diff options
-rw-r--r-- | CONTRIBUTING.adoc | 2 | ||||
-rw-r--r-- | README.adoc | 15 | ||||
-rw-r--r-- | classes/image_repo_manifest.bbclass | 4 | ||||
-rw-r--r-- | classes/image_types_ostree.bbclass | 99 | ||||
-rw-r--r-- | classes/image_types_ota.bbclass | 84 | ||||
-rw-r--r-- | classes/sota.bbclass | 25 | ||||
-rw-r--r-- | classes/sota_sanity.bbclass | 54 | ||||
-rw-r--r-- | conf/distro/sota.conf.inc | 2 | ||||
-rw-r--r-- | lib/oeqa/selftest/cases/updater.py | 30 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-auto-prov.bb | 4 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | 12 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb | 1 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-hsm-prov.bb | 1 | ||||
-rwxr-xr-x | recipes-sota/aktualizr/aktualizr_git.bb | 22 | ||||
-rw-r--r-- | recipes-sota/aktualizr/environment.inc | 11 | ||||
-rw-r--r-- | recipes-sota/aktualizr/files/aktualizr-secondary.service | 1 | ||||
-rw-r--r-- | recipes-sota/aktualizr/files/aktualizr.service | 2 | ||||
-rwxr-xr-x | scripts/find_aktualizr_dependencies.sh | 5 |
18 files changed, 175 insertions, 199 deletions
diff --git a/CONTRIBUTING.adoc b/CONTRIBUTING.adoc index 1cd1eef..0b40438 100644 --- a/CONTRIBUTING.adoc +++ b/CONTRIBUTING.adoc | |||
@@ -23,7 +23,7 @@ New pull requests will automatically be checked by the https://probot.github.io/ | |||
23 | 23 | ||
24 | * OTA-enabled build succeeds for at least one platform, the resulting image boots, and an update can be installed. This check is absolutely necessary for every pull request unless it only touches documentation. | 24 | * OTA-enabled build succeeds for at least one platform, the resulting image boots, and an update can be installed. This check is absolutely necessary for every pull request unless it only touches documentation. |
25 | * If your change touches platform code (like `classes/sota_<platform>.bbclass`), please check building and updating on this particular platform. | 25 | * If your change touches platform code (like `classes/sota_<platform>.bbclass`), please check building and updating on this particular platform. |
26 | * oe-selftest succeeds. To test meta-updater, run `oe-selftest -r updater` from a build directory with `MACHINE` set to `qemux86-64`. | 26 | * oe-selftest succeeds. To test meta-updater, run `oe-selftest -r updater` from a build directory with `MACHINE` set to `qemux86-64`. See the link:README.adoc#qa-with-oe-selftest[relevant section of the README] for more details. |
27 | * Updates are forwards- and backwards-compatible. You should be able to update an OTA-enabled build before the change is applied to the version with change applied and vice versa. One should pay double attention to the compatibility when bootloader code is affected. | 27 | * Updates are forwards- and backwards-compatible. You should be able to update an OTA-enabled build before the change is applied to the version with change applied and vice versa. One should pay double attention to the compatibility when bootloader code is affected. |
28 | * The patch/branch should be based on the latest version of the target branch. This may mean that rebasing is necessary if other PRs are merged before yours is approved. | 28 | * The patch/branch should be based on the latest version of the target branch. This may mean that rebasing is necessary if other PRs are merged before yours is approved. |
29 | 29 | ||
diff --git a/README.adoc b/README.adoc index e14d7bd..994ad67 100644 --- a/README.adoc +++ b/README.adoc | |||
@@ -6,7 +6,7 @@ This layer enables over-the-air updates (OTA) with https://github.com/ostreedev/ | |||
6 | 6 | ||
7 | https://github.com/ostreedev/ostree[OSTree] is a tool for atomic full file system upgrades with rollback capability. OSTree has several advantages over traditional dual-bank systems, but the most important one is that it minimizes network bandwidth and data storage footprint by sharing files with the same contents across file system deployments. | 7 | https://github.com/ostreedev/ostree[OSTree] is a tool for atomic full file system upgrades with rollback capability. OSTree has several advantages over traditional dual-bank systems, but the most important one is that it minimizes network bandwidth and data storage footprint by sharing files with the same contents across file system deployments. |
8 | 8 | ||
9 | https://github.com/advancedtelematic/aktualizr[Aktualizr] (and https://github.com/advancedtelematic/rvi_sota_client[RVI SOTA client]) add authentication and provisioning capabilities to OTA and are integrated with OSTree. You can connect with the open-source https://github.com/advancedtelematic/rvi_sota_server[RVI SOTA server] or sign up for a free account at https://app.atsgarage.com[ATS Garage] to get started. | 9 | https://github.com/advancedtelematic/aktualizr[Aktualizr] (and https://github.com/advancedtelematic/rvi_sota_client[RVI SOTA client]) add authentication and provisioning capabilities to OTA and are integrated with OSTree. You can connect with these open-source applications or sign up for a free account at https://connect.ota.here.com/[HERE OTA Connect] to get started. |
10 | 10 | ||
11 | [discrete] | 11 | [discrete] |
12 | == Table of Contents | 12 | == Table of Contents |
@@ -17,7 +17,7 @@ toc::[] | |||
17 | 17 | ||
18 | === Quickstart | 18 | === Quickstart |
19 | 19 | ||
20 | If you don't already have a Yocto project that you want to add OTA to, you can use the https://docs.atsgarage.com/quickstarts/raspberry-pi.html[ATS Garage Quickstart] project to rapidly get up and running on a Raspberry Pi. It takes a standard https://www.yoctoproject.org/tools-resources/projects/poky[poky] distribution, and adds OTA and OSTree capabilities. | 20 | If you don't already have a Yocto project that you want to add OTA to, you can use the https://docs.atsgarage.com/quickstarts/raspberry-pi.html[HERE OTA Connect Quickstart] project to rapidly get up and running on a Raspberry Pi. It takes a standard https://www.yoctoproject.org/tools-resources/projects/poky[poky] distribution, and adds OTA and OSTree capabilities. |
21 | 21 | ||
22 | === Adding meta-updater capabilities to your build | 22 | === Adding meta-updater capabilities to your build |
23 | 23 | ||
@@ -86,8 +86,8 @@ Although we have used U-Boot so far, other boot loaders can be configured work w | |||
86 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. | 86 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. |
87 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-ca-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. | 87 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-ca-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. |
88 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). | 88 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). |
89 | * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. | 89 | * `SOTA_SECONDARY_CONFIG_DIR` - a directory containing JSON configuration files for virtual secondaries on the host. These will be installed into `/etc/sota/ecus` on the device and automatically provided to aktualizr. |
90 | * `SOTA_VIRTUAL_SECONDARIES` - a list of paths separated by spaces of JSON configuration files for virtual secondaries installed on the device. If `SOTA_SECONDARY_ECUS` is used to install them, then you can expect them to be installed in `/var/sota/ecus`. | 90 | * `SOTA_HARDWARE_ID` - a custom hardware ID that will be written to the aktualizr config. Defaults to MACHINE if not set. |
