summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--README.adoc49
-rw-r--r--conf/layer.conf12
-rw-r--r--recipes-sota/aktualizr/aktualizr-device-prov-creds.bb60
-rw-r--r--recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb10
-rw-r--r--recipes-sota/aktualizr/aktualizr-device-prov.bb9
-rw-r--r--recipes-sota/aktualizr/aktualizr-hwid.bb24
-rw-r--r--recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb9
-rw-r--r--recipes-sota/aktualizr/aktualizr-shared-prov.bb11
-rw-r--r--recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb10
-rw-r--r--recipes-sota/aktualizr/aktualizr_git.bb29
-rw-r--r--recipes-test/demo-config/primary-config.bb2
-rw-r--r--recipes-test/demo-config/secondary-config.bb13
-rw-r--r--recipes-test/demo-network-config/network-config.inc9
-rw-r--r--recipes-test/demo-network-config/primary-network-config.bb8
-rw-r--r--recipes-test/demo-network-config/secondary-network-config.bb8
-rw-r--r--recipes-test/images/secondary-image.bb1
-rwxr-xr-xscripts/find_aktualizr_dependencies.sh1
17 files changed, 130 insertions, 135 deletions
diff --git a/README.adoc b/README.adoc
index 12e0446..4cccc7b 100644
--- a/README.adoc
+++ b/README.adoc
@@ -1,17 +1,18 @@
1= meta-updater 1= meta-updater
2:toc: macro 2:toc: macro
3:toc-title: 3:toc-title:
4:aktualizr-docsroot: https://github.com/advancedtelematic/aktualizr/tree/master/docs/ota-client-guide/modules/ROOT/pages/ 4:devguide-docsroot: https://docs.ota.here.com/ota-client/latest/
5:getstarted-docsroot: https://docs.ota.here.com/getstarted/dev/
5 6
6Meta-updater is a link:https://www.yoctoproject.org/software-overview/layers/[Yocto layer] that enables over-the-air updates (OTA) with https://github.com/ostreedev/ostree[OSTree] and https://github.com/advancedtelematic/aktualizr[Aktualizr] -- the default client for link:https://www.here.com/products/automotive/ota-technology[HERE OTA Connect]. 7Meta-updater is a link:https://www.yoctoproject.org/software-overview/layers/[Yocto layer] that enables over-the-air updates (OTA) with https://github.com/ostreedev/ostree[OSTree] and https://github.com/advancedtelematic/aktualizr[Aktualizr] -- the default client for link:https://www.here.com/products/automotive/ota-technology[HERE OTA Connect].
7 8
8https://github.com/ostreedev/ostree[OSTree] is a tool for atomic full file system upgrades with rollback capability. OSTree has several advantages over traditional dual-bank systems, but the most important one is that it minimizes network bandwidth and data storage footprint by sharing files with the same contents across file system deployments. 9https://github.com/ostreedev/ostree[OSTree] is a tool for atomic full file system upgrades with rollback capability. OSTree has several advantages over traditional dual-bank systems, but the most important one is that it minimizes network bandwidth and data storage footprint by sharing files with the same contents across file system deployments.
9 10
10https://github.com/advancedtelematic/aktualizr[Aktualizr] (and https://github.com/advancedtelematic/rvi_sota_client[RVI SOTA client]) add authentication and provisioning capabilities to OTA and are integrated with OSTree. You can connect with these open-source applications or sign up for a free account at https://connect.ota.here.com/[HERE OTA Connect] to get started. 11https://github.com/advancedtelematic/aktualizr[Aktualizr] implements https://uptane.github.io/uptane-standard/uptane-standard.html[Uptane], supports device authentication and provisioning, and is integrated with OSTree. You can connect aktualizr to your own server solution or sign up for a free account at https://connect.ota.here.com/[HERE OTA Connect] to get started.
11 12
12== Quickstart 13== Quickstart
13 14
14If you don't already have a Yocto project that you want to add OTA to, you can use the xref:dev@getstarted::raspberry-pi.adoc[HERE OTA Connect Quickstart] project to rapidly get up and running on a Raspberry Pi. It takes a standard https://www.yoctoproject.org/tools-resources/projects/poky[poky] distribution, and adds OTA and OSTree capabilities. 15If you don't already have a Yocto project that you want to add OTA to, you can use the xref:{getstarted-docsroot}get-started.html[HERE OTA Connect Quickstart] project to rapidly get up and running on a xref:{getstarted-docsroot}raspberry-pi.html[Raspberry Pi] or with xref:{getstarted-docsroot}qemuvirtualbox.html[QEMU]. It takes a standard https://www.yoctoproject.org/tools-resources/projects/poky[poky] distribution, and adds OTA and OSTree capabilities.
