meta-security: subtree update:4c2f7ffd49..e8c9e69c80

Armin Kuster (3):
      meta-security: Add gatesgarth to LAYERSERIES_COMPAT
      gitlab-ci: add meta-hardening build image
      gitlab-ci: add building meta-security-compliance pkgs

Sajjad Ahmed (1):
      layer.conf: use += instead of := to update BBFILES

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Id5439f3fdfc88fe3c987ee3c8cb7d3ed6a5a6a22

3 files changed, 22 insertions, 0 deletions

diff --git a/meta-security/kas/kas-security-base.yml b/meta-security/kas/kas-security-base.yml
index 6a77af599..ba0e0f81f 100644
--- a/meta-security/kas/kas-security-base.yml
+++ b/meta-security/kas/kas-security-base.yml
@@ -10,6 +10,7 @@ repos:
       meta-tpm:
       meta-integrity:
       meta-security-compliance:
+      meta-hardening:
 
   poky:
     url: https://git.yoctoproject.org/git/poky
diff --git a/meta-security/kas/qemux86-comp.yml b/meta-security/kas/qemux86-comp.yml
new file mode 100644
index 000000000..14c5dcabf
--- /dev/null
+++ b/meta-security/kas/qemux86-comp.yml
@@ -0,0 +1,11 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-compliance: |
+    IMAGE_INSTALL_append = " lynis"
+    IMAGE_INSTALL_append = " openscap openscap-daemon scap-security-guide"
+
+machine: qemux86
diff --git a/meta-security/kas/qemux86-harden.yml b/meta-security/kas/qemux86-harden.yml
new file mode 100644
index 000000000..fb59ddab2
--- /dev/null
+++ b/meta-security/kas/qemux86-harden.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO = "harden"
+
+machine: qemux86