diff options
| author | Patrick Vacek <patrickvacek@gmail.com> | 2019-05-28 09:46:28 +0200 |
|---|---|---|
| committer | Patrick Vacek <patrickvacek@gmail.com> | 2019-06-05 11:55:41 +0200 |
| commit | ecd33302096d269953b52d75b21225778263e27a (patch) | |
| tree | 41c15ddb5e90e9b49acc78384bae2cc4dcd814d6 | |
| parent | eb63622b2f3aa4869e0a4e927b5b2ee5bd152053 (diff) | |
| download | meta-updater-ecd33302096d269953b52d75b21225778263e27a.tar.gz | |
Rename provisioning methods.
"Autoprovisioning" or "automatic provisioning" is now known as "shared
credential provisioning". "Implicit provisioning" is now known as
"device credential provisioning". "HSM provisioning" was always a
misnomer, so it is now refered to as "device credential provisioning
with an HSM".
This includes a bump of the aktualizr version as well.
Signed-off-by: Patrick Vacek <patrickvacek@gmail.com>
22 files changed, 138 insertions, 138 deletions
diff --git a/README.adoc b/README.adoc index b447a2f..41d8e96 100644 --- a/README.adoc +++ b/README.adoc | |||
| @@ -80,7 +80,7 @@ Your images will also need network connectivity to be able to reach an actual OT | |||
| 80 | 80 | ||
| 81 | * `OSTREE_REPO` - path to your OSTree repository. Defaults to `$\{DEPLOY_DIR_IMAGE}/ostree_repo` | 81 | * `OSTREE_REPO` - path to your OSTree repository. Defaults to `$\{DEPLOY_DIR_IMAGE}/ostree_repo` |
| 82 | * `OSTREE_OSNAME` - OS deployment name on your target device. For more information about deployments and osnames see the https://ostree.readthedocs.io/en/latest/manual/deployment/[OSTree documentation]. Defaults to "poky". | 82 | * `OSTREE_OSNAME` - OS deployment name on your target device. For more information about deployments and osnames see the https://ostree.readthedocs.io/en/latest/manual/deployment/[OSTree documentation]. Defaults to "poky". |
| 83 | * `OSTREE_COMMIT_BODY` - Message attached to OSTree commit. Empty by default. | 83 | * `OSTREE_COMMIT_BODY` - Message attached to OSTree commit. Empty by default. |
| 84 | * `OSTREE_COMMIT_SUBJECT` - Commit subject used by OSTree. Defaults to `Commit-id: ${IMAGE_NAME}` | 84 | * `OSTREE_COMMIT_SUBJECT` - Commit subject used by OSTree. Defaults to `Commit-id: ${IMAGE_NAME}` |
| 85 | * `OSTREE_UPDATE_SUMMARY` - Set this to '1' to update summary of OSTree repository on each commit. '0' by default. | 85 | * `OSTREE_UPDATE_SUMMARY` - Set this to '1' to update summary of OSTree repository on each commit. '0' by default. |
| 86 | * `OSTREE_DEPLOY_DEVICETREE` - Set this to '1' to include devicetree(s) to boot | 86 | * `OSTREE_DEPLOY_DEVICETREE` - Set this to '1' to include devicetree(s) to boot |
| @@ -88,7 +88,7 @@ Your images will also need network connectivity to be able to reach an actual OT | |||
| 88 | * `INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. | 88 | * `INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. |
| 89 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. | 89 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. |
| 90 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. | 90 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. |
| 91 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are `aktualizr-auto-prov`, `aktualizr-ca-implicit-prov`, and `aktualizr-hsm-prov`. For more information on these provisioning methods, see the https://docs.ota.here.com/client-config/client-provisioning-methods.html[OTA Connect documentation]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. | 91 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are `aktualizr-shared-prov`, `aktualizr-device-prov`, and `aktualizr-device-prov-hsm`. For more information on these provisioning methods, see the https://docs.ota.here.com/client-config/client-provisioning-methods.html[OTA Connect documentation]. The default is `aktualizr-shared-prov`. This can also be set to an empty string to avoid using a provisioning recipe. |
| 92 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). | 92 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). |
| 93 | * `SOTA_SECONDARY_CONFIG_DIR` - a directory containing JSON configuration files for virtual secondaries on the host. These will be installed into `/etc/sota/ecus` on the device and automatically provided to aktualizr. | 93 | * `SOTA_SECONDARY_CONFIG_DIR` - a directory containing JSON configuration files for virtual secondaries on the host. These will be installed into `/etc/sota/ecus` on the device and automatically provided to aktualizr. |
| 94 | * `SOTA_HARDWARE_ID` - a custom hardware ID that will be written to the aktualizr config. Defaults to MACHINE if not set. | 94 | * `SOTA_HARDWARE_ID` - a custom hardware ID that will be written to the aktualizr config. Defaults to MACHINE if not set. |
| @@ -251,13 +251,13 @@ The aktualizr tests will now be part of the deployed ptest suite, which can be r | |||
| 251 | 251 | ||
| 252 | As described in <<sota-related-variables-in-localconf,SOTA-related variables in local.conf>> section you can set `SOTA_DEPLOY_CREDENTIALS` to `0` to prevent deploying credentials to the built `wic` image. In this case you get a generic image that you can use e.g. on a production line to flash a series of devices. The cost of this approach is that this image is half-baked and should be provisioned before it can connect to the backend. | 252 | As described in <<sota-related-variables-in-localconf,SOTA-related variables in local.conf>> section you can set `SOTA_DEPLOY_CREDENTIALS` to `0` to prevent deploying credentials to the built `wic` image. In this case you get a generic image that you can use e.g. on a production line to flash a series of devices. The cost of this approach is that this image is half-baked and should be provisioned before it can connect to the backend. |