15 16
16== Dependencies 17== Dependencies
17 18
@@ -30,43 +31,43 @@ sudo apt install ovmf
30[discrete] 31[discrete]
31== Table of Contents 32== Table of Contents
32 33
33The following documentation focuses on tasks that involve the meta-updater layer. If you want to get an idea of the overall developer workflow in OTA Connect, see the link:https://docs.ota.here.com/ota-client/dev/index.html[OTA Connect Developer Guide]. 34The following documentation focuses on tasks that involve the meta-updater layer. If you want to get an idea of the overall developer workflow in OTA Connect, see the link:{devguide-docsroot}index.html[OTA Connect Developer Guide].
34[NOTE]
35====
36The following links point to files in the aktualizr repository where the source of the developer guide is stored.
37====
38 35
39* xref:{aktualizr-docsroot}meta-updater-build.adoc[Build] 36* xref:{devguide-docsroot}supported-boards.html[Supported boards]
40+ 37+
41Learn how to use this layer to build a basic disk image and add it to your own Yocto project. 38Find out if your board is supported and learn about the minimum hardware requirements.
42+ 39+
43* xref:{aktualizr-docsroot}supported-boards.adoc[Supported boards] 40* xref:{devguide-docsroot}build-agl.html[Build an Automotive Grade Linux image]
44+ 41+
45Find out if your board is supported and learn about the minimum hardware requirements. 42Learn how to use this layer as part of AGL.
43+
44* xref:{devguide-docsroot}add-ota-functonality-existing-yocto-project.html[Add OTA functionality to an existing Yocto project]
45+
46Learn how to add this layer to your own Yocto project.
46+ 47+
47* xref:{aktualizr-docsroot}build-configuration.adoc[SOTA-related variables in local.conf] 48* xref:{devguide-docsroot}build-configuration.html[SOTA-related variables in local.conf]
48+ 49+
49Learn how to configure OTA-related functionality when building disk images. 50Learn how to configure OTA-related functionality when building images, including how to install custom versions of aktualizr.
50+ 51+
51* xref:{aktualizr-docsroot}meta-updater-usage.adoc[Usage] 52* xref:{devguide-docsroot}recommended-clientconfig.html[Recommended configuration]
52+ 53+
53Learn about the `garage-push` and `garage-sign` utilities, aktualizr configuration and service resource control, and OSTree. 54Learn how to optimize your build for development or production.
54+ 55+
55* xref:{aktualizr-docsroot}meta-updater-dev-config.adoc[Development configuration] 56* xref:{devguide-docsroot}client-provisioning-methods.html[Provisoning methods]
56+ 57+
57Learn how to configure logging, install custom versions of aktualizr, and override the version indicator for sofware updates. 58Learn more about the methods for provisioning devices. For more detail, you may also want to read about how to xref:{devguide-docsroot}enable-device-cred-provisioning.html[enable device credential provisioning] or how to xref:{devguide-docsroot}simulate-device-cred-provtest.html[simulate it for testing].
58+ 59+
59* xref:{aktualizr-docsroot}meta-updater-testing.adoc#_qa_with_oe_selftest[QA with oe-selftest] 60* xref:{devguide-docsroot}meta-updater-usage.html[Advanced usage]
60+ 61+
61Learn how to use the `oe-selftest` framework for quality assurance. 62Learn about the `garage-push` and `garage-sign` utilities, aktualizr configuration recipes, and service resource control.
62+ 63+
63* xref:{aktualizr-docsroot}meta-updater-testing.adoc#_aktualizr_test_suite_with_ptest[Aktualizr test suite with ptest] 64* xref:{devguide-docsroot}meta-updater-testing.html[Testing with oe-selftest and ptest]
64+ 65+
65Learn how to enable Yocto's package test functionality and run parts of the aktualizr test suite. 66Learn how to use the `oe-selftest` framework for quality assurance and how to run the aktualizr test suite via ptest.
66+ 67+
67* xref:{aktualizr-docsroot}meta-updater-provisioning-methods.adoc[Provisoning methods] 68* xref:{devguide-docsroot}troubleshooting.html[Troubleshooting]
68+ 69+
69Learn how to enable different methods for provisioning devices. 70Get help on common problems.
