint --with-colons '' | grep '^fpr:::::::::6768C55E79B032D77A28DA5F0F20257417E1CE16:$' \ && echo '6768C55E79B032D77A28DA5F0F20257417E1CE16:6:' | gpg --import-ownertrust +# OpenWrt Build System (PGP key for 18.06 release builds) +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/15807931.asc' | gpg --import \ + && gpg --fingerprint --with-colons '' | grep '^fpr:::::::::AD0507363D2BCE9C9E36CEC4FBCB78F015807931:$' \ + && echo 'AD0507363D2BCE9C9E36CEC4FBCB78F015807931:6:' | gpg --import-ownertrust + # OpenWrt Build System (PGP key for 19.07 release builds) RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/2074BE7A.asc' | gpg --import \ && gpg --fingerprint --with-colons '' | grep '^fpr:::::::::D9C6901F45C9B86858687DFF28A39BC32074BE7A:$' \ @@ -61,13 +67,27 @@ RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/88CA59E8.asc && gpg --fingerprint --with-colons '' | grep '^fpr:::::::::667205E379BAF348863A5C6688CA59E88F681580:$' \ && echo '667205E379BAF348863A5C6688CA59E88F681580:6:' | gpg --import-ownertrust +# OpenWrt Build System (GnuPGP key for 22.03 release builds) +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/CD54E82DADB3684D.asc' | gpg --import \ + && gpg --fingerprint --with-colons '' | grep '^fpr:::::::::BF856781A01293C8409ABE72CD54E82DADB3684D:$' \ + && echo 'BF856781A01293C8409ABE72CD54E82DADB3684D:6:' | gpg --import-ownertrust + # untrusted comment: Public usign key for unattended snapshot builds RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/b5043e70f9a75cde' --create-dirs -o /home/build/usign/b5043e70f9a75cde \ && echo 'd7ac10f9ed1b38033855f3d27c9327d558444fca804c685b17d9dcfb0648228f */home/build/usign/b5043e70f9a75cde' | sha256sum --check +# untrusted comment: Public usign key for 18.06 release builds +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/1035ac73cc4e59e3' --create-dirs -o /home/build/usign/1035ac73cc4e59e3 \ + && echo '8dc2e7f5c4e634437e6641f4df77a18bf59f0c8e9016c8ba4be5d4a0111e68c2 */home/build/usign/1035ac73cc4e59e3' | sha256sum --check + # untrusted comment: Public usign key for 19.07 release builds RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/f94b9dd6febac963' --create-dirs -o /home/build/usign/f94b9dd6febac963 \ && echo 'b1d09457cfbc36fccfe18382d65c54a2ade3e7fd3902da490a53aa517b512755 */home/build/usign/f94b9dd6febac963' | sha256sum --check # untrusted comment: Public usign key for 21.02 release builds -RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/2f8b0b98e08306bf' --create-dirs -o /home/build/usign/2f8b0b98e08306bf && echo 'd102bdd75421c62490b97f520f9db06aadb44ad408b244755d26e96ea5cd3b7f */home/build/usign/2f8b0b98e08306bf' | sha256sum --check +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/2f8b0b98e08306bf' --create-dirs -o /home/build/usign/2f8b0b98e08306bf \ + && echo 'd102bdd75421c62490b97f520f9db06aadb44ad408b244755d26e96ea5cd3b7f */home/build/usign/2f8b0b98e08306bf' | sha256sum --check + +# untrusted comment: Public usign key for 22.03 release builds +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=usign/4d017e6f1ed5d616' --create-dirs -o /home/build/usign/4d017e6f1ed5d616 \ + && echo 'f3c5fdf447d7c2743442e68077d60acc7c3e91754849e1f4b6be837b4204b7e2 */home/build/usign/4d017e6f1ed5d616' | sha256sum --check diff --git a/.circleci/config.yml b/.circleci/config.yml index f245ac484c..305813734c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,7 +2,7 @@ version: 2.0 jobs: build: docker: - - image: docker.io/openwrtorg/packages-cci:v1.0.6 + - image: docker.io/openwrtorg/packages-cci:v1.0.7 environment: - SDK_HOST: "downloads.openwrt.org" - SDK_PATH: "snapshots/targets/ath79/generic"