From ce6b676f0ecc3d1245d4d14aaa20806d926144f8 Mon Sep 17 00:00:00 2001 From: Zee314159 <252806294@qq.com> Date: Mon, 18 Nov 2019 14:43:30 +0100 Subject: Add sanity checks for user-defined SOTA variables Signed-off-by: Zee314159 <252806294@qq.com> --- classes/sota.bbclass | 14 -------------- classes/sota_sanity.bbclass | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 14 deletions(-) diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 5b06397..4422741 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass @@ -7,20 +7,6 @@ SOTA_CLIENT_PROV ??= "aktualizr-shared-prov" SOTA_DEPLOY_CREDENTIALS ?= "1" SOTA_HARDWARE_ID ??= "${MACHINE}" -# Translate old provisioning recipe names into the new versions. -python () { - prov = d.getVar("SOTA_CLIENT_PROV") - if prov == "aktualizr-auto-prov": - bb.warn('aktualizr-auto-prov is deprecated. Please use aktualizr-shared-prov instead.') - d.setVar("SOTA_CLIENT_PROV", "aktualizr-shared-prov") - elif prov == "aktualizr-ca-implicit-prov": - bb.warn('aktualizr-ca-implicit-prov is deprecated. Please use aktualizr-device-prov instead.') - d.setVar("SOTA_CLIENT_PROV", "aktualizr-device-prov") - elif prov == "aktualizr-hsm-prov": - bb.warn('aktualizr-hsm-prov is deprecated. Please use aktualizr-device-prov-hsm instead.') - d.setVar("SOTA_CLIENT_PROV", "aktualizr-device-prov-hsm") -} - IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" IMAGE_CLASSES += " image_types_ostree image_types_ota" diff --git a/classes/sota_sanity.bbclass b/classes/sota_sanity.bbclass index 8e80acb..c6665a2 100644 --- a/classes/sota_sanity.bbclass +++ b/classes/sota_sanity.bbclass @@ -10,6 +10,32 @@ def sota_check_required_variables(status, d): if not d.getVar(var): status.addresult("%s should be set in your local.conf.\n" % var) +def sota_check_variables_validity(status, d): + var = d.getVar("OSTREE_BRANCHNAME") + if var != "": + for ch in var: + if not (ch >= 'a' and ch <= 'z' or ch >= 'A' and ch <= 'Z' or ch >= '0' and ch <= '9' or ch = '_' or ch == '-'): + status.addresult("OSTREE_BRANCHNAME Should only contain characters from the character set [a-zA-Z0-9_-].\n") + break + var = d.getVar("{SOTA_HARDWARE_ID") + if var != "": + for ch in var: + if not (ch >= 'a' and ch <= 'z' or ch >= 'A' and ch <= 'Z' or ch >= '0' and ch <= '9' or ch = '_' or ch == '-'): + status.addresult("SOTA_HARDWARE_ID Should only contain characters from the character set [a-zA-Z0-9_-].\n") + break + var = d.getVar("SOTA_CLIENT_FEATURES") + if var != "hsm" and var != "secondary-network" and var != "": + status.addresult("SOTA_CLIENT_FEATURES should be set to hsm or secondary-network.\n") + var = d.getVar("OSTREE_UPDATE_SUMMARY") + if var != "0" and var != "1" and var != "": + status.addresult("OSTREE_UPDATE_SUMMARY should be set to 0 or 1.\n") + var = d.getVar("OSTREE_DEPLOY_DEVICETREE") + if var != "0" and var != "1" and var != "": + status.addresult("OSTREE_DEPLOY_DEVICETREE should be set to 0 or 1.\n") + var = GARAGE_SIGN_AUTOVERSION + if var != "0" and var != "1" and var != "": + status.addresult("GARAGE_SIGN_AUTOVERSION should be set to 0 or 1.\n") + def sota_raise_sanity_error(msg, d): if d.getVar("SANITY_USE_EVENTS") == "1": bb.event.fire(bb.event.SanityCheckFailed(msg), d) @@ -52,3 +78,19 @@ python sota_check_sanity_eventhandler() { return } + +# Translate old provisioning recipe names into the new versions. +python () { + prov = d.getVar("SOTA_CLIENT_PROV") + if prov == "aktualizr-auto-prov": + bb.warn('aktualizr-auto-prov is deprecated. Please use aktualizr-shared-prov instead.') + d.setVar("SOTA_CLIENT_PROV", "aktualizr-shared-prov") + elif prov == "aktualizr-ca-implicit-prov": + bb.warn('aktualizr-ca-implicit-prov is deprecated. Please use aktualizr-device-prov instead.') + d.setVar("SOTA_CLIENT_PROV", "aktualizr-device-prov") + elif prov == "aktualizr-hsm-prov": + bb.warn('aktualizr-hsm-prov is deprecated. Please use aktualizr-device-prov-hsm instead.') + d.setVar("SOTA_CLIENT_PROV", "aktualizr-device-prov-hsm") +} + + -- cgit