diff options
-rw-r--r-- | COPYING.MIT | 17 | ||||
-rw-r--r-- | classes/image_repo_manifest.bbclass | 4 | ||||
-rw-r--r-- | classes/image_types_ostree.bbclass | 13 | ||||
-rw-r--r-- | classes/sota.bbclass | 4 | ||||
-rw-r--r-- | lib/oeqa/selftest/updater.py | 14 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-implicit-prov.bb | 2 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr_git.bb | 2 | ||||
-rw-r--r-- | recipes-sota/garage-sign/garage-sign.bb | 33 |
8 files changed, 30 insertions, 59 deletions
diff --git a/COPYING.MIT b/COPYING.MIT new file mode 100644 index 0000000..fb950dc --- /dev/null +++ b/COPYING.MIT | |||
@@ -0,0 +1,17 @@ | |||
1 | Permission is hereby granted, free of charge, to any person obtaining a copy | ||
2 | of this software and associated documentation files (the "Software"), to deal | ||
3 | in the Software without restriction, including without limitation the rights | ||
4 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
5 | copies of the Software, and to permit persons to whom the Software is | ||
6 | furnished to do so, subject to the following conditions: | ||
7 | |||
8 | The above copyright notice and this permission notice shall be included in | ||
9 | all copies or substantial portions of the Software. | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
12 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
14 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
15 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
16 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
17 | THE SOFTWARE. | ||
diff --git a/classes/image_repo_manifest.bbclass b/classes/image_repo_manifest.bbclass index 2012363..467fd9a 100644 --- a/classes/image_repo_manifest.bbclass +++ b/classes/image_repo_manifest.bbclass | |||
@@ -14,9 +14,9 @@ HOSTTOOLS_NONFATAL += " repo " | |||
14 | # Write build information to target filesystem | 14 | # Write build information to target filesystem |
15 | buildinfo () { | 15 | buildinfo () { |
16 | if [ $(which repo) ]; then | 16 | if [ $(which repo) ]; then |
17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || echo "Android repo tool failed to run; manifest not copied" | 17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied" |
18 | else | 18 | else |
19 | echo "Android repo tool not found; manifest not copied." | 19 | bbwarn "Android repo tool not found; manifest not copied." |
20 | fi | 20 | fi |
21 | } | 21 | } |
22 | 22 | ||
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index a20a135..3edbc72 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass | |||
@@ -180,7 +180,7 @@ IMAGE_CMD_ostreepush () { | |||
180 | } | 180 | } |
181 | 181 | ||
182 | IMAGE_TYPEDEP_garagesign = "ostreepush" | 182 | IMAGE_TYPEDEP_garagesign = "ostreepush" |
183 | IMAGE_DEPENDS_garagesign = "garage-sign-native:do_populate_sysroot" | 183 | IMAGE_DEPENDS_garagesign = "aktualizr-native:do_populate_sysroot" |
184 | IMAGE_CMD_garagesign () { | 184 | IMAGE_CMD_garagesign () { |
185 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 185 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
186 | # if credentials are issued by a server that doesn't support offline signing, exit silently | 186 | # if credentials are issued by a server that doesn't support offline signing, exit silently |
@@ -195,11 +195,8 @@ IMAGE_CMD_garagesign () { | |||
195 | exit 1 | 195 | exit 1 |
196 | fi | 196 | fi |
197 | 197 | ||
198 | if [ ! -d "${GARAGE_SIGN_REPO}" ]; then | 198 | rm -rf ${GARAGE_SIGN_REPO} |
199 | garage-sign init --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS} | 199 | garage-sign init --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS} |
200 | fi | ||
201 | |||
202 | reposerver_args="--reposerver $( unzip -p ${SOTA_PACKED_CREDENTIALS} tufrepo.url )" | ||
203 | 200 | ||
204 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | 201 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) |
205 | 202 | ||
@@ -207,11 +204,11 @@ IMAGE_CMD_garagesign () { | |||
207 | # in which case targets.json should be pulled again and the whole procedure repeated | 204 | # in which case targets.json should be pulled again and the whole procedure repeated |
208 | push_success=0 | 205 | push_success=0 |
209 | for push_retries in $( seq 3 ); do | 206 | for push_retries in $( seq 3 ); do |
210 | garage-sign targets pull --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} ${reposerver_args} | 207 | garage-sign targets pull --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} |
211 | garage-sign targets add --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --name ${OSTREE_BRANCHNAME} --format OSTREE --version ${ostree_target_hash} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE} | 208 | garage-sign targets add --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --name ${OSTREE_BRANCHNAME} --format OSTREE --version ${ostree_target_hash} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE} |
212 | garage-sign targets sign --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --key-name=targets | 209 | garage-sign targets sign --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --key-name=targets |
213 | errcode=0 | 210 | errcode=0 |
214 | garage-sign targets push --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} ${reposerver_args} || errcode=$? | 211 | garage-sign targets push --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} || errcode=$? |
