diff options
author | cajun-rat <phil@advancedtelematic.com> | 2018-03-16 14:26:16 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-03-16 14:26:16 +0100 |
commit | c3c8d56af6daac3c1eb38118f683db430af48d63 (patch) | |
tree | 435221c02bad0e8ba4d89350d3c98efaf8be5d53 | |
parent | f1fd04ac20d778bed88727571359b4cf39e481c1 (diff) | |
parent | 66a4721d0b7885a18db952d69f7ee385a95b2f2b (diff) | |
download | meta-updater-c3c8d56af6daac3c1eb38118f683db430af48d63.tar.gz |
Merge pull request #276 from advancedtelematic/feat/pro-5060/meta-updater
Add secondary-image to meta-updater
-rw-r--r-- | README.adoc | 4 | ||||
-rw-r--r-- | lib/oeqa/selftest/cases/updater.py | 50 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr_git.bb | 55 | ||||
-rw-r--r-- | recipes-sota/aktualizr/files/aktualizr-secondary.service | 9 | ||||
-rw-r--r-- | recipes-sota/aktualizr/files/aktualizr-secondary.socket | 5 | ||||
-rw-r--r-- | recipes-test/images/secondary-image.bb | 18 |
6 files changed, 119 insertions, 22 deletions
diff --git a/README.adoc b/README.adoc index 3562f52..980fa81 100644 --- a/README.adoc +++ b/README.adoc | |||
@@ -80,8 +80,8 @@ Although we have used U-Boot so far, other boot loaders can be configured work w | |||
80 | * `OSTREE_INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. | 80 | * `OSTREE_INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. |
81 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. | 81 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. |
82 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-implicit-prov`], and `aktualizr-hsm-prov`. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. | 82 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-implicit-prov`], and `aktualizr-hsm-prov`. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. |
83 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. Multiple can be specified if separated by spaces. Valid options are `hsm` (to build with HSM support) and `secondary-example` (to install an example https://github.com/advancedtelematic/aktualizr/blob/master/docs/legacysecondary.adoc[legacy secondary interface] in the image). | 83 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid option is `hsm` (to build with HSM support) |
84 | * `SOTA_LEGACY_SECONDARY_INTERFACE` - path to a legacy secondary interface installed on the device. To use the example interface from the Aktualizr repo, use `/usr/bin/example-interface` and make sure `SOTA_CLIENT_FEATURES = "secondary-example"`. | 84 | * `SOTA_LEGACY_SECONDARY_INTERFACE` - path to a https://github.com/advancedtelematic/aktualizr/blob/master/docs/legacysecondary.adoc[legacy secondary interface] installed on the device. To use the example interface from the Aktualizr repo, use `/usr/bin/example-interface` and make sure `IMAGE_INSTALL_append` includes `aktualizr-examples`. |
85 | * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. | 85 | * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. |
86 | * `SOTA_VIRTUAL_SECONDARIES` - a list of paths separated by spaces of JSON configuration files for virtual secondaries installed on the device. If `SOTA_SECONDARY_ECUS` is used to install them, then you can expect them to be installed in `/var/sota/ecus`. | 86 | * `SOTA_VIRTUAL_SECONDARIES` - a list of paths separated by spaces of JSON configuration files for virtual secondaries installed on the device. If `SOTA_SECONDARY_ECUS` is used to install them, then you can expect them to be installed in `/var/sota/ecus`. |
87 | 87 | ||
diff --git a/lib/oeqa/selftest/cases/updater.py b/lib/oeqa/selftest/cases/updater.py index adb4061..1850d98 100644 --- a/lib/oeqa/selftest/cases/updater.py +++ b/lib/oeqa/selftest/cases/updater.py | |||
@@ -504,14 +504,60 @@ class HsmTests(OESelftestTestCase): | |||
504 | 504 | ||
505 | verifyProvisioned(self, machine) | 505 | verifyProvisioned(self, machine) |
506 | 506 | ||
