diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-10-22 14:58:56 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-10-22 14:58:56 +0900 |
commit | 4204309872da5cb401cbb2729d9e2d4869a87f42 (patch) | |
tree | c7415e8600205e40ff7e91e8e5f4c411f30329f2 /external/meta-updater/recipes-sota | |
parent | 5b80bfd7bffd4c20d80b7c70a7130529e9a755dd (diff) |
agl-basesystem 0.1sandbox/ToshikazuOhiwa/master
Diffstat (limited to 'external/meta-updater/recipes-sota')
15 files changed, 192 insertions, 112 deletions
diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb deleted file mode 100644 index 6e02a501..00000000 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-creds.bb +++ /dev/null @@ -1,60 +0,0 @@ -SUMMARY = "Credentials for device provisioning with fleet CA certificate" -HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" -SECTION = "base" -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" - -inherit allarch - -# WARNING: it is NOT a production solution. The secure way to provision devices -# is to create certificate request directly on the device (either with HSM/TPM -# or with software) and then sign it with a CA stored on a disconnected machine. - -DEPENDS = "aktualizr aktualizr-native" -ALLOW_EMPTY_${PN} = "1" - -SRC_URI = " \ - file://ca.cnf \ - " - -require credentials.inc - -export SOTA_CACERT_PATH -export SOTA_CAKEY_PATH - -do_install() { - if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then - if [ -z ${SOTA_CACERT_PATH} ]; then - SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem - SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem - mkdir -p ${DEPLOY_DIR_IMAGE}/CA - bbwarn "SOTA_CACERT_PATH is not specified, use default one at ${SOTA_CACERT_PATH}" - - if [ ! -f ${SOTA_CACERT_PATH} ]; then - bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" - SOTA_CACERT_DIR_PATH="$(dirname "${SOTA_CACERT_PATH}")" - openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 - openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert - bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" - fi - fi - - if [ -z ${SOTA_CAKEY_PATH} ]; then - bbfatal "SOTA_CAKEY_PATH should be set when using device credential provisioning" - fi - - install -m 0700 -d ${D}${localstatedir}/sota - aktualizr-cert-provider --credentials ${SOTA_PACKED_CREDENTIALS} \ - --fleet-ca ${SOTA_CACERT_PATH} \ - --fleet-ca-key ${SOTA_CAKEY_PATH} \ - --root-ca \ - --server-url \ - --local ${D} \ - --config ${STAGING_DIR_HOST}${libdir}/sota/sota-device-cred.toml - fi -} - -FILES_${PN} = " \ - ${localstatedir}/sota/*" - -# vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb index c3cd593b..8f28c03b 100644 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov-hsm.bb @@ -7,14 +7,16 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 inherit allarch -DEPENDS = "aktualizr aktualizr-native" -RDEPENDS_${PN}_append = "${@' aktualizr-device-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" +# We need to get the config files from the aktualizr-host-tools package built by +# the aktualizr (target) recipe. +DEPENDS = "aktualizr" -SRC_URI = "" +# If the config file from aktualizr used here is changed, you will need to bump +# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS! PV = "1.0" -PR = "6" +PR = "7" -require credentials.inc +SRC_URI = "" do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov.bb index d5795324..55f398d6 100644 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov.bb +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr-device-prov.bb @@ -7,13 +7,16 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 inherit allarch -DEPENDS = "aktualizr aktualizr-native openssl-native" -RDEPENDS_${PN}_append = "${@' aktualizr-device-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" +# We need to get the config files from the aktualizr-host-tools package built by +# the aktualizr (target) recipe. +DEPENDS = "aktualizr" +# If the config file from aktualizr used here is changed, you will need to bump +# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS! PV = "1.0" PR = "1" -require credentials.inc +SRC_URI = "" do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-hwid.