diff options
author | Patrick Vacek <patrickvacek@gmail.com> | 2018-06-05 10:51:45 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-06-05 10:51:45 +0200 |
commit | 5748c431c2c2f0bc8271d9cadae42c61ef5a67a4 (patch) | |
tree | 4c63528c2eb1214bef9f77d987ffb3098927f1e2 /recipes-sota | |
parent | 4c4f51f6269c0bd6243dce81eea049e4a073de30 (diff) | |
parent | 86ec5453165c8e9b12c0c874b011d470008792a1 (diff) | |
download | meta-updater-5748c431c2c2f0bc8271d9cadae42c61ef5a67a4.tar.gz |
Merge pull request #331 from advancedtelematic/bugfix/implicit-upgrade-rocko
Bugfix/implicit upgrade rocko
Diffstat (limited to 'recipes-sota')
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-auto-prov.bb | 7 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb | 11 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-hsm-prov.bb | 12 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-implicit-prov.bb | 10 | ||||
-rwxr-xr-x | recipes-sota/aktualizr/aktualizr_git.bb | 5 |
5 files changed, 28 insertions, 17 deletions
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 8deee7e..7f4f2e4 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb | |||
@@ -1,5 +1,5 @@ | |||
1 | SUMMARY = "Aktualizr configuration for autoprovisioning" | 1 | SUMMARY = "Aktualizr configuration for autoprovisioning" |
2 | DESCRIPTION = "Systemd service and configurations for autoprovisioning Aktualizr, the SOTA Client application written in C++" | 2 | DESCRIPTION = "Configuration for automatically provisioning Aktualizr, the SOTA Client application written in C++" |
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
@@ -35,7 +35,8 @@ do_install() { | |||
35 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 35 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
36 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} | 36 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} |
37 | 37 | ||
38 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} ${D}${libdir}/sota/conf.d/20-sota.toml | 38 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ |
39 | ${D}${libdir}/sota/conf.d/20-${aktualizr_toml}.toml | ||
39 | 40 | ||
40 | # deploy SOTA credentials | 41 | # deploy SOTA credentials |
41 | if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then | 42 | if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then |
@@ -48,7 +49,7 @@ do_install() { | |||
48 | 49 | ||
49 | FILES_${PN} = " \ | 50 | FILES_${PN} = " \ |
50 | ${libdir}/sota/conf.d \ | 51 | ${libdir}/sota/conf.d \ |
51 | ${libdir}/sota/conf.d/20-sota.toml \ | 52 | ${libdir}/sota/conf.d/20-${aktualizr_toml}.toml \ |
52 | ${localstatedir}/sota \ | 53 | ${localstatedir}/sota \ |
53 | ${localstatedir}/sota/sota_provisioning_credentials.zip \ | 54 | ${localstatedir}/sota/sota_provisioning_credentials.zip \ |
54 | " | 55 | " |
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb index 319074e..4d5ff79 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb | |||
@@ -1,5 +1,5 @@ | |||
1 | SUMMARY = "Aktualizr configuration for implicit provisioning with CA" | 1 | SUMMARY = "Aktualizr configuration for implicit provisioning with CA" |
2 | DESCRIPTION = "Systemd service and configurations for implicitly provisioning Aktualizr using externally provided or generated CA" | 2 | DESCRIPTION = "Configuration for implicitly provisioning Aktualizr using externally provided or generated CA" |
3 | 3 | ||
4 | # WARNING: it is NOT a production solution. The secure way to provision devices is to create certificate request directly on the device | 4 | # WARNING: it is NOT a production solution. The secure way to provision devices is to create certificate request directly on the device |
5 | # (either with HSM/TPM or with software) and then sign it with a CA stored on a disconnected machine | 5 | # (either with HSM/TPM or with software) and then sign it with a CA stored on a disconnected machine |
@@ -36,7 +36,7 @@ do_install() { | |||
36 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | 36 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem |
37 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | 37 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem |
38 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | 38 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA |
39 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | 39 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" |
40 | 40 | ||
41 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | 41 | if [ ! -f ${SOTA_CACERT_PATH} ]; then |
42 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | 42 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" |
@@ -52,19 +52,20 @@ do_install() { | |||
52 | fi | 52 | fi |
53 | 53 | ||
54 | install -m 0700 -d ${D}${localstatedir}/sota | 54 | install -m 0700 -d ${D}${localstatedir}/sota |
55 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov_ca.toml ${D}${libdir}/sota/conf.d/20-sota.toml | 55 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov_ca.toml \ |
56 | ${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml | ||
56 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | 57 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ |
57 | --device-ca ${SOTA_CACERT_PATH} \ | 58 | --device-ca ${SOTA_CACERT_PATH} \ |
58 | --device-ca-key ${SOTA_CAKEY_PATH} \ | 59 | --device-ca-key ${SOTA_CAKEY_PATH} \ |
59 | --root-ca \ | 60 | --root-ca \ |
60 | --server-url \ | 61 | --server-url \ |
61 | --local ${D}${localstatedir}/sota \ | 62 | --local ${D}${localstatedir}/sota \ |
62 | --config ${D}${libdir}/sota/conf.d/20-sota.toml | 63 | --config ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov_ca.toml |
