diff options
| author | Patrick Vacek <patrickvacek@gmail.com> | 2019-08-21 15:01:51 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-21 15:01:51 +0200 |
| commit | abfc287de407fe53cbbdd6edb9d08cf8cf51b298 (patch) | |
| tree | f2ae1e7f3b370a1ac66f511b4d27ac5a49860c9d /README.adoc | |
| parent | 3bc650084e9db3320c67b6e5abe36920080ff576 (diff) | |
| parent | 74d9d16f5a6bb2b28652eb4b5a258092fdb24937 (diff) | |
| download | meta-updater-abfc287de407fe53cbbdd6edb9d08cf8cf51b298.tar.gz | |
Merge pull request #590 from advancedtelematic/fix/OTA-3419/garage-sign-expiry
aktualizr: latest garage-sign with expiration support.
Diffstat (limited to 'README.adoc')
| -rw-r--r-- | README.adoc | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/README.adoc b/README.adoc index dd07425..bcbcf96 100644 --- a/README.adoc +++ b/README.adoc | |||
| @@ -107,6 +107,9 @@ Your images will also need network connectivity to be able to reach an actual OT | |||
| 107 | * `OSTREE_UPDATE_SUMMARY` - Set this to '1' to update summary of OSTree repository on each commit. '0' by default. | 107 | * `OSTREE_UPDATE_SUMMARY` - Set this to '1' to update summary of OSTree repository on each commit. '0' by default. |
| 108 | * `OSTREE_DEPLOY_DEVICETREE` - Set this to '1' to include devicetree(s) to boot | 108 | * `OSTREE_DEPLOY_DEVICETREE` - Set this to '1' to include devicetree(s) to boot |
| 109 | * `GARAGE_SIGN_AUTOVERSION` - Set this to '1' to automatically fetch the last version of the garage tools installed by the aktualizr-native. Otherwise use the fixed version specified in the recipe. | 109 | * `GARAGE_SIGN_AUTOVERSION` - Set this to '1' to automatically fetch the last version of the garage tools installed by the aktualizr-native. Otherwise use the fixed version specified in the recipe. |
| 110 | * `GARAGE_TARGET_URL` - sets the `--url` parameter of `garage-sign targets add`, which sets a custom URL for the Image repository targets. | ||
| 111 | * `GARAGE_TARGET_EXPIRES` - sets the `--expires` parameter of `garage-sign targets sign`. Format is a UTC instant such as '2018-01-01T00:01:00Z'. | ||
| 112 | * `GARAGE_TARGET_EXPIRE_AFTER` - sets the `--expire-after` parameter of `garage-sign targets sign`. Format is in years, months, and days (each optional, but in that order), such as '1Y3M5D'. | ||
| 110 | * `INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. | 113 | * `INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. |
| 111 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. | 114 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. |
| 112 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. | 115 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. |
| @@ -197,6 +200,12 @@ IMAGE_INSTALL_append += " aktualizr-resource-control " | |||
| 197 | RESOURCE_CPU_WEIGHT_pn-aktualizr = "50" | 200 | RESOURCE_CPU_WEIGHT_pn-aktualizr = "50" |
| 198 | .... | 201 | .... |
| 199 | 202 | ||
| 203 | === garage-sign configuration | ||
| 204 | |||
| 205 | The https://github.com/advancedtelematic/ota-tuf/tree/master/cli[garage-sign] tool can be configured with variables described in the <<sota-related-variables-in-localconf,SOTA-related variables in local.conf>> section. | ||
| 206 | |||
| 207 | Of particular importance is controlling the expiration of the Targets metadata signed with garage-sign. This is described in detail in the https://docs.ota.here.com/ota-client/dev/metadata-expiry.html[OTA Connect documentation]. To set a manual expiration date, you can use either of the variables `GARAGE_TARGET_EXPIRES` or `GARAGE_TARGET_EXPIRE_AFTER`. Both cannot be supplied simultaneously. If neither are provided, a default of one month will be used. | ||
| 208 | |||
| 200 | == Development configuration | 209 | == Development configuration |
| 201 | 210 | ||
| 202 | === Logging | 211 | === Logging |