70 71
71== License 72== License
72 73
diff --git a/conf/layer.conf b/conf/layer.conf
index 145c806..225875b 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -9,5 +9,15 @@ BBFILE_COLLECTIONS += "sota"
9BBFILE_PATTERN_sota = "^${LAYERDIR}/" 9BBFILE_PATTERN_sota = "^${LAYERDIR}/"
10BBFILE_PRIORITY_sota = "7" 10BBFILE_PRIORITY_sota = "7"
11 11
12LAYERDEPENDS_sota = "filesystems-layer" 12LAYERDEPENDS_sota = "openembedded-layer"
13LAYERDEPENDS_sota += "meta-python"
14LAYERDEPENDS_sota += "filesystems-layer"
13LAYERSERIES_COMPAT_sota = "thud warrior zeus" 15LAYERSERIES_COMPAT_sota = "thud warrior zeus"
16
17SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \
18 aktualizr-device-prov->aktualizr \
19 aktualizr-device-prov-hsm->aktualizr \
20 aktualizr-shared-prov->aktualizr \
21 aktualizr-shared-prov-creds->aktualizr \
22 aktualizr-uboot-env-rollback->aktualizr \
23"
diff --git a/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb
deleted file mode 100644
index 6e02a50..0000000
--- a/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb
+++ /dev/null
@@ -1,60 +0,0 @@
1SUMMARY = "Credentials for device provisioning with fleet CA certificate"
2HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
3SECTION = "base"
4LICENSE = "MPL-2.0"
5LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
6
7inherit allarch
8
9# WARNING: it is NOT a production solution. The secure way to provision devices
10# is to create certificate request directly on the device (either with HSM/TPM
11# or with software) and then sign it with a CA stored on a disconnected machine.
12
13DEPENDS = "aktualizr aktualizr-native"
14ALLOW_EMPTY_${PN} = "1"
15
16SRC_URI = " \
17 file://ca.cnf \
18 "
19
20require credentials.inc
21
22export SOTA_CACERT_PATH
23export SOTA_CAKEY_PATH
24
25do_install() {
26 if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
27 if [ -z ${SOTA_CACERT_PATH} ]; then
28 SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem
29 SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem
30 mkdir -p ${DEPLOY_DIR_IMAGE}/CA
31 bbwarn "SOTA_CACERT_PATH is not specified, use default one at ${SOTA_CACERT_PATH}"
32
33 if [ ! -f ${SOTA_CACERT_PATH} ]; then
34 bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA"
35 SOTA_CACERT_DIR_PATH="$(dirname "${SOTA_CACERT_PATH}")"
36 openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096
37 openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert
38 bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server"
39 fi
40 fi
41
42 if [ -z ${SOTA_CAKEY_PATH} ]; then
43 bbfatal "SOTA_CAKEY_PATH should be set when using device credential provisioning"
44 fi
45
46 install -m 0700 -d ${D}${localstatedir}/sota
47 aktualizr-cert-provider --credentials ${SOTA_PACKED_CREDENTIALS} \
48 --fleet-ca ${SOTA_CACERT_PATH} \
49 --fleet-ca-key ${SOTA_CAKEY_PATH} \
50 --root-ca \
51 --server-url \
52 --local ${D} \
53 --config ${STAGING_DIR_HOST}${libdir}/sota/sota-device-cred.toml
54 fi
55}
56
57FILES_${PN} = " \
58 ${localstatedir}/sota/*"
59
60# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb b/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb
index c3cd593..4eadb77 100644
--- a/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb
+++ b/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb
@@ -7,14 +7,16 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
7 7
8inherit allarch 8inherit allarch
9 9
10DEPENDS = "aktualizr aktualizr-native" 10# We need to get the config files from the aktualizr-host-tools package built by
11RDEPENDS_${PN}_append = "${@' aktualizr-device-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" 11# the aktualizr (target) recipe.
12DEPENDS = "aktualizr"
12 13
13SRC_URI = "" 14# If the config file from aktualizr used here is changed, you will need to bump
15# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS!
14PV = "1.0" 16PV = "1.0"
15PR = "6" 17PR = "6"
16 18
17require credentials.inc 19SRC_URI = ""
18 20
19do_install() { 21do_install() {
20 install -m 0700 -d ${D}${libdir}/sota/conf.d 22 install -m 0700 -d ${D}${libdir}/sota/conf.d
diff --git a/recipes-sota/aktualizr/aktualizr-device-prov.bb b/recipes-sota/aktualizr/aktualizr-device-prov.bb
index d579532..55f398d 100644
--- a/recipes-sota/aktualizr/aktualizr-device-prov.bb
+++ b/recipes-sota/aktualizr/aktualizr-device-prov.bb
@@ -7,13 +7,16 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
7 7
8inherit allarch 8inherit allarch
9 9
10DEPENDS = "aktualizr aktualizr-native openssl-native" 10# We need to get the config files from the aktualizr-host-tools package built by
11RDEPENDS_${PN}_append = "${@' aktualizr-device-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" 11# the aktualizr (target) recipe.
12DEPENDS = "aktualizr"
12 13
14# If the config file from aktualizr used here is changed, you will need to bump
15# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS!