| 253 | 253 | ||
| 254 | Provisioning procedure depends on your provisioning recipe, i.e. the value of `SOTA_CLIENT_PROV` (equal to `aktualizr-auto-prov` by default): | 254 | Provisioning procedure depends on your provisioning recipe, i.e. the value of `SOTA_CLIENT_PROV` (equal to `aktualizr-shared-prov` by default): |
| 255 | 255 | ||
| 256 | * For `aktualizr-auto-prov` put your `credentials.zip` to `/var/sota/sota_provisioning_credentials.zip` on the filesystem of a running device. If you have the filesystem of our device mounted to your build machine, prefix all paths with `/ostree/deploy/poky` as in `/ostree/deploy/poky/var/sota/sota_provisioning_credentials.zip`. | 256 | * For `aktualizr-shared-prov` put your `credentials.zip` to `/var/sota/sota_provisioning_credentials.zip` on the filesystem of a running device. If you have the filesystem of our device mounted to your build machine, prefix all paths with `/ostree/deploy/poky` as in `/ostree/deploy/poky/var/sota/sota_provisioning_credentials.zip`. |
| 257 | * For `aktualizr-ca-implicit-prov` | 257 | * For `aktualizr-device-prov` |
| 258 | ** put URL to the backend server (together with protocol prefix and port number) at `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in the `autoprov.url` file in your credentials archive. | 258 | ** put URL to the backend server (together with protocol prefix and port number) at `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in the `autoprov.url` file in your credentials archive. |
| 259 | ** put client certificate, private key and root CA certificate (for the *server*, not for the *device*) at `/var/sota/import/client.pem`, `/var/sota/import/pkey.pem` and `/var/sota/import/root.crt` respectively. | 259 | ** put client certificate, private key and root CA certificate (for the *server*, not for the *device*) at `/var/sota/import/client.pem`, `/var/sota/import/pkey.pem` and `/var/sota/import/root.crt` respectively. |
| 260 | * For `aktualizr-hsm-prov` | 260 | * For `aktualizr-device-prov-hsm` |
| 261 | ** put URL to the server backend (together with protocol prefix and port number) at `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in the `autoprov.url` file in your credentials archive. | 261 | ** put URL to the server backend (together with protocol prefix and port number) at `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in the `autoprov.url` file in your credentials archive. |
| 262 | ** put root CA certificate (for the *server*, not for the *device*) at `/var/sota/import/root.crt`. | 262 | ** put root CA certificate (for the *server*, not for the *device*) at `/var/sota/import/root.crt`. |
| 263 | ** put client certificate and private key to slots 1 and 2 of the PKCS#11-compatible device. | 263 | ** put client certificate and private key to slots 1 and 2 of the PKCS#11-compatible device. |
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 56b9a8e..26c1b85 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
| @@ -3,7 +3,7 @@ DISTROOVERRIDES .= "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ':sota', '', | |||
| 3 | HOSTTOOLS_NONFATAL += "java" | 3 | HOSTTOOLS_NONFATAL += "java" |
| 4 | 4 | ||
| 5 | SOTA_CLIENT ??= "aktualizr" | 5 | SOTA_CLIENT ??= "aktualizr" |
| 6 | SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" | 6 | SOTA_CLIENT_PROV ??= "aktualizr-shared-prov" |
| 7 | SOTA_DEPLOY_CREDENTIALS ?= "1" | 7 | SOTA_DEPLOY_CREDENTIALS ?= "1" |
| 8 | SOTA_HARDWARE_ID ??= "${MACHINE}" | 8 | SOTA_HARDWARE_ID ??= "${MACHINE}" |
| 9 | 9 | ||
diff --git a/lib/oeqa/selftest/cases/updater_minnowboard.py b/lib/oeqa/selftest/cases/updater_minnowboard.py index f5df584..267445b 100644 --- a/lib/oeqa/selftest/cases/updater_minnowboard.py +++ b/lib/oeqa/selftest/cases/updater_minnowboard.py | |||
| @@ -29,7 +29,7 @@ class MinnowTests(OESelftestTestCase): | |||
| 29 | self.meta_minnow = None | 29 | self.meta_minnow = None |
| 30 | self.append_config('MACHINE = "intel-corei7-64"') | 30 | self.append_config('MACHINE = "intel-corei7-64"') |
| 31 | self.append_config('OSTREE_BOOTLOADER = "grub"') | 31 | self.append_config('OSTREE_BOOTLOADER = "grub"') |
| 32 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | 32 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-shared-prov "') |
| 33 | self.qemu, self.s = qemu_launch(efi=True, machine='intel-corei7-64') | 33 | self.qemu, self.s = qemu_launch(efi=True, machine='intel-corei7-64') |
| 34 | 34 | ||
| 35 | def tearDownLocal(self): | 35 | def tearDownLocal(self): |
diff --git a/lib/oeqa/selftest/cases/updater_qemux86_64.py b/lib/oeqa/selftest/cases/updater_qemux86_64.py index f951bc7..e26a022 100644 --- a/lib/oeqa/selftest/cases/updater_qemux86_64.py +++ b/lib/oeqa/selftest/cases/updater_qemux86_64.py | |||
| @@ -16,7 +16,7 @@ class GeneralTests(OESelftestTestCase): | |||
| 16 | def test_credentials(self): | 16 | def test_credentials(self): |
| 17 | logger = logging.getLogger("selftest") | 17 | logger = logging.getLogger("selftest") |
| 18 | logger.info('Running bitbake to build core-image-minimal') | 18 | logger.info('Running bitbake to build core-image-minimal') |
| 19 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-auto-prov"') | 19 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-shared-prov"') |
| 20 | bitbake('core-image-minimal') | 20 | bitbake('core-image-minimal') |
| 21 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') | 21 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') |