215 | if [ "$errcode" -eq "0" ]; then | 212 | if [ "$errcode" -eq "0" ]; then |
216 | push_success=1 | 213 | push_success=1 |
217 | break | 214 | break |
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 0f42332..bbb9ac9 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
@@ -13,8 +13,8 @@ IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PRO | |||
13 | IMAGE_CLASSES += " image_types_ostree image_types_ota" | 13 | IMAGE_CLASSES += " image_types_ostree image_types_ota" |
14 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" | 14 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" |
15 | 15 | ||
16 | PACKAGECONFIG_append_pn-curl = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', " ssl", " ", d)}" | 16 | PACKAGECONFIG_append_pn-curl = " ssl" |
17 | PACKAGECONFIG_remove_pn-curl = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', " gnutls", " ", d)}" | 17 | PACKAGECONFIG_remove_pn-curl = "gnutls" |
18 | 18 | ||
19 | WKS_FILE_sota ?= "sdimage-sota.wks" | 19 | WKS_FILE_sota ?= "sdimage-sota.wks" |
20 | 20 | ||
diff --git a/lib/oeqa/selftest/updater.py b/lib/oeqa/selftest/updater.py index c07b154..f28349f 100644 --- a/lib/oeqa/selftest/updater.py +++ b/lib/oeqa/selftest/updater.py | |||
@@ -31,23 +31,13 @@ class SotaToolsTests(oeSelfTest): | |||
31 | result = runCmd('%s --help' % p, ignore_status=True) | 31 | result = runCmd('%s --help' % p, ignore_status=True) |
32 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | 32 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) |
33 | 33 | ||
34 | 34 | def test_garagesign_help(self): | |
35 | class GarageSignTests(oeSelfTest): | 35 | bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'bindir'], 'aktualizr-native') |
36 | |||
37 | @classmethod | ||
38 | def setUpClass(cls): | ||
39 | logger = logging.getLogger("selftest") | ||
40 | logger.info('Running bitbake to build garage-sign-native') | ||
41 | bitbake('garage-sign-native') | ||
42 | |||
43 | def test_help(self): | ||
44 | bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'bindir'], 'garage-sign-native') | ||
45 | p = bb_vars['SYSROOT_DESTDIR'] + bb_vars['bindir'] + "/" + "garage-sign" | 36 | p = bb_vars['SYSROOT_DESTDIR'] + bb_vars['bindir'] + "/" + "garage-sign" |
46 | self.assertTrue(os.path.isfile(p), msg = "No garage-sign found (%s)" % p) | 37 | self.assertTrue(os.path.isfile(p), msg = "No garage-sign found (%s)" % p) |
47 | result = runCmd('%s --help' % p, ignore_status=True) | 38 | result = runCmd('%s --help' % p, ignore_status=True) |
48 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) | 39 | self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) |
49 | 40 | ||
50 | |||
51 | class HsmTests(oeSelfTest): | 41 | class HsmTests(oeSelfTest): |
52 | 42 | ||
53 | def test_hsm(self): | 43 | def test_hsm(self): |
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb index 67bd2c2..e5d9c9b 100644 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb | |||
@@ -27,7 +27,7 @@ do_install() { | |||
27 | install -d ${D}${libdir}/sota | 27 | install -d ${D}${libdir}/sota |
28 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 28 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
29 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | 29 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ |
30 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/sota.toml -p ${D} | 30 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/sota.toml -p ${D} --no-root-ca |
31 | fi | 31 | fi |
32 | } | 32 | } |
33 | 33 | ||
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index e4ffc5a..08aa6c2 100644 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -18,7 +18,7 @@ PR = "7" | |||
18 | SRC_URI = " \ | 18 | SRC_URI = " \ |
19 | git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ | 19 | git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ |
20 | " | 20 | " |
21 | SRCREV = "5bf2975aee4af667a1af17381bf68c34a00f03a3" | 21 | SRCREV = "eb6c0b43c2b8b32f66f228c1c3f590b5c16ad448" |
22 | BRANCH ?= "master" | 22 | BRANCH ?= "master" |
23 | 23 | ||
24 | S = "${WORKDIR}/git" | 24 | S = "${WORKDIR}/git" |
diff --git a/recipes-sota/garage-sign/garage-sign.bb b/recipes-sota/garage-sign/garage-sign.bb deleted file mode 100644 index 32dda47..0000000 --- a/recipes-sota/garage-sign/garage-sign.bb +++ /dev/null | |||
@@ -1,33 +0,0 @@ | |||
1 | SUMMARY = "garage-sign" | ||
2 | DESCRIPTION = "Metadata signing tool for ATS Garage" | ||
3 | HOMEPAGE = "https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/index.html" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "CLOSED" | ||
6 | LIC_FILES_CHKSUM = "file://${S}/docs/LICENSE;md5=3025e77db7bd3f1d616b3ffd11d54c94" | ||
7 | DEPENDS = "" | ||
8 | |||
9 | PV = "0.2.0-57-g3f86c67" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${PV}.tgz \ | ||
13 | " | ||
14 | |||
15 | SRC_URI[md5sum] = "5bbe080c0c3a80928b8856d2076dd49a" | ||
16 | SRC_URI[sha256sum] = "f653d24172ed245a6256b2f341a9b77bddf624cd6bbda574c1a85430e3155394" | ||
17 | |||
18 | S = "${WORKDIR}/${BPN}" | ||
19 | |||
20 | BBCLASSEXTEND =+ "native" | ||
21 | |||
22 | do_install() { | ||
23 | install -d ${D}${bindir} | ||
24 | install -m "0755" -t ${D}${bindir} ${S}/bin/* | ||
25 | install -d ${D}${libdir} | ||
26 | install -m "0644" -t ${D}${libdir} ${S}/lib/* | ||
27 | } | ||
28 | |||
29 | FILES_${PN} = " \ | ||
30 | ${bindir}/garage-sign.bat \ | ||
31 | ${bindir}/garage-sign \ | ||
32 | ${libdir}/* \ | ||
33 | " | ||