summaryrefslogtreecommitdiffstats
path: root/classes
diff options
context:
space:
mode:
Diffstat (limited to 'classes')
-rw-r--r--classes/image_repo_manifest.bbclass2
-rw-r--r--classes/image_types_ostree.bbclass39
-rw-r--r--classes/image_types_ota.bbclass6
-rw-r--r--classes/sota.bbclass6
-rw-r--r--classes/sota_raspberrypi.bbclass1
5 files changed, 31 insertions, 23 deletions
diff --git a/classes/image_repo_manifest.bbclass b/classes/image_repo_manifest.bbclass
index 7f41a97..467fd9a 100644
--- a/classes/image_repo_manifest.bbclass
+++ b/classes/image_repo_manifest.bbclass
@@ -16,7 +16,7 @@ buildinfo () {
16 if [ $(which repo) ]; then 16 if [ $(which repo) ]; then
17 repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied" 17 repo manifest --revision-as-HEAD -o ${IMAGE_ROOTFS}${sysconfdir}/manifest.xml || bbwarn "Android repo tool failed to run; manifest not copied"
18 else 18 else
19 bbwarn "Android repo tool not food; manifest not copied." 19 bbwarn "Android repo tool not found; manifest not copied."
20 fi 20 fi
21} 21}
22 22
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass
index e6bea76..f350449 100644
--- a/classes/image_types_ostree.bbclass
+++ b/classes/image_types_ostree.bbclass
@@ -119,6 +119,7 @@ IMAGE_CMD_ostree () {
119 fi 119 fi
120 120
121 if [ -n "${SOTA_SECONDARY_ECUS}" ]; then 121 if [ -n "${SOTA_SECONDARY_ECUS}" ]; then
122 mkdir -p var/sota/ecus
122 cp ${SOTA_SECONDARY_ECUS} var/sota/ecus 123 cp ${SOTA_SECONDARY_ECUS} var/sota/ecus
123 fi 124 fi
124 125
@@ -179,11 +180,11 @@ IMAGE_CMD_ostreepush () {
179} 180}
180 181
181IMAGE_TYPEDEP_garagesign = "ostreepush" 182IMAGE_TYPEDEP_garagesign = "ostreepush"
182do_image_ostreepush[depends] += "garage-sign-native:do_populate_sysroot" 183do_image_garage_sign[depends] += "aktualizr-native:do_populate_sysroot"
183IMAGE_CMD_garagesign () { 184IMAGE_CMD_garagesign () {
184 if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then 185 if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
185 # if credentials are issued by a server that doesn't support offline signing, exit silently 186 # if credentials are issued by a server that doesn't support offline signing, exit silently
186 unzip -p ${SOTA_PACKED_CREDENTIALS} root.json targets.pub targets.sec 2>&1 >/dev/null || exit 0 187 unzip -p ${SOTA_PACKED_CREDENTIALS} root.json targets.pub targets.sec tufrepo.url 2>&1 >/dev/null || exit 0
187 188
188 java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' ) 189 java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' )
189 if [ "${java_version}" = "" ]; then 190 if [ "${java_version}" = "" ]; then
@@ -194,15 +195,8 @@ IMAGE_CMD_garagesign () {
194 exit 1 195 exit 1
195 fi 196 fi
196 197
197 if [ ! -d "${GARAGE_SIGN_REPO}" ]; then 198 rm -rf ${GARAGE_SIGN_REPO}
198 garage-sign init --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS} 199 garage-sign init --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} --credentials ${SOTA_PACKED_CREDENTIALS}
199 fi
200
201 if [ -n "${GARAGE_SIGN_REPOSERVER}" ]; then
202 reposerver_args="--reposerver ${GARAGE_SIGN_REPOSERVER}"
203 else
204 reposerver_args=""
205 fi
206 200
207 ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME}) 201 ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME})
208 202
@@ -210,11 +204,11 @@ IMAGE_CMD_garagesign () {
210 # in which case targets.json should be pulled again and the whole procedure repeated 204 # in which case targets.json should be pulled again and the whole procedure repeated
211 push_success=0 205 push_success=0
212 for push_retries in $( seq 3 ); do 206 for push_retries in $( seq 3 ); do
213 garage-sign targets pull --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} ${reposerver_args} 207 garage-sign targets pull --repo tufrepo --home-dir ${GARAGE_SIGN_REPO}
214 garage-sign targets add --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --name ${OSTREE_BRANCHNAME} --format OSTREE --version ${OSTREE_BRANCHNAME} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE} 208 garage-sign targets add --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} --name ${OSTREE_BRANCHNAME} --format OSTREE --version ${ostree_target_hash} --length 0 --url "https://example.com/" --sha256 ${ostree_target_hash} --hardwareids ${MACHINE}
215 garage-sign targets sign --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} --key-name=targets 209 garage-sign targets sign --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} --key-name=targets
216 errcode=0 210 errcode=0
217 garage-sign targets push --repo ${GARAGE_SIGN_REPO} --home-dir ${GARAGE_SIGN_REPO} ${reposerver_args} || errcode=$? 211 garage-sign targets push --repo tufrepo --home-dir ${GARAGE_SIGN_REPO} || errcode=$?
