From ce48c2fec4cd218ef39b3e8c77e591c847f173de Mon Sep 17 00:00:00 2001
From: "Sean P. Kelly" <seankell@amazon.com>
Date: Fri, 18 Apr 2025 01:08:19 +0000
Subject: [PATCH] sbkeys: pass missing vars to sbkeys script

The script self-invokes in either a docker container or by creating a
new bash subprocess, so all variables need to be exported to that
sub-process on creation.
---
 sbkeys/generate-aws-sbkeys | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sbkeys/generate-aws-sbkeys b/sbkeys/generate-aws-sbkeys
index d58add80261..291403303ce 100755
--- a/sbkeys/generate-aws-sbkeys
+++ b/sbkeys/generate-aws-sbkeys
@@ -160,7 +160,9 @@ if [ -n "${SDK_IMAGE:-}" ] ; then
     ${AWS_SECRET_ACCESS_KEY:+-e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY} \
     ${AWS_SESSION_TOKEN:+-e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN} \
     -e AWS_REGION="${AWS_REGION}" \
+    -e AWS_PARTITION="${AWS_PARTITION}" \
     -e AWS_DEFAULT_REGION="${AWS_REGION}" \
+    -e CA_SIGNING_ALGORITHM="${CA_SIGNING_ALGORITHM}" \
     -e PK_CA="${PK_CA}" \
     -e KEK_CA="${KEK_CA}" \
     -e DB_CA="${DB_CA}" \
@@ -176,6 +178,7 @@ else
   export PK_CA KEK_CA DB_CA VENDOR_CA
   export CODE_SIGN_KEY CONFIG_SIGN_KEY SHIM_SIGN_KEY
   export AWS_REGION AWS_KMS_PKCS11_CONF OUTPUT_DIR
+  export AWS_PARTITION CA_SIGNING_ALGORITHM
   bash "${SBKEYS_SCRIPT}"
 fi