91 | 91 | ||
92 | == Usage | 92 | == Usage |
93 | 93 | ||
@@ -131,7 +131,7 @@ ostree admin deploy --os=agl agl-snapshot:agl-ota | |||
131 | 131 | ||
132 | === garage-push | 132 | === garage-push |
133 | 133 | ||
134 | The https://github.com/advancedtelematic/aktualizr[aktualizr repo] contains a tool, garage-push, which lets you push the changes in OSTree repository generated by bitbake process. It communicates with an http server capable of querying files with HEAD requests and uploading them with POST requests. In particular, this can be used with http://www.atsgarage.com/[ATS Garage]. garage-push is used as follows: | 134 | The https://github.com/advancedtelematic/aktualizr[aktualizr repo] contains a tool, garage-push, which lets you push the changes in OSTree repository generated by bitbake process. It communicates with an http server capable of querying files with HEAD requests and uploading them with POST requests. In particular, this can be used with https://connect.ota.here.com/[HERE OTA Connect]. garage-push is used as follows: |
135 | 135 | ||
136 | .... | 136 | .... |
137 | garage-push --repo=/path/to/ostree-repo --ref=mybranch --credentials=/path/to/credentials.zip | 137 | garage-push --repo=/path/to/ostree-repo --ref=mybranch --credentials=/path/to/credentials.zip |
@@ -147,8 +147,7 @@ First, you can set `SOTA_CLIENT_PROV` to control which provisioning recipe is us | |||
147 | 147 | ||
148 | Second, you can write recipes to install additional config files with customized options. A few recipes already exist to address common needs and provide an example: | 148 | Second, you can write recipes to install additional config files with customized options. A few recipes already exist to address common needs and provide an example: |
149 | 149 | ||
150 | * link:recipes-sota/config/aktualizr-example-interface.bb[aktualizr-example-interface.bb] will configure aktualizr to connect to an example interface for a legacy flasher. This is intended to be used in conjunction with the `aktualizr-examples` package. See https://github.com/advancedtelematic/aktualizr/blob/master/docs/legacysecondary.adoc[legacysecondary.adoc] in the aktualizr repo for more information. | 150 | * link:recipes-sota/config/aktualizr-disable-send-ip.bb[aktualizr-disable-send-ip.bb] disables the reporting of networking information to the server. This is enabled by default and supported by https://connect.ota.here.com/[HERE OTA Connect]. However, if you are using a different server that does not support this feature, you may want to disable it in aktualizr. |
151 | * link:recipes-sota/config/aktualizr-disable-send-ip.bb[aktualizr-disable-send-ip.bb] disables the reporting of networking information to the server. This is enabled by default and supported by https://app.atsgarage.com[ATS Garage]. However, if you are using a different server that does not support this feature, you may want to disable it in aktualizr. | ||
152 | * link:recipes-sota/config/aktualizr-log-debug.bb[aktualizr-log-debug.bb] sets the log level of aktualizr to 0 (trace). The default is 2 (info). This recipe is intended for development and debugging purposes. | 151 | * link:recipes-sota/config/aktualizr-log-debug.bb[aktualizr-log-debug.bb] sets the log level of aktualizr to 0 (trace). The default is 2 (info). This recipe is intended for development and debugging purposes. |
153 | 152 | ||
154 | To use these recipes, you will need to add them to your image with a line such as `IMAGE_INSTALL_append = " aktualizr-log-debug "` in your `local.conf`. | 153 | To use these recipes, you will need to add them to your image with a line such as `IMAGE_INSTALL_append = " aktualizr-log-debug "` in your `local.conf`. |
@@ -182,7 +181,7 @@ Please note that [target name, target version] pairs are expected to be unique i | |||
182 | 181 | ||
183 | == QA with oe-selftest | 182 | == QA with oe-selftest |
184 | 183 | ||
185 | This layer relies on the test framework oe-selftest for quality assurance. Follow the steps below to run the tests: | 184 | This layer relies on the test framework oe-selftest for quality assurance. Currently, you will need to run this in a build directory with `MACHINE` set to `qemux86-64`. Follow the steps below to run the tests: |
186 | 185 | ||
187 | 1. Append the line below to `conf/local.conf` to disable the warning about supported operating systems: | 186 | 1. Append the line below to `conf/local.conf` to disable the warning about supported operating systems: |
188 | + | 187 | + |
diff --git a/classes/image_repo_manifest.bbclass b/classes/image_repo_manifest.bbclass index 467fd9a..c2e7056 100644 --- a/classes/image_repo_manifest.bbclass +++ b/classes/image_repo_manifest.bbclass | |||
@@ -12,7 +12,7 @@ | |||
12 | HOSTTOOLS_NONFATAL += " repo " | 12 | HOSTTOOLS_NONFATAL += " repo " |
13 | 13 | ||
14 | # Write build information to target filesystem | 14 | # Write build information to target filesystem |
15 | buildinfo () { | 15 | buildinfo_manifest () { |
16 | if [ $(which repo) ]; then | 16 | if [ $(which repo) ]; then |
17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied" | 17 | repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied" |
18 | else | 18 | else |
@@ -20,4 +20,4 @@ buildinfo () { | |||
20 | fi | 20 | fi |
21 | } | 21 | } |
22 | 22 | ||
23 | IMAGE_PREPROCESS_COMMAND += "buildinfo;" | 23 | IMAGE_PREPROCESS_COMMAND += "buildinfo_manifest;" |
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index 0db8e50..4095de0 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass | |||
@@ -1,42 +1,30 @@ | |||
1 | # OSTree deployment | 1 | # OSTree deployment |
2 | 2 | inherit distro_features_check | |
3 | do_image_ostree[depends] += "ostree-native:do_populate_sysroot \ | ||
4 | openssl-native:do_populate_sysroot \ | ||
5 | coreutils-native:do_populate_sysroot \ | ||
6 | unzip-native:do_populate_sysroot \ | ||
7 | virtual/kernel:do_deploy \ | ||
8 | ${INITRAMFS_IMAGE}:do_image_complete \ | ||
9 | " | ||
10 | do_image_ostree[lockfiles] += "${OSTREE_REPO}/ostree.lock" | ||
11 | |||
12 | export OSTREE_REPO | ||
13 | export OSTREE_BRANCHNAME | ||
14 | export GARAGE_TARGET_NAME | ||
15 | 3 | ||
16 | OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}" | 4 | OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}" |
17 | 5 | OSTREE_ROOTFS ??= "${WORKDIR}/ostree-rootfs" | |
18 | OSTREE_COMMIT_SUBJECT ??= "Commit-id: ${IMAGE_NAME}" | 6 | OSTREE_COMMIT_SUBJECT ??= "Commit-id: ${IMAGE_NAME}" |
19 | OSTREE_COMMIT_BODY ??= "" | 7 | OSTREE_COMMIT_BODY ??= "" |
20 | OSTREE_UPDATE_SUMMARY ??= "0" | 8 | OSTREE_UPDATE_SUMMARY ??= "0" |
21 | 9 | ||
22 | export SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}" | 10 | BUILD_OSTREE_TARBALL ??= "1" |
23 | 11 | ||
24 | IMAGE_CMD_ostree () { | 12 | SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}" |
25 | if [ -z "$OSTREE_REPO" ]; then | ||
26 | bbfatal "OSTREE_REPO should be set in your local.conf" | ||
27 | fi | ||
28 | 13 | ||
29 | if [ -z "$OSTREE_BRANCHNAME" ]; then | 14 | IMAGE_CMD_TAR = "tar --xattrs --xattrs-include=*" |
30 | bbfatal "OSTREE_BRANCHNAME should be set in your local.conf" | 15 | CONVERSION_CMD_tar = "touch ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}; ${IMAGE_CMD_TAR} --numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}.tar -C ${OTA_IMAGE_ROOTFS} . || [ $? -eq 1 ]" |
