diff options
author | Anton Gerasimov <anton@advancedtelematic.com> | 2017-12-13 15:30:03 +0100 |
---|---|---|
committer | Anton Gerasimov <anton@advancedtelematic.com> | 2017-12-20 15:56:57 +0100 |
commit | 6630a83d1292bb96a531208b7c52aa1744c54f79 (patch) | |
tree | a4ef3b323c4ab688f4bd202c2b157625a336a88d | |
parent | 057fe7e802dd2bfbbe85f57bef99bbdf0f8c25a2 (diff) | |
download | meta-updater-6630a83d1292bb96a531208b7c52aa1744c54f79.tar.gz |
Fixes for Spekulatius
- New garage-sign interface
- Remove garage-sign recipe (now installed with aktualizr-native)
- Small but critical bugfixes in aktualizr
-rw-r--r-- | classes/image_repo_manifest.bbclass | 4 | ||||
-rw-r--r-- | classes/image_types_ostree.bbclass | 13 | ||||
-rw-r--r-- | classes/sota.bbclass | 4 | ||||
-rw-r--r-- | lib/oeqa/selftest/updater.py | 14 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-implicit-prov.bb | 2 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr_git.bb | 2 | ||||
-rw-r--r-- | recipes-sota/garage-sign/garage-sign.bb | 33 |
7 files changed, 13 insertions, 59 deletions
diff --git a/classes/image_repo_manifest.bbclass b/classes/image_repo_manifest.bbclass index 2012363..467fd9a 100644 --- a/classes/image_repo_manifest.bbclass +++ b/classes/image_repo_manifest.bbclass | |||
@@ -14,9 +14,9 @@ HOSTTOOLS_NONFATAL += " repo " | |||
14 | # Write build information to target filesystem | 14 | # Write build information to target filesystem |
15 | buildinfo () { | 15 | buildinfo () { |
16 | if [ $(which repo) ]; then | 16 | if [ $(which repo) ]; then |
17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || echo "Android repo tool failed to run; manifest not copied" | 17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied" |
18 | else | 18 | else |
19 | echo "Android repo tool not found; manifest not copied." | 19 | bbwarn "Android repo tool not found; manifest not copied." |
20 | fi | 20 | fi |
21 | } | 21 | } |
22 | 22 | ||
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index 56a9720..05db62a 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass | |||
@@ -179,7 +179,7 @@ IMAGE_CMD_ostreepush () { | |||
179 | } | 179 | } |
180 | 180 | ||
181 | IMAGE_TYPEDEP_garagesign = "ostreepush" | 181 | IMAGE_TYPEDEP_garagesign = "ostreepush" |
182 | IMAGE_DEPENDS_garagesign = "garage-sign-native:do_populate_sysroot" | 182 | IMAGE_DEPENDS_garagesign = "aktualizr-native:do_populate_sysroot" |
183 | IMAGE_CMD_garagesign () { | 183 | IMAGE_CMD_garagesign () { |
184 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 184 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
185 | # if credentials are issued by a server that doesn't support offline signing, exit silently | 185 | # if credentials are issued by a server that doesn't support offline signing, exit silently |
@@ -194,11 +194,8 @@ IMAGE_CMD_garagesign () { | |||
194 | exit 1 | 194 | exit 1 |
195 | fi | 195 | fi |
196 | 196 | ||
197 | if [ ! -d "${GARAGE_SIGN_REPO}" ]; then | 197 | rm -rf ${GARAGE_SIGN_REPO} |
198 | garage-sign init --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS} | 198 | garage-sign init --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS} |
199 | fi | ||
200 | |||
201 | reposerver_args="--reposerver $( unzip -p ${SOTA_PACKED_CREDENTIALS} tufrepo.url )" | ||
202 | 199 | ||
203 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | 200 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) |
204 | 201 | ||
@@ -206,11 +203,11 @@ IMAGE_CMD_garagesign () { | |||
206 | # in which case targets.json should be pulled again and the whole procedure repeated | 203 | # in which case targets.json should be pulled again and the whole procedure repeated |
207 | push_success=0 | 204 | push_success=0 |
208 | for push_retries in $( seq 3 ); do | 205 | for push_retries in $( seq 3 ); do |
209 | garage-sign targets pull --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} ${reposerver_args} | 206 | garage-sign targets pull --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} |
210 | garage-sign targets add --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --name ${OSTREE_BRANCHNAME} --format OSTREE --version ${ostree_target_hash} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE} | 207 | garage-sign targets add --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --name ${OSTREE_BRANCHNAME} --format OSTREE --version ${ostree_target_hash} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE} |
211 | garage-sign targets sign --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --key-name=targets | 208 | garage-sign targets sign --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --key-name=targets |
212 | errcode=0 | 209 | errcode=0 |
213 | garage-sign targets push --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} ${reposerver_args} || errcode=$? | 210 | garage-sign targets push --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} || errcode=$? |
214 | if [ "$errcode" -eq "0" ]; then | 211 | if [ "$errcode" -eq "0" ]; then |
215 | push_success=1 | 212 | push_success=1 |
216 | break | 213 | break |
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 0f42332..bbb9ac9 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
