build_image: insert container devkey into image This way we can verify the container verification stack. BUG=chromium:660209 TEST=build_image included the new container pub key Change-Id: I1cf2dfe3386b6bc5bdae72f651df982e5f419667 Reviewed-on: https://chromium-review.googlesource.com/430830 Commit-Ready: Mike Frysinger <vapier@chromium.org> Tested-by: Mike Frysinger <vapier@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>

commit: 91944962c8691526efc17991027e6c2512f9334a [log] [tgz]
author: Mike Frysinger <vapier@chromium.org> Wed Jan 11 22:58:57 2017 -0500
committer: chrome-bot <chrome-bot@chromium.org> Fri Jan 20 02:01:17 2017 -0800
tree: 41804625174728212ee63a9ca5ec5b1289c83424
parent: 9b9f5166ad28a4943f10db0687fa13df2381ab3b [diff]
diff --git a/build_library/base_image_util.sh b/build_library/base_image_util.sh
index d2dcca1..b2e3a76 100755
--- a/build_library/base_image_util.sh
+++ b/build_library/base_image_util.sh

@@ -237,6 +237,10 @@
     arc_version="--arc_version=${CHROMEOS_ARC_VERSION}"
   fi
 
+  "${VBOOT_SIGNING_DIR}"/insert_container_publickey.sh \
+    "${root_fs_dir}" \
+    "${VBOOT_DEVKEYS_DIR}"/cros-oci-container-pub.pem
+
   local builder_path=
   if [[ -n "${FLAGS_builder_path}" ]]; then
     builder_path="--builder_path=${FLAGS_builder_path}"
commit	91944962c8691526efc17991027e6c2512f9334a	[log] [tgz]
author	Mike Frysinger <vapier@chromium.org>	Wed Jan 11 22:58:57 2017 -0500
committer	chrome-bot <chrome-bot@chromium.org>	Fri Jan 20 02:01:17 2017 -0800
tree	41804625174728212ee63a9ca5ec5b1289c83424
parent	9b9f5166ad28a4943f10db0687fa13df2381ab3b [diff]