31 | fi | 16 | CONVERSIONTYPES_append = " tar" |
32 | 17 | ||
33 | OSTREE_ROOTFS=`mktemp -du ${WORKDIR}/ostree-root-XXXXX` | 18 | REQUIRED_DISTRO_FEATURES = "usrmerge" |
34 | cp -a ${IMAGE_ROOTFS} ${OSTREE_ROOTFS} | 19 | OTA_IMAGE_ROOTFS_task-image-ostree = "${OSTREE_ROOTFS}" |
20 | do_image_ostree[dirs] = "${OSTREE_ROOTFS}" | ||
21 | do_image_ostree[cleandirs] = "${OSTREE_ROOTFS}" | ||
22 | do_image_ostree[depends] = "coreutils-native:do_populate_sysroot virtual/kernel:do_deploy ${INITRAMFS_IMAGE}:do_image_complete" | ||
23 | IMAGE_CMD_ostree () { | ||
24 | cp -a ${IMAGE_ROOTFS}/* ${OSTREE_ROOTFS} | ||
35 | chmod a+rx ${OSTREE_ROOTFS} | 25 | chmod a+rx ${OSTREE_ROOTFS} |
36 | sync | 26 | sync |
37 | 27 | ||
38 | cd ${OSTREE_ROOTFS} | ||
39 | |||
40 | for d in var/*; do | 28 | for d in var/*; do |
41 | if [ "${d}" != "var/local" ]; then | 29 | if [ "${d}" != "var/local" ]; then |
42 | rm -rf ${d} | 30 | rm -rf ${d} |
@@ -53,18 +41,8 @@ IMAGE_CMD_ostree () { | |||
53 | mkdir -p usr/rootdirs | 41 | mkdir -p usr/rootdirs |
54 | 42 | ||
55 | mv etc usr/ | 43 | mv etc usr/ |
56 | # Implement UsrMove | ||
57 | dirs="bin sbin lib" | ||
58 | |||
59 | for dir in ${dirs} ; do | ||
60 | if [ -d ${dir} ] && [ ! -L ${dir} ] ; then | ||
61 | mv ${dir} usr/rootdirs/ | ||
62 | rm -rf ${dir} | ||
63 | ln -sf usr/rootdirs/${dir} ${dir} | ||
64 | fi | ||
65 | done | ||
66 | 44 | ||
67 | if [ -n "$SYSTEMD_USED" ]; then | 45 | if [ -n "${SYSTEMD_USED}" ]; then |
68 | mkdir -p usr/etc/tmpfiles.d | 46 | mkdir -p usr/etc/tmpfiles.d |
69 | tmpfiles_conf=usr/etc/tmpfiles.d/00ostree-tmpfiles.conf | 47 | tmpfiles_conf=usr/etc/tmpfiles.d/00ostree-tmpfiles.conf |
70 | echo "d /var/rootdirs 0755 root root -" >>${tmpfiles_conf} | 48 | echo "d /var/rootdirs 0755 root root -" >>${tmpfiles_conf} |
@@ -100,7 +78,7 @@ IMAGE_CMD_ostree () { | |||
100 | bbwarn "Data in /$dir directory is not preserved by OSTree. Consider moving it under /usr" | 78 | bbwarn "Data in /$dir directory is not preserved by OSTree. Consider moving it under /usr" |
101 | fi | 79 | fi |
102 | 80 | ||
103 | if [ -n "$SYSTEMD_USED" ]; then | 81 | if [ -n "${SYSTEMD_USED}" ]; then |
104 | echo "d /var/rootdirs/${dir} 0755 root root -" >>${tmpfiles_conf} | 82 | echo "d /var/rootdirs/${dir} 0755 root root -" >>${tmpfiles_conf} |
105 | else | 83 | else |
106 | echo "mkdir -p /var/rootdirs/${dir}; chown 755 /var/rootdirs/${dir}" >>${tmpfiles_conf} | 84 | echo "mkdir -p /var/rootdirs/${dir}; chown 755 /var/rootdirs/${dir}" >>${tmpfiles_conf} |
@@ -112,11 +90,10 @@ IMAGE_CMD_ostree () { | |||
112 | 90 | ||
113 | if [ -d root ] && [ ! -L root ]; then | 91 | if [ -d root ] && [ ! -L root ]; then |
114 | if [ "$(ls -A root)" ]; then | 92 | if [ "$(ls -A root)" ]; then |
115 | bberror "Data in /root directory is not preserved by OSTree." | 93 | bbfatal "Data in /root directory is not preserved by OSTree." |
116 | exit 1 | ||
117 | fi | 94 | fi |
118 | 95 | ||
119 | if [ -n "$SYSTEMD_USED" ]; then | 96 | if [ -n "${SYSTEMD_USED}" ]; then |
120 | echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf} | 97 | echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf} |
121 | else | 98 | else |
122 | echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf} | 99 | echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf} |
@@ -126,11 +103,6 @@ IMAGE_CMD_ostree () { | |||
126 | ln -sf var/roothome root | 103 | ln -sf var/roothome root |
127 | fi | 104 | fi |
128 | 105 | ||
129 | if [ -n "${SOTA_SECONDARY_ECUS}" ]; then | ||
130 | mkdir -p var/sota/ecus | ||
131 | cp ${SOTA_SECONDARY_ECUS} var/sota/ecus | ||
132 | fi | ||
133 | |||
134 | checksum=`sha256sum ${DEPLOY_DIR_IMAGE}/${OSTREE_KERNEL} | cut -f 1 -d " "` | 106 | checksum=`sha256sum ${DEPLOY_DIR_IMAGE}/${OSTREE_KERNEL} | cut -f 1 -d " "` |
135 | 107 | ||
136 | cp ${DEPLOY_DIR_IMAGE}/${OSTREE_KERNEL} boot/vmlinuz-${checksum} | 108 | cp ${DEPLOY_DIR_IMAGE}/${OSTREE_KERNEL} boot/vmlinuz-${checksum} |
@@ -145,17 +117,12 @@ IMAGE_CMD_ostree () { | |||
145 | 117 | ||
146 | # Copy image manifest | 118 | # Copy image manifest |
147 | cat ${IMAGE_MANIFEST} | cut -d " " -f1,3 > usr/package.manifest | 119 | cat ${IMAGE_MANIFEST} | cut -d " " -f1,3 > usr/package.manifest |
120 | } | ||
148 | 121 | ||
149 | cd ${WORKDIR} | 122 | IMAGE_TYPEDEP_ostreecommit = "ostree" |
150 | 123 | do_image_ostreecommit[depends] += "ostree-native:do_populate_sysroot" | |
151 | # Create a tarball that can be then commited to OSTree repo | 124 | do_image_ostreecommit[lockfiles] += "${OSTREE_REPO}/ostree.lock" |
152 | OSTREE_TAR=${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.rootfs.ostree.tar.bz2 | 125 | IMAGE_CMD_ostreecommit () { |
153 | tar -C ${OSTREE_ROOTFS} --xattrs --xattrs-include='*' -cjf ${OSTREE_TAR} . | ||
154 | sync | ||
155 | |||
156 | rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 | ||
157 | ln -s ${IMAGE_NAME}.rootfs.ostree.tar.bz2 ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 | ||
158 | |||
159 | if ! ostree --repo=${OSTREE_REPO} refs 2>&1 > /dev/null; then | 126 | if ! ostree --repo=${OSTREE_REPO} refs 2>&1 > /dev/null; then |
160 | ostree --repo=${OSTREE_REPO} init --mode=archive-z2 | 127 | ostree --repo=${OSTREE_REPO} init --mode=archive-z2 |
161 | fi | 128 | fi |
@@ -171,11 +138,9 @@ IMAGE_CMD_ostree () { | |||
171 | if [ "${OSTREE_UPDATE_SUMMARY}" = "1" ]; then | 138 | if [ "${OSTREE_UPDATE_SUMMARY}" = "1" ]; then |
172 | ostree --repo=${OSTREE_REPO} summary -u | 139 | ostree --repo=${OSTREE_REPO} summary -u |
173 | fi | 140 | fi |
174 | |||
175 | rm -rf ${OSTREE_ROOTFS} | ||
176 | } | 141 | } |
177 | 142 | ||
178 | IMAGE_TYPEDEP_ostreepush = "ostree" | 143 | IMAGE_TYPEDEP_ostreepush = "ostreecommit" |
179 | do_image_ostreepush[depends] += "aktualizr-native:do_populate_sysroot ca-certificates-native:do_populate_sysroot" | 144 | do_image_ostreepush[depends] += "aktualizr-native:do_populate_sysroot ca-certificates-native:do_populate_sysroot" |
180 | IMAGE_CMD_ostreepush () { | 145 | IMAGE_CMD_ostreepush () { |
181 | # Print warnings if credetials are not set or if the file has not been found. | 146 | # Print warnings if credetials are not set or if the file has not been found. |
@@ -194,7 +159,7 @@ IMAGE_CMD_ostreepush () { | |||
194 | } | 159 | } |
195 | 160 | ||
196 | IMAGE_TYPEDEP_garagesign = "ostreepush" | 161 | IMAGE_TYPEDEP_garagesign = "ostreepush" |
197 | do_image_garagesign[depends] += "aktualizr-native:do_populate_sysroot" | 162 | do_image_garagesign[depends] += "unzip-native:do_populate_sysroot" |
198 | IMAGE_CMD_garagesign () { | 163 | IMAGE_CMD_garagesign () { |
199 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 164 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
200 | # if credentials are issued by a server that doesn't support offline signing, exit silently | 165 | # if credentials are issued by a server that doesn't support offline signing, exit silently |
@@ -202,11 +167,9 @@ IMAGE_CMD_garagesign () { | |||
202 | 167 | ||
203 | java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' ) | 168 | java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' ) |
204 | if [ "${java_version}" = "" ]; then | 169 | if [ "${java_version}" = "" ]; then |
205 | bberror "Java is required for synchronization with update backend, but is not installed on the host machine" | 170 | bbfatal "Java is required for synchronization with update backend, but is not installed on the host machine" |