| 22 | # skip the test if the variable SOTA_PACKED_CREDENTIALS is not set | 22 | # skip the test if the variable SOTA_PACKED_CREDENTIALS is not set |
| @@ -46,13 +46,13 @@ class AktualizrToolsTests(OESelftestTestCase): | |||
| 46 | 46 | ||
| 47 | def test_cert_provider_local_output(self): | 47 | def test_cert_provider_local_output(self): |
| 48 | logger = logging.getLogger("selftest") | 48 | logger = logging.getLogger("selftest") |
| 49 | logger.info('Running bitbake to build aktualizr-ca-implicit-prov') | 49 | logger.info('Running bitbake to build aktualizr-device-prov') |
| 50 | bitbake('aktualizr-ca-implicit-prov') | 50 | bitbake('aktualizr-device-prov') |
| 51 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS', 'T'], 'aktualizr-native') | 51 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS', 'T'], 'aktualizr-native') |
| 52 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 52 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
| 53 | temp_dir = bb_vars['T'] | 53 | temp_dir = bb_vars['T'] |
| 54 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') | 54 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-device-prov') |
| 55 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' | 55 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota-device-cred.toml' |
| 56 | 56 | ||
| 57 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -r -l {temp} -g {config}' | 57 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -r -l {temp} -g {config}' |
| 58 | .format(creds=creds, temp=temp_dir, config=config)) | 58 | .format(creds=creds, temp=temp_dir, config=config)) |
| @@ -69,7 +69,7 @@ class AktualizrToolsTests(OESelftestTestCase): | |||
| 69 | self.assertTrue(os.path.getsize(ca_path) > 0, "Client certificate at %s is empty." % ca_path) | 69 | self.assertTrue(os.path.getsize(ca_path) > 0, "Client certificate at %s is empty." % ca_path) |
| 70 | 70 | ||
| 71 | 71 | ||
| 72 | class AutoProvTests(OESelftestTestCase): | 72 | class SharedCredProvTests(OESelftestTestCase): |
| 73 | 73 | ||
| 74 | def setUpLocal(self): | 74 | def setUpLocal(self): |
| 75 | layer = "meta-updater-qemux86-64" | 75 | layer = "meta-updater-qemux86-64" |
| @@ -85,7 +85,7 @@ class AutoProvTests(OESelftestTestCase): | |||
| 85 | else: | 85 | else: |
| 86 | self.meta_qemu = None | 86 | self.meta_qemu = None |
| 87 | self.append_config('MACHINE = "qemux86-64"') | 87 | self.append_config('MACHINE = "qemux86-64"') |
| 88 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | 88 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-shared-prov "') |
| 89 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | 89 | self.qemu, self.s = qemu_launch(machine='qemux86-64') |
| 90 | 90 | ||
| 91 | def tearDownLocal(self): | 91 | def tearDownLocal(self): |
| @@ -127,7 +127,7 @@ class ManualControlTests(OESelftestTestCase): | |||
| 127 | else: | 127 | else: |
| 128 | self.meta_qemu = None | 128 | self.meta_qemu = None |
| 129 | self.append_config('MACHINE = "qemux86-64"') | 129 | self.append_config('MACHINE = "qemux86-64"') |
| 130 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | 130 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-shared-prov "') |
| 131 | self.append_config('SYSTEMD_AUTO_ENABLE_aktualizr = "disable"') | 131 | self.append_config('SYSTEMD_AUTO_ENABLE_aktualizr = "disable"') |
| 132 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | 132 | self.qemu, self.s = qemu_launch(machine='qemux86-64') |
| 133 | 133 | ||
| @@ -155,7 +155,7 @@ class ManualControlTests(OESelftestTestCase): | |||
| 155 | 'Aktualizr should have run' + stderr.decode() + stdout.decode()) | 155 | 'Aktualizr should have run' + stderr.decode() + stdout.decode()) |
| 156 | 156 | ||
| 157 | 157 | ||
| 158 | class ImplProvTests(OESelftestTestCase): | 158 | class DeviceCredProvTests(OESelftestTestCase): |
| 159 | 159 | ||
| 160 | def setUpLocal(self): | 160 | def setUpLocal(self): |
| 161 | layer = "meta-updater-qemux86-64" | 161 | layer = "meta-updater-qemux86-64" |
| @@ -171,9 +171,9 @@ class ImplProvTests(OESelftestTestCase): | |||
| 171 | else: | 171 | else: |
| 172 | self.meta_qemu = None | 172 | self.meta_qemu = None |
| 173 | self.append_config('MACHINE = "qemux86-64"') | 173 | self.append_config('MACHINE = "qemux86-64"') |
| 174 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-ca-implicit-prov "') | 174 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-device-prov "') |
| 175 | self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') | 175 | self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') |
| 176 | runCmd('bitbake -c cleanall aktualizr aktualizr-ca-implicit-prov') | 176 | runCmd('bitbake -c cleanall aktualizr aktualizr-device-prov') |
| 177 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | 177 | self.qemu, self.s = qemu_launch(machine='qemux86-64') |
| 178 | 178 | ||
| 179 | def tearDownLocal(self): | 179 | def tearDownLocal(self): |
| @@ -201,8 +201,8 @@ class ImplProvTests(OESelftestTestCase): | |||
| 201 | # Run aktualizr-cert-provider. | 201 | # Run aktualizr-cert-provider. |
| 202 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | 202 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') |
| 203 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 203 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
| 204 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') | 204 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-device-prov') |
| 205 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' | 205 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota-device-cred.toml' |
| 206 | 206 | ||
| 207 | print('Provisining at root@localhost:%d' % self.qemu.ssh_port) | 207 | print('Provisining at root@localhost:%d' % self.qemu.ssh_port) |
