diff options
Diffstat (limited to 'recipes-connectivity/kuksa-val')
7 files changed, 447 insertions, 0 deletions
diff --git a/recipes-connectivity/kuksa-val/kuksa-val.inc b/recipes-connectivity/kuksa-val/kuksa-val.inc new file mode 100644 index 000000000..ac7ff554a --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val.inc @@ -0,0 +1,7 @@ +PV = "0.2.1+git${SRCPV}" + +SRC_URI = "gitsm://github.com/eclipse/kuksa.val.git;protocol=https;branch=master" +#SRCREV = "bf6f49224febd1c704a8686238a09e9a22350b9f" +SRCREV = "9c41bb36ddff3229dc7a48f57e3d13a32fb5999b" + +S = "${WORKDIR}/git" diff --git a/recipes-connectivity/kuksa-val/kuksa-val/0001-Make-Boost-requirements-more-liberal.patch b/recipes-connectivity/kuksa-val/kuksa-val/0001-Make-Boost-requirements-more-liberal.patch new file mode 100644 index 000000000..e351f0296 --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val/0001-Make-Boost-requirements-more-liberal.patch @@ -0,0 +1,40 @@ +From 6c1495df3c78a2e7d86ec141950f342835c0b8c7 Mon Sep 17 00:00:00 2001 +From: Scott Murray <scott.murray@konsulko.com> +Date: Mon, 23 May 2022 14:59:33 -0400 +Subject: [PATCH 1/4] Make Boost requirements more liberal + +To allow building with Yocto Project 3.1/dunfell or newer releases, +tweak the version requirement in boost.cmake to 1.72.0 and remove the +EXACT specifier from the find_package call. + +Upstream-Status: Pending + +Signed-off-by: Scott Murray <scott.murray@konsulko.com> +--- + boost.cmake | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/boost.cmake b/boost.cmake +index 9f0e512..2dff60a 100644 +--- a/boost.cmake ++++ b/boost.cmake +@@ -11,14 +11,14 @@ + # ***************************************************************************** + + set(Boost_USE_STATIC_LIBS OFF) +-set(BOOST_VER 1.75.0) ++set(BOOST_VER 1.72.0) + set(Boost_NO_BOOST_CMAKE ON) + set(BOOST_COMPONENTS filesystem program_options system log thread) + ADD_DEFINITIONS(-DBOOST_LOG_DYN_LINK) + + # Workaround function to allow cmake call `find_package` twice. Avoide side effects from local variables, which are produced be `find_package` + function(findBoost Required) +- find_package(Boost ${BOOST_VER} EXACT ${Required} ++ find_package(Boost ${BOOST_VER} ${Required} + COMPONENTS ${BOOST_COMPONENTS} + OPTIONAL_COMPONENTS unit_test_framework + ) +-- +2.35.1 + diff --git a/recipes-connectivity/kuksa-val/kuksa-val/0002-Fix-gRPC-configuration-for-OE-cross-compiling.patch b/recipes-connectivity/kuksa-val/kuksa-val/0002-Fix-gRPC-configuration-for-OE-cross-compiling.patch new file mode 100644 index 000000000..6569f8b5d --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val/0002-Fix-gRPC-configuration-for-OE-cross-compiling.patch @@ -0,0 +1,59 @@ +From f6c8584e181d3591b08e1f05a4f685912d7a94ce Mon Sep 17 00:00:00 2001 +From: Scott Murray <scott.murray@konsulko.com> +Date: Mon, 23 May 2022 15:00:37 -0400 +Subject: [PATCH 2/4] Fix gRPC configuration for OE cross-compiling + +The gRPC CMake package that kuksa.val pulls in is problematic with +respect to cross-compiling with OpenEmbedded's split native and +target sysroots, as the location of the grpc_cpp_plugin does not +match the (somewhat ill-advised) assumptions in the original +upstream gRPC configuration. To work around this, a patch to +gRPC is separately applied to split the plugins into their own +optional package, and the logic in grpc.cmake here tweaked to +explicitly take cross-compilation into account. Additionally, the +explicit