206 | exit 1 | ||
207 | elif [ "${java_version}" \< "1.8" ]; then | 171 | elif [ "${java_version}" \< "1.8" ]; then |
208 | bberror "Java version >= 8 is required for synchronization with update backend" | 172 | bbfatal "Java version >= 8 is required for synchronization with update backend" |
209 | exit 1 | ||
210 | fi | 173 | fi |
211 | 174 | ||
212 | rm -rf ${GARAGE_SIGN_REPO} | 175 | rm -rf ${GARAGE_SIGN_REPO} |
@@ -240,7 +203,7 @@ IMAGE_CMD_garagesign () { | |||
240 | --length 0 \ | 203 | --length 0 \ |
241 | --url "${GARAGE_TARGET_URL}" \ | 204 | --url "${GARAGE_TARGET_URL}" \ |
242 | --sha256 ${ostree_target_hash} \ | 205 | --sha256 ${ostree_target_hash} \ |
243 | --hardwareids ${MACHINE} | 206 | --hardwareids ${SOTA_HARDWARE_ID} |
244 | garage-sign targets sign --repo tufrepo \ | 207 | garage-sign targets sign --repo tufrepo \ |
245 | --home-dir ${GARAGE_SIGN_REPO} \ | 208 | --home-dir ${GARAGE_SIGN_REPO} \ |
246 | --key-name=targets | 209 | --key-name=targets |
@@ -257,14 +220,12 @@ IMAGE_CMD_garagesign () { | |||
257 | rm -rf ${GARAGE_SIGN_REPO} | 220 | rm -rf ${GARAGE_SIGN_REPO} |
258 | 221 | ||
259 | if [ "$push_success" -ne "1" ]; then | 222 | if [ "$push_success" -ne "1" ]; then |
260 | bberror "Couldn't push to garage repository" | 223 | bbfatal "Couldn't push to garage repository" |
261 | exit 1 | ||
262 | fi | 224 | fi |
263 | fi | 225 | fi |
264 | } | 226 | } |
265 | 227 | ||
266 | IMAGE_TYPEDEP_garagecheck = "ostreepush garagesign" | 228 | IMAGE_TYPEDEP_garagecheck = "garagesign" |
267 | do_image_garagecheck[depends] += "aktualizr-native:do_populate_sysroot" | ||
268 | IMAGE_CMD_garagecheck () { | 229 | IMAGE_CMD_garagecheck () { |
269 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 230 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then |
270 | # if credentials are issued by a server that doesn't support offline signing, exit silently | 231 | # if credentials are issued by a server that doesn't support offline signing, exit silently |
diff --git a/classes/image_types_ota.bbclass b/classes/image_types_ota.bbclass index 03fe8d8..9883a68 100644 --- a/classes/image_types_ota.bbclass +++ b/classes/image_types_ota.bbclass | |||
@@ -1,15 +1,9 @@ | |||
1 | # Image to use with u-boot as BIOS and OSTree deployment system | 1 | # Image to use with u-boot as BIOS and OSTree deployment system |
2 | 2 | ||
3 | #inherit image_types | ||
4 | |||
5 | # Boot filesystem size in MiB | 3 | # Boot filesystem size in MiB |
6 | # OSTree updates may require some space on boot file system for | 4 | # OSTree updates may require some space on boot file system for |
7 | # boot scripts, kernel and initramfs images | 5 | # boot scripts, kernel and initramfs images |
8 | # | 6 | # |
9 | |||
10 | |||
11 | do_image_ota_ext4[depends] += "e2fsprogs-native:do_populate_sysroot" | ||
12 | |||
13 | calculate_size () { | 7 | calculate_size () { |
14 | BASE=$1 | 8 | BASE=$1 |
15 | SCALE=$2 | 9 | SCALE=$2 |
@@ -43,34 +37,14 @@ calculate_size () { | |||
43 | echo "${SIZE}" | 37 | echo "${SIZE}" |
44 | } | 38 | } |
45 | 39 | ||
46 | export OSTREE_OSNAME | 40 | OTA_SYSROOT = "${WORKDIR}/ota-sysroot" |
47 | export OSTREE_BRANCHNAME | 41 | OTA_IMAGE_ROOTFS_task-image-ota = "${OTA_SYSROOT}" |
48 | export OSTREE_REPO | 42 | IMAGE_TYPEDEP_ota = "ostreecommit" |
49 | export OSTREE_BOOTLOADER | 43 | do_image_ota[dirs] = "${OTA_SYSROOT}" |
50 | 44 | do_image_ota[cleandirs] = "${OTA_SYSROOT}" | |
51 | export GARAGE_TARGET_NAME | 45 | do_image_ota[depends] = "${@'grub:do_populate_sysroot' if d.getVar('OSTREE_BOOTLOADER', True) == 'grub' else ''} \ |
52 | 46 | ${@'virtual/bootloader:do_deploy' if d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot' else ''}" | |
53 | export OTA_SYSROOT="${WORKDIR}/ota-sysroot" | 47 | IMAGE_CMD_ota () { |
54 | |||
55 | ## Common OTA image setup | ||
56 | fakeroot do_otasetup () { | ||
57 | |||
58 | if [ -z "$OSTREE_REPO" ]; then | ||
59 | bbfatal "OSTREE_REPO should be set in your local.conf" | ||
60 | fi | ||
61 | |||
62 | if [ -z "$OSTREE_OSNAME" ]; then | ||
63 | bbfatal "OSTREE_OSNAME should be set in your local.conf" | ||
64 | fi | ||
65 | |||
66 | if [ -z "$OSTREE_BRANCHNAME" ]; then | ||
67 | bbfatal "OSTREE_BRANCHNAME should be set in your local.conf" | ||
68 | fi | ||
69 | |||
70 | # HaX! Since we are using a peristent directory, we need to be sure to clean it on run. | ||
71 | mkdir -p ${OTA_SYSROOT} | ||
72 | rm -rf ${OTA_SYSROOT}/* | ||
73 | |||
74 | ostree admin --sysroot=${OTA_SYSROOT} init-fs ${OTA_SYSROOT} | 48 | ostree admin --sysroot=${OTA_SYSROOT} init-fs ${OTA_SYSROOT} |
75 | ostree admin --sysroot=${OTA_SYSROOT} os-init ${OSTREE_OSNAME} | 49 | ostree admin --sysroot=${OTA_SYSROOT} os-init ${OSTREE_OSNAME} |
76 | mkdir -p ${OTA_SYSROOT}/boot/loader.0 | 50 | mkdir -p ${OTA_SYSROOT}/boot/loader.0 |
@@ -82,13 +56,12 @@ fakeroot do_otasetup () { | |||
82 | elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then | 56 | elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then |
83 | touch ${OTA_SYSROOT}/boot/loader/uEnv.txt | 57 | touch ${OTA_SYSROOT}/boot/loader/uEnv.txt |
84 | else | 58 | else |
85 | bberror "Invalid bootloader: ${OSTREE_BOOTLOADER}" | 59 | bbfatal "Invalid bootloader: ${OSTREE_BOOTLOADER}" |
86 | fi; | 60 | fi |
87 | 61 | ||
88 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) | 62 | ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) |
89 | 63 | ||
90 | ostree --repo=${OTA_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash} | 64 | ostree --repo=${OTA_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash} |
91 | export OSTREE_BOOT_PARTITION="/boot" | ||
92 | kargs_list="" | 65 | kargs_list="" |
93 | for arg in ${OSTREE_KERNEL_ARGS}; do | 66 | for arg in ${OSTREE_KERNEL_ARGS}; do |
94 | kargs_list="${kargs_list} --karg-append=$arg" | 67 | kargs_list="${kargs_list} --karg-append=$arg" |
@@ -96,19 +69,14 @@ fakeroot do_otasetup () { | |||
96 | 69 | ||
97 | ostree admin --sysroot=${OTA_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash} | 70 | ostree admin --sysroot=${OTA_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash} |
98 | 71 | ||
99 | # Copy deployment /home and /var/sota to sysroot | ||
100 | HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX` | ||
101 | |||
102 | tar --xattrs --xattrs-include='*' -C ${HOME_TMP} -xf ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 ./usr/homedirs ./var/local || true | ||
103 | |||
104 | cp -a ${IMAGE_ROOTFS}/var/sota ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | 72 | cp -a ${IMAGE_ROOTFS}/var/sota ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true |
105 | # Create /var/sota if it doesn't exist yet | 73 | # Create /var/sota if it doesn't exist yet |
106 | mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | 74 | mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota |
107 | # Ensure the permissions are correctly set | 75 | # Ensure the permissions are correctly set |
108 | chmod 700 ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | 76 | chmod 700 ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota |
109 | 77 | ||
110 | mv ${HOME_TMP}/var/local ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | 78 | cp -a ${OSTREE_ROOTFS}/var/local ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true |
111 | mv ${HOME_TMP}/usr/homedirs/home ${OTA_SYSROOT}/ || true | 79 | cp -a ${OSTREE_ROOTFS}/usr/homedirs/home ${OTA_SYSROOT}/ || true |