507 | class SecondaryTests(OESelftestTestCase): | ||
508 | @classmethod | ||
509 | def setUpClass(cls): | ||
510 | super(SecondaryTests, cls).setUpClass() | ||
511 | logger = logging.getLogger("selftest") | ||
512 | logger.info('Running bitbake to build secondary-image') | ||
513 | bitbake('secondary-image') | ||
514 | |||
515 | def setUpLocal(self): | ||
516 | layer = "meta-updater-qemux86-64" | ||
517 | result = runCmd('bitbake-layers show-layers') | ||
518 | if re.search(layer, result.output) is None: | ||
519 | # Assume the directory layout for finding other layers. We could also | ||
520 | # make assumptions by using 'show-layers', but either way, if the | ||
521 | # layers we need aren't where we expect them, we are out of like. | ||
522 | path = os.path.abspath(os.path.dirname(__file__)) | ||
523 | metadir = path + "/../../../../../" | ||
524 | self.meta_qemu = metadir + layer | ||
525 | runCmd('bitbake-layers add-layer "%s"' % self.meta_qemu) | ||
526 | else: | ||
527 | self.meta_qemu = None | ||
528 | self.append_config('MACHINE = "qemux86-64"') | ||
529 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-auto-prov "') | ||
530 | self.qemu, self.s = qemu_launch(machine='qemux86-64', imagename='secondary-image') | ||
531 | |||
532 | def tearDownLocal(self): | ||
533 | qemu_terminate(self.s) | ||
534 | if self.meta_qemu: | ||
535 | runCmd('bitbake-layers remove-layer "%s"' % self.meta_qemu, ignore_status=True) | ||
536 | |||
537 | def qemu_command(self, command): | ||
538 | return qemu_send_command(self.qemu.ssh_port, command) | ||
539 | |||
540 | def test_secondary_present(self): | ||
541 | print('Checking aktualizr-secondary is present') | ||
542 | stdout, stderr, retcode = self.qemu_command('aktualizr-secondary --help') | ||
543 | self.assertEqual(retcode, 0, "Unable to run aktualizr-secondary --help") | ||
544 | self.assertEqual(stderr, b'', 'Error: ' + stderr.decode()) | ||
545 | |||
546 | def test_secondary_listening(self): | ||
547 | print('Checking aktualizr-secondary is present') | ||
548 | stdout, stderr, retcode = self.qemu_command('echo test | nc localhost 9030') | ||
549 | self.assertEqual(retcode, 0, "Unable to connect to secondary") | ||
507 | 550 | ||
508 | def qemu_launch(efi=False, machine=None): | 551 | def qemu_launch(efi=False, machine=None, imagename=None): |
509 | logger = logging.getLogger("selftest") | 552 | logger = logging.getLogger("selftest") |
510 | logger.info('Running bitbake to build core-image-minimal') | 553 | logger.info('Running bitbake to build core-image-minimal') |
511 | bitbake('core-image-minimal') | 554 | bitbake('core-image-minimal') |
512 | # Create empty object. | 555 | # Create empty object. |
513 | args = type('', (), {})() | 556 | args = type('', (), {})() |
514 | args.imagename = 'core-image-minimal' | 557 | if imagename: |
558 | args.imagename = imagename | ||
559 | else: | ||
560 | args.imagename = 'core-image-minimal' | ||
515 | args.mac = None | 561 | args.mac = None |
516 | # Could use DEPLOY_DIR_IMAGE here but it's already in the machine | 562 | # Could use DEPLOY_DIR_IMAGE here but it's already in the machine |
517 | # subdirectory. | 563 | # subdirectory. |
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 4c4e975..5e683ac 100644 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -18,9 +18,11 @@ PR = "7" | |||
18 | SRC_URI = " \ | 18 | SRC_URI = " \ |
19 | gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ | 19 | gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ |
20 | file://aktualizr.service \ | 20 | file://aktualizr.service \ |
21 | file://aktualizr-secondary.service \ | ||
22 | file://aktualizr-secondary.socket \ | ||
21 | file://aktualizr-serialcan.service \ | 23 | file://aktualizr-serialcan.service \ |
22 | " | 24 | " |
23 | SRCREV = "1a6432175b9fb7326173e8db35d326cc1a1011a1" | 25 | SRCREV = "fbb3404824c4eb239455c7fa1a794c26e2ea954d" |