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-hwid.bb new file mode 100644 index 00000000..fd3e3953 --- /dev/null +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr-hwid.bb @@ -0,0 +1,24 @@ +SUMMARY = "Aktualizr hwid configuration" +HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" +SECTION = "base" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" + +# Because of the dependency on MACHINE. +PACKAGE_ARCH = "${MACHINE_ARCH}" + +SRC_URI = "" + +do_install() { + install -m 0700 -d ${D}${libdir}/sota/conf.d + if [ -n "${SOTA_HARDWARE_ID}" ]; then + printf "[provision]\nprimary_ecu_hardware_id = ${SOTA_HARDWARE_ID}\n" > ${D}${libdir}/sota/conf.d/40-hardware-id.toml + fi +} + +FILES_${PN} = " \ + ${libdir}/sota/conf.d \ + ${libdir}/sota/conf.d/40-hardware-id.toml \ + " + +# vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb index dbb5fde5..9c6f0dd4 100644 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov-creds.bb @@ -6,22 +6,32 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 inherit allarch -DEPENDS = "aktualizr-native zip-native" +DEPENDS = "zip-native" ALLOW_EMPTY_${PN} = "1" +# If the config file from aktualizr used here is changed, you will need to bump +# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS! +PV = "1.0" +PR = "1" + +SRC_URI = "" + require credentials.inc do_install() { if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then install -m 0700 -d ${D}${localstatedir}/sota - cp "${SOTA_PACKED_CREDENTIALS}" ${D}${localstatedir}/sota/sota_provisioning_credentials.zip - # Device should not be able to push data to treehub - zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json - # Device has no use for the API Gateway. Remove if present. See: - # https://github.com/advancedtelematic/ota-plus-server/pull/1913/ - if unzip -l ${D}${localstatedir}/sota/sota_provisioning_credentials.zip api_gateway.url > /dev/null; then - zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip api_gateway.url - fi + # root.json contains the root metadata for bootstrapping the Uptane metadata verification process. + # autoprov.url has the URL to the device gateway on the server, which is where we send most of our requests. + # autoprov_credentials.p12 contains the shared provisioning credentials. + for var in root.json autoprov.url autoprov_credentials.p12; do + if unzip -l "${SOTA_PACKED_CREDENTIALS}" $var > /dev/null; then + unzip "${SOTA_PACKED_CREDENTIALS}" $var -d ${T} + zip -mj -q ${D}${localstatedir}/sota/sota_provisioning_credentials.zip ${T}/$var + else + bbwarn "$var is missing from credentials.zip" + fi + done fi } diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov.bb index d3d6f165..2ee47a16 100644 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov.bb +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr-shared-prov.bb @@ -7,15 +7,18 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 inherit allarch -DEPENDS = "aktualizr-native zip-native" +# We need to get the config files from the aktualizr-host-tools package built by +# the aktualizr (target) recipe. +DEPENDS = "aktualizr" RDEPENDS_${PN}_append = "${@' aktualizr-shared-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS') == '1' else ''}" + +# If the config file from aktualizr used here is changed, you will need to bump +# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS! PV = "1.0" PR = "6" SRC_URI = "" -require credentials.inc - do_install() { if [ -n "${SOTA_AUTOPROVISION_CREDENTIALS}" ]; then bbwarn "SOTA_AUTOPROVISION_CREDENTIALS are ignored. Please use SOTA_PACKED_CREDENTIALS" @@ -31,7 +34,7 @@ do_install() { fi install -m 0700 -d ${D}${libdir}/sota/conf.d - install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota-shared-cred.toml \ + install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota-shared-cred.toml \ ${D}${libdir}/sota/conf.d/20-sota-shared-cred.toml } diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb index 860f225c..2895e5c4 100644 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb @@ -6,14 +6,18 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7 inherit allarch -DEPENDS = "aktualizr-native" -RDEPENDS_${PN} = "aktualizr" +DEPENDS = "aktualizr" + +# If the config file from aktualizr used here is changed, you will need to bump +# the version here because of SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS! +PV = "1.0" +PR = "1" SRC_URI = "" do_install() { install -m 0700 -d ${D}${libdir}/sota/conf.d - install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota-uboot-env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml + install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota-uboot-env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml } FILES_${PN} = " \ diff --git a/external/meta-updater/recipes-sota/aktualizr/aktualizr_git.bb b/external/meta-updater/recipes-sota/aktualizr/aktualizr_git.bb index 5de341e4..20dd4237 100644 --- a/external/meta-updater/recipes-sota/aktualizr/aktualizr_git.bb +++ b/external/meta-updater/recipes-sota/aktualizr/aktualizr_git.bb @@ -3,35 +3,36 @@ DESCRIPTION = "SOTA Client application written in C++" HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" SECTION = "base" LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" +LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=815ca599c9df247a0c7f619bab123dad" DEPENDS = "boost curl openssl libarchive libsodium sqlite3 asn1c-native" DEPENDS_append = "${@bb.utils.contains('PTEST_ENABLED', '1', ' coreutils-native net-tools-native ostree-native aktualizr-native ', '', d)}" -RDEPENDS_${PN}_class-target = "aktualizr-configs lshw" -RDEPENDS_${PN}-host-tools = "aktualizr aktualizr-repo aktualizr-cert-provider ${@bb.utils.contains('PACKAGECONFIG', 'sota-tools', 'garage-deploy garage-push', '', d)}" +RDEPENDS_${PN}_class-target = "${PN}-configs ${PN}-hwid lshw" +RDEPENDS_${PN}-host-tools = "aktualizr aktualizr-cert-provider ${@bb.utils.contains('PACKAGECONFIG', 'sota-tools', 'garage-deploy garage-push', '', d)}" RDEPENDS_${PN}-ptest += "bash cmake curl python3-misc python3-modules openssl-bin sqlite3 valgrind" +PRIVATE_LIBS_${PN}-ptest = "libaktualizr.so libaktualizr_secondary.so" + PV = "1.0+git${SRCPV}" PR = "7" -GARAGE_SIGN_PV = "0.7.0-3-gf5ba640" +GARAGE_SIGN_PV = "0.7.0-87-g905dc3c" SRC_URI = " \ - gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \ + gitsm://github.com/advancedtelematic/aktualizr;branch=${BRANCH};name=aktualizr \ file://run-ptest \ file://aktualizr.service \ file://aktualizr-secondary.service \ file://aktualizr-serialcan.service \ file://10-resource-control.conf \ - ${@ d.expand("https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${GARAGE_SIGN_PV}.tgz;unpack=0") if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''} \ + ${@ d.expand("https://ats-tuf-cli-releases.s3-eu-central-1.amazonaws.com/cli-${GARAGE_SIGN_PV}.tgz;unpack=0;name=garagesign") if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''} \ " -# for garage-sign archive -SRC_URI[md5sum] = "e104ccd4f32e52571a5fc0e5042db050" -SRC_URI[sha256sum] = "c590be1a57523bfe097af82279eda5c97cf40ae47fb27162cf33c469702c8a9b" +SRC_URI[garagesign.md5sum] = "064b408c60676dcf282aa9209bff7dac" +SRC_URI[garagesign.sha256sum] = "75c9b3cf24eb31dacb127d3b3d073359082e2b4ee4eeb27d75e792664800ba82" -SRCREV = "9c592cf9d8dfcd995d47753f2be7bd1a2b56c7da" +SRCREV = "f90e8996e826d130976a7b7f1835947b7e631025" BRANCH ?= "master" S = "${WORKDIR}/git" @@ -46,17 +47,17 @@ SYSTEMD_PACKAGES = "${PN} ${PN}-secondary" SYSTEMD_SERVICE_${PN} = "aktualizr.service" SYSTEMD_SERVICE_${PN}-secondary = "aktualizr-secondary.service" -EXTRA_OECMAKE = "-DCMAKE_BUILD_TYPE=Release -DAKTUALIZR_VERSION=${PV} ${@bb.utils.contains('PTEST_ENABLED', '1', '-DTESTSUITE_VALGRIND=on', '', d)}" +EXTRA_OECMAKE = "-DCMAKE_BUILD_TYPE=Release ${@bb.utils.contains('PTEST_ENABLED', '1', '-DTESTSUITE_VALGRIND=on', '', d)}" GARAGE_SIGN_OPS = "${@ d.expand('-DGARAGE_SIGN_ARCHIVE=${WORKDIR}/cli-${GARAGE_SIGN_PV}.tgz') if d.getVar('GARAGE_SIGN_AUTOVERSION') != '1' else ''}" +PKCS11_ENGINE_PATH = "${libdir}/engines-1.1/pkcs11.so" -PACKAGECONFIG ?