112 | # Ensure that /var/local exists (AGL symlinks /usr/local to /var/local) | 80 | # Ensure that /var/local exists (AGL symlinks /usr/local to /var/local) |
113 | install -d ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/local | 81 | install -d ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/local |
114 | # Set package version for the first deployment | 82 | # Set package version for the first deployment |
@@ -120,38 +88,26 @@ fakeroot do_otasetup () { | |||
120 | fi | 88 | fi |
121 | mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import | 89 | mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import |
122 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import/installed_versions | 90 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import/installed_versions |
123 | echo "All done. Cleaning up dir: ${HOME_TMP}" | ||
124 | rm -rf ${HOME_TMP} | ||
125 | } | 91 | } |
126 | 92 | ||
93 | IMAGE_TYPEDEP_ota-ext4 = "ota" | ||
94 | do_image_ota_ext4[depends] = "e2fsprogs-native:do_populate_sysroot" | ||
127 | IMAGE_CMD_ota-ext4 () { | 95 | IMAGE_CMD_ota-ext4 () { |
128 | # Calculate image type | 96 | # Calculate image type |
129 | OTA_ROOTFS_SIZE=$(calculate_size `du -ks $OTA_SYSROOT | cut -f 1` "${IMAGE_OVERHEAD_FACTOR}" "${IMAGE_ROOTFS_SIZE}" "${IMAGE_ROOTFS_MAXSIZE}" `expr ${IMAGE_ROOTFS_EXTRA_SPACE}` "${IMAGE_ROOTFS_ALIGNMENT}") | 97 | OTA_ROOTFS_SIZE=$(calculate_size `du -ks ${OTA_SYSROOT} | cut -f 1` "${IMAGE_OVERHEAD_FACTOR}" "${IMAGE_ROOTFS_SIZE}" "${IMAGE_ROOTFS_MAXSIZE}" `expr ${IMAGE_ROOTFS_EXTRA_SPACE}` "${IMAGE_ROOTFS_ALIGNMENT}") |
130 | 98 | ||
131 | if [ $OTA_ROOTFS_SIZE -lt 0 ]; then | 99 | if [ ${OTA_ROOTFS_SIZE} -lt 0 ]; then |
132 | bbfatal "create_ota failed to calculate OTA rootfs size!" | 100 | bbfatal "create_ota failed to calculate OTA rootfs size!" |
133 | fi | 101 | fi |
134 | 102 | ||
135 | eval local COUNT=\"0\" | 103 | eval local COUNT=\"0\" |
136 | eval local MIN_COUNT=\"60\" | 104 | eval local MIN_COUNT=\"60\" |
137 | if [ $OTA_ROOTFS_SIZE -lt $MIN_COUNT ]; then | 105 | if [ ${OTA_ROOTFS_SIZE} -lt ${MIN_COUNT} ]; then |
138 | eval COUNT=\"$MIN_COUNT\" | 106 | eval COUNT=\"${MIN_COUNT}\" |
139 | fi | 107 | fi |
140 | 108 | ||
141 | dd if=/dev/zero of=${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-ext4 seek=${OTA_ROOTFS_SIZE} count=$COUNT bs=1024 | 109 | dd if=/dev/zero of=${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-ext4 seek=${OTA_ROOTFS_SIZE} count=${COUNT} bs=1024 |
142 | mkfs.ext4 -O ^64bit ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-ext4 -L otaroot -d ${OTA_SYSROOT} | 110 | mkfs.ext4 -O ^64bit ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-ext4 -L otaroot -d ${OTA_SYSROOT} |
143 | } | 111 | } |
144 | 112 | ||
145 | IMAGE_CMD_ota-tar () { | 113 | do_image_wic[depends] += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', '%s:do_image_ota_ext4' % d.getVar('IMAGE_BASENAME', True), '', d)}" |
146 | tar -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-tar -C ${OTA_SYSROOT} . | ||
147 | } | ||
148 | |||
149 | do_otasetup[doc] = "Sets up the base ota rootfs used for subsequent image generation" | ||
150 | do_otasetup[depends] += "virtual/fakeroot-native:do_populate_sysroot \ | ||
151 | ${@'grub:do_populate_sysroot' if d.getVar('OSTREE_BOOTLOADER', True) == 'grub' else ''} \ | ||
152 | ${@'virtual/bootloader:do_deploy' if d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot' else ''}" | ||
153 | |||
154 | addtask do_otasetup after do_image_ostree before do_image_ota_ext4 do_image_ota_tar | ||
155 | |||
156 | IMAGE_TYPEDEP_ota-ext4 = "ostree" | ||
157 | IMAGE_TYPEDEP_ota-tar = "ostree" | ||
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 98cc3de..93f59eb 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
@@ -1,9 +1,3 @@ | |||
1 | export BUILD_OTA_TARBALL | ||
2 | python __anonymous() { | ||
3 | if bb.utils.contains('DISTRO_FEATURES', 'sota', True, False, d): | ||
4 | d.appendVarFlag("do_image_wic", "depends", " %s:do_image_ota_ext4" % d.getVar("IMAGE_BASENAME", True)) | ||
5 | } | ||
6 | |||
7 | OVERRIDES .= "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ':sota', '', d)}" | 1 | OVERRIDES .= "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ':sota', '', d)}" |
8 | 2 | ||
9 | HOSTTOOLS_NONFATAL += "java" | 3 | HOSTTOOLS_NONFATAL += "java" |
@@ -11,12 +5,14 @@ HOSTTOOLS_NONFATAL += "java" | |||
11 | SOTA_CLIENT ??= "aktualizr" | 5 | SOTA_CLIENT ??= "aktualizr" |
12 | SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" | 6 | SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" |
13 | SOTA_DEPLOY_CREDENTIALS ?= "1" | 7 | SOTA_DEPLOY_CREDENTIALS ?= "1" |
8 | SOTA_HARDWARE_ID ??= "${MACHINE}" | ||
14 | 9 | ||
15 | IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" | 10 | IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" |
16 | IMAGE_CLASSES += " image_types_ostree image_types_ota" | 11 | IMAGE_CLASSES += " image_types_ostree image_types_ota" |
17 | 12 | ||
18 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck ota-ext4 wic', ' ', d)}" | 13 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck ota-ext4 wic', ' ', d)}" |
19 | IMAGE_FSTYPES += "${@bb.utils.contains('BUILD_OTA_TARBALL', '1', 'ota-tar ota-tar.xz', ' ', d)}" | 14 | IMAGE_FSTYPES += "${@bb.utils.contains('BUILD_OSTREE_TARBALL', '1', 'ostree.tar.bz2', ' ', d)}" |
15 | IMAGE_FSTYPES += "${@bb.utils.contains('BUILD_OTA_TARBALL', '1', 'ota.tar.xz', ' ', d)}" | ||
20 | 16 | ||
21 | PACKAGECONFIG_append_pn-curl = " ssl" | 17 | PACKAGECONFIG_append_pn-curl = " ssl" |
22 | PACKAGECONFIG_remove_pn-curl = "gnutls" | 18 | PACKAGECONFIG_remove_pn-curl = "gnutls" |
@@ -28,11 +24,13 @@ EXTRA_IMAGEDEPENDS_append_sota = " parted-native mtools-native dosfstools-native | |||
28 | INITRAMFS_FSTYPES ??= "${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'cpio.gz.u-boot', 'cpio.gz')}" | 24 | INITRAMFS_FSTYPES ??= "${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'cpio.gz.u-boot', 'cpio.gz')}" |
29 | 25 | ||
30 | # Please redefine OSTREE_REPO in order to have a persistent OSTree repo | 26 | # Please redefine OSTREE_REPO in order to have a persistent OSTree repo |
31 | OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo" | 27 | export OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo" |
32 | OSTREE_BRANCHNAME ?= "${MACHINE}" | 28 | export OSTREE_BRANCHNAME ?= "${SOTA_HARDWARE_ID}" |
33 | OSTREE_OSNAME ?= "poky" | 29 | export OSTREE_OSNAME ?= "poky" |
30 | export OSTREE_BOOTLOADER ??= 'u-boot' | ||
31 | export OSTREE_BOOT_PARTITION ??= "/boot" | ||
32 | |||
34 | INITRAMFS_IMAGE ?= "initramfs-ostree-image" | 33 | INITRAMFS_IMAGE ?= "initramfs-ostree-image" |
35 | OSTREE_BOOTLOADER ??= 'u-boot' | ||
36 | 34 | ||
37 | GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo" | 35 | GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo" |
38 | GARAGE_SIGN_KEYNAME ?= "garage-key" | 36 | GARAGE_SIGN_KEYNAME ?= "garage-key" |
@@ -48,6 +46,7 @@ SOTA_MACHINE_intel-corei7-64 ?= "minnowboard" | |||
48 | SOTA_MACHINE_qemux86-64 ?= "qemux86-64" | 46 | SOTA_MACHINE_qemux86-64 ?= "qemux86-64" |
49 | SOTA_MACHINE_am335x-evm ?= "am335x-evm-wifi" | 47 | SOTA_MACHINE_am335x-evm ?= "am335x-evm-wifi" |
50 | 48 | ||
51 | inherit sota_${SOTA_MACHINE} | 49 | SOTA_OVERRIDES_BLACKLIST = "ostree ota" |
50 | SOTA_REQUIRED_VARIABLES = "OSTREE_REPO OSTREE_BRANCHNAME OSTREE_OSNAME OSTREE_BOOTLOADER OSTREE_BOOT_PARTITION GARAGE_SIGN_REPO GARAGE_TARGET_NAME" | ||