| 208 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -t root@localhost -p {port} -s -u -r -g {config}' | 208 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -t root@localhost -p {port} -s -u -r -g {config}' |
| @@ -211,7 +211,7 @@ class ImplProvTests(OESelftestTestCase): | |||
| 211 | verifyProvisioned(self, machine) | 211 | verifyProvisioned(self, machine) |
| 212 | 212 | ||
| 213 | 213 | ||
| 214 | class HsmTests(OESelftestTestCase): | 214 | class DeviceCredProvHsmTests(OESelftestTestCase): |
| 215 | 215 | ||
| 216 | def setUpLocal(self): | 216 | def setUpLocal(self): |
| 217 | layer = "meta-updater-qemux86-64" | 217 | layer = "meta-updater-qemux86-64" |
| @@ -227,11 +227,11 @@ class HsmTests(OESelftestTestCase): | |||
| 227 | else: | 227 | else: |
| 228 | self.meta_qemu = None | 228 | self.meta_qemu = None |
| 229 | self.append_config('MACHINE = "qemux86-64"') | 229 | self.append_config('MACHINE = "qemux86-64"') |
| 230 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-hsm-prov"') | 230 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-device-prov-hsm"') |
| 231 | self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') | 231 | self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') |
| 232 | self.append_config('SOTA_CLIENT_FEATURES = "hsm"') | 232 | self.append_config('SOTA_CLIENT_FEATURES = "hsm"') |
| 233 | self.append_config('IMAGE_INSTALL_append = " softhsm-testtoken"') | 233 | self.append_config('IMAGE_INSTALL_append = " softhsm-testtoken"') |
| 234 | runCmd('bitbake -c cleanall aktualizr aktualizr-hsm-prov') | 234 | runCmd('bitbake -c cleanall aktualizr aktualizr-device-prov-hsm') |
| 235 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | 235 | self.qemu, self.s = qemu_launch(machine='qemux86-64') |
| 236 | 236 | ||
| 237 | def tearDownLocal(self): | 237 | def tearDownLocal(self): |
| @@ -269,8 +269,8 @@ class HsmTests(OESelftestTestCase): | |||
| 269 | # Run aktualizr-cert-provider. | 269 | # Run aktualizr-cert-provider. |
| 270 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | 270 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') |
| 271 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 271 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
| 272 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-hsm-prov') | 272 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-device-prov-hsm') |
| 273 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' | 273 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota-device-cred-hsm.toml' |
| 274 | 274 | ||
| 275 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -t root@localhost -p {port} -r -s -u -g {config}' | 275 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -t root@localhost -p {port} -r -s -u -g {config}' |
| 276 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | 276 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) |
| @@ -369,7 +369,7 @@ class IpSecondaryTests(OESelftestTestCase): | |||
| 369 | 369 | ||
| 370 | def configure(self): | 370 | def configure(self): |
| 371 | self._test_ctx.append_config('MACHINE = "qemux86-64"') | 371 | self._test_ctx.append_config('MACHINE = "qemux86-64"') |
| 372 | self._test_ctx.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | 372 | self._test_ctx.append_config('SOTA_CLIENT_PROV = " aktualizr-shared-prov "') |
| 373 | 373 | ||
| 374 | def is_ecu_registered(self, ecu_id): | 374 | def is_ecu_registered(self, ecu_id): |
| 375 | max_number_of_tries = 20 | 375 | max_number_of_tries = 20 |
| @@ -456,7 +456,7 @@ class ResourceControlTests(OESelftestTestCase): | |||
| 456 | else: | 456 | else: |
| 457 | self.meta_qemu = None | 457 | self.meta_qemu = None |
| 458 | self.append_config('MACHINE = "qemux86-64"') | 458 | self.append_config('MACHINE = "qemux86-64"') |
| 459 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | 459 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-shared-prov "') |
| 460 | self.append_config('IMAGE_INSTALL_append += " aktualizr-resource-control "') | 460 | self.append_config('IMAGE_INSTALL_append += " aktualizr-resource-control "') |
| 461 | self.append_config('RESOURCE_CPU_WEIGHT_pn-aktualizr = "1000"') | 461 | self.append_config('RESOURCE_CPU_WEIGHT_pn-aktualizr = "1000"') |
| 462 | self.append_config('RESOURCE_MEMORY_HIGH_pn-aktualizr = "50M"') | 462 | self.append_config('RESOURCE_MEMORY_HIGH_pn-aktualizr = "50M"') |
diff --git a/lib/oeqa/selftest/cases/updater_raspberrypi.py b/lib/oeqa/selftest/cases/updater_raspberrypi.py index bb7cfa3..e976100 100644 --- a/lib/oeqa/selftest/cases/updater_raspberrypi.py +++ b/lib/oeqa/selftest/cases/updater_raspberrypi.py | |||
| @@ -47,7 +47,7 @@ class RpiTests(OESelftestTestCase): | |||
| 47 | self.meta_qemu = None | 47 | self.meta_qemu = None |
| 48 | 48 | ||
| 49 | self.append_config('MACHINE = "raspberrypi3"') | 49 | self.append_config('MACHINE = "raspberrypi3"') |
| 50 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | 50 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-shared-prov "') |
| 51 | 51 | ||
| 52 | def tearDownLocal(self): | 52 | def tearDownLocal(self): |
| 53 | if self.meta_qemu: | 53 | if self.meta_qemu: |
| @@ -60,7 +60,6 @@ class RpiTests(OESelftestTestCase): | |||
| 60 | def test_build(self): | 60 | def test_build(self): |
| 61 | logger = logging.getLogger("selftest") | 61 | logger = logging.getLogger("selftest") |
| 62 | logger.info('Running bitbake to build core-image-minimal') | 62 | logger.info('Running bitbake to build core-image-minimal') |
| 63 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-auto-prov"') | ||