= "ostree ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} ${@bb.utils.filter('SOTA_CLIENT_FEATURES', 'hsm serialcan ubootenv', d)}" +PACKAGECONFIG ?= "ostree ${@bb.utils.filter('SOTA_CLIENT_FEATURES', 'hsm serialcan ubootenv', d)}" PACKAGECONFIG_class-native = "sota-tools" PACKAGECONFIG[warning-as-error] = "-DWARNING_AS_ERROR=ON,-DWARNING_AS_ERROR=OFF," PACKAGECONFIG[ostree] = "-DBUILD_OSTREE=ON,-DBUILD_OSTREE=OFF,ostree," -PACKAGECONFIG[hsm] = "-DBUILD_P11=ON,-DBUILD_P11=OFF,libp11," +PACKAGECONFIG[hsm] = "-DBUILD_P11=ON -DPKCS11_ENGINE_PATH=${PKCS11_ENGINE_PATH},-DBUILD_P11=OFF,libp11," PACKAGECONFIG[sota-tools] = "-DBUILD_SOTA_TOOLS=ON ${GARAGE_SIGN_OPS},-DBUILD_SOTA_TOOLS=OFF,glib-2.0," -PACKAGECONFIG[systemd] = "-DBUILD_SYSTEMD=ON,-DBUILD_SYSTEMD=OFF,systemd," PACKAGECONFIG[load-tests] = "-DBUILD_LOAD_TESTS=ON,-DBUILD_LOAD_TESTS=OFF," PACKAGECONFIG[serialcan] = ",,,slcand-start" PACKAGECONFIG[ubootenv] = ",,,u-boot-fw-utils aktualizr-uboot-env-rollback" @@ -70,6 +71,14 @@ RESOURCE_CPU_WEIGHT = "100" RESOURCE_MEMORY_HIGH = "100M" RESOURCE_MEMORY_MAX = "80%" +do_configure_prepend() { + # CMake has trouble finding yocto's git when cross-compiling, let's do this step manually + cd ${S} + if [ ! -f VERSION ]; then + ./scripts/get_version.sh > VERSION + fi +} + do_compile_ptest() { cmake_runcmake_build --target build_tests "${PARALLEL_MAKE}" } @@ -79,9 +88,6 @@ do_install_ptest() { cp -r ${B}/ ${D}/${PTEST_PATH}/build cp -r ${S}/ ${D}/${PTEST_PATH}/src - # remove huge external unused repository - rm -rf ${D}/${PTEST_PATH}/src/partial/extern/RIOT - # remove huge build artifacts find ${D}/${PTEST_PATH}/build/src -name "*.a" -delete @@ -102,10 +108,6 @@ do_install_append () { install -m 0700 -d ${D}${libdir}/sota/conf.d install -m 0700 -d ${D}${sysconfdir}/sota/conf.d - if [ -n "${SOTA_HARDWARE_ID}" ]; then - printf "[provision]\nprimary_ecu_hardware_id = ${SOTA_HARDWARE_ID}\n" > ${D}${libdir}/sota/conf.d/40-hardware-id.toml - fi - install -m 0755 -d ${D}${systemd_unitdir}/system aktualizr_service=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', '${WORKDIR}/aktualizr-serialcan.service', '${WORKDIR}/aktualizr.service', d)} install -m 0644 ${aktualizr_service} ${D}${systemd_unitdir}/system/aktualizr.service @@ -137,7 +139,7 @@ python split_hosttools_packages () { PACKAGES_DYNAMIC = "^aktualizr-.* ^garage-.*" -PACKAGES =+ "${PN}-resource-control ${PN}-examples ${PN}-secondary ${PN}-configs ${PN}-host-tools" +PACKAGES =+ "${PN}-host-tools ${PN}-lib ${PN}-resource-control ${PN}-configs ${PN}-secondary ${PN}-secondary-lib ${PN}-sotatools-lib" ALLOW_EMPTY_${PN}-host-tools = "1" @@ -147,6 +149,10 @@ FILES_${PN} = " \ ${systemd_unitdir}/system/aktualizr.service \ " +FILES_${PN}-lib = " \ + ${libdir}/libaktualizr.so \ + " + FILES_${PN}-resource-control = " \ ${systemd_system_unitdir}/aktualizr.service.d/10-resource-control.conf \ " @@ -156,16 +162,22 @@ FILES_${PN}-configs = " \ ${libdir}/sota/* \ " -FILES_${PN}-examples = " \ - ${bindir}/hmi-stub \ - " - FILES_${PN}-secondary = " \ ${bindir}/aktualizr-secondary \ ${libdir}/sota/sota-secondary.toml \ ${systemd_unitdir}/system/aktualizr-secondary.service \ " +FILES_${PN}-secondary-lib = " \ + ${libdir}/libaktualizr_secondary.so \ + " + +FILES_${PN}-sotatools-lib = " \ + ${libdir}/libsota_tools.so \ + " + +FILES_${PN}-dev = "" + BBCLASSEXTEND = "native" # vim:set ts=4 sw=4 sts=4 expandtab: diff --git a/external/meta-updater/recipes-sota/aktualizr/files/aktualizr-secondary.service b/external/meta-updater/recipes-sota/aktualizr/files/aktualizr-secondary.service index b577ae8b..fb610f9b 100644 --- a/external/meta-updater/recipes-sota/aktualizr/files/aktualizr-secondary.service +++ b/external/meta-updater/recipes-sota/aktualizr/files/aktualizr-secondary.service @@ -1,6 +1,7 @@ [Unit] Description=Aktualizr SOTA Client (UPTANE Secondary) -After=network.target +After=network-online.target +Wants=network-online.target [Service] RestartSec=10 diff --git a/external/meta-updater/recipes-sota/aktualizr/files/aktualizr.service b/external/meta-updater/recipes-sota/aktualizr/files/aktualizr.service index 726809e8..3d807a1f 100644 --- a/external/meta-updater/recipes-sota/aktualizr/files/aktualizr.service +++ b/external/meta-updater/recipes-sota/aktualizr/files/aktualizr.service @@ -1,6 +1,7 @@ [Unit] Description=Aktualizr SOTA Client -After=network.target +After=network-online.target nss-lookup.target +Wants=network-online.target [Service] RestartSec=10 diff --git a/external/meta-updater/recipes-sota/config/aktualizr-virtualsec.bb b/external/meta-updater/recipes-sota/config/aktualizr-virtualsec.bb new file mode 100644 index 00000000..b7d55aaa --- /dev/null +++ b/external/meta-updater/recipes-sota/config/aktualizr-virtualsec.bb @@ -0,0 +1,27 @@ +SUMMARY = "Example virtual secondary in aktualizr" +DESCRIPTION = "Creates an example virtual secondary to be used to update an arbitrary file on the primary" +HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" +SECTION = "base" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" + +inherit allarch + +SRC_URI = " \ + file://30-virtualsec.toml \ + file://virtualsec.json \ + " + +do_install_append () { + install -m 0700 -d ${D}${libdir}/sota/conf.d + install -m 0644 ${WORKDIR}/30-virtualsec.toml ${D}${libdir}/sota/conf.d/30-virtualsec.toml + install -m 0644 ${WORKDIR}/virtualsec.json ${D}${libdir}/sota/virtualsec.json +} + +FILES_${PN} = " \ + ${libdir}/sota/conf.d/30-virtualsec.toml \ + ${libdir}/sota/virtualsec.json \ + " + +# vim:set ts=4 sw=4 sts=4 expandtab: + diff --git a/external/meta-updater/recipes-sota/config/files/30-virtualsec.toml b/external/meta-updater/recipes-sota/config/files/30-virtualsec.toml new file mode 100644 index 00000000..987f692d --- /dev/null +++ b/external/meta-updater/recipes-sota/config/files/30-virtualsec.toml @@ -0,0 +1,3 @@ +[uptane] +secondary_config_file = "/usr/lib/sota/virtualsec.json" + diff --git a/external/meta-updater/recipes-sota/config/files/virtualsec.json b/external/meta-updater/recipes-sota/config/files/virtualsec.json new file mode 100644 index 00000000..dcdcdba7 --- /dev/null +++ b/external/meta-updater/recipes-sota/config/files/virtualsec.json @@ -0,0 +1,14 @@ +{ + "virtual": [ + { + "partial_verifying": "false", + "ecu_hardware_id": "external-config", + "full_client_dir": "/var/sota/external-config", + "ecu_private_key": "sec.private", + "ecu_public_key": "sec.public", + "firmware_path": "/var/sota/external-config/config.txt", + "target_name_path": "/var/sota/external-config/target_name", + "metadata_path": "/var/sota/external-config/metadata" + } + ] +} diff --git a/external/meta-updater/recipes-sota/ostree/files/touch-ostree b/external/meta-updater/recipes-sota/ostree/files/touch-ostree new file mode 100755 index 00000000..28cb6723 --- /dev/null +++ b/external/meta-updater/recipes-sota/ostree/files/touch-ostree @@ -0,0 +1,21 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: touch-ostree +# Required-Start: $network $remote_fs +# Required-Stop: $network $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Indicate OSTree boot +### END INIT INFO + +case "$1" in + start) + touch /run/ostree-booted + ;; + stop) + ;; + *) + echo "Usage: /etc/init.d/touch-ostree {start|stop}" + exit 1 + ;; +esac diff --git a/external/meta-updater/recipes-sota/ostree/ostree-booted_1.0.bb b/external/meta-updater/recipes-sota/ostree/ostree-booted_1.0.bb new file mode 100644 index 00000000..d74cf247 --- /dev/null +++ b/external/meta-updater/recipes-sota/ostree/ostree-booted_1.0.bb @@ -0,0 +1,15 @@ +SUMMARY = "Indicate an OSTree boot" +DESCRIPTION = "Indicate an OSTree boot" +LICENSE = "MPL-2.0" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" +SRC_URI = "file://touch-ostree" + +inherit allarch update-rc.d + +INITSCRIPT_NAME = "touch-ostree" +INITSCRIPT_PARAMS = "start 8 2 3 4 5 . stop 20 0 1 6 ." + +do_install() { + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/touch-ostree ${D}${sysconfdir}/init.d/touch-ostree +} |