From 0ab7fe36dacebd2ab9e79d57987af2205a5f9a09 Mon Sep 17 00:00:00 2001
From: Patrick Vacek <patrickvacek@gmail.com>
Date: Thu, 28 Sep 2017 14:24:19 +0200
Subject: Create recipe for implicit provisioning file shuffling.

Split aktualizr into basic and native recipes by moving most of the work
to an include file. Use aktualizr-implicit-writer (on host) to do the
actual work of configuring sota.toml and installing files.

Still not quite fully functional.
---
 classes/image_types_ostree.bbclass                 |  4 ++-
 classes/sota.bbclass                               |  2 +-
 classes/sota_bleeding.inc                          |  1 +
 recipes-sota/aktualizr/aktualizr-auto-prov.bb      |  6 ++--
 recipes-sota/aktualizr/aktualizr-implicit-prov.bb  | 36 ++++++++++++++++++++++
 recipes-sota/aktualizr/aktualizr-native_git.bb     | 16 ++++++++++
 recipes-sota/aktualizr/aktualizr_common.inc        | 19 ++++++++++++
 recipes-sota/aktualizr/aktualizr_git.bb            | 29 ++++++-----------
 .../aktualizr/files/sota_implicit_prov.toml        | 11 +++++++
 9 files changed, 99 insertions(+), 25 deletions(-)
 create mode 100644 recipes-sota/aktualizr/aktualizr-implicit-prov.bb
 create mode 100644 recipes-sota/aktualizr/aktualizr-native_git.bb
 create mode 100644 recipes-sota/aktualizr/aktualizr_common.inc
 create mode 100644 recipes-sota/aktualizr/files/sota_implicit_prov.toml

diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass
index cb520c2..26be7bf 100644
--- a/classes/image_types_ostree.bbclass
+++ b/classes/image_types_ostree.bbclass
@@ -20,6 +20,8 @@ OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}"
 
 export SYSTEMD_USED = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', '', d)}"
 
+SOTA_IMPLICIT_PROV = "${@bb.utils.contains('DISTRO_FEATURES', 'implicit-prov', 'true', '', d)}"
+
 IMAGE_CMD_ostree () {
     if [ -z "$OSTREE_REPO" ]; then
         bbfatal "OSTREE_REPO should be set in your local.conf"
@@ -134,7 +136,7 @@ IMAGE_CMD_ostree () {
     fi
 
     # deploy SOTA credentials
-    if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
+    if [ -n "${SOTA_PACKED_CREDENTIALS}" -a -z "${SOTA_IMPLICIT_PROV}" ]; then
         if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then
             cp ${SOTA_PACKED_CREDENTIALS} var/sota/sota_provisioning_credentials.zip
             # Device should not be able to push data to treehub
diff --git a/classes/sota.bbclass b/classes/sota.bbclass
index d3b66e0..357fefd 100644
--- a/classes/sota.bbclass
+++ b/classes/sota.bbclass
@@ -6,7 +6,7 @@ python __anonymous() {
 OVERRIDES .= "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ':sota', '', d)}"
 
 SOTA_CLIENT ??= "aktualizr"
-SOTA_CLIENT_PROV ??= "aktualizr-auto-prov"
+SOTA_CLIENT_PROV ??= "${@bb.utils.contains('DISTRO_FEATURES', 'implicit-prov', 'aktualizr-implicit-prov', 'aktualizr-auto-prov', d)}"
 IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}"
 IMAGE_CLASSES += " image_types_ostree image_types_ota"
 IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush otaimg wic', ' ', d)}"
diff --git a/classes/sota_bleeding.inc b/classes/sota_bleeding.inc
index fc5947d..77d004b 100644
--- a/classes/sota_bleeding.inc
+++ b/classes/sota_bleeding.inc
@@ -1 +1,2 @@
 SRCREV_pn-aktualizr ?= "${AUTOREV}"
+SRCREV_pn-aktualizr-native ?= "${AUTOREV}"
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb
index 054b5cd..b30e884 100644
--- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb
+++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb
@@ -1,10 +1,12 @@
 SUMMARY = "Aktualizr systemd service and configurations"
-DESCRIPTION = "Systemd service and configurations for Aktualizr, the SOTA Client application written in C++"
+DESCRIPTION = "Systemd service and configurations for autoprovisioning Aktualizr, the SOTA Client application written in C++"
 HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
 SECTION = "base"
 LICENSE = "MPL-2.0"
 LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3"
 RDEPENDS_${PN} = "aktualizr"
+PV = "1.0"
+PR = "6"
 
 SRC_URI = " \
   file://LICENSE \
@@ -12,8 +14,6 @@ SRC_URI = " \
   file://aktualizr-autoprovision.service \
   file://sota_autoprov.toml \
   "
-PV = "1.0"
-PR = "6"
 
 SYSTEMD_SERVICE_${PN} = "aktualizr.service"
 