| 64 | bitbake('core-image-minimal') | 63 | bitbake('core-image-minimal') |
| 65 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') | 64 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') |
| 66 | # Skip the test if the variable SOTA_PACKED_CREDENTIALS is not set. | 65 | # Skip the test if the variable SOTA_PACKED_CREDENTIALS is not set. |
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb deleted file mode 100644 index 414cb5e..0000000 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ /dev/null | |||
| @@ -1,30 +0,0 @@ | |||
| 1 | SUMMARY = "Aktualizr configuration for implicit provisioning with CA" | ||
| 2 | DESCRIPTION = "Configuration for implicitly provisioning Aktualizr using externally provided or generated CA" | ||
| 3 | |||
| 4 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
| 5 | SECTION = "base" | ||
| 6 | LICENSE = "MPL-2.0" | ||
| 7 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
| 8 | |||
| 9 | inherit allarch | ||
| 10 | |||
| 11 | DEPENDS = "aktualizr aktualizr-native openssl-native" | ||
| 12 | RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" | ||
| 13 | |||
| 14 | PV = "1.0" | ||
| 15 | PR = "1" | ||
| 16 | |||
| 17 | require credentials.inc | ||
| 18 | |||
| 19 | do_install() { | ||
| 20 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
| 21 | |||
| 22 | install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml \ | ||
| 23 | ${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml | ||
| 24 | } | ||
| 25 | |||
| 26 | FILES_${PN} = " \ | ||
| 27 | ${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \ | ||
| 28 | " | ||
| 29 | |||
| 30 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb index da17d77..6e02a50 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb +++ b/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | SUMMARY = "Credentials for implicit provisioning with CA certificate" | 1 | SUMMARY = "Credentials for device provisioning with fleet CA certificate" |
| 2 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
| 2 | SECTION = "base" | 3 | SECTION = "base" |
| 3 | LICENSE = "MPL-2.0" | 4 | LICENSE = "MPL-2.0" |
| 4 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | 5 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
| @@ -13,8 +14,8 @@ DEPENDS = "aktualizr aktualizr-native" | |||
| 13 | ALLOW_EMPTY_${PN} = "1" | 14 | ALLOW_EMPTY_${PN} = "1" |
| 14 | 15 | ||
| 15 | SRC_URI = " \ | 16 | SRC_URI = " \ |
| 16 | file://ca.cnf \ | 17 | file://ca.cnf \ |
| 17 | " | 18 | " |
| 18 | 19 | ||
| 19 | require credentials.inc | 20 | require credentials.inc |
| 20 | 21 | ||
| @@ -39,7 +40,7 @@ do_install() { | |||
| 39 | fi | 40 | fi |
| 40 | 41 | ||
| 41 | if [ -z ${SOTA_CAKEY_PATH} ]; then | 42 | if [ -z ${SOTA_CAKEY_PATH} ]; then |
| 42 | bbfatal "SOTA_CAKEY_PATH should be set when using implicit provisioning" | 43 | bbfatal "SOTA_CAKEY_PATH should be set when using device credential provisioning" |
| 43 | fi | 44 | fi |
| 44 | 45 | ||
| 45 | install -m 0700 -d ${D}${localstatedir}/sota | 46 | install -m 0700 -d ${D}${localstatedir}/sota |
| @@ -49,9 +50,11 @@ do_install() { | |||
| 49 | --root-ca \ | 50 | --root-ca \ |
| 50 | --server-url \ | 51 | --server-url \ |
| 51 | --local ${D} \ | 52 | --local ${D} \ |
| 52 | --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml | 53 | --config ${STAGING_DIR_HOST}${libdir}/sota/sota-device-cred.toml |
| 53 | fi | 54 | fi |
| 54 | } | 55 | } |
| 55 | 56 | ||
| 56 | FILES_${PN} = " \ | 57 | FILES_${PN} = " \ |
| 57 | ${localstatedir}/sota/*" | 58 | ${localstatedir}/sota/*" |
| 59 | |||
| 60 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb b/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb new file mode 100644 index 0000000..c3cd593 --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb | |||
| @@ -0,0 +1,30 @@ | |||
| 1 | SUMMARY = "Aktualizr configuration for device credential provisioning with HSM support" | ||
| 2 | DESCRIPTION = "Configuration for provisioning Aktualizr with device credentials using externally provided or generated CA with HSM support" | ||
| 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
| 4 | SECTION = "base" | ||
| 5 | LICENSE = "MPL-2.0" | ||
| 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
| 7 | |||
| 8 | inherit allarch | ||
| 9 | |||
| 10 | DEPENDS = "aktualizr aktualizr-native" | ||
| 11 | RDEPENDS_${PN}_append = "${@' aktualizr-device-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" | ||
| 12 | |||
| 13 | SRC_URI = "" | ||
| 14 | PV = "1.0" | ||
| 15 | PR = "6" | ||
| 16 | |||
| 17 | require credentials.inc | ||
| 18 | |||
| 19 | do_install() { | ||
| 20 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
| 21 | install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota-device-cred-hsm.toml \ | ||
| 22 | ${D}${libdir}/sota/conf.d/20-sota-device-cred-hsm.toml | ||
| 23 | } | ||
| 24 | |||
| 25 | FILES_${PN} = " \ | ||
| 26 | ${libdir}/sota/conf.d \ | ||
| 27 | ${libdir}/sota/conf.d/20-sota-device-cred-hsm.toml \ | ||
| 28 | " | ||
| 29 | |||
| 30 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-device-prov.bb b/recipes-sota/aktualizr/aktualizr-device-prov.bb new file mode 100644 index 0000000..d579532 --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-device-prov.bb | |||
| @@ -0,0 +1,29 @@ | |||
| 1 | SUMMARY = "Aktualizr configuration for device credential provisioning" | ||
| 2 | DESCRIPTION = "Configuration for provisioning Aktualizr with device credentials using externally provided or generated CA" | ||
| 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
| 4 | SECTION = "base" | ||
| 5 | LICENSE = "MPL-2.0" | ||
