* Jenkins scripts:
- remove POST_ISO_SIGNING job parameter, as ISO signing is controled
by build.conf, as originally intended.
* build.conf:
- rename SIGN_ISO => SIGN_ISO_FORMAL to better reflect purpose. ISOs
are always signed, with developer keys (SIGN_ISO_FORMAL=false) or
the signing server (SIGN_ISO_FORMAL=true).
- add SECUREBOOT_FORMAL - whether to generate secureboot signatures
using the signing server (true), or not to generate them at all
(false)
* Added code in job_utils.sh to set the defaults for these new config
options as necessary, in case the job runs against an older build.conf
that still has the obsolete BUILD_ISO option.
TESTS
========================
* Make sure SIGN_ISO_FORMAL==true calls "build-image --no-sign"
followed by "sign_iso_formal.sh"
* Make sure SIGN_ISO_FORMAL==false calls "build-image" not
followed by "sign_iso_formal.sh" and the dev-key based ISO signature
gets created
* Make sure SECUREBOOT_FORMAL==true calls calls the secureboot script
* Make sure SECUREBOOT_FORMAL==false does not call the secureboot script
* Test with both the new parameters undefined, but SIGN_ISO defined,
and make sure they aquire expected defaults
Story: 2010226
Task: 47777
Depends-On: https://review.opendev.org/c/starlingx/root/+/879206
Signed-off-by: Davlet Panech <davlet.panech@windriver.com>
Change-Id: I928de97fefc70b3062820547d1256c2a3ce106e8