218 if [ "$errcode" -eq "0" ]; then 212 if [ "$errcode" -eq "0" ]; then
219 push_success=1 213 push_success=1
220 break 214 break
@@ -227,9 +221,20 @@ IMAGE_CMD_garagesign () {
227 bberror "Couldn't push to garage repository" 221 bberror "Couldn't push to garage repository"
228 exit 1 222 exit 1
229 fi 223 fi
230 else
231 bbwarn "SOTA_PACKED_CREDENTIALS not set. Please add SOTA_PACKED_CREDENTIALS."
232 fi 224 fi
233} 225}
234 226
227IMAGE_TYPEDEP_garagecheck = "ostreepush garagesign"
228do_image_garagecheck[depends] += "aktualizr-native:do_populate_sysroot"
229IMAGE_CMD_garagecheck () {
230 if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
231 # if credentials are issued by a server that doesn't support offline signing, exit silently
232 unzip -p ${SOTA_PACKED_CREDENTIALS} root.json targets.pub targets.sec tufrepo.url 2>&1 >/dev/null || exit 0
233 ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME})
234
235 garage-check --ref=${ostree_target_hash} \
236 --credentials=${SOTA_PACKED_CREDENTIALS} \
237 --cacert=${STAGING_ETCDIR_NATIVE}/ssl/certs/ca-certificates.crt
238 fi
239}
235# vim:set ts=4 sw=4 sts=4 expandtab: 240# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/classes/image_types_ota.bbclass b/classes/image_types_ota.bbclass
index b15178a..b827444 100644
--- a/classes/image_types_ota.bbclass
+++ b/classes/image_types_ota.bbclass
@@ -85,14 +85,16 @@ IMAGE_CMD_otaimg () {
85 bberror "Invalid bootloader: ${OSTREE_BOOTLOADER}" 85 bberror "Invalid bootloader: ${OSTREE_BOOTLOADER}"
86 fi; 86 fi;
87 87
88 ostree --repo=${PHYS_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${OSTREE_BRANCHNAME} 88 ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME})
89
90 ostree --repo=${PHYS_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash}
89 export OSTREE_BOOT_PARTITION="/boot" 91 export OSTREE_BOOT_PARTITION="/boot"
90 kargs_list="" 92 kargs_list=""
91 for arg in ${OSTREE_KERNEL_ARGS}; do 93 for arg in ${OSTREE_KERNEL_ARGS}; do
92 kargs_list="${kargs_list} --karg-append=$arg" 94 kargs_list="${kargs_list} --karg-append=$arg"
93 done 95 done
94 96
95 ostree admin --sysroot=${PHYS_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${OSTREE_BRANCHNAME} 97 ostree admin --sysroot=${PHYS_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash}
96 98
97 # Copy deployment /home and /var/sota to sysroot 99 # Copy deployment /home and /var/sota to sysroot
98 HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX` 100 HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX`
diff --git a/classes/sota.bbclass b/classes/sota.bbclass
index f5a42c1..bbb9ac9 100644
--- a/classes/sota.bbclass
+++ b/classes/sota.bbclass
@@ -11,10 +11,10 @@ SOTA_CLIENT ??= "aktualizr"
11SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" 11SOTA_CLIENT_PROV ??= "aktualizr-auto-prov"
12IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" 12IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}"
13IMAGE_CLASSES += " image_types_ostree image_types_ota" 13IMAGE_CLASSES += " image_types_ostree image_types_ota"
14IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign otaimg wic', ' ', d)}" 14IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}"
15 15
16PACKAGECONFIG_append_pn-curl = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', " ssl", " ", d)}" 16PACKAGECONFIG_append_pn-curl = " ssl"
17PACKAGECONFIG_remove_pn-curl = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', " gnutls", " ", d)}" 17PACKAGECONFIG_remove_pn-curl = "gnutls"
18 18
19WKS_FILE_sota ?= "sdimage-sota.wks" 19WKS_FILE_sota ?= "sdimage-sota.wks"
20 20
diff --git a/classes/sota_raspberrypi.bbclass b/classes/sota_raspberrypi.bbclass
index f8e7347..2c69ea0 100644
--- a/classes/sota_raspberrypi.bbclass
+++ b/classes/sota_raspberrypi.bbclass
@@ -1,3 +1,4 @@
1RPI_USE_U_BOOT_sota = "1"
1KERNEL_IMAGETYPE_sota = "uImage" 2KERNEL_IMAGETYPE_sota = "uImage"
2PREFERRED_PROVIDER_virtual/bootloader_sota ?= "u-boot" 3PREFERRED_PROVIDER_virtual/bootloader_sota ?= "u-boot"
3UBOOT_MACHINE_raspberrypi2_sota ?= "rpi_2_defconfig" 4UBOOT_MACHINE_raspberrypi2_sota ?= "rpi_2_defconfig"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-24 23:40:56 +0000