From 36dc9817f58d74b98194539dcb0cf1de1af8e340 Mon Sep 17 00:00:00 2001 From: Laurent Bonnans Date: Fri, 1 Mar 2019 12:49:38 +0100 Subject: Simplify garage-sign fetching for aktualizr Two modes: - `GARAGE_SIGN_AUTOVERSION=0`: use archive and version from aktualizr's recipe - `GARAGE_SIGN_AUTOVERSION=1`: let aktualizr fetching it automatically Signed-off-by: Laurent Bonnans --- recipes-sota/aktualizr/aktualizr_git.bb | 12 +++++---- recipes-sota/aktualizr/garage-sign-version.inc | 36 -------------------------- 2 files changed, 7 insertions(+), 41 deletions(-) delete mode 100644 recipes-sota/aktualizr/garage-sign-version.inc diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 8fbe2f9..0354fa0 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -5,8 +5,6 @@ SECTION = "base" LICENSE = "MPL-2.0" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" -require garage-sign-version.inc - DEPENDS = "boost curl openssl libarchive libsodium sqlite3 asn1c-native" RDEPENDS_${PN}_class-target = "aktualizr-check-discovery aktualizr-configs lshw" RDEPENDS_${PN}-secondary = "aktualizr-check-discovery" @@ -15,14 +13,20 @@ RDEPENDS_${PN}-host-tools = "aktualizr aktualizr-repo aktualizr-cert-provider ${ PV = "1.0+git${SRCPV}" PR = "7" +GARAGE_SIGN_PV = "0.6.0-3-gc38b9f3" + SRC_URI = " \ gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ file://aktualizr.service \ file://aktualizr-secondary.service \ file://aktualizr-secondary.socket \ file://aktualizr-serialcan.service \ + ${@ d.expand("https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${GARAGE_SIGN_PV}.tgz;unpack=0") if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''} \ " +# for garage-sign archive +SRC_URI[md5sum] = "30d7f0931e2236954679e75d1bae174f" +SRC_URI[sha256sum] = "46d8c6448ce14cbb9af6a93eba7e29d38579e566dcd6518d22f723a8da16cad5" SRCREV = "ea03a5cf57def6b8d368f783cb12b91255365a80" BRANCH ?= "master" @@ -37,9 +41,7 @@ SYSTEMD_SERVICE_${PN}-secondary = "aktualizr-secondary.socket" EXTRA_OECMAKE = "-DCMAKE_BUILD_TYPE=Release -DAKTUALIZR_VERSION=${PV}" -GARAGE_SIGN_OPS = "${@ '-DGARAGE_SIGN_VERSION=%s' % d.getVar('GARAGE_SIGN_VERSION') if d.getVar('GARAGE_SIGN_VERSION') is not None else ''} \ - ${@ '-DGARAGE_SIGN_SHA256=%s' % d.getVar('GARAGE_SIGN_SHA256') if d.getVar('GARAGE_SIGN_SHA256') is not None else ''} \ - " +GARAGE_SIGN_OPS = "${@ d.expand('-DGARAGE_SIGN_ARCHIVE=${WORKDIR}/cli-${GARAGE_SIGN_PV}.tgz') if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''}" PACKAGECONFIG ?= "ostree ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} ${@bb.utils.filter('SOTA_CLIENT_FEATURES', 'hsm serialcan ubootenv', d)}" PACKAGECONFIG_class-native = "sota-tools" diff --git a/recipes-sota/aktualizr/garage-sign-version.inc b/recipes-sota/aktualizr/garage-sign-version.inc deleted file mode 100644 index 2cea6c9..0000000 --- a/recipes-sota/aktualizr/garage-sign-version.inc +++ /dev/null @@ -1,36 +0,0 @@ - -python () { - if d.getVar("GARAGE_SIGN_VERSION") or not d.getVar("SOTA_PACKED_CREDENTIALS"): - return - import json - import urllib.request - import zipfile - with zipfile.ZipFile(d.getVar("SOTA_PACKED_CREDENTIALS"), 'r') as zip_ref: - try: - with zip_ref.open('tufrepo.url', mode='r') as url_file: - url = url_file.read().decode().strip(' \t\n') + '/health/version' - except (KeyError, ValueError, RuntimeError): - return - connected = False - tries = 3 - for i in range(tries): - try: - r = urllib.request.urlopen(url) - if r.code == 200: - connected = True - break - else: - print('Bad return code from server ' + url + ': ' + str(r.code) + - ' (attempt ' + str(i + 1) + ' of ' + str(tries) + ')') - except urllib.error.URLError as e: - print('Error connecting to server ' + url + ': ' + str(e) + - ' (attempt ' + str(i + 1) + ' of ' + str(tries) + ')') - if not connected: - return - resp = r.read().decode('utf-8') - j = json.loads(resp) - version = 'cli-' + j['version'] + '.tgz' - d.setVar("GARAGE_SIGN_VERSION", version) -} - -# vim:set ts=4 sw=4 sts=4 expandtab: -- cgit v1.2.3-54-g00ecf