v1.2.3-54-g00ecf From 88c3bcc7f56c1404ebec2da03c7290c9b00336a7 Mon Sep 17 00:00:00 2001 From: Zee314159 <252806294@qq.com> Date: Tue, 19 Nov 2019 08:02:50 +0100 Subject: Use regex and add some variables Signed-off-by: Zee314159 <252806294@qq.com> --- classes/sota_sanity.bbclass | 75 +++++++++++++++++++++++---------------------- 1 file changed, 38 insertions(+), 37 deletions(-) diff --git a/classes/sota_sanity.bbclass b/classes/sota_sanity.bbclass index c6665a2..3678e33 100644 --- a/classes/sota_sanity.bbclass +++ b/classes/sota_sanity.bbclass @@ -11,31 +11,47 @@ def sota_check_required_variables(status, d): status.addresult("%s should be set in your local.conf.\n" % var) def sota_check_variables_validity(status, d): - var = d.getVar("OSTREE_BRANCHNAME") - if var != "": - for ch in var: - if not (ch >= 'a' and ch <= 'z' or ch >= 'A' and ch <= 'Z' or ch >= '0' and ch <= '9' or ch = '_' or ch == '-'): - status.addresult("OSTREE_BRANCHNAME Should only contain characters from the character set [a-zA-Z0-9_-].\n") + import re + import os.path + + if d.getVar("OSTREE_BRANCHNAME") and re.match("^[a-zA-Z0-9_-]*$", d.getVar("OSTREE_BRANCHNAME")) is None: + status.addresult("OSTREE_BRANCHNAME Should only contain characters from the character set [a-zA-Z0-9_-].\n") + if d.getVar("SOTA_HARDWARE_ID") and re.match("^[a-zA-Z0-9_-]*$", d.getVar("SOTA_HARDWARE_ID")) is None: + status.addresult("SOTA_HARDWARE_ID Should only contain characters from the character set [a-zA-Z0-9_-].\n") + if d.getVar("SOTA_CLIENT_FEATURES") is not None: + for feat in d.getVar("SOTA_CLIENT_FEATURES").split(' '): + if feat not in ("hsm", "serialcan", "ubootenv", ""): + status.addresult("SOTA_CLIENT_FEATURES should only include hsm, serialcan and bootenv.\n") break - var = d.getVar("{SOTA_HARDWARE_ID") - if var != "": - for ch in var: - if not (ch >= 'a' and ch <= 'z' or ch >= 'A' and ch <= 'Z' or ch >= '0' and ch <= '9' or ch = '_' or ch == '-'): - status.addresult("SOTA_HARDWARE_ID Should only contain characters from the character set [a-zA-Z0-9_-].\n") - break - var = d.getVar("SOTA_CLIENT_FEATURES") - if var != "hsm" and var != "secondary-network" and var != "": - status.addresult("SOTA_CLIENT_FEATURES should be set to hsm or secondary-network.\n") - var = d.getVar("OSTREE_UPDATE_SUMMARY") - if var != "0" and var != "1" and var != "": + if d.getVar("SOTA_CLIENT_PROV") is not None: + prov = d.getVar("SOTA_CLIENT_PROV").strip() + if prov not in ("aktualizr-shared-prov", "aktualizr-device-prov", "aktualizr-device-prov-hsm", ""): + status.addresult("Valid options for SOTA_CLIENT_PROV are aktualizr-shared-prov, aktualizr-device-prov and aktualizr-device-prov-hsm.\n") + if d.getVar("GARAGE_TARGET_URL") and re.match("^(https?|ftp|file)://.+$", d.getVar("GARAGE_TARGET_URL")) is None: + status.addresult("GARAGE_TARGET_URL is set to a bad url.\n") + if d.getVar("SOTA_POLLING_SEC") and re.match("^(0|\+?[1-9][0-9]*)$", d.getVar("SOTA_POLLING_SEC")) is None: + status.addresult("SOTA_POLLING_SEC should be an integer.\n") + if d.getVar("OSTREE_REPO") and re.match("^\/([a-zA-Z0-9_-]+\/?)+$", d.getVar("OSTREE_REPO")) is None: + status.addresult("OSTREE_REPO is not set correctly. Path to your OSTree repository is invalid.\n") + config = d.getVar("SOTA_SECONDARY_CONFIG") + if config is not None and config != "": + path = os.path.abspath(config) + if not os.path.exists(path): + status.addresult("SOTA_SECONDARY_CONFIG is not set correctly. The file containing JSON configuration for secondaries does not exist.\n") + credentials = d.getVar("SOTA_PACKED_CREDENTIALS") + if credentials is not None and credentials != "": + path = os.path.abspath(credentials) + if not os.path.exists(path): + status.addresult("SOTA_PACKED_CREDENTIALS is not set correctly. The zipped credentials file does not exist.\n") + if d.getVar("OSTREE_UPDATE_SUMMARY") and d.getVar("OSTREE_UPDATE_SUMMARY") not in ("0", "1", ""): status.addresult("OSTREE_UPDATE_SUMMARY should be set to 0 or 1.