From b62b197cd338516c26f0330e0c944768fe097c93 Mon Sep 17 00:00:00 2001
From: Mahavir Jain <mahavir@espressif.com>
Date: Mon, 19 Sep 2022 11:43:34 +0530
Subject: [PATCH] esptool: (re)populate the secure boot signing key path

For project with reduced component list, secure boot signing key
path was not getting correctly. This change sets the secure boot
signing key path explicitly based on the relevant config option.

Closes https://github.com/espressif/esp-idf/issues/9578
Close IDFGH-8075
---
 components/esptool_py/project_include.cmake | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/components/esptool_py/project_include.cmake b/components/esptool_py/project_include.cmake
index 74c3379b18..b7eff251ff 100644
--- a/components/esptool_py/project_include.cmake
+++ b/components/esptool_py/project_include.cmake
@@ -112,6 +112,8 @@ endif()
 if(NOT BOOTLOADER_BUILD AND CONFIG_SECURE_SIGNED_APPS)
     if(CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES)
         # for locally signed secure boot image, add a signing step to get from unsigned app to signed app
+        get_filename_component(secure_boot_signing_key "${CONFIG_SECURE_BOOT_SIGNING_KEY}"
+            ABSOLUTE BASE_DIR "${project_dir}")
         add_custom_command(OUTPUT "${build_dir}/.signed_bin_timestamp"
             COMMAND ${ESPSECUREPY} sign_data --version ${secure_boot_version} --keyfile ${secure_boot_signing_key}
                 -o "${build_dir}/${PROJECT_BIN}" "${build_dir}/${unsigned_project_binary}"