From 21077eda8e6e10dbdd367a9b3e7fcf42262f53bf Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Mon, 19 Sep 2022 11:43:34 +0530
Subject: [PATCH] esptool: (re)populate the secure boot signing key path

For project with reduced component list, secure boot signing key
path was not getting correctly. This change sets the secure boot
signing key path explicitly based on the relevant config option.

Closes https://github.com/espressif/esp-idf/issues/9578
Close IDFGH-8075
---
 components/esptool_py/project_include.cmake | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/components/esptool_py/project_include.cmake b/components/esptool_py/project_include.cmake
index 50c6b74190..72f5aabab4 100644
--- a/components/esptool_py/project_include.cmake
+++ b/components/esptool_py/project_include.cmake
@@ -140,6 +140,8 @@ endif()
 if(NOT BOOTLOADER_BUILD AND CONFIG_SECURE_SIGNED_APPS)
     if(CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES)
         # for locally signed secure boot image, add a signing step to get from unsigned app to signed app
+        get_filename_component(secure_boot_signing_key "${CONFIG_SECURE_BOOT_SIGNING_KEY}"
+            ABSOLUTE BASE_DIR "${project_dir}")
         add_custom_command(OUTPUT "${build_dir}/.signed_bin_timestamp"
             COMMAND ${ESPSECUREPY} sign_data --version ${secure_boot_version} --keyfile ${secure_boot_signing_key}
                 -o "${build_dir}/${PROJECT_BIN}" "${build_dir}/${unsigned_project_binary}"