24 | BRANCH ?= "master" | 26 | BRANCH ?= "master" |
25 | 27 | ||
26 | S = "${WORKDIR}/git" | 28 | S = "${WORKDIR}/git" |
@@ -28,33 +30,33 @@ S = "${WORKDIR}/git" | |||
28 | inherit cmake | 30 | inherit cmake |
29 | 31 | ||
30 | inherit systemd | 32 | inherit systemd |
33 | |||
34 | SYSTEMD_PACKAGES = "${PN} ${PN}-secondary" | ||
31 | SYSTEMD_SERVICE_${PN} = "aktualizr.service" | 35 | SYSTEMD_SERVICE_${PN} = "aktualizr.service" |
36 | SYSTEMD_SERVICE_${PN}-secondary = "aktualizr-secondary.socket" | ||
32 | 37 | ||
33 | BBCLASSEXTEND =+ "native" | 38 | BBCLASSEXTEND =+ "native" |
34 | 39 | ||
35 | EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF -DCMAKE_BUILD_TYPE=Release -DAKTUALIZR_VERSION=${PV} " | 40 | EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF -DCMAKE_BUILD_TYPE=Release -DAKTUALIZR_VERSION=${PV} " |
36 | EXTRA_OECMAKE_append_class-target = " -DBUILD_OSTREE=ON -DBUILD_ISOTP=ON ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', '-DBUILD_P11=ON', '', d)} " | 41 | EXTRA_OECMAKE_append_class-target = " -DBUILD_OSTREE=ON -DBUILD_ISOTP=ON ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', '-DBUILD_P11=ON', '', d)} " |
37 | EXTRA_OECMAKE_append_class-native = " -DBUILD_SOTA_TOOLS=ON -DBUILD_OSTREE=OFF " | 42 | EXTRA_OECMAKE_append_class-native = " -DBUILD_SOTA_TOOLS=ON -DBUILD_OSTREE=OFF -DBUILD_SYSTEMD=OFF " |
38 | 43 | ||
39 | do_install_append () { | 44 | do_install_append () { |
40 | rm -fr ${D}${libdir}/systemd | 45 | rm -fr ${D}${libdir}/systemd |
46 | rm -f ${D}${libdir}/sota/sota.toml # Only needed for the Debian package | ||
47 | install -d ${D}${libdir}/sota | ||
48 | install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml | ||
49 | install -d ${D}${systemd_unitdir}/system | ||
50 | install -m 0644 ${WORKDIR}/aktualizr-secondary.socket ${D}${systemd_unitdir}/system/aktualizr-secondary.socket | ||
51 | install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service | ||
41 | } | 52 | } |
42 | do_install_append_class-target () { | 53 | do_install_append_class-target () { |
43 | rm -f ${D}${bindir}/aktualizr_cert_provider | ||
44 | rm -f ${D}${bindir}/aktualizr_implicit_writer | ||
45 | rm -f ${D}${libdir}/sota/sota.toml | ||
46 | ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-example', '', 'rm -f ${D}${bindir}/example-interface', d)} | ||
47 | ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-isotp-example', '', 'rm -f ${D}${bindir}/isotp-test-interface', d)} | ||
48 | |||
49 | install -d ${D}${systemd_unitdir}/system | 54 | install -d ${D}${systemd_unitdir}/system |
50 | aktualizr_service=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', '${WORKDIR}/aktualizr-serialcan.service', '${WORKDIR}/aktualizr.service', d)} | 55 | aktualizr_service=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', '${WORKDIR}/aktualizr-serialcan.service', '${WORKDIR}/aktualizr.service', d)} |
51 | install -m 0644 ${aktualizr_service} ${D}${systemd_unitdir}/system/aktualizr.service | 56 | install -m 0644 ${aktualizr_service} ${D}${systemd_unitdir}/system/aktualizr.service |
52 | } | 57 | } |
53 | 58 | ||
54 | do_install_append_class-native () { | 59 | do_install_append_class-native () { |
55 | rm -f ${D}${bindir}/aktualizr | ||
56 | rm -f ${D}${bindir}/aktualizr-info | ||
57 | rm -f ${D}${bindir}/example-interface | ||
58 | install -d ${D}${libdir}/sota | 60 | install -d ${D}${libdir}/sota |
59 | install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml | 61 | install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml |
60 | install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml | 62 | install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml |
@@ -65,23 +67,40 @@ do_install_append_class-native () { | |||
65 | install -m 0644 ${B}/src/sota_tools/garage-sign-prefix/src/garage-sign/lib/* ${D}${libdir} | 67 | install -m 0644 ${B}/src/sota_tools/garage-sign-prefix/src/garage-sign/lib/* ${D}${libdir} |