@@ -13,8 +13,8 @@ IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PRO | |||
13 | IMAGE_CLASSES += " image_types_ostree image_types_ota" | 13 | IMAGE_CLASSES += " image_types_ostree image_types_ota" |
14 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" | 14 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" |
15 | 15 | ||
16 | PACKAGECONFIG_append_pn-curl = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', " ssl", " ", d)}" | 16 | PACKAGECONFIG_append_pn-curl = " ssl" |
17 | PACKAGECONFIG_remove_pn-curl = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', " gnutls", " ", d)}" | 17 | PACKAGECONFIG_remove_pn-curl = "gnutls" |
18 | 18 | ||
19 | WKS_FILE_sota ?= "sdimage-sota.wks" | 19 | WKS_FILE_sota ?= "sdimage-sota.wks" |
20 | 20 | ||
diff --git a/lib/oeqa/selftest/updater.py b/lib/oeqa/selftest/updater.py index c07b154..f28349f 100644 --- a/lib/oeqa/selftest/updater.py +++ b/lib/oeqa/selftest/updater.py | |||
@@ -31,23 +31,13 @@ class SotaToolsTests(oeSelfTest): | |||
31 | result = runCmd('%s --help' % p, ignore_status=True) | 31 | result = runCmd('%s --help' % p, ignore_status=True) |
32 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | 32 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) |
33 | 33 | ||
34 | 34 | def test_garagesign_help(self): | |
35 | class GarageSignTests(oeSelfTest): | 35 | bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'bindir'], 'aktualizr-native') |
36 | |||
37 | @classmethod | ||
38 | def setUpClass(cls): | ||
39 | logger = logging.getLogger("selftest") | ||
40 | logger.info('Running bitbake to build garage-sign-native') | ||
41 | bitbake('garage-sign-native') | ||
42 | |||
43 | def test_help(self): | ||
44 | bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'bindir'], 'garage-sign-native') | ||
45 | p = bb_vars['SYSROOT_DESTDIR'] + bb_vars['bindir'] + "/" + "garage-sign" | 36 | p = bb_vars['SYSROOT_DESTDIR'] + bb_vars['bindir'] + "/" + "garage-sign" |
46 | self.assertTrue(os.path.isfile(p), msg = "No garage-sign found (%s)" % p) | 37 | self.assertTrue(os.path.isfile(p), msg = "No garage-sign found (%s)" % p) |
47 | result = runCmd('%s --help' % p, ignore_status=True) | 38 | result = runCmd('%s --help' % p, ignore_status=True) |
48 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | 39 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) |
49 | 40 | ||
50 | |||
51 | class HsmTests(oeSelfTest): | 41 | class HsmTests(oeSelfTest): |
52 | 42 | ||
53 | def test_hsm(self): | 43 | def test_hsm(self): |
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb index 67bd2c2..e5d9c9b 100644 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb | |||
@@ -27,7 +27,7 @@ do_install() { | |||
27 | install -d ${D}${libdir}/sota | 27 | install -d ${D}${libdir}/sota |
28 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 28 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
29 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | 29 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ |
30 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/sota.toml -p ${D} | 30 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/sota.toml -p ${D} --no-root-ca |
31 | fi | 31 | fi |
32 | } | 32 | } |
33 | 33 | ||
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index e4ffc5a..08aa6c2 100644 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -18,7 +18,7 @@ PR = "7" | |||
18 | SRC_URI = " \ | 18 | SRC_URI = " \ |
19 | git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ | 19 | git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ |
20 | " | 20 | " |
21 | SRCREV = "5bf2975aee4af667a1af17381bf68c34a00f03a3" | 21 | SRCREV = "eb6c0b43c2b8b32f66f228c1c3f590b5c16ad448" |
22 | BRANCH ?= "master" | 22 | BRANCH ?= "master" |
23 | 23 | ||
24 | S = "${WORKDIR}/git" | 24 | S = "${WORKDIR}/git" |
diff --git a/recipes-sota/garage-sign/garage-sign.bb b/recipes-sota/garage-sign/garage-sign.bb deleted file mode 100644 index 32dda47..0000000 --- a/recipes-sota/garage-sign/garage-sign.bb +++ /dev/null | |||
@@ -1,33 +0,0 @@ | |||
1 | SUMMARY = "garage-sign" | ||
2 | DESCRIPTION = "Metadata signing tool for ATS Garage" | ||
3 | HOMEPAGE = "https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/index.html" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "CLOSED" | ||
6 | LIC_FILES_CHKSUM = "file://${S}/docs/LICENSE;md5=3025e77db7bd3f1d616b3ffd11d54c94" | ||
7 | DEPENDS = "" | ||
8 | |||
9 | PV = "0.2.0-57-g3f86c67" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${PV}.tgz \ | ||
13 | " | ||
14 | |||
15 | SRC_URI[md5sum] = "5bbe080c0c3a80928b8856d2076dd49a" | ||
16 | SRC_URI[sha256sum] = "f653d24172ed245a6256b2f341a9b77bddf624cd6bbda574c1a85430e3155394" | ||
17 | |||
18 | S = "${WORKDIR}/${BPN}" | ||
19 | |||
20 | BBCLASSEXTEND =+ "native" | ||
21 | |||
22 | do_install() { | ||
23 | install -d ${D}${bindir} | ||
24 | install -m "0755" -t ${D}${bindir} ${S}/bin/* | ||
25 | install -d ${D}${libdir} | ||
26 | install -m "0644" -t ${D}${libdir} ${S}/lib/* | ||
27 | } | ||
28 | |||
29 | FILES_${PN} = " \ | ||
30 | ${bindir}/garage-sign.bat \ | ||
31 | ${bindir}/garage-sign \ | ||
32 | ${libdir}/* \ | ||
33 | " | ||