\n") - var = d.getVar("OSTREE_DEPLOY_DEVICETREE") - if var != "0" and var != "1" and var != "": + if d.getVar("OSTREE_DEPLOY_DEVICETREE") and d.getVar("OSTREE_DEPLOY_DEVICETREE") not in ("0", "1", ""): status.addresult("OSTREE_DEPLOY_DEVICETREE should be set to 0 or 1.\n") - var = GARAGE_SIGN_AUTOVERSION - if var != "0" and var != "1" and var != "": + if d.getVar("GARAGE_SIGN_AUTOVERSION") and d.getVar("GARAGE_SIGN_AUTOVERSION") not in ("0", "1", ""): status.addresult("GARAGE_SIGN_AUTOVERSION should be set to 0 or 1.\n") - + if d.getVar("SOTA_DEPLOY_CREDENTIALS") and d.getVar("SOTA_DEPLOY_CREDENTIALS") not in ("0", "1", ""): + status.addresult("SOTA_DEPLOY_CREDENTIALS should be set to 0 or 1.\n") + def sota_raise_sanity_error(msg, d): if d.getVar("SANITY_USE_EVENTS") == "1": bb.event.fire(bb.event.SanityCheckFailed(msg), d) @@ -60,6 +76,7 @@ def sota_check_sanity(sanity_data): sota_check_overrides(status, sanity_data) sota_check_required_variables(status, sanity_data) + sota_check_variables_validity(status, sanity_data) if status.messages != "": sota_raise_sanity_error(sanity_data.expand(status.messages), sanity_data) @@ -78,19 +95,3 @@ python sota_check_sanity_eventhandler() { return } - -# Translate old provisioning recipe names into the new versions. -python () { - prov = d.getVar("SOTA_CLIENT_PROV") - if prov == "aktualizr-auto-prov": - bb.warn('aktualizr-auto-prov is deprecated. Please use aktualizr-shared-prov instead.') - d.setVar("SOTA_CLIENT_PROV", "aktualizr-shared-prov") - elif prov == "aktualizr-ca-implicit-prov": - bb.warn('aktualizr-ca-implicit-prov is deprecated. Please use aktualizr-device-prov instead.') - d.setVar("SOTA_CLIENT_PROV", "aktualizr-device-prov") - elif prov == "aktualizr-hsm-prov": - bb.warn('aktualizr-hsm-prov is deprecated. Please use aktualizr-device-prov-hsm instead.') - d.setVar("SOTA_CLIENT_PROV", "aktualizr-device-prov-hsm") -} - - -- cgit v1.2.3-54-g00ecf From bd3e0f2a1d9793aebc6a57d143c67919600ae71c Mon Sep 17 00:00:00 2001 From: Zee314159 <252806294@qq.com> Date: Wed, 27 Nov 2019 04:47:12 +0100 Subject: keep new name suggestion remove ostree repo check Signed-off-by: Zee314159 <252806294@qq.com> --- classes/sota_sanity.bbclass | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/classes/sota_sanity.bbclass b/classes/sota_sanity.bbclass index 3678e33..1339fb3 100644 --- a/classes/sota_sanity.bbclass +++ b/classes/sota_sanity.bbclass @@ -27,12 +27,16 @@ def sota_check_variables_validity(status, d): prov = d.getVar("SOTA_CLIENT_PROV").strip() if prov not in ("aktualizr-shared-prov", "aktualizr-device-prov", "aktualizr-device-prov-hsm", ""): status.addresult("Valid options for SOTA_CLIENT_PROV are aktualizr-shared-prov, aktualizr-device-prov and aktualizr-device-prov-hsm.\n") + if prov == "aktualizr-auto-prov": + bb.warn('aktualizr-auto-prov is deprecated. Please use aktualizr-shared-prov instead.') + elif prov == "aktualizr-ca-implicit-prov": + bb.warn('aktualizr-ca-implicit-prov is deprecated. Please use aktualizr-device-prov instead.') + elif prov == "aktualizr-hsm-prov": + bb.warn('aktualizr-hsm-prov is deprecated. Please use aktualizr-device-prov-hsm instead.') if d.getVar("GARAGE_TARGET_URL") and re.match("^(https?|ftp|file)://.+$", d.getVar("GARAGE_TARGET_URL")) is None: status.addresult("GARAGE_TARGET_URL is set to a bad url.\n") - if d.getVar("SOTA_POLLING_SEC") and re.match("^(0|\+?[1-9][0-9]*)$", d.getVar("SOTA_POLLING_SEC")) is None: + if d.getVar("SOTA_POLLING_SEC") and re.match("^[1-9]\d*|0$", d.getVar("SOTA_POLLING_SEC")) is None: status.addresult("SOTA_POLLING_SEC should be an integer.\n") - if d.getVar("OSTREE_REPO") and re.match("^\/([a-zA-Z0-9_-]+\/?)+$", d.getVar("OSTREE_REPO")) is None: - status.addresult("OSTREE_REPO is not set correctly. Path to your OSTree repository is invalid.\n") config = d.getVar("SOTA_SECONDARY_CONFIG") if config is not None and config != "": path = os.path.abspath(config) -- cgit v1.2.3-54-g00ecf