52 | 51 | ||
53 | inherit image_repo_manifest | 52 | inherit sota_sanity sota_${SOTA_MACHINE} image_repo_manifest |
diff --git a/classes/sota_sanity.bbclass b/classes/sota_sanity.bbclass new file mode 100644 index 0000000..e47de19 --- /dev/null +++ b/classes/sota_sanity.bbclass | |||
@@ -0,0 +1,54 @@ | |||
1 | # Sanity check the sota setup for common misconfigurations | ||
2 | |||
3 | def sota_check_overrides(status, d): | ||
4 | for var in (d.getVar('SOTA_OVERRIDES_BLACKLIST', True) or "").split(): | ||
5 | if var in d.getVar('OVERRIDES', True).split(':'): | ||
6 | status.addresult("%s should not be a overrides, because it is a image fstype in updater layer, please check your OVERRIDES setting.\n" % var) | ||
7 | |||
8 | def sota_check_required_variables(status, d): | ||
9 | for var in (d.getVar('SOTA_REQUIRED_VARIABLES', True) or "").split(): | ||
10 | if not d.getVar(var, True): | ||
11 | status.addresult("%s should be set in your local.conf.\n" % var) | ||
12 | |||
13 | def sota_raise_sanity_error(msg, d): | ||
14 | if d.getVar("SANITY_USE_EVENTS", True) == "1": | ||
15 | bb.event.fire(bb.event.SanityCheckFailed(msg), d) | ||
16 | return | ||
17 | |||
18 | bb.fatal("Sota's config sanity checker detected a potential misconfiguration.\n" | ||
19 | "Please fix the cause of this error then you can continue to build.\n" | ||
20 | "Following is the list of potential problems / advisories:\n" | ||
21 | "\n%s" % msg) | ||
22 | |||
23 | def sota_check_sanity(sanity_data): | ||
24 | class SanityStatus(object): | ||
25 | def __init__(self): | ||
26 | self.messages = "" | ||
27 | self.reparse = False | ||
28 | |||
29 | def addresult(self, message): | ||
30 | if message: | ||
31 | self.messages = self.messages + message | ||
32 | |||
33 | status = SanityStatus() | ||
34 | |||
35 | sota_check_overrides(status, sanity_data) | ||
36 | sota_check_required_variables(status, sanity_data) | ||
37 | |||
38 | if status.messages != "": | ||
39 | sota_raise_sanity_error(sanity_data.expand(status.messages), sanity_data) | ||
40 | |||
41 | addhandler sota_check_sanity_eventhandler | ||
42 | sota_check_sanity_eventhandler[eventmask] = "bb.event.SanityCheck" | ||
43 | |||
44 | python sota_check_sanity_eventhandler() { | ||
45 | if bb.event.getName(e) == "SanityCheck": | ||
46 | sanity_data = copy_data(e) | ||
47 | if e.generateevents: | ||
48 | sanity_data.setVar("SANITY_USE_EVENTS", "1") | ||
49 | reparse = sota_check_sanity(sanity_data) | ||
50 | e.data.setVar("BB_INVALIDCONF", reparse) | ||
51 | bb.event.fire(bb.event.SanityCheckPassed(), e.data) | ||
52 | |||
53 | return | ||
54 | } | ||
diff --git a/conf/distro/sota.conf.inc b/conf/distro/sota.conf.inc index ea1ca95..8de9597 100644 --- a/conf/distro/sota.conf.inc +++ b/conf/distro/sota.conf.inc | |||
@@ -4,7 +4,7 @@ | |||
4 | # | 4 | # |
5 | # require conf/distro/sota.conf.inc | 5 | # require conf/distro/sota.conf.inc |
6 | 6 | ||
7 | DISTRO_FEATURES_append = " sota" | 7 | DISTRO_FEATURES_append = " sota usrmerge" |
8 | DISTRO_FEATURES_NATIVE_append = " sota" | 8 | DISTRO_FEATURES_NATIVE_append = " sota" |
9 | INHERIT += " sota" | 9 | INHERIT += " sota" |
10 | # Prelinking increases the size of downloads and causes build errors | 10 | # Prelinking increases the size of downloads and causes build errors |
diff --git a/lib/oeqa/selftest/cases/updater.py b/lib/oeqa/selftest/cases/updater.py index e4b2fa5..92bf6fc 100644 --- a/lib/oeqa/selftest/cases/updater.py +++ b/lib/oeqa/selftest/cases/updater.py | |||
@@ -36,6 +36,10 @@ class GeneralTests(OESelftestTestCase): | |||
36 | result = get_bb_var('DISTRO_FEATURES').find('sota') | 36 | result = get_bb_var('DISTRO_FEATURES').find('sota') |
37 | self.assertNotEqual(result, -1, 'Feature "sota" not set at DISTRO_FEATURES') | 37 | self.assertNotEqual(result, -1, 'Feature "sota" not set at DISTRO_FEATURES') |
38 | 38 | ||
39 | def test_feature_usrmerge(self): | ||
40 | result = get_bb_var('DISTRO_FEATURES').find('usrmerge') | ||
41 | self.assertNotEqual(result, -1, 'Feature "sota" not set at DISTRO_FEATURES') | ||
42 | |||
39 | def test_feature_systemd(self): | 43 | def test_feature_systemd(self): |
40 | result = get_bb_var('DISTRO_FEATURES').find('systemd') | 44 | result = get_bb_var('DISTRO_FEATURES').find('systemd') |
41 | self.assertNotEqual(result, -1, 'Feature "systemd" not set at DISTRO_FEATURES') | 45 | self.assertNotEqual(result, -1, 'Feature "systemd" not set at DISTRO_FEATURES') |
@@ -103,7 +107,7 @@ class AktualizrToolsTests(OESelftestTestCase): | |||
103 | bitbake('aktualizr-native') | 107 | bitbake('aktualizr-native') |
104 | 108 | ||
105 | def test_cert_provider_help(self): | 109 | def test_cert_provider_help(self): |
106 | akt_native_run(self, 'aktualizr_cert_provider --help') | 110 | akt_native_run(self, 'aktualizr-cert-provider --help') |
107 | 111 | ||
108 | def test_cert_provider_local_output(self): | 112 | def test_cert_provider_local_output(self): |
109 | logger = logging.getLogger("selftest") | 113 | logger = logging.getLogger("selftest") |
@@ -115,7 +119,7 @@ class AktualizrToolsTests(OESelftestTestCase): | |||
115 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') | 119 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') |
116 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' | 120 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' |
117 | 121 | ||
118 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -r -l {temp} -g {config}' | 122 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -r -l {temp} -g {config}' |
119 | .format(creds=creds, temp=temp_dir, config=config)) | 123 | .format(creds=creds, temp=temp_dir, config=config)) |
120 | 124 | ||
121 | # Might be nice if these names weren't hardcoded. | 125 | # Might be nice if these names weren't hardcoded. |
@@ -285,9 +289,9 @@ class RpiTests(OESelftestTestCase): | |||
285 | 289 | ||
286 | def test_rpi(self): | 290 | def test_rpi(self): |
287 | logger = logging.getLogger("selftest") | 291 | logger = logging.getLogger("selftest") |
288 | logger.info('Running bitbake to build rpi-basic-image') | 292 | logger.info('Running bitbake to build core-image-minimal') |
289 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-auto-prov"') | 293 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-auto-prov"') |
290 | bitbake('rpi-basic-image') | 294 | bitbake('core-image-minimal') |
291 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') | 295 | credentials = get_bb_var('SOTA_PACKED_CREDENTIALS') |
292 | # Skip the test if the variable SOTA_PACKED_CREDENTIALS is not set. | 296 | # Skip the test if the variable SOTA_PACKED_CREDENTIALS is not set. |
293 | if credentials is None: | 297 | if credentials is None: |
@@ -295,7 +299,7 @@ class RpiTests(OESelftestTestCase): | |||
295 | # Check if the file exists. | 299 | # Check if the file exists. |
296 | self.assertTrue(os.path.isfile(credentials), "File %s does not exist" % credentials) | 300 | self.assertTrue(os.path.isfile(credentials), "File %s does not exist" % credentials) |
297 | deploydir = get_bb_var('DEPLOY_DIR_IMAGE') | 301 | deploydir = get_bb_var('DEPLOY_DIR_IMAGE') |
298 | imagename = get_bb_var('IMAGE_LINK_NAME', 'rpi-basic-image') | 302 | imagename = get_bb_var('IMAGE_LINK_NAME', 'core-image-minimal') |
299 | # Check if the credentials are included in the output image. | 303 | # Check if the credentials are included in the output image. |