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb
new file mode 100644
index 0000000..edec409
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb
@@ -0,0 +1,36 @@
+SUMMARY = "Aktualizr systemd service and configurations"
+DESCRIPTION = "Systemd service and configurations for implicitly provisioning Aktualizr, the SOTA Client application written in C++"
+HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
+SECTION = "base"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3"
+DEPENDS = "aktualizr-native"
+RDEPENDS_${PN} = "aktualizr"
+PV = "1.0"
+PR = "1"
+
+SRC_URI = " \
+  file://LICENSE \
+  file://aktualizr-autoprovision.service \
+  file://sota_implicit_prov.toml \
+  "
+
+SYSTEMD_SERVICE_${PN} = "aktualizr.service"
+
+inherit systemd
+
+export SOTA_PACKED_CREDENTIALS
+
+do_install() {
+    install -d ${D}/${systemd_unitdir}/system
+    install -m 0644 ${WORKDIR}/aktualizr-autoprovision.service ${D}/${systemd_unitdir}/system/aktualizr.service
+    install -d ${D}/usr/lib/sota
+    aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \
+        -i ${WORKDIR}/sota_implicit_prov.toml -o ${D}/usr/lib/sota/sota.toml -p ${D}
+}
+
+FILES_${PN} = " \
+                ${systemd_unitdir}/system/aktualizr.service \
+                /usr/lib/sota/sota.toml \
+                /var/sota/root.crt \
+                "
diff --git a/recipes-sota/aktualizr/aktualizr-native_git.bb b/recipes-sota/aktualizr/aktualizr-native_git.bb
new file mode 100644
index 0000000..59479fd
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr-native_git.bb
@@ -0,0 +1,16 @@
+require aktualizr_common.inc
+
+DEPENDS = "boost-native openssl-native libarchive-native libsodium-native"
+
+inherit native
+
+EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF -DCMAKE_BUILD_TYPE=Release -DBUILD_OSTREE=OFF -DAKTUALIZR_VERSION=${PV}"
+
+do_install_append () {
+    rm ${D}${bindir}/aktualizr
+    rm ${D}${bindir}/aktualizr_cert_provider
+}
+
+FILES_${PN} = " \
+                ${bindir}/aktualizr_implicit_writer \
+                "
diff --git a/recipes-sota/aktualizr/aktualizr_common.inc b/recipes-sota/aktualizr/aktualizr_common.inc
new file mode 100644
index 0000000..61854ea
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr_common.inc
@@ -0,0 +1,19 @@
+SUMMARY = "Aktualizr SOTA Client"
+DESCRIPTION = "SOTA Client application written in C++"
+HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
+SECTION = "base"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=9741c346eef56131163e13b9db1241b3"
+
+PV = "1.0+git${SRCPV}"
+PR = "7"
+
+SRC_URI = " \
+  git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \
+  "
+SRCREV = "1004efa3f86cef90c012b34620992b5762b741e3"
+BRANCH ?= "master"
+
+S = "${WORKDIR}/git"
+
+inherit cmake
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb
index 2d0dadc..4f6a175 100644
--- a/recipes-sota/aktualizr/aktualizr_git.bb
+++ b/recipes-sota/aktualizr/aktualizr_git.bb
@@ -1,32 +1,21 @@
-SUMMARY = "Aktualizr SOTA Client"
-DESCRIPTION = "SOTA Client application written in C++"
-HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
-SECTION = "base"
-LICENSE = "MPL-2.0"
-LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=9741c346eef56131163e13b9db1241b3"
-DEPENDS = "boost curl openssl jansson libsodium ostree"
+require aktualizr_common.inc
+
+DEPENDS = "boost curl jansson openssl libarchive libsodium ostree"
 RDEPENDS_${PN} = "lshw"
 
 DEPENDS_append = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' libp11', '', d)}"
-
 RDEPENDS_${PN}_append = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' engine-pkcs11', '', d)}"
 RDEPENDS_${PN}_append = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm-test', ' softhsm softhsm-testtoken', '', d)}"
 
-SRC_URI = " \
-  git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \
-  "
-SRCREV = "1004efa3f86cef90c012b34620992b5762b741e3"
-BRANCH ?= "master"
-
-PV = "1.0+git${SRCPV}"
-PR = "7"
-
-S = "${WORKDIR}/git"
-
-inherit cmake systemd
+inherit systemd
 
 EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF -DCMAKE_BUILD_TYPE=Release -DBUILD_OSTREE=ON -DAKTUALIZR_VERSION=${PV}"
 
+do_install_append () {
+    rm ${D}${bindir}/aktualizr_cert_provider
+    rm ${D}${bindir}/aktualizr_implicit_writer
+}
+
 FILES_${PN} = " \
                 ${bindir}/aktualizr \
                 "
diff --git a/recipes-sota/aktualizr/files/sota_implicit_prov.toml b/recipes-sota/aktualizr/files/sota_implicit_prov.toml
new file mode 100644
index 0000000..31e2946
--- /dev/null
+++ b/recipes-sota/aktualizr/files/sota_implicit_prov.toml
@@ -0,0 +1,11 @@
+[tls]
+certificates_directory = "/var/sota/"
+ca_file = "root.crt"
+client_certificate = "client.pem"
+pkey_file = "pkey.pem"
+
+[uptane]
+metadata_path = "/var/sota/metadata"
+private_key_path = "ecukey.der"
+public_key_path = "ecukey.pub"
+
-- 
cgit v1.2.3-54-g00ecf