| 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
| 7 | |||
| 8 | inherit allarch | ||
| 9 | |||
| 10 | DEPENDS = "aktualizr aktualizr-native openssl-native" | ||
| 11 | RDEPENDS_${PN}_append = "${@' aktualizr-device-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" | ||
| 12 | |||
| 13 | PV = "1.0" | ||
| 14 | PR = "1" | ||
| 15 | |||
| 16 | require credentials.inc | ||
| 17 | |||
| 18 | do_install() { | ||
| 19 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
| 20 | install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota-device-cred.toml \ | ||
| 21 | ${D}${libdir}/sota/conf.d/20-sota-device-cred.toml | ||
| 22 | } | ||
| 23 | |||
| 24 | FILES_${PN} = " \ | ||
| 25 | ${libdir}/sota/conf.d \ | ||
| 26 | ${libdir}/sota/conf.d/20-sota-device-cred.toml \ | ||
| 27 | " | ||
| 28 | |||
| 29 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb deleted file mode 100644 index 77c6720..0000000 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ /dev/null | |||
| @@ -1,30 +0,0 @@ | |||
| 1 | SUMMARY = "Aktualizr configuration with HSM support" | ||
| 2 | DESCRIPTION = "Configuration for HSM provisioning with Aktualizr, the SOTA Client application written in C++" | ||
| 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
| 4 | SECTION = "base" | ||
| 5 | LICENSE = "MPL-2.0" | ||
| 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
| 7 | |||
| 8 | inherit allarch | ||
| 9 | |||
| 10 | DEPENDS = "aktualizr aktualizr-native" | ||
| 11 | RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" | ||
| 12 | |||
| 13 | SRC_URI = "" | ||
| 14 | PV = "1.0" | ||
| 15 | PR = "6" | ||
| 16 | |||
| 17 | require credentials.inc | ||
| 18 | |||
| 19 | do_install() { | ||
| 20 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
| 21 | install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_hsm_prov.toml \ | ||
| 22 | ${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml | ||
| 23 | } | ||
| 24 | |||
| 25 | FILES_${PN} = " \ | ||
| 26 | ${libdir}/sota/conf.d \ | ||
| 27 | ${libdir}/sota/conf.d/20-sota_hsm_prov.toml \ | ||
| 28 | " | ||
| 29 | |||
| 30 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb index 6b2dd27..dbb5fde 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb +++ b/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb | |||
| @@ -1,4 +1,5 @@ | |||
| 1 | SUMMARY = "Credentials for autoprovisioning scenario" | 1 | SUMMARY = "Credentials for shared provisioning" |
| 2 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
| 2 | SECTION = "base" | 3 | SECTION = "base" |
| 3 | LICENSE = "MPL-2.0" | 4 | LICENSE = "MPL-2.0" |
| 4 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | 5 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-shared-prov.bb index 4b68491..d3d6f16 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-shared-prov.bb | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | SUMMARY = "Aktualizr configuration for autoprovisioning" | 1 | SUMMARY = "Aktualizr configuration for shared credential provisioning" |
| 2 | DESCRIPTION = "Configuration for automatically provisioning Aktualizr, the SOTA Client application written in C++" | 2 | DESCRIPTION = "Configuration for provisioning Aktualizr with shared credentials" |
| 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
| 4 | SECTION = "base" | 4 | SECTION = "base" |
| 5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
| @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 | |||
| 8 | inherit allarch | 8 | inherit allarch |
| 9 | 9 | ||
| 10 | DEPENDS = "aktualizr-native zip-native" | 10 | DEPENDS = "aktualizr-native zip-native" |
| 11 | RDEPENDS_${PN}_append = "${@' aktualizr-auto-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" | 11 | RDEPENDS_${PN}_append = "${@' aktualizr-shared-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" |
| 12 | PV = "1.0" | 12 | PV = "1.0" |
| 13 | PR = "6" | 13 | PR = "6" |
| 14 | 14 | ||
| @@ -31,15 +31,13 @@ do_install() { | |||
| 31 | fi | 31 | fi |
| 32 | 32 | ||
| 33 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 33 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
| 34 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} | 34 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota-shared-cred.toml \ |
| 35 | 35 | ${D}${libdir}/sota/conf.d/20-sota-shared-cred.toml | |
| 36 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ | ||
| 37 | ${D}${libdir}/sota/conf.d/20-${aktualizr_toml} | ||
| 38 | } | 36 | } |
| 39 | 37 | ||
| 40 | FILES_${PN} = " \ | 38 | FILES_${PN} = " \ |
| 41 | ${libdir}/sota/conf.d \ | 39 | ${libdir}/sota/conf.d \ |
| 42 | ${libdir}/sota/conf.d/20-${aktualizr_toml} \ | 40 | ${libdir}/sota/conf.d/20-sota-shared-cred.toml \ |
| 43 | " | 41 | " |
| 44 | 42 | ||
| 45 | # vim:set ts=4 sw=4 sts=4 expandtab: | 43 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb index d962876..860f225 100644 --- a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb +++ b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb | |||
| @@ -13,7 +13,7 @@ SRC_URI = "" | |||
| 13 | 13 | ||
| 14 | do_install() { | 14 | do_install() { |
| 15 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 15 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
| 16 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_uboot_env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml | 16 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota-uboot-env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml |
| 17 | } | 17 | } |
| 18 | 18 | ||
| 19 | FILES_${PN} = " \ | 19 | FILES_${PN} = " \ |
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index edacdb1..75d5bd9 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
