| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changes:
- Tweak the kuksa-val recipe to remove installing a newer server
certificate (since it will be done elsewhere), and to split the
certificates up into finer grained packages to ease installing
them piecemeal and replacing them with other packages.
- Remove the unused genCerts.sh certificate script patch form the
kuksa-val recipe, an updated patch will be added in the near
future.
- Added a patch in the kuksa-viss-client recipe that enables the
library to use certificates installed in /etc/kuksa-certificates or
/etc/kuksa-val instead of the default ones that are shipped.
- Add kuksa-certificates-agl recipe that installs AGL specific CA,
server, and client certificates plus the required server and client
keys to act as a replacement for the default ones shipped with
KUKSA.val. The kuksa-certificates-agl name is used to avoid needing
a rename with a future switch to kuksa-databroker. Note that the
RPROVIDES variable is used for the various certificate packages to
make them installable alternatives to the kuksa-val-certificates-*
ones. The certificates installed are valid for 1 year and have
AGL as the providing organization, longer validity ones will be
added in follow up commits for Octopus and Pike.
- Update the existing users of kuksa-val-*-certificates with the new
kuksa-val-certificates-* package names.
- Add PREFERRED_RPROVIDER definitions for the kuksa-val-certificates-*
packages to quiet the BitBake warnings coming from having multiple
providers.
Bug-AGL: SPEC-4763
Change-Id: I00031ada2401cd5b92419de5c7b1af8944c34e9d
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
|
|
Add a patch to KUKSA.val to add a missing dependency in its CMake
files to hopefully fix a build race that is seen on the AGL CI
builders.
Bug-AGL: SPEC-4717
Change-Id: I74f71236729e60ad0601fb1244b50279b2fc43e7
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
|
|
Changes:
- Upgrade kuksa-val and kuksa-viss-client to a commit that includes
the 0.2.5 release tag and some fixes past it. The patches for each
have been updated against the newer version, with backported ones
dropped.
- The affected recipes have been updated to include some new gRPC
tooling dependencies, and a recipe for a new jsonpath-ng dependency
has been added.
- Rework the kuksa-dbc-feeder recipe for the splitting out of the
example feeders from the main kuksa-val repository.
- Rework our local kuksa-dbc-feeder patches against the newer version,
as upstream has made several improvements. Also drop the duplicate
filtering feature patch, as it seems likely we will not need it
going forward.
- Update the kuksa-dbc-feeder configuration files to work with the new
version. Notable is a change in the engine speed signal naming in
VSS 3.0, which is the new default for VSS schema.
- The kuksa-val and kuksa-val-feeders trees have changed their
licensing from EPL-1.0 to Apache-2.0, update the recipes
accordingly.
Bug-AGL: SPEC-4587
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: Ibc990767219f79af95929e86361e66beda2d0c9e
(cherry picked from commit 54ef381ec92148015cbd743a1b30771cca22f80b)
|
|
After fixing the issue with the SSL context purpose in the Python
client library, client connections were still failing with the
error:
certificate verify failed: IP address mismatch, certificate is not valid for localhost
To fix this, the certificate generation script has been patched to
create the now required Subject Alt Name extension field, as that has
effectively replaced using the CN field in most SSL implementations.
Replacement Server.key and Server.pem files generated with the
updated script have been added to give us a working configuration
while this is worked with upstream so their default configuration is
usable with newer Python + OpenSSL versions.
Bug-AGL: SPEC-4467
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: I9e8374fbbef6e8570b16d87f4e1800ceba8aacad
|
|
Split the certificates required by clients (so client and CA) into
a separate kuksa-val-client-certificates package so that they can
be reused in the cluster demo image without having the full KUKSA.val
server installed.
Bug-AGL: SPEC-4405
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: I6b78b212ead395c8f731eab40ef0525a515bdb7c
|
|
Add a kuksa-val recipe to build the current post-0.2.1 release HEAD
of the Eclipse KUKSA.val Vehicle Information Service (VIS) server,
and add it to the agl-demo-platform image by adding it to
packagegroup-agl-ivi-services. Several local patches are applied to
enable building with OpenEmbedded and make installation into standard
Linux FHS locations feasible. These will be discussed with upstream
to hopefully get them integrated.
Additionally, meta-networking has been added as a layer dependency
in the agl-demo feature template. This is required due to kuksa-val
currently having mosquitto as a non-optional dependency.
Bug-AGL: SPEC-4405
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: I1a2d9e9b49d5c8ad11821b89288d2dc9895d15ae
|
Scott Murray