13PV = "1.0" 16PV = "1.0"
14PR = "1" 17PR = "1"
15 18
16require credentials.inc 19SRC_URI = ""
17 20
18do_install() { 21do_install() {
19 install -m 0700 -d ${D}${libdir}/sota/conf.d 22 install -m 0700 -d ${D}${libdir}/sota/conf.d
diff --git a/recipes-sota/aktualizr/aktualizr-hwid.bb b/recipes-sota/aktualizr/aktualizr-hwid.bb
new file mode 100644
index 0000000..fd3e395
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr-hwid.bb
@@ -0,0 +1,24 @@
1SUMMARY = "Aktualizr hwid configuration"
2HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
3SECTION = "base"
4LICENSE = "MPL-2.0"
5LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
6
7# Because of the dependency on MACHINE.
8PACKAGE_ARCH = "${MACHINE_ARCH}"
9
10SRC_URI = ""
11
12do_install() {
13 install -m 0700 -d ${D}${libdir}/sota/conf.d
14 if [ -n "${SOTA_HARDWARE_ID}" ]; then
15 printf "[provision]\nprimary_ecu_hardware_id = ${SOTA_HARDWARE_ID}\n" > ${D}${libdir}/sota/conf.d/40-hardware-id.toml
16 fi
17}
18
19FILES_${PN} = " \
20 ${libdir}/sota/conf.d \
21 ${libdir}/sota/conf.d/40-hardware-id.toml \
22 "
23
24# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb
index 2701c07..9c6f0dd 100644
--- a/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb
+++ b/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb
@@ -6,9 +6,16 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
6 6
7inherit allarch 7inherit allarch
8 8
9DEPENDS = "aktualizr-native zip-native" 9DEPENDS = "zip-native"
10ALLOW_EMPTY_${PN} = "1" 10ALLOW_EMPTY_${PN} = "1"
11 11
12# If the config file from aktualizr used here is changed, you will need to bump
13# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS!
14PV = "1.0"
15PR = "1"
16
17SRC_URI = ""
18
12require credentials.inc 19require credentials.inc
13 20
14do_install() { 21do_install() {
diff --git a/recipes-sota/aktualizr/aktualizr-shared-prov.bb b/recipes-sota/aktualizr/aktualizr-shared-prov.bb
index d3d6f16..2ee47a1 100644
--- a/recipes-sota/aktualizr/aktualizr-shared-prov.bb
+++ b/recipes-sota/aktualizr/aktualizr-shared-prov.bb
@@ -7,15 +7,18 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
7 7
8inherit allarch 8inherit allarch
9 9
10DEPENDS = "aktualizr-native zip-native" 10# We need to get the config files from the aktualizr-host-tools package built by
11# the aktualizr (target) recipe.
12DEPENDS = "aktualizr"
11RDEPENDS_${PN}_append = "${@' aktualizr-shared-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" 13RDEPENDS_${PN}_append = "${@' aktualizr-shared-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}"
14
15# If the config file from aktualizr used here is changed, you will need to bump
16# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS!
12PV = "1.0" 17PV = "1.0"
13PR = "6" 18PR = "6"
14 19
15SRC_URI = "" 20SRC_URI = ""
16 21
17require credentials.inc
18
19do_install() { 22do_install() {
20 if [ -n "${SOTA_AUTOPROVISION_CREDENTIALS}" ]; then 23 if [ -n "${SOTA_AUTOPROVISION_CREDENTIALS}" ]; then
21 bbwarn "SOTA_AUTOPROVISION_CREDENTIALS are ignored. Please use SOTA_PACKED_CREDENTIALS" 24 bbwarn "SOTA_AUTOPROVISION_CREDENTIALS are ignored. Please use SOTA_PACKED_CREDENTIALS"
@@ -31,7 +34,7 @@ do_install() {
31 fi 34 fi
32 35
33 install -m 0700 -d ${D}${libdir}/sota/conf.d 36 install -m 0700 -d ${D}${libdir}/sota/conf.d
34 install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota-shared-cred.toml \ 37 install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota-shared-cred.toml \
35 ${D}${libdir}/sota/conf.d/20-sota-shared-cred.toml 38 ${D}${libdir}/sota/conf.d/20-sota-shared-cred.toml
36} 39}
37 40
diff --git a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb
index 860f225..2895e5c 100644
--- a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb
+++ b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb
@@ -6,14 +6,18 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
6 6
7inherit allarch 7inherit allarch
8 8
9DEPENDS = "aktualizr-native" 9DEPENDS = "aktualizr"
10RDEPENDS_${PN} = "aktualizr" 10
11# If the config file from aktualizr used here is changed, you will need to bump
12# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS!