| @@ -31,7 +31,7 @@ SRC_URI = " \ | |||
| 31 | SRC_URI[md5sum] = "e104ccd4f32e52571a5fc0e5042db050" | 31 | SRC_URI[md5sum] = "e104ccd4f32e52571a5fc0e5042db050" |
| 32 | SRC_URI[sha256sum] = "c590be1a57523bfe097af82279eda5c97cf40ae47fb27162cf33c469702c8a9b" | 32 | SRC_URI[sha256sum] = "c590be1a57523bfe097af82279eda5c97cf40ae47fb27162cf33c469702c8a9b" |
| 33 | 33 | ||
| 34 | SRCREV = "8c523efc4c1f1e6d9dfd41b7e23a202ade4d9ff7" | 34 | SRCREV = "fce5854ff10e7efd52d69bbaf68dc2af990d5746" |
| 35 | BRANCH ?= "master" | 35 | BRANCH ?= "master" |
| 36 | 36 | ||
| 37 | S = "${WORKDIR}/git" | 37 | S = "${WORKDIR}/git" |
| @@ -92,12 +92,11 @@ do_install_ptest() { | |||
| 92 | 92 | ||
| 93 | do_install_append () { | 93 | do_install_append () { |
| 94 | install -d ${D}${libdir}/sota | 94 | install -d ${D}${libdir}/sota |
| 95 | install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml | 95 | install -m 0644 ${S}/config/sota-shared-cred.toml ${D}/${libdir}/sota/sota-shared-cred.toml |
| 96 | install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml | 96 | install -m 0644 ${S}/config/sota-device-cred-hsm.toml ${D}/${libdir}/sota/sota-device-cred-hsm.toml |
| 97 | install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml | 97 | install -m 0644 ${S}/config/sota-device-cred.toml ${D}/${libdir}/sota/sota-device-cred.toml |
| 98 | install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml | 98 | install -m 0644 ${S}/config/sota-secondary.toml ${D}/${libdir}/sota/sota-secondary.toml |
| 99 | install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml | 99 | install -m 0644 ${S}/config/sota-uboot-env.toml ${D}/${libdir}/sota/sota-uboot-env.toml |
| 100 | install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml | ||
| 101 | install -d ${D}${systemd_unitdir}/system | 100 | install -d ${D}${systemd_unitdir}/system |
| 102 | install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service | 101 | install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service |
| 103 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 102 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
| @@ -173,7 +172,7 @@ FILES_${PN}-examples = " \ | |||
| 173 | 172 | ||
| 174 | FILES_${PN}-secondary = " \ | 173 | FILES_${PN}-secondary = " \ |
| 175 | ${bindir}/aktualizr-secondary \ | 174 | ${bindir}/aktualizr-secondary \ |
| 176 | ${libdir}/sota/sota_secondary.toml \ | 175 | ${libdir}/sota/sota-secondary.toml \ |
| 177 | ${systemd_unitdir}/system/aktualizr-secondary.service \ | 176 | ${systemd_unitdir}/system/aktualizr-secondary.service \ |
| 178 | " | 177 | " |
| 179 | 178 | ||
diff --git a/recipes-test/demo-config/files/30-fake_pacman.toml b/recipes-test/demo-config/files/30-fake-pacman.toml index 3fb5cf2..3fb5cf2 100644 --- a/recipes-test/demo-config/files/30-fake_pacman.toml +++ b/recipes-test/demo-config/files/30-fake-pacman.toml | |||
diff --git a/recipes-test/demo-config/files/30-secondary_config.toml b/recipes-test/demo-config/files/30-secondary-config.toml index 7714240..7714240 100644 --- a/recipes-test/demo-config/files/30-secondary_config.toml +++ b/recipes-test/demo-config/files/30-secondary-config.toml | |||
diff --git a/recipes-test/demo-config/files/35-network_config.toml b/recipes-test/demo-config/files/35-network-config.toml index db7a1bb..db7a1bb 100644 --- a/recipes-test/demo-config/files/35-network_config.toml +++ b/recipes-test/demo-config/files/35-network-config.toml | |||
diff --git a/recipes-test/demo-config/files/45-id_config.toml b/recipes-test/demo-config/files/45-id-config.toml index 6cbd77f..6cbd77f 100644 --- a/recipes-test/demo-config/files/45-id_config.toml +++ b/recipes-test/demo-config/files/45-id-config.toml | |||
diff --git a/recipes-test/demo-config/primary-config.bb b/recipes-test/demo-config/primary-config.bb index 0cd9180..27cb553 100644 --- a/recipes-test/demo-config/primary-config.bb +++ b/recipes-test/demo-config/primary-config.bb | |||
| @@ -7,7 +7,7 @@ require shared-conf.inc | |||
| 7 | PRIMARY_SECONDARIES ?= "${SECONDARY_IP}:${SECONDARY_PORT}" | 7 | PRIMARY_SECONDARIES ?= "${SECONDARY_IP}:${SECONDARY_PORT}" |
| 8 | 8 | ||
| 9 | SRC_URI = "\ | 9 | SRC_URI = "\ |
| 10 | file://30-secondary_config.toml \ | 10 | file://30-secondary-config.toml \ |
| 11 | file://ip_secondary_config.json \ | 11 | file://ip_secondary_config.json \ |
| 12 | " | 12 | " |
| 13 | 13 | ||
| @@ -56,8 +56,8 @@ do_install () { | |||
| 56 | 56 | ||
| 57 | # install aktualizr config file (toml) that points to the secondary config file, so aktualizr is aware about it | 57 | # install aktualizr config file (toml) that points to the secondary config file, so aktualizr is aware about it |
| 58 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 58 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
| 59 | install -m 0644 ${WORKDIR}/30-secondary_config.toml ${D}${libdir}/sota/conf.d | 59 | install -m 0644 ${WORKDIR}/30-secondary-config.toml ${D}${libdir}/sota/conf.d |
| 60 | sed -i "s|@CFG_FILEPATH@|$SECONDARY_CONFIG_FILEPATH_ON_IMAGE|g" ${D}${libdir}/sota/conf.d/30-secondary_config.toml | 60 | sed -i "s|@CFG_FILEPATH@|$SECONDARY_CONFIG_FILEPATH_ON_IMAGE|g" ${D}${libdir}/sota/conf.d/30-secondary-config.toml |
| 61 | } | 61 | } |
| 62 | 62 | ||
| 63 | FILES_${PN} = " \ | 63 | FILES_${PN} = " \ |
diff --git a/recipes-test/demo-config/secondary-config.bb b/recipes-test/demo-config/secondary-config.bb index 5b213d1..9411646 100644 --- a/recipes-test/demo-config/secondary-config.bb +++ b/recipes-test/demo-config/secondary-config.bb | |||
| @@ -9,33 +9,33 @@ SOTA_HARDWARE_ID ?= "${MACHINE}-sndry" | |||