300 | result = runCmd('tar -jtvf %s/%s.tar.bz2 | grep sota_provisioning_credentials.zip' % | 304 | result = runCmd('tar -jtvf %s/%s.tar.bz2 | grep sota_provisioning_credentials.zip' % |
301 | (deploydir, imagename), ignore_status=True) | 305 | (deploydir, imagename), ignore_status=True) |
@@ -424,14 +428,14 @@ class ImplProvTests(OESelftestTestCase): | |||
424 | self.assertIn(b'Fetched metadata: no', stdout, | 428 | self.assertIn(b'Fetched metadata: no', stdout, |
425 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) | 429 | 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) |
426 | 430 | ||
427 | # Run cert_provider. | 431 | # Run aktualizr-cert-provider. |
428 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | 432 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') |
429 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 433 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
430 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') | 434 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') |
431 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' | 435 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' |
432 | 436 | ||
433 | print('Provisining at root@localhost:%d' % self.qemu.ssh_port) | 437 | print('Provisining at root@localhost:%d' % self.qemu.ssh_port) |
434 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -s -u -r -g {config}' | 438 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -t root@localhost -p {port} -s -u -r -g {config}' |
435 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | 439 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) |
436 | 440 | ||
437 | verifyProvisioned(self, machine) | 441 | verifyProvisioned(self, machine) |
@@ -509,13 +513,13 @@ class HsmTests(OESelftestTestCase): | |||
509 | self.assertNotEqual(retcode, 0, 'softhsm2-tool succeeded before initialization: ' + | 513 | self.assertNotEqual(retcode, 0, 'softhsm2-tool succeeded before initialization: ' + |
510 | stdout.decode() + stderr.decode()) | 514 | stdout.decode() + stderr.decode()) |
511 | 515 | ||
512 | # Run cert_provider. | 516 | # Run aktualizr-cert-provider. |
513 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | 517 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') |
514 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 518 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
515 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-hsm-prov') | 519 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-hsm-prov') |
516 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' | 520 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' |
517 | 521 | ||
518 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -r -s -u -g {config}' | 522 | akt_native_run(self, 'aktualizr-cert-provider -c {creds} -t root@localhost -p {port} -r -s -u -g {config}' |
519 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | 523 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) |
520 | 524 | ||
521 | # Verify that HSM is able to initialize. | 525 | # Verify that HSM is able to initialize. |
@@ -655,7 +659,13 @@ def qemu_launch(efi=False, machine=None, imagename=None): | |||
655 | args.dir = 'tmp/deploy/images' | 659 | args.dir = 'tmp/deploy/images' |
656 | args.efi = efi | 660 | args.efi = efi |
657 | args.machine = machine | 661 | args.machine = machine |
658 | args.kvm = None # Autodetect | 662 | qemu_use_kvm = get_bb_var("QEMU_USE_KVM") |
663 | if qemu_use_kvm and \ | ||
664 | (qemu_use_kvm == 'True' and 'x86' in machine or \ | ||
665 | get_bb_var('MACHINE') in qemu_use_kvm.split()): | ||
666 | args.kvm = True | ||
667 | else: | ||
668 | args.kvm = None # Autodetect | ||
659 | args.no_gui = True | 669 | args.no_gui = True |
660 | args.gdb = False | 670 | args.gdb = False |
661 | args.pcap = None | 671 | args.pcap = None |
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 01f21fa..f506cab 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb | |||
@@ -12,7 +12,6 @@ PR = "6" | |||
12 | 12 | ||
13 | SRC_URI = "" | 13 | SRC_URI = "" |
14 | 14 | ||
15 | require environment.inc | ||
16 | require credentials.inc | 15 | require credentials.inc |
17 | 16 | ||
18 | do_install() { | 17 | do_install() { |
@@ -30,7 +29,6 @@ do_install() { | |||
30 | fi | 29 | fi |
31 | 30 | ||
32 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 31 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
33 | install -m 0700 -d ${D}${localstatedir}/sota | ||
34 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} | 32 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} |
35 | 33 | ||
36 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ | 34 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ |
@@ -40,8 +38,6 @@ do_install() { | |||
40 | FILES_${PN} = " \ | 38 | FILES_${PN} = " \ |
41 | ${libdir}/sota/conf.d \ | 39 | ${libdir}/sota/conf.d \ |
42 | ${libdir}/sota/conf.d/20-${aktualizr_toml} \ | 40 | ${libdir}/sota/conf.d/20-${aktualizr_toml} \ |
43 | ${localstatedir}/sota \ | ||
44 | ${localstatedir}/sota/sota_provisioning_credentials.zip \ | ||
45 | " | 41 | " |
46 | 42 | ||
47 | # vim:set ts=4 sw=4 sts=4 expandtab: | 43 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb index a729e6b..7420983 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | |||
@@ -21,11 +21,11 @@ do_install() { | |||
21 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | 21 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem |
22 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | 22 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem |
23 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | 23 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA |
24 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | 24 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at ${SOTA_CACERT_PATH}" |
25 | 25 | ||
26 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | 26 | if [ ! -f ${SOTA_CACERT_PATH} ]; then |
27 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | 27 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" |
28 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | 28 | SOTA_CACERT_DIR_PATH="$(dirname "${SOTA_CACERT_PATH}")" |
29 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 | 29 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 |
30 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert | 30 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert |
31 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | 31 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" |
@@ -33,13 +33,13 @@ do_install() { | |||
33 | fi | 33 | fi |
34 | 34 | ||
35 | if [ -z ${SOTA_CAKEY_PATH} ]; then | 35 | if [ -z ${SOTA_CAKEY_PATH} ]; then |
36 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | 36 | bbfatal "SOTA_CAKEY_PATH should be set when using implicit provisioning" |
37 | fi | 37 | fi |
38 | 38 | ||
39 | install -m 0700 -d ${D}${localstatedir}/sota | 39 | install -m 0700 -d ${D}${localstatedir}/sota |
40 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | 40 | aktualizr-cert-provider --credentials ${SOTA_PACKED_CREDENTIALS} \ |
41 | --device-ca ${SOTA_CACERT_PATH} \ | 41 | --fleet-ca ${SOTA_CACERT_PATH} \ |
42 | --device-ca-key ${SOTA_CAKEY_PATH} \ | 42 | --fleet-ca-key ${SOTA_CAKEY_PATH} \ |
43 | --root-ca \ | 43 | --root-ca \ |
44 | --server-url \ | 44 | --server-url \ |
45 | --local ${D} \ | 45 | --local ${D} \ |