63 | } | 64 | } |
64 | 65 | ||
65 | FILES_${PN} = " \ | 66 | FILES_${PN} = " \ |
66 | ${libdir}/sota/conf.d \ | 67 | ${libdir}/sota/conf.d \ |
67 | ${libdir}/sota/conf.d/20-sota.toml \ | 68 | ${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \ |
68 | ${libdir}/sota/root.crt \ | 69 | ${libdir}/sota/root.crt \ |
69 | ${localstatedir}/sota/* \ | 70 | ${localstatedir}/sota/* \ |
70 | " | 71 | " |
diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb index 504f0d8..d526cd2 100644 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb | |||
@@ -1,12 +1,12 @@ | |||
1 | SUMMARY = "Aktualizr configuration with HSM support" | 1 | SUMMARY = "Aktualizr configuration with HSM support" |
2 | DESCRIPTION = "Systemd service and configurations for HSM provisioning with Aktualizr, the SOTA Client application written in C++" | 2 | DESCRIPTION = "Configuration for HSM provisioning with Aktualizr, the SOTA Client application written in C++" |
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" |
7 | 7 | ||
8 | DEPENDS = "aktualizr-native" | 8 | DEPENDS = "aktualizr-native" |
9 | RDEPENDS_${PN} = "aktualizr softhsm softhsm-testtoken" | 9 | RDEPENDS_${PN} = "aktualizr" |
10 | 10 | ||
11 | SRC_URI = " \ | 11 | SRC_URI = " \ |
12 | file://LICENSE \ | 12 | file://LICENSE \ |
@@ -19,15 +19,19 @@ require credentials.inc | |||
19 | 19 | ||
20 | do_install() { | 20 | do_install() { |
21 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 21 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
22 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_hsm_prov.toml \ | ||
23 | ${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml | ||
22 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 24 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
23 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \ | 25 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \ |
24 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_hsm_prov.toml -o ${D}${libdir}/sota/conf.d/20-sota.toml -p ${D} | 26 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_hsm_prov.toml \ |
27 | -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D} | ||
25 | fi | 28 | fi |
26 | } | 29 | } |
27 | 30 | ||
28 | FILES_${PN} = " \ | 31 | FILES_${PN} = " \ |
29 | ${libdir}/sota/conf.d \ | 32 | ${libdir}/sota/conf.d \ |
30 | ${libdir}/sota/conf.d/20-sota.toml \ | 33 | ${libdir}/sota/conf.d/20-sota_hsm_prov.toml \ |
34 | ${libdir}/sota/conf.d/30-implicit_server.toml \ | ||
31 | " | 35 | " |
32 | 36 | ||
33 | # vim:set ts=4 sw=4 sts=4 expandtab: | 37 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb index dcfaffb..e08eeef 100644 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb | |||
@@ -1,5 +1,5 @@ | |||
1 | SUMMARY = "Aktualizr configuration for implicit provisioning" | 1 | SUMMARY = "Aktualizr configuration for implicit provisioning" |
2 | DESCRIPTION = "Systemd service and configurations for implicitly provisioning Aktualizr, the SOTA Client application written in C++" | 2 | DESCRIPTION = "Configuration for implicitly provisioning Aktualizr, the SOTA Client application written in C++" |
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
@@ -19,15 +19,19 @@ require credentials.inc | |||
19 | 19 | ||
20 | do_install() { | 20 | do_install() { |
21 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 21 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
22 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml \ | ||
23 | ${D}${libdir}/sota/conf.d/20-sota_implicit_prov.toml | ||
22 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 24 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
23 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | 25 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ |
24 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/conf.d/20-sota.toml -p ${D} | 26 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml \ |
27 | -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D} | ||
25 | fi | 28 | fi |
26 | } | 29 | } |
27 | 30 | ||
28 | FILES_${PN} = " \ | 31 | FILES_${PN} = " \ |
29 | ${libdir}/sota/conf.d \ | 32 | ${libdir}/sota/conf.d \ |
30 | ${libdir}/sota/conf.d/20-sota.toml \ | 33 | ${libdir}/sota/conf.d/20-implicit_prov.toml \ |
34 | ${libdir}/sota/conf.d/30-implicit_server.toml \ | ||
31 | ${libdir}/sota/root.crt \ | 35 | ${libdir}/sota/root.crt \ |
32 | " | 36 | " |
33 | 37 | ||
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index f55eca8..8dc4b31 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -10,7 +10,8 @@ DEPENDS_append_class-target = "ostree ${@bb.utils.contains('SOTA_CLIENT_FEATURES | |||
10 | DEPENDS_append_class-native = "glib-2.0-native " | 10 | DEPENDS_append_class-native = "glib-2.0-native " |
11 | 11 | ||
12 | RDEPENDS_${PN}_class-target = "lshw " | 12 | RDEPENDS_${PN}_class-target = "lshw " |
13 | RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " | 13 | RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " |
14 | RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}" | ||
14 | 15 | ||
15 | PV = "1.0+git${SRCPV}" | 16 | PV = "1.0+git${SRCPV}" |
16 | PR = "7" | 17 | PR = "7" |
@@ -22,7 +23,7 @@ SRC_URI = " \ | |||
22 | file://aktualizr-secondary.socket \ | 23 | file://aktualizr-secondary.socket \ |
23 | file://aktualizr-serialcan.service \ | 24 | file://aktualizr-serialcan.service \ |
24 | " | 25 | " |
25 | SRCREV = "3b89858cf8ce9a8331cc4e6a5d2b5783d2eb7ae9" | 26 | SRCREV = "114dc6c519ca9a605d73ad292821348607d0fa12" |
26 | BRANCH ?= "master" | 27 | BRANCH ?= "master" |
27 | 28 | ||
28 | S = "${WORKDIR}/git" | 29 | S = "${WORKDIR}/git" |