From ca851c87cf6f82708fd4d4fe1fd8f7c1b745da7e Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Mon, 19 Sep 2022 11:43:34 +0530
Subject: [PATCH] esptool: (re)populate the secure boot signing key path

For project with reduced component list, secure boot signing key
path was not getting correctly. This change sets the secure boot
signing key path explicitly based on the relevant config option.

Closes https://github.com/espressif/esp-idf/issues/9578
Close IDFGH-8075
---
 components/esptool_py/project_include.cmake | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/components/esptool_py/project_include.cmake b/components/esptool_py/project_include.cmake
index 50c6b74190..72f5aabab4 100644
--- a/components/esptool_py/project_include.cmake
+++ b/components/esptool_py/project_include.cmake
@@ -140,6 +140,8 @@ endif()
 if(NOT BOOTLOADER_BUILD AND CONFIG_SECURE_SIGNED_APPS)
     if(CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES)
         # for locally signed secure boot image, add a signing step to get from unsigned app to signed app
+        get_filename_component(secure_boot_signing_key "${CONFIG_SECURE_BOOT_SIGNING_KEY}"
+            ABSOLUTE BASE_DIR "${project_dir}")
         add_custom_command(OUTPUT "${build_dir}/.signed_bin_timestamp"
             COMMAND ${ESPSECUREPY} sign_data --version ${secure_boot_version} --keyfile ${secure_boot_signing_key}
                 -o "${build_dir}/${PROJECT_BIN}" "${build_dir}/${unsigned_project_binary}"