13PV = "1.0"
14PR = "1"
11 15
12SRC_URI = "" 16SRC_URI = ""
13 17
14do_install() { 18do_install() {
15 install -m 0700 -d ${D}${libdir}/sota/conf.d 19 install -m 0700 -d ${D}${libdir}/sota/conf.d
16 install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota-uboot-env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml 20 install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota-uboot-env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml
17} 21}
18 22
19FILES_${PN} = " \ 23FILES_${PN} = " \
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb
index e4c9be8..0de0866 100644
--- a/recipes-sota/aktualizr/aktualizr_git.bb
+++ b/recipes-sota/aktualizr/aktualizr_git.bb
@@ -3,11 +3,11 @@ DESCRIPTION = "SOTA Client application written in C++"
3HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" 3HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
4SECTION = "base" 4SECTION = "base"
5LICENSE = "MPL-2.0" 5LICENSE = "MPL-2.0"
6LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" 6LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=815ca599c9df247a0c7f619bab123dad"
7 7
8DEPENDS = "boost curl openssl libarchive libsodium sqlite3 asn1c-native" 8DEPENDS = "boost curl openssl libarchive libsodium sqlite3 asn1c-native"
9DEPENDS_append = "${@bb.utils.contains('PTEST_ENABLED', '1', ' coreutils-native net-tools-native ostree-native aktualizr-native ', '', d)}" 9DEPENDS_append = "${@bb.utils.contains('PTEST_ENABLED', '1', ' coreutils-native net-tools-native ostree-native aktualizr-native ', '', d)}"
10RDEPENDS_${PN}_class-target = "aktualizr-configs lshw" 10RDEPENDS_${PN}_class-target = "aktualizr-configs aktualizr-hwid lshw"
11RDEPENDS_${PN}-host-tools = "aktualizr aktualizr-cert-provider ${@bb.utils.contains('PACKAGECONFIG', 'sota-tools', 'garage-deploy garage-push', '', d)}" 11RDEPENDS_${PN}-host-tools = "aktualizr aktualizr-cert-provider ${@bb.utils.contains('PACKAGECONFIG', 'sota-tools', 'garage-deploy garage-push', '', d)}"
12 12
13RDEPENDS_${PN}-ptest += "bash cmake curl net-tools python3-core python3-misc python3-modules openssl-bin sqlite3 valgrind" 13RDEPENDS_${PN}-ptest += "bash cmake curl net-tools python3-core python3-misc python3-modules openssl-bin sqlite3 valgrind"
@@ -18,20 +18,19 @@ PR = "7"
18GARAGE_SIGN_PV = "0.7.0-33-g214dfb1" 18GARAGE_SIGN_PV = "0.7.0-33-g214dfb1"
19 19
20SRC_URI = " \ 20SRC_URI = " \
21 gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ 21 gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH};name=aktualizr \
22 file://run-ptest \ 22 file://run-ptest \
23 file://aktualizr.service \ 23 file://aktualizr.service \
24 file://aktualizr-secondary.service \ 24 file://aktualizr-secondary.service \
25 file://aktualizr-serialcan.service \ 25 file://aktualizr-serialcan.service \
26 file://10-resource-control.conf \ 26 file://10-resource-control.conf \
27 ${@ d.expand("https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${GARAGE_SIGN_PV}.tgz;unpack=0") if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''} \ 27 ${@ d.expand("https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${GARAGE_SIGN_PV}.tgz;unpack=0;name=garagesign") if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''} \
28 " 28 "
29 29
30# for garage-sign archive 30SRC_URI[garagesign.md5sum] = "66ffe8dcd61d4c15646e1c4b7dde7401"
31SRC_URI[md5sum] = "66ffe8dcd61d4c15646e1c4b7dde7401" 31SRC_URI[garagesign.sha256sum] = "7a7193ddf7e1a33ea60fbb20f98318a8bd78c325dab391d8c4ebd644a738abdc"
32SRC_URI[sha256sum] = "7a7193ddf7e1a33ea60fbb20f98318a8bd78c325dab391d8c4ebd644a738abdc"
33 32