66 | } | 68 | } |
67 | 69 | ||
68 | FILES_${PN}_append = " \ | 70 | PACKAGES =+ " ${PN}-common ${PN}-examples ${PN}-host-tools ${PN}-secondary " |
69 | ${libdir}/sota \ | ||
70 | " | ||
71 | 71 | ||
72 | FILES_${PN}_class-target = " \ | 72 | FILES_${PN} = " \ |
73 | ${bindir}/aktualizr \ | 73 | ${bindir}/aktualizr \ |
74 | ${bindir}/aktualizr-info \ | 74 | ${bindir}/aktualizr-info \ |
75 | ${systemd_unitdir}/system/aktualizr.service \ | 75 | ${systemd_unitdir}/system/aktualizr.service \ |
76 | " | 76 | " |
77 | 77 | ||
78 | FILES_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-example', ' ${bindir}/example-interface', '', d)} " | 78 | FILES_${PN}-common = " \ |
79 | FILES_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-isotp-example', ' ${bindir}/isotp-test-interface', '', d)} " | 79 | ${libdir}/sota/schemas \ |
80 | FILES_${PN}_class-native = " \ | 80 | " |
81 | |||
82 | FILES_${PN}-examples = " \ | ||
83 | ${libdir}/sota/demo_secondary.json \ | ||
84 | ${bindir}/example-interface \ | ||
85 | ${bindir}/isotp-test-interface \ | ||
86 | " | ||
87 | |||
88 | FILES_${PN}-host-tools = " \ | ||
81 | ${bindir}/aktualizr_cert_provider \ | 89 | ${bindir}/aktualizr_cert_provider \ |
82 | ${bindir}/aktualizr_implicit_writer \ | 90 | ${bindir}/aktualizr_implicit_writer \ |
83 | ${bindir}/garage-deploy \ | 91 | ${bindir}/garage-deploy \ |
84 | ${bindir}/garage-push \ | 92 | ${bindir}/garage-push \ |
85 | " | 93 | " |
86 | 94 | ||
95 | FILES_${PN}-secondary = " \ | ||
96 | ${bindir}/aktualizr-secondary \ | ||
97 | ${libdir}/sota/sota_secondary.toml \ | ||
98 | ${systemd_unitdir}/system/aktualizr-secondary.socket \ | ||
99 | ${systemd_unitdir}/system/aktualizr-secondary.service \ | ||
100 | " | ||
101 | |||
102 | # Both primary and secondary need the SQL Schemas | ||
103 | RDEPENDS_${PN}_class-target =+ "${PN}-common" | ||
104 | RDEPENDS_${PN}-secondary_class-target =+ "${PN}-common" | ||
105 | |||
87 | # vim:set ts=4 sw=4 sts=4 expandtab: | 106 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-sota/aktualizr/files/aktualizr-secondary.service b/recipes-sota/aktualizr/files/aktualizr-secondary.service new file mode 100644 index 0000000..a1e0e1b --- /dev/null +++ b/recipes-sota/aktualizr/files/aktualizr-secondary.service | |||
@@ -0,0 +1,9 @@ | |||
1 | [Unit] | ||
2 | Description=Aktualizr SOTA Client (UPTANE Secondary) | ||
3 | |||
4 | [Service] | ||
5 | RestartSec=10 | ||
6 | Restart=always | ||
7 | EnvironmentFile=-/etc/sota/sota.env | ||
8 | ExecStart=/usr/bin/aktualizr-secondary --config /usr/lib/sota/sota_secondary.toml | ||
9 | |||
diff --git a/recipes-sota/aktualizr/files/aktualizr-secondary.socket b/recipes-sota/aktualizr/files/aktualizr-secondary.socket new file mode 100644 index 0000000..1cb4269 --- /dev/null +++ b/recipes-sota/aktualizr/files/aktualizr-secondary.socket | |||
@@ -0,0 +1,5 @@ | |||
1 | [Socket] | ||
2 | ListenStream=9030 | ||
3 | |||
4 | [Install] | ||
5 | WantedBy=sockets.target \ No newline at end of file | ||
diff --git a/recipes-test/images/secondary-image.bb b/recipes-test/images/secondary-image.bb new file mode 100644 index 0000000..c7a91db --- /dev/null +++ b/recipes-test/images/secondary-image.bb | |||
@@ -0,0 +1,18 @@ | |||
1 | include recipes-core/images/core-image-minimal.bb | ||
2 | |||
3 | SUMMARY = "A minimal Uptane Secondary image running aktualizr-secondary" | ||
4 | |||
5 | LICENSE = "MIT" | ||
6 | |||
7 | |||
8 | # Remove default aktualizr primary, and the provisioning configuration (which | ||
9 | # RDEPENDS on aktualizr) | ||
10 | IMAGE_INSTALL_remove = " \ | ||
11 | aktualizr \ | ||
12 | aktualizr-auto-prov \ | ||
13 | aktualizr-ca-implicit-prov \ | ||
14 | aktualizr-hsm-prov \ | ||
15 | aktualizr-implicit-prov \ | ||
16 | " | ||
17 | |||
18 | IMAGE_INSTALL_append = " aktualizr-secondary " \ No newline at end of file | ||