version requirement for gRPC is tweaked to 1.24.3 to allow +building with Yocto Project 3.1 aka dunfell or newer. + +Upstream-Status: Pending + +Signed-off-by: Scott Murray <scott.murray@konsulko.com> +--- + grpc.cmake | 15 +++++++++++---- + 1 file changed, 11 insertions(+), 4 deletions(-) + +diff --git a/grpc.cmake b/grpc.cmake +index c0228a0..30b3757 100644 +--- a/grpc.cmake ++++ b/grpc.cmake +@@ -11,17 +11,24 @@ + # ***************************************************************************** + + set(gRPC_SSL_PROVIDER "package" CACHE STRING "Provider of ssl library") +-set(GRPC_VER 1.44.0) ++set(GRPC_VER 1.24.3) + + find_package(Protobuf) +-find_package(gRPC ${GRPC_VER} EXACT CONFIG) ++find_package(gRPC ${GRPC_VER} CONFIG) ++if(NOT CMAKE_CROSSCOMPILING) ++ find_package(gRPCPlugin ${GRPC_VER} CONFIG) ++ if(gRPCPlugin_FOUND) ++ set(_GRPC_CPP_PLUGIN_EXECUTABLE $<TARGET_FILE:gRPC::grpc_cpp_plugin>) ++ endif() ++else() ++ find_program(_GRPC_CPP_PLUGIN_EXECUTABLE grpc_cpp_plugin) ++endif() + +-if(Protobuf_FOUND AND gRPC_FOUND) ++if(Protobuf_FOUND AND gRPC_FOUND AND _GRPC_CPP_PLUGIN_EXECUTABLE) + message(STATUS "Using protobuf ${protobuf_VERSION}") + message(STATUS "Using gRPC ${gRPC_VERSION}") + + set(_GRPC_GRPCPP gRPC::grpc++) +- set(_GRPC_CPP_PLUGIN_EXECUTABLE $<TARGET_FILE:gRPC::grpc_cpp_plugin>) + set(_REFLECTION gRPC::grpc++_reflection) + set(_PROTOBUF_PROTOC $<TARGET_FILE:protobuf::protoc>) + +-- +2.35.1 + diff --git a/recipes-connectivity/kuksa-val/kuksa-val/0003-Make-install-locations-configurable.patch b/recipes-connectivity/kuksa-val/kuksa-val/0003-Make-install-locations-configurable.patch new file mode 100644 index 000000000..ba5419a05 --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val/0003-Make-install-locations-configurable.patch @@ -0,0 +1,185 @@ +From 535993001d8a24162e972b4a4e88387f94c9f539 Mon Sep 17 00:00:00 2001 +From: Scott Murray <scott.murray@konsulko.com> +Date: Mon, 23 May 2022 15:21:07 -0400 +Subject: [PATCH 3/4] Make install locations configurable + +Make binary, certificate, and configuration file install locations +configurable, including generation and installation of an accurate +default config.ini as well as a header file so that the server +binary uses the specified defaults. This allows configuring a +build that installs files into locations more along the lines of +the Linux FHS. An effort has been made to ensure that the previous +default locations are maintained. + +Upstream-Status: Pending + +Signed-off-by: Scott Murray <scott.murray@konsulko.com> +--- + config.ini | 7 ------- + config.ini.in | 7 +++++++ + src/CMakeLists.txt | 52 ++++++++++++++++++++++++++++++++++++---------- + src/config.hpp.in | 21 +++++++++++++++++++ + src/main.cpp | 5 +++-- + 5 files changed, 72 insertions(+), 20 deletions(-) + delete mode 100644 config.ini + create mode 100644 config.ini.in + create mode 100644 src/config.hpp.in + +diff --git a/config.ini b/config.ini +deleted file mode 100644 +index f3162d4..0000000 +--- a/config.ini ++++ /dev/null +@@ -1,7 +0,0 @@ +-vss = vss_release_2.2.json +-log-level = ALL +-cert-path = . +- +-[mqtt] +- publish = +- topic-prefix = vss +diff --git a/config.ini.in b/config.ini.in +new file mode 100644 +index 0000000..5bdce91 +--- /dev/null ++++ b/config.ini.in +@@ -0,0 +1,7 @@ ++vss = @KUKSA_DEFAULT_DATADIR@/vss_release_2.2.json ++log-level = ALL ++cert-path = @KUKSA_DEFAULT_CERTDIR@ ++ ++[mqtt] ++ publish = ++ topic-prefix = vss +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index 0ff5f9c..b7d4d4f 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -162,6 +162,35 @@ if(BUILD_EXE) + ###### + # Setup server install and packaging + ++ set(KUKSA_INSTALL_BINDIR "bin/${SERVER_EXE_NAME}" CACHE STRING "Server binary install directory") ++ ++ if(DEFINED KUKSA_INSTALL_DATADIR) ++ set(KUKSA_DEFAULT_DATADIR_INTERNAL "${KUKSA_INSTALL_DATADIR}") ++ else() ++ set(KUKSA_DEFAULT_DATADIR_INTERNAL ".") ++ endif() ++ set(KUKSA_INSTALL_DATADIR "${KUKSA_INSTALL_BINDIR}" CACHE STRING "Data install directory") ++ set(KUKSA_DEFAULT_DATADIR "${KUKSA_DEFAULT_DATADIR_INTERNAL}" CACHE STRING "Default data location") ++ ++ if(DEFINED KUKSA_INSTALL_CONFIGDIR) ++ set(KUKSA_DEFAULT_CONFIG "${KUKSA_INSTALL_CONFIGDIR}/config.ini" CACHE STRING "Default config.ini location") ++ else() ++ set(KUKSA_DEFAULT_CONFIG "config.ini" CACHE STRING "Default config.ini location") ++ endif() ++ set(KUKSA_INSTALL_CONFIGDIR "${KUKSA_INSTALL_BINDIR}" CACHE STRING "config.ini install directory") ++ ++ if(DEFINED KUKSA_INSTALL_CERTDIR) ++ set(KUKSA_DEFAULT_CERTDIR_INTERNAL "${KUKSA_INSTALL_CERTDIR}") ++ else() ++ set(KUKSA_DEFAULT_CERTDIR_INTERNAL ".") ++ endif() ++ set(KUKSA_INSTALL_CERTDIR "${KUKSA_INSTALL_BINDIR}" CACHE STRING "Certificate install directory") ++ set(KUKSA_DEFAULT_CERTDIR "${KUKSA_DEFAULT_CERTDIR_INTERNAL}" CACHE STRING "Default certificate location") ++ ++ # Generate header for main.cpp to pick up default locations ++ configure_file(config.hpp.in config.hpp @ONLY) ++ include_directories(${CMAKE_CURRENT_BINARY_DIR}) ++ + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/jwt/jwt.key.pub ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Server.pem ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Server.key ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) +@@ -171,19 +200,20 @@ if(BUILD_EXE) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.0.json ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.1.json ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.2.json ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) +- configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../config.ini ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) ++ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../config.ini.in ${CMAKE_CURRENT_BINARY_DIR}/config.ini @COPY) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../config_grpc_client.ini ${CMAKE_CURRENT_BINARY_DIR} COPYONLY) + +- install( TARGETS ${SERVER_EXE_NAME} DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/jwt/jwt.key.pub DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Server.pem DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Server.key DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Client.pem DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Client.key DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/CA.pem DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.0.json DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.1.json DESTINATION bin/${SERVER_EXE_NAME}) +- install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.2.json DESTINATION bin/${SERVER_EXE_NAME}) ++ install( TARGETS ${SERVER_EXE_NAME} DESTINATION ${KUKSA_INSTALL_BINDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/jwt/jwt.key.pub DESTINATION ${KUKSA_INSTALL_CERTDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Server.pem DESTINATION ${KUKSA_INSTALL_CERTDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Server.key DESTINATION ${KUKSA_INSTALL_CERTDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Client.pem DESTINATION ${KUKSA_INSTALL_CERTDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/Client.key DESTINATION ${KUKSA_INSTALL_CERTDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../kuksa_certificates/CA.pem DESTINATION ${KUKSA_INSTALL_CERTDIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.0.json DESTINATION ${KUKSA_INSTALL_DATADIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.1.json DESTINATION ${KUKSA_INSTALL_DATADIR}) ++ install( FILES ${CMAKE_CURRENT_SOURCE_DIR}/../data/vss-core/vss_release_2.2.json DESTINATION ${KUKSA_INSTALL_DATADIR}) ++ install( FILES ${CMAKE_CURRENT_BINARY_DIR}/config.ini DESTINATION ${KUKSA_INSTALL_CONFIGDIR}) + + + #GRPC client +diff --git a/src/config.hpp.in b/src/config.hpp.in +new file mode 100644 +index 0000000..89586c2 +--- /dev/null ++++ b/src/config.hpp.in +@@ -0,0 +1,21 @@ ++/* ++ * ****************************************************************************** ++ * Copyright (c) 2022 Konsulko Group ++ * ++ * All rights reserved. This program and the accompanying materials ++ * are made available under the terms of the Eclipse Public License v2.0 ++ * which accompanies this distribution, and is available at ++ * https://www.eclipse.org/org/documents/epl-2.0/index.php ++ * ++ * ***************************************************************************** ++ */ ++ ++#ifndef __CONFIG_H___ ++ ++// Default configuration file location ++#cmakedefine KUKSA_DEFAULT_CONFIG "@KUKSA_DEFAULT_CONFIG@" ++ ++// Default Certificate directory ++#cmakedefine KUKSA_DEFAULT_CERTDIR "@KUKSA_DEFAULT_CERTDIR@" ++ ++#endif +diff --git a/src/main.cpp b/src/main.cpp +index 417e2e8..fdfeacd 100644 +--- a/src/main.cpp ++++ b/src/main.cpp +@@ -40,6 +40,7 @@ + #include "exception.hpp" + #include "grpcHandler.hpp" + #include "OverlayLoader.hpp" ++#include "config.hpp" + + + #include "../buildinfo.h" +@@ -101,7 +102,7 @@ int main(int argc, const char *argv[]) { + program_options::options_description desc{"OPTIONS"}; + desc.add_options() + ("help,h", "Help screen") +- ("config-file,c", program_options::value<boost::filesystem::path>()->default_value(boost::filesystem::path{"config.ini"}), ++ ("config-file,c", program_options::value<boost::filesystem::path>()->default_value(boost::filesystem::path{KUKSA_DEFAULT_CONFIG}), + "Configuration file with `kuksa-val-server` input parameters." + "Configuration file can replace command-line parameters and through different files multiple configurations can be handled more easily (e.g. test and production setup)." + "Sample of configuration file parameters looks like:\n" +@@ -110,7 +111,7 @@ int main(int argc, const char *argv[]) { + "log-level = ALL\n") + ("vss", program_options::value<boost::filesystem::path>()->required(), "[mandatory] Path to VSS data file describing VSS data tree structure which `kuksa-val-server` shall handle. Sample 'vss_release_2.1.json' file can be found under [data](./data/vss-core/vss_release_2.1.json)") + ("overlays", program_options::value<boost::filesystem::path>(), "Path to a directory cotaiing additional VSS models. All json files will be applied on top of the main vss file given by the -vss parameter in alphanumerical order") +- ("cert-path", program_options::value<boost::filesystem::path>()->required()->default_value(boost::filesystem::path(".")), ++ ("cert-path", program_options::value<boost::filesystem::path>()->required()->default_value(boost::filesystem::path(KUKSA_DEFAULT_CERTDIR)), + "[mandatory] Directory path where 'Server.pem', 'Server.key' and 'jwt.key.pub' are located. ") + ("insecure", program_options::bool_switch()->default_value(false), "By default, `kuksa-val-server` shall accept only SSL (TLS) secured connections. If provided, `kuksa-val-server` shall also accept plain un-secured connections for Web-Socket and REST API connections, and also shall not fail connections due to self-signed certificates.") + ("use-keycloak", "Use KeyCloak for permission management") +-- +2.35.1 + diff --git a/recipes-connectivity/kuksa-val/kuksa-val/0004-Disable-default-fetch-and-build-of-googletest.patch b/recipes-connectivity/kuksa-val/kuksa-val/0004-Disable-default-fetch-and-build-of-googletest.patch new file mode 100644 index 000000000..9225aa552 --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val/0004-Disable-default-fetch-and-build-of-googletest.patch @@ -0,0 +1,83 @@ +From 73701bc4ac7e0c21990f73139839bc633afdd772 Mon Sep 17 00:00:00 2001 +From: Scott Murray <scott.murray@konsulko.com> +Date: Tue, 24 May 2022 10:21:44 -0400 +Subject: [PATCH 4/4] Disable default fetch and build of googletest + +The logic in test/unit-test/CMakeLists.txt was always fetching and +building googletest even if the unit-test was not enabled (which is +the default), rework it a bit to only do so when the unit-test is +desired. + +Upstream-Status: Pending + +Signed-off-by: Scott Murray <scott.murray@konsulko.com> +--- + test/unit-test/CMakeLists.txt | 42 +++++++++++++++++------------------ + 1 file changed, 21 insertions(+), 21 deletions(-) + +diff --git a/test/unit-test/CMakeLists.txt b/test/unit-test/CMakeLists.txt +index 873d604..976eb18 100644 +--- a/test/unit-test/CMakeLists.txt ++++ b/test/unit-test/CMakeLists.txt +@@ -16,18 +16,6 @@ enable_testing() + include(CTest) + include(FetchContent) + +-FetchContent_Declare( +- googletest +- GIT_REPOSITORY https://github.com/google/googletest.git +- GIT_TAG release-1.11.0 +-) +- +-FetchContent_GetProperties(googletest) +-if(NOT googletest_POPULATED) +- FetchContent_Populate(googletest) +- add_subdirectory(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR}) +-endif() +- + ###### + # CMake configuration responsible for building kuksa-val optional unit tests based on core library + +@@ -37,18 +25,30 @@ set(UNITTEST_EXE_NAME "kuksaval-unit-test" ) + + set(BUILD_UNIT_TEST OFF CACHE BOOL "Build unit tests") + +-### +-# Setup targets ++if(BUILD_UNIT_TEST) ++ FetchContent_Declare( ++ googletest ++ GIT_REPOSITORY https://github.com/google/googletest.git ++ GIT_TAG release-1.11.0 ++ ) + +-set(proto_gen_dir "${CMAKE_BINARY_DIR}/proto") +-include_directories(${proto_gen_dir}) +-include_directories(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR}) ++ FetchContent_GetProperties(googletest) ++ if(NOT googletest_POPULATED) ++ FetchContent_Populate(googletest) ++ add_subdirectory(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR}) ++ endif() + +-# Prevent GoogleTest from overriding our compiler/linker options +-# when building with Visual Studio +-set(gtest_force_shared_crt ON CACHE BOOL "" FORCE) ++ ### ++ # Setup targets ++ ++ set(proto_gen_dir "${CMAKE_BINARY_DIR}/proto") ++ include_directories(${proto_gen_dir}) ++ include_directories(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR}) ++ ++ # Prevent GoogleTest from overriding our compiler/linker options ++ # when building with Visual Studio ++ set(gtest_force_shared_crt ON CACHE BOOL "" FORCE) + +-if(BUILD_UNIT_TEST) + add_executable(${UNITTEST_EXE_NAME} + AccessCheckerTests.cpp + AuthenticatorTests.cpp +-- +2.35.1 + diff --git a/recipes-connectivity/kuksa-val/kuksa-val/kuksa-val.service b/recipes-connectivity/kuksa-val/kuksa-val/kuksa-val.service new file mode 100644 index 000000000..97ef66557 --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val/kuksa-val.service @@ -0,0 +1,11 @@ +[Unit] +Description=Eclipse KUKSA.val VIS server +After=network.target + +[Service] +User=kuksa +ExecStart=/usr/bin/kuksa-val-server +Restart=on-abort + +[Install] +WantedBy=multi-user.target diff --git a/recipes-connectivity/kuksa-val/kuksa-val_git.bb b/recipes-connectivity/kuksa-val/kuksa-val_git.bb new file mode 100644 index 000000000..033e81e09 --- /dev/null +++ b/recipes-connectivity/kuksa-val/kuksa-val_git.bb @@ -0,0 +1,62 @@ +SUMMARY = "KUKSA.val, the KUKSA Vehicle Abstraction Layer" +DESCRIPTION = "KUKSA.val provides a COVESA VSS data model describing data in a vehicle." +HOMEPAGE = "https://github.com/eclipse/kuksa.val" +BUGTRACKER = "https://github.com/eclipse/kuksa.val/issues" + +LICENSE = "EPL-2.0 & BSL-1.0 & MIT" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d9fc0efef5228704e7f5b37f27192723 \ + file://3rd-party-libs/jsoncons/LICENSE;md5=6ee7f7ed2001e4cde4679fdb8926f820 \ + file://3rd-party-libs/turtle/LICENSE_1_0.txt;md5=e4224ccaecb14d942c71d31bef20d78c \ + file://3rd-party-libs/jwt-cpp/LICENSE;md5=8325a5ce4414c65ffdda392e0d96a9ff" + +DEPENDS = "boost openssl mosquitto protobuf-native grpc-native grpc" + +require kuksa-val.inc + +SRC_URI += "file://kuksa-val.service \ + file://0001-Make-Boost-requirements-more-liberal.patch \ + file://0002-Fix-gRPC-configuration-for-OE-cross-compiling.patch \ + file://0003-Make-install-locations-configurable.patch \ + file://0004-Disable-default-fetch-and-build-of-googletest.patch \ +" + +inherit cmake pkgconfig systemd useradd + +SYSTEMD_SERVICE:${PN} = "kuksa-val.service" + +USERADD_PACKAGES = "${PN}" +USERADDEXTENSION = "useradd-staticids" +GROUPADD_PARAM:${PN} = "-g 900 kuksa ;" +USERADD_PARAM:${PN} = "--system -g 900 -u 900 -o -d / --shell /bin/nologin kuksa ;" + +# Configure file locations more along the lines of FHS instead of kuksa.val's +# default locations. +EXTRA_OECMAKE = " \ + -DKUKSA_INSTALL_BINDIR=${bindir} \ + -DKUKSA_INSTALL_CERTDIR=${sysconfdir}/kuksa-val \ + -DKUKSA_INSTALL_DATADIR=${datadir}/kuksa-val \ + -DKUKSA_INSTALL_CONFIGDIR=${sysconfdir}/kuksa-val \ +" + +do_install:append() { + # Lower the logging level used in the installed config.ini from the upstream + # default of "ALL", which seems to cause performance issues at the moment. + sed -i 's/^log-level = .*/log-level = WARNING/' ${D}/${sysconfdir}/kuksa-val/config.ini + + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/kuksa-val.service ${D}${systemd_system_unitdir} + fi + + # Restrict server certificate access + # NOTE: The client certificates are left alone here for client + # development convenience for now, but this will need to + # be revisited. + chmod 640 ${D}${sysconfdir}/kuksa-val/Server.key + chgrp 900 ${D}${sysconfdir}/kuksa-val/Server.key + chmod 640 ${D}${sysconfdir}/kuksa-val/Server.pem + chgrp 900 ${D}${sysconfdir}/kuksa-val/Server.pem +} + +FILES:${PN} += "${systemd_system_unitdir} ${datadir}" + |