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb index 2763185..5893ed2 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb | |||
@@ -15,7 +15,6 @@ RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds' if d.getVar('SOT | |||
15 | PV = "1.0" | 15 | PV = "1.0" |
16 | PR = "1" | 16 | PR = "1" |
17 | 17 | ||
18 | require environment.inc | ||
19 | require credentials.inc | 18 | require credentials.inc |
20 | 19 | ||
21 | do_install() { | 20 | do_install() { |
diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb index e915046..7947edd 100644 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb | |||
@@ -12,7 +12,6 @@ SRC_URI = "" | |||
12 | PV = "1.0" | 12 | PV = "1.0" |
13 | PR = "6" | 13 | PR = "6" |
14 | 14 | ||
15 | require environment.inc | ||
16 | require credentials.inc | 15 | require credentials.inc |
17 | 16 | ||
18 | do_install() { | 17 | do_install() { |
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 50a9f16..d49f28c 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -27,7 +27,7 @@ SRC_URI = " \ | |||
27 | file://aktualizr-serialcan.service \ | 27 | file://aktualizr-serialcan.service \ |
28 | " | 28 | " |
29 | 29 | ||
30 | SRCREV = "3c1c77c005fc1f872f1e12080528ed6f8a32bbf3" | 30 | SRCREV = "d00d1a04cc2366d1a5f143b84b9f507f8bd32c44" |
31 | BRANCH ?= "master" | 31 | BRANCH ?= "master" |
32 | 32 | ||
33 | S = "${WORKDIR}/git" | 33 | S = "${WORKDIR}/git" |
@@ -69,6 +69,21 @@ do_install_append () { | |||
69 | install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service | 69 | install -m 0644 ${WORKDIR}/aktualizr-secondary.service ${D}${systemd_unitdir}/system/aktualizr-secondary.service |
70 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 70 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
71 | install -m 0700 -d ${D}${sysconfdir}/sota/conf.d | 71 | install -m 0700 -d ${D}${sysconfdir}/sota/conf.d |
72 | |||
73 | if [ -n "${SOTA_HARDWARE_ID}" ]; then | ||
74 | echo "[provision]\nprimary_ecu_hardware_id = ${SOTA_HARDWARE_ID}\n" > ${D}${libdir}/sota/conf.d/40-hardware-id.toml | ||
75 | fi | ||
76 | |||
77 | if [ -n "${SOTA_SECONDARY_CONFIG_DIR}" ]; then | ||
78 | if [ -d "${SOTA_SECONDARY_CONFIG_DIR}" ]; then | ||
79 | install -m 0700 -d ${D}${sysconfdir}/sota/ecus | ||
80 | install -m 0644 "${SOTA_SECONDARY_CONFIG_DIR}"/* ${D}${sysconfdir}/sota/ecus/ | ||
81 | echo "[uptane]\nsecondary_configs_dir = /etc/sota/ecus/\n" > ${D}${libdir}/sota/conf.d/30-secondary-configs-dir.toml | ||
82 | else | ||
83 | bbwarn "SOTA_SECONDARY_CONFIG_DIR is set to an invalid directory (${SOTA_SECONDARY_CONFIG_DIR})" | ||
84 | fi | ||
85 | fi | ||
86 | |||
72 | } | 87 | } |
73 | 88 | ||
74 | do_install_append_class-target () { | 89 | do_install_append_class-target () { |
@@ -91,15 +106,16 @@ FILES_${PN} = " \ | |||
91 | ${systemd_unitdir}/system/aktualizr.service \ | 106 | ${systemd_unitdir}/system/aktualizr.service \ |
92 | ${libdir}/sota/conf.d \ | 107 | ${libdir}/sota/conf.d \ |
93 | ${sysconfdir}/sota/conf.d \ | 108 | ${sysconfdir}/sota/conf.d \ |
109 | ${sysconfdir}/sota/ecus/* \ | ||
94 | " | 110 | " |
95 | 111 | ||
96 | FILES_${PN}-examples = " \ | 112 | FILES_${PN}-examples = " \ |
97 | ${bindir}/hmi_stub \ | 113 | ${bindir}/hmi-stub \ |
98 | " | 114 | " |
99 | 115 | ||
100 | FILES_${PN}-host-tools = " \ | 116 | FILES_${PN}-host-tools = " \ |
101 | ${bindir}/aktualizr-repo \ | 117 | ${bindir}/aktualizr-repo \ |
102 | ${bindir}/aktualizr_cert_provider \ | 118 | ${bindir}/aktualizr-cert-provider \ |
103 | ${bindir}/garage-deploy \ | 119 | ${bindir}/garage-deploy \ |
104 | ${bindir}/garage-push \ | 120 | ${bindir}/garage-push \ |
105 | ${libdir}/sota/sota_autoprov.toml \ | 121 | ${libdir}/sota/sota_autoprov.toml \ |
diff --git a/recipes-sota/aktualizr/environment.inc b/recipes-sota/aktualizr/environment.inc deleted file mode 100644 index 16e789e..0000000 --- a/recipes-sota/aktualizr/environment.inc +++ /dev/null | |||
@@ -1,11 +0,0 @@ | |||
1 | export SOTA_VIRTUAL_SECONDARIES | ||
2 | |||
3 | do_install_append() { | ||
4 | for sec in ${SOTA_VIRTUAL_SECONDARIES}; do | ||
5 | AKTUALIZR_PARAMETERS_VIRTUALSECS="${AKTUALIZR_PARAMETERS_VIRTUALSECS} --secondary-config $sec" | ||
6 | done | ||
7 | |||
8 | echo "AKTUALIZR_CMDLINE_PARAMETERS=${AKTUALIZR_PARAMETERS_VIRTUALSECS}" > ${D}${libdir}/sota/sota.env | ||
9 | } | ||
10 | |||
11 | FILES_${PN}_append = " ${libdir}/sota/sota.env" | ||
diff --git a/recipes-sota/aktualizr/files/aktualizr-secondary.service b/recipes-sota/aktualizr/files/aktualizr-secondary.service index a1e0e1b..9628ee3 100644 --- a/recipes-sota/aktualizr/files/aktualizr-secondary.service +++ b/recipes-sota/aktualizr/files/aktualizr-secondary.service | |||
@@ -4,6 +4,5 @@ Description=Aktualizr SOTA Client (UPTANE Secondary) | |||
4 | [Service] | 4 | [Service] |
5 | RestartSec=10 | 5 | RestartSec=10 |
6 | Restart=always | 6 | Restart=always |
7 | EnvironmentFile=-/etc/sota/sota.env | ||
8 | ExecStart=/usr/bin/aktualizr-secondary --config /usr/lib/sota/sota_secondary.toml | 7 | ExecStart=/usr/bin/aktualizr-secondary --config /usr/lib/sota/sota_secondary.toml |
9 | 8 | ||
diff --git a/recipes-sota/aktualizr/files/aktualizr.service b/recipes-sota/aktualizr/files/aktualizr.service index 6de4474..726809e 100644 --- a/recipes-sota/aktualizr/files/aktualizr.service +++ b/recipes-sota/aktualizr/files/aktualizr.service | |||
@@ -5,8 +5,6 @@ After=network.target | |||
5 | [Service] | 5 | [Service] |
6 | RestartSec=10 | 6 | RestartSec=10 |
7 | Restart=always | 7 | Restart=always |
8 | EnvironmentFile=/usr/lib/sota/sota.env | ||
9 | EnvironmentFile=-/etc/sota/sota.env | ||
10 | ExecStart=/usr/bin/aktualizr $AKTUALIZR_CMDLINE_PARAMETERS | 8 | ExecStart=/usr/bin/aktualizr $AKTUALIZR_CMDLINE_PARAMETERS |
11 | 9 | ||
12 | [Install] | 10 | [Install] |
diff --git a/scripts/find_aktualizr_dependencies.sh b/scripts/find_aktualizr_dependencies.sh index 786d8a9..986b541 100755 --- a/scripts/find_aktualizr_dependencies.sh +++ b/scripts/find_aktualizr_dependencies.sh | |||
@@ -11,11 +11,12 @@ parentdir="$(dirname "$0")" | |||
11 | # those are common dependencies not enabled by default. | 11 | # those are common dependencies not enabled by default. |
12 | ${parentdir}/find_dependencies.py aktualizr | 12 | ${parentdir}/find_dependencies.py aktualizr |
13 | ${parentdir}/find_dependencies.py aktualizr-auto-prov | 13 | ${parentdir}/find_dependencies.py aktualizr-auto-prov |
14 | ${parentdir}/find_dependencies.py aktualizr-implicit-prov | 14 | ${parentdir}/find_dependencies.py aktualizr-auto-prov-creds |
15 | ${parentdir}/find_dependencies.py aktualizr-ca-implicit-prov | 15 | ${parentdir}/find_dependencies.py aktualizr-ca-implicit-prov |
16 | ${parentdir}/find_dependencies.py aktualizr-ca-implicit-prov-creds | ||
16 | ${parentdir}/find_dependencies.py aktualizr-hsm-prov | 17 | ${parentdir}/find_dependencies.py aktualizr-hsm-prov |
18 | ${parentdir}/find_dependencies.py aktualizr-hsm-prov-creds | ||
17 | ${parentdir}/find_dependencies.py aktualizr-disable-send-ip | 19 | ${parentdir}/find_dependencies.py aktualizr-disable-send-ip |
18 | ${parentdir}/find_dependencies.py aktualizr-example-interface | ||
19 | ${parentdir}/find_dependencies.py aktualizr-log-debug | 20 | ${parentdir}/find_dependencies.py aktualizr-log-debug |
20 | ${parentdir}/find_dependencies.py libp11 | 21 | ${parentdir}/find_dependencies.py libp11 |
21 | ${parentdir}/find_dependencies.py dpkg | 22 | ${parentdir}/find_dependencies.py dpkg |