34SRCREV = "d13ff1ceeca2694b982287740aca8f58edad514d" 33SRCREV = "1592d4ab63d8851aca3440529701425612fbe903"
35BRANCH ?= "master" 34BRANCH ?= "master"
36 35
37S = "${WORKDIR}/git" 36S = "${WORKDIR}/git"
@@ -46,7 +45,7 @@ SYSTEMD_PACKAGES = "${PN} ${PN}-secondary"
46SYSTEMD_SERVICE_${PN} = "aktualizr.service" 45SYSTEMD_SERVICE_${PN} = "aktualizr.service"
47SYSTEMD_SERVICE_${PN}-secondary = "aktualizr-secondary.service" 46SYSTEMD_SERVICE_${PN}-secondary = "aktualizr-secondary.service"
48 47
49EXTRA_OECMAKE = "-DCMAKE_BUILD_TYPE=Release -DAKTUALIZR_VERSION=${PV} ${@bb.utils.contains('PTEST_ENABLED', '1', '-DTESTSUITE_VALGRIND=on', '', d)}" 48EXTRA_OECMAKE = "-DCMAKE_BUILD_TYPE=Release ${@bb.utils.contains('PTEST_ENABLED', '1', '-DTESTSUITE_VALGRIND=on', '', d)}"
50 49
51GARAGE_SIGN_OPS = "${@ d.expand('-DGARAGE_SIGN_ARCHIVE=${WORKDIR}/cli-${GARAGE_SIGN_PV}.tgz') if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''}" 50GARAGE_SIGN_OPS = "${@ d.expand('-DGARAGE_SIGN_ARCHIVE=${WORKDIR}/cli-${GARAGE_SIGN_PV}.tgz') if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''}"
52 51
@@ -70,8 +69,12 @@ RESOURCE_CPU_WEIGHT = "100"
70RESOURCE_MEMORY_HIGH = "100M" 69RESOURCE_MEMORY_HIGH = "100M"
71RESOURCE_MEMORY_MAX = "80%" 70RESOURCE_MEMORY_MAX = "80%"
72 71
73do_compile_ptest() { 72do_configure_prepend() {
74 cmake_runcmake_build --target build_tests "${PARALLEL_MAKE}" 73 # CMake has trouble finding yocto's git when cross-compiling, let's do this step manually
74 cd ${S}
75 if [ ! -f VERSION ]; then
76 ./scripts/get_version.sh > VERSION
77 fi
75} 78}
76 79
77do_install_ptest() { 80do_install_ptest() {
@@ -102,10 +105,6 @@ do_install_append () {
102 install -m 0700 -d ${D}${libdir}/sota/conf.d 105 install -m 0700 -d ${D}${libdir}/sota/conf.d
103 install -m 0700 -d ${D}${sysconfdir}/sota/conf.d 106 install -m 0700 -d ${D}${sysconfdir}/sota/conf.d
104 107
105 if [ -n "${SOTA_HARDWARE_ID}" ]; then
106 printf "[provision]\nprimary_ecu_hardware_id = ${SOTA_HARDWARE_ID}\n" > ${D}${libdir}/sota/conf.d/40-hardware-id.toml
107 fi
108
109 install -m 0755 -d ${D}${systemd_unitdir}/system 108 install -m 0755 -d ${D}${systemd_unitdir}/system
110 aktualizr_service=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', '${WORKDIR}/aktualizr-serialcan.service', '${WORKDIR}/aktualizr.service', d)} 109 aktualizr_service=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', '${WORKDIR}/aktualizr-serialcan.service', '${WORKDIR}/aktualizr.service', d)}
111 install -m 0644 ${aktualizr_service} ${D}${systemd_unitdir}/system/aktualizr.service 110 install -m 0644 ${aktualizr_service} ${D}${systemd_unitdir}/system/aktualizr.service
diff --git a/recipes-test/demo-config/primary-config.bb b/recipes-test/demo-config/primary-config.bb
index 27cb553..b1964e2 100644
--- a/recipes-test/demo-config/primary-config.bb
+++ b/recipes-test/demo-config/primary-config.bb
@@ -4,6 +4,8 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
4 4
5require shared-conf.inc 5require shared-conf.inc
6 6
7inherit allarch
8
7PRIMARY_SECONDARIES ?= "${SECONDARY_IP}:${SECONDARY_PORT}" 9PRIMARY_SECONDARIES ?= "${SECONDARY_IP}:${SECONDARY_PORT}"
8 10
9SRC_URI = "\ 11SRC_URI = "\
diff --git a/recipes-test/demo-config/secondary-config.bb b/recipes-test/demo-config/secondary-config.bb
index 9411646..ddbed89 100644
--- a/recipes-test/demo-config/secondary-config.bb
+++ b/recipes-test/demo-config/secondary-config.bb
@@ -4,6 +4,9 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7
4 4
5require shared-conf.inc 5require shared-conf.inc
6 6
7# Because of the dependency on MACHINE.
