From 1198bf38017d62f67356df9651a009947f402280 Mon Sep 17 00:00:00 2001 From: Ming Liu Date: Sat, 11 Nov 2017 15:25:03 +0800 Subject: image_types_ota.bbclass: do not inherit image As a image_types_* bbclass, it does not have to inherit image class, it is sort of redundant code. Signed-off-by: Ming Liu --- classes/image_types_ota.bbclass | 2 -- 1 file changed, 2 deletions(-) diff --git a/classes/image_types_ota.bbclass b/classes/image_types_ota.bbclass index 36e7059..17fe4e8 100644 --- a/classes/image_types_ota.bbclass +++ b/classes/image_types_ota.bbclass @@ -7,8 +7,6 @@ # boot scripts, kernel and initramfs images # -inherit image - OSTREE_BOOTLOADER ??= 'u-boot' do_image_otaimg[depends] += "e2fsprogs-native:do_populate_sysroot \ -- cgit v1.2.3-54-g00ecf From 5d478c9f25ee387c0a9f3a644caca037fbe60512 Mon Sep 17 00:00:00 2001 From: Ming Liu Date: Fri, 17 Nov 2017 09:53:05 +0800 Subject: image_types_ostree.bbclass: do not inherit image As a image_types_* bbclass, it does not have to inherit image class, it is sort of redundant code. Signed-off-by: Ming Liu --- classes/image_types_ostree.bbclass | 2 -- 1 file changed, 2 deletions(-) diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index dc14e4a..46b31b5 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass @@ -1,7 +1,5 @@ # OSTree deployment -inherit image - do_image_ostree[depends] += "ostree-native:do_populate_sysroot \ openssl-native:do_populate_sysroot \ coreutils-native:do_populate_sysroot \ -- cgit v1.2.3-54-g00ecf From 2bb77315b00a4e31287cefd43c5ff42b0698f5b6 Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Tue, 20 Feb 2018 23:00:40 -0300 Subject: sota.bbclass: use common rpi override for raspberrypi sota_raspberrypi can handle the rpi differences if required. Signed-off-by: Ricardo Salveti --- classes/sota.bbclass | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/classes/sota.bbclass b/classes/sota.bbclass index bbb9ac9..4e525e2 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass @@ -33,8 +33,7 @@ GARAGE_SIGN_KEYNAME ?= "garage-key" GARAGE_TARGET_NAME ?= "${OSTREE_BRANCHNAME}" SOTA_MACHINE ??="none" -SOTA_MACHINE_raspberrypi2 ?= "raspberrypi" -SOTA_MACHINE_raspberrypi3 ?= "raspberrypi" +SOTA_MACHINE_rpi ?= "raspberrypi" SOTA_MACHINE_porter ?= "porter" SOTA_MACHINE_m3ulcb = "m3ulcb" SOTA_MACHINE_intel-corei7-64 ?= "minnowboard" -- cgit v1.2.3-54-g00ecf From 28f18be41d4b01dc5208159fd569f3820264b16e Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Mon, 2 Apr 2018 13:16:34 -0300 Subject: aktualizr: include default configs as part of host-tools Provide the default sota configs as part of host-tools so they can be used by aktualizr_cert_provider and aktualizr_implicit_writer. Signed-off-by: Ricardo Salveti --- recipes-sota/aktualizr/aktualizr_git.bb | 10 ++++++++++ 1 file changed, 10 insertions(+) mode change 100644 => 100755 recipes-sota/aktualizr/aktualizr_git.bb diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb old mode 100644 new mode 100755 index c146268..95c36fa --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb @@ -56,6 +56,11 @@ do_install_append () { rm -fr ${D}${libdir}/systemd rm -f ${D}${libdir}/sota/sota.toml # Only needed for the Debian package install -m 0700 -d ${D}${libdir}/sota/conf.d + install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml + install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml + install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml + install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml + install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml install -d ${D}${systemd_unitdir}/system install -m 0644 ${WORKDIR}/aktualizr-secondary.socket ${D}${systemd_unitdir}/system/aktualizr-secondary.socket @@ -106,6 +111,11 @@ FILES_${PN}-host-tools = " \ ${bindir}/aktualizr_implicit_writer \ ${bindir}/garage-deploy \ ${bindir}/garage-push \ + ${libdir}/sota/sota_autoprov.toml \ + ${libdir}/sota/sota_autoprov_primary.toml \ + ${libdir}/sota/sota_hsm_prov.toml \ + ${libdir}/sota/sota_implicit_prov.toml \ + ${libdir}/sota/sota_implicit_prov_ca.toml \ " FILES_${PN}-secondary = " \ -- cgit v1.2.3-54-g00ecf From 9ef1f5b379e7b80d91f77ae99b6c07c07987f753 Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Wed, 11 Apr 2018 14:11:30 -0300 Subject: Add support for custom garage target version and url Both values can be defined by the user, allowing a custom version id and URL, which is specially useful for CI builds. Signed-off-by: Ricardo Salveti --- classes/image_types_ostree.bbclass | 10 ++++++++-- classes/sota.bbclass | 2 ++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index 46b31b5..bc27c09 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass @@ -201,6 +201,12 @@ IMAGE_CMD_garagesign () { ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) + # Use OSTree target hash as version if none was provided by the user + target_version=${ostree_target_hash} + if [ -n "${GARAGE_TARGET_VERSION}" ]; then + target_version=${GARAGE_TARGET_VERSION} + fi + # Push may fail due to race condition when multiple build machines try to push simultaneously # in which case targets.json should be pulled again and the whole procedure repeated push_success=0 @@ -211,9 +217,9 @@ IMAGE_CMD_garagesign () { --home-dir ${GARAGE_SIGN_REPO} \ --name ${GARAGE_TARGET_NAME} \ --format OSTREE \ - --version ${ostree_target_hash} \ + --version ${target_version} \ --length 0 \ - --url "https://example.com/" \ + --url "${GARAGE_TARGET_URL}" \ --sha256 ${ostree_target_hash} \ --hardwareids ${MACHINE} garage-sign targets sign --repo tufrepo \ diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 4e525e2..1e765f0 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass @@ -31,6 +31,8 @@ OSTREE_INITRAMFS_IMAGE ?= "initramfs-ostree-image" GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo" GARAGE_SIGN_KEYNAME ?= "garage-key" GARAGE_TARGET_NAME ?= "${OSTREE_BRANCHNAME}" +GARAGE_TARGET_VERSION ?= "" +GARAGE_TARGET_URL ?= "https://example.com/" SOTA_MACHINE ??="none" SOTA_MACHINE_rpi ?= "raspberrypi" -- cgit v1.2.3-54-g00ecf From a2cdaee8502a8b1abe71ca6294af60628bc65a2b Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Fri, 23 Feb 2018 17:20:02 -0300 Subject: image_types_ostree.bbclass: clean up GARAGE_SIGN_REPO after push Avoid exposing the sign repo after the build is completed. Signed-off-by: Ricardo Salveti --- classes/image_types_ostree.bbclass | 1 + 1 file changed, 1 insertion(+) diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index bc27c09..9e3bc6f 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass @@ -235,6 +235,7 @@ IMAGE_CMD_garagesign () { bbwarn "Push to garage repository has failed, retrying" fi done + rm -rf ${GARAGE_SIGN_REPO} if [ "$push_success" -ne "1" ]; then bberror "Couldn't push to garage repository" -- cgit v1.2.3-54-g00ecf