| 9 | SECONDARY_HARDWARE_ID ?= "${SOTA_HARDWARE_ID}" | 9 | SECONDARY_HARDWARE_ID ?= "${SOTA_HARDWARE_ID}" |
| 10 | 10 | ||
| 11 | SRC_URI = "\ | 11 | SRC_URI = "\ |
| 12 | file://30-fake_pacman.toml \ | 12 | file://30-fake-pacman.toml \ |
| 13 | file://35-network_config.toml \ | 13 | file://35-network-config.toml \ |
| 14 | file://45-id_config.toml \ | 14 | file://45-id-config.toml \ |
| 15 | " | 15 | " |
| 16 | 16 | ||
| 17 | do_install () { | 17 | do_install () { |
| 18 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 18 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
| 19 | install -m 0644 ${WORKDIR}/30-fake_pacman.toml ${D}/${libdir}/sota/conf.d/30-fake_pacman.toml | 19 | install -m 0644 ${WORKDIR}/30-fake-pacman.toml ${D}/${libdir}/sota/conf.d/30-fake-pacman.toml |
| 20 | 20 | ||
| 21 | install -m 0644 ${WORKDIR}/35-network_config.toml ${D}/${libdir}/sota/conf.d/35-network_config.toml | 21 | install -m 0644 ${WORKDIR}/35-network-config.toml ${D}/${libdir}/sota/conf.d/35-network-config.toml |
| 22 | sed -i -e 's|@PORT@|${SECONDARY_PORT}|g' \ | 22 | sed -i -e 's|@PORT@|${SECONDARY_PORT}|g' \ |
| 23 | -e 's|@PRIMARY_IP@|${PRIMARY_IP}|g' \ | 23 | -e 's|@PRIMARY_IP@|${PRIMARY_IP}|g' \ |
| 24 | -e 's|@PRIMARY_PORT@|${PRIMARY_PORT}|g' \ | 24 | -e 's|@PRIMARY_PORT@|${PRIMARY_PORT}|g' \ |
| 25 | ${D}/${libdir}/sota/conf.d/35-network_config.toml | 25 | ${D}/${libdir}/sota/conf.d/35-network-config.toml |
| 26 | 26 | ||
| 27 | install -m 0644 ${WORKDIR}/45-id_config.toml ${D}/${libdir}/sota/conf.d/45-id_config.toml | 27 | install -m 0644 ${WORKDIR}/45-id-config.toml ${D}/${libdir}/sota/conf.d/45-id-config.toml |
| 28 | sed -i -e 's|@SERIAL@|${SECONDARY_SERIAL_ID}|g' \ | 28 | sed -i -e 's|@SERIAL@|${SECONDARY_SERIAL_ID}|g' \ |
| 29 | -e 's|@HWID@|${SECONDARY_HARDWARE_ID}|g' \ | 29 | -e 's|@HWID@|${SECONDARY_HARDWARE_ID}|g' \ |
| 30 | ${D}/${libdir}/sota/conf.d/45-id_config.toml | 30 | ${D}/${libdir}/sota/conf.d/45-id-config.toml |
| 31 | 31 | ||
| 32 | } | 32 | } |
| 33 | 33 | ||
| 34 | FILES_${PN} = " \ | 34 | FILES_${PN} = " \ |
| 35 | ${libdir}/sota/conf.d \ | 35 | ${libdir}/sota/conf.d \ |
| 36 | ${libdir}/sota/conf.d/30-fake_pacman.toml \ | 36 | ${libdir}/sota/conf.d/30-fake-pacman.toml \ |
| 37 | ${libdir}/sota/conf.d/35-network_config.toml \ | 37 | ${libdir}/sota/conf.d/35-network-config.toml \ |
| 38 | ${libdir}/sota/conf.d/45-id_config.toml \ | 38 | ${libdir}/sota/conf.d/45-id-config.toml \ |
| 39 | " | 39 | " |
| 40 | 40 | ||
| 41 | # vim:set ts=4 sw=4 sts=4 expandtab: | 41 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-test/images/secondary-image.bb b/recipes-test/images/secondary-image.bb index 4cae874..27d1e3f 100644 --- a/recipes-test/images/secondary-image.bb +++ b/recipes-test/images/secondary-image.bb | |||
| @@ -11,11 +11,11 @@ SOTA_HARDWARE_ID ?= "${MACHINE}-sndry" | |||
| 11 | # RDEPENDS on aktualizr) | 11 | # RDEPENDS on aktualizr) |
| 12 | IMAGE_INSTALL_remove = " \ | 12 | IMAGE_INSTALL_remove = " \ |
| 13 | aktualizr \ | 13 | aktualizr \ |
| 14 | aktualizr-auto-prov \ | 14 | aktualizr-shared-prov \ |
| 15 | aktualizr-auto-prov-creds \ | 15 | aktualizr-shared-prov-creds \ |
| 16 | aktualizr-ca-implicit-prov \ | 16 | aktualizr-device-prov \ |
| 17 | aktualizr-ca-implicit-prov-creds \ | 17 | aktualizr-device-prov-creds \ |
| 18 | aktualizr-hsm-prov \ | 18 | aktualizr-device-prov-hsm \ |
| 19 | aktualizr-uboot-env-rollback \ | 19 | aktualizr-uboot-env-rollback \ |
| 20 | virtual/network-configuration \ | 20 | virtual/network-configuration \ |
| 21 | " | 21 | " |
diff --git a/scripts/find_aktualizr_dependencies.sh b/scripts/find_aktualizr_dependencies.sh index 986b541..493df80 100755 --- a/scripts/find_aktualizr_dependencies.sh +++ b/scripts/find_aktualizr_dependencies.sh | |||
| @@ -10,14 +10,15 @@ parentdir="$(dirname "$0")" | |||
| 10 | # (jsoncpp, open62541, picojson). Also check libp11, dpkg, and systemd since | 10 | # (jsoncpp, open62541, picojson). Also check libp11, dpkg, and systemd since |
| 11 | # those are common dependencies not enabled by default. | 11 | # those are common dependencies not enabled by default. |
| 12 | ${parentdir}/find_dependencies.py aktualizr | 12 | ${parentdir}/find_dependencies.py aktualizr |
| 13 | ${parentdir}/find_dependencies.py aktualizr-auto-prov | 13 | ${parentdir}/find_dependencies.py aktualizr-shared-prov |
| 14 | ${parentdir}/find_dependencies.py aktualizr-auto-prov-creds | 14 | ${parentdir}/find_dependencies.py aktualizr-shared-prov-creds |
| 15 | ${parentdir}/find_dependencies.py aktualizr-ca-implicit-prov | 15 | ${parentdir}/find_dependencies.py aktualizr-device-prov |
| 16 | ${parentdir}/find_dependencies.py aktualizr-ca-implicit-prov-creds | 16 | ${parentdir}/find_dependencies.py aktualizr-device-prov-creds |
| 17 | ${parentdir}/find_dependencies.py aktualizr-hsm-prov | 17 | ${parentdir}/find_dependencies.py aktualizr-device-prov-hsm |
| 18 | ${parentdir}/find_dependencies.py aktualizr-hsm-prov-creds | 18 | ${parentdir}/find_dependencies.py aktualizr-auto-reboot |
| 19 | ${parentdir}/find_dependencies.py aktualizr-disable-send-ip | 19 | ${parentdir}/find_dependencies.py aktualizr-disable-send-ip |
| 20 | ${parentdir}/find_dependencies.py aktualizr-log-debug | 20 | ${parentdir}/find_dependencies.py aktualizr-log-debug |
| 21 | ${parentdir}/find_dependencies.py aktualizr-polling-interval | ||
| 21 | ${parentdir}/find_dependencies.py libp11 | 22 | ${parentdir}/find_dependencies.py libp11 |
| 22 | ${parentdir}/find_dependencies.py dpkg | 23 | ${parentdir}/find_dependencies.py dpkg |
| 23 | ${parentdir}/find_dependencies.py systemd | 24 | ${parentdir}/find_dependencies.py systemd |