8PACKAGE_ARCH = "${MACHINE_ARCH}"
9
7SECONDARY_SERIAL_ID ?= "" 10SECONDARY_SERIAL_ID ?= ""
8SOTA_HARDWARE_ID ?= "${MACHINE}-sndry" 11SOTA_HARDWARE_ID ?= "${MACHINE}-sndry"
9SECONDARY_HARDWARE_ID ?= "${SOTA_HARDWARE_ID}" 12SECONDARY_HARDWARE_ID ?= "${SOTA_HARDWARE_ID}"
@@ -16,18 +19,18 @@ SRC_URI = "\
16 19
17do_install () { 20do_install () {
18 install -m 0700 -d ${D}${libdir}/sota/conf.d 21 install -m 0700 -d ${D}${libdir}/sota/conf.d
19 install -m 0644 ${WORKDIR}/30-fake-pacman.toml ${D}/${libdir}/sota/conf.d/30-fake-pacman.toml 22 install -m 0644 ${WORKDIR}/30-fake-pacman.toml ${D}${libdir}/sota/conf.d/30-fake-pacman.toml
20 23
21 install -m 0644 ${WORKDIR}/35-network-config.toml ${D}/${libdir}/sota/conf.d/35-network-config.toml 24 install -m 0644 ${WORKDIR}/35-network-config.toml ${D}${libdir}/sota/conf.d/35-network-config.toml
22 sed -i -e 's|@PORT@|${SECONDARY_PORT}|g' \ 25 sed -i -e 's|@PORT@|${SECONDARY_PORT}|g' \
23 -e 's|@PRIMARY_IP@|${PRIMARY_IP}|g' \ 26 -e 's|@PRIMARY_IP@|${PRIMARY_IP}|g' \
24 -e 's|@PRIMARY_PORT@|${PRIMARY_PORT}|g' \ 27 -e 's|@PRIMARY_PORT@|${PRIMARY_PORT}|g' \
25 ${D}/${libdir}/sota/conf.d/35-network-config.toml 28 ${D}${libdir}/sota/conf.d/35-network-config.toml
26 29
27 install -m 0644 ${WORKDIR}/45-id-config.toml ${D}/${libdir}/sota/conf.d/45-id-config.toml 30 install -m 0644 ${WORKDIR}/45-id-config.toml ${D}${libdir}/sota/conf.d/45-id-config.toml
28 sed -i -e 's|@SERIAL@|${SECONDARY_SERIAL_ID}|g' \ 31 sed -i -e 's|@SERIAL@|${SECONDARY_SERIAL_ID}|g' \
29 -e 's|@HWID@|${SECONDARY_HARDWARE_ID}|g' \ 32 -e 's|@HWID@|${SECONDARY_HARDWARE_ID}|g' \
30 ${D}/${libdir}/sota/conf.d/45-id-config.toml 33 ${D}${libdir}/sota/conf.d/45-id-config.toml
31 34
32} 35}
33 36
diff --git a/recipes-test/demo-network-config/network-config.inc b/recipes-test/demo-network-config/network-config.inc
index ed623d4..b023f51 100644
--- a/recipes-test/demo-network-config/network-config.inc
+++ b/recipes-test/demo-network-config/network-config.inc
@@ -2,15 +2,18 @@ SRC_URI_append = "\
2 file://26-${CONF_TYPE}-client.network \ 2 file://26-${CONF_TYPE}-client.network \
3 " 3 "
4 4
5# Because of the dependency on MACHINE.
6PACKAGE_ARCH = "${MACHINE_ARCH}"
7
5SECONDARY_INTERFACE ?= "${@ 'eth0' if d.getVar('MACHINE') == 'raspberrypi3' else 'enp0s5'}" 8SECONDARY_INTERFACE ?= "${@ 'eth0' if d.getVar('MACHINE') == 'raspberrypi3' else 'enp0s5'}"
6 9
7do_install_append() { 10do_install_append() {
8 bbnote "Network configuration type to be applied: ${CONF_TYPE}" 11 bbnote "Network configuration type to be applied: ${CONF_TYPE}"
9 install -d ${D}/usr/lib/systemd/network 12 install -d ${D}${libdir}/systemd/network
10 install -m 0644 ${WORKDIR}/26-${CONF_TYPE}-client.network ${D}/usr/lib/systemd/network/ 13 install -m 0644 ${WORKDIR}/26-${CONF_TYPE}-client.network ${D}${libdir}/systemd/network/
11 sed -i -e 's|@ADDR@|${IP_ADDR}|g' \ 14 sed -i -e 's|@ADDR@|${IP_ADDR}|g' \
12 -e 's|@IFNAME@|${SECONDARY_INTERFACE}|g' \ 15 -e 's|@IFNAME@|${SECONDARY_INTERFACE}|g' \
13 ${D}/usr/lib/systemd/network/26-${CONF_TYPE}-client.network 16 ${D}${libdir}/systemd/network/26-${CONF_TYPE}-client.network
14 17
15} 18}
16 19
diff --git a/recipes-test/demo-network-config/primary-network-config.bb b/recipes-test/demo-network-config/primary-network-config.bb
index d840a95..544a5ec 100644
--- a/recipes-test/demo-network-config/primary-network-config.bb
+++ b/recipes-test/demo-network-config/primary-network-config.bb
@@ -2,19 +2,17 @@ DESCRIPTION = "Sample network configuration for an Uptane Primary"
2LICENSE = "MPL-2.0" 2LICENSE = "MPL-2.0"
3LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" 3LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
4 4
5inherit allarch
6
7SRC_URI = "\ 5SRC_URI = "\
8 file://27-dhcp-client-external.network \ 6 file://27-dhcp-client-external.network \
9 " 7 "
10 8
11FILES_${PN} = "/usr/lib/systemd/network" 9FILES_${PN} = "${libdir}/systemd/network"
12 10
13PR = "1" 11PR = "1"
14 12
15do_install() { 13do_install() {
16 install -d ${D}/usr/lib/systemd/network 14 install -d ${D}${libdir}/systemd/network
17 install -m 0644 ${WORKDIR}/27-dhcp-client-external.network ${D}/usr/lib/systemd/network/ 15 install -m 0644 ${WORKDIR}/27-dhcp-client-external.network ${D}${libdir}/systemd/network/
18} 16}
19 17
20PRIMARY_IP ?= "10.0.3.1" 18PRIMARY_IP ?= "10.0.3.1"
diff --git a/recipes-test/demo-network-config/secondary-network-config.bb b/recipes-test/demo-network-config/secondary-network-config.bb
index b1d70f1..ca83d53 100644
--- a/recipes-test/demo-network-config/secondary-network-config.bb
+++ b/recipes-test/demo-network-config/secondary-network-config.bb
@@ -2,8 +2,6 @@ DESCRIPTION = "Sample network configuration for an Uptane Secondary"
2LICENSE = "MPL-2.0" 2LICENSE = "MPL-2.0"
3LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" 3LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
4 4
5inherit allarch
6
7# TODO: It configures the 'user' interface in NAT mode and provides an access to public Inet via it 5# TODO: It configures the 'user' interface in NAT mode and provides an access to public Inet via it
8# which is not desired for Secondary. It cannot be just removed since we get SSH access to Secondary 6# which is not desired for Secondary. It cannot be just removed since we get SSH access to Secondary
9# VM via this interface. So, the task is to configure the interface in such way that it does provide access 7# VM via this interface. So, the task is to configure the interface in such way that it does provide access
@@ -12,13 +10,13 @@ SRC_URI = "\
12 file://27-dhcp-client-external.network \ 10 file://27-dhcp-client-external.network \
13 " 11 "
14 12
15FILES_${PN} = "/usr/lib/systemd/network" 13FILES_${PN} = "${libdir}/systemd/network"
16 14
17PR = "1" 15PR = "1"
18 16
19do_install() { 17do_install() {
20 install -d ${D}/usr/lib/systemd/network 18 install -d ${D}${libdir}/systemd/network
21 install -m 0644 ${WORKDIR}/27-dhcp-client-external.network ${D}/usr/lib/systemd/network/ 19 install -m 0644 ${WORKDIR}/27-dhcp-client-external.network ${D}${libdir}/systemd/network/
22} 20}
23 21
24SECONDARY_IP ?= "10.0.3.2" 22SECONDARY_IP ?= "10.0.3.2"
diff --git a/recipes-test/images/secondary-image.bb b/recipes-test/images/secondary-image.bb
index 27d1e3f..7db2c68 100644
--- a/recipes-test/images/secondary-image.bb
+++ b/recipes-test/images/secondary-image.bb
@@ -14,7 +14,6 @@ IMAGE_INSTALL_remove = " \
14 aktualizr-shared-prov \ 14 aktualizr-shared-prov \
15 aktualizr-shared-prov-creds \ 15 aktualizr-shared-prov-creds \
16 aktualizr-device-prov \ 16 aktualizr-device-prov \
17 aktualizr-device-prov-creds \
18 aktualizr-device-prov-hsm \ 17 aktualizr-device-prov-hsm \
19 aktualizr-uboot-env-rollback \ 18 aktualizr-uboot-env-rollback \
20 virtual/network-configuration \ 19 virtual/network-configuration \
diff --git a/scripts/find_aktualizr_dependencies.sh b/scripts/find_aktualizr_dependencies.sh
index 493df80..fcb2f97 100755
--- a/scripts/find_aktualizr_dependencies.sh
+++ b/scripts/find_aktualizr_dependencies.sh
@@ -13,7 +13,6 @@ ${parentdir}/find_dependencies.py aktualizr
13${parentdir}/find_dependencies.py aktualizr-shared-prov 13${parentdir}/find_dependencies.py aktualizr-shared-prov
14${parentdir}/find_dependencies.py aktualizr-shared-prov-creds 14${parentdir}/find_dependencies.py aktualizr-shared-prov-creds
15${parentdir}/find_dependencies.py aktualizr-device-prov 15${parentdir}/find_dependencies.py aktualizr-device-prov
16${parentdir}/find_dependencies.py aktualizr-device-prov-creds
17${parentdir}/find_dependencies.py aktualizr-device-prov-hsm 16${parentdir}/find_dependencies.py aktualizr-device-prov-hsm
18${parentdir}/find_dependencies.py aktualizr-auto-reboot 17${parentdir}/find_dependencies.py aktualizr-auto-reboot
19${parentdir}/find_dependencies.py aktualizr-disable-send-ip 18${parentdir}/find_dependencies.py aktualizr-disable-send-ip