Age | Commit message (Collapse) | Author |
|
SWUPD server may move to a new location where a different pubkey
needs to be used and the hardcoded one won't work.
This makes pinned pubkey configurable.
Changes in v2: add explicit 'else' clause to the last statement
of do_install_append() to avoid returning exit code 1.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
The patch puts intended values to the config files with
swupd-client's default values.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
|
|
In case IMAGE_BASENAME is set on image recipe level the files ownership on
target rootfs is incorrect for recipes inheriting swupd-image.bbclass.
Depending on the context swupd-image.bbclass used either PN (PN_BASE) or
IMAGE_BASENAME when generating path to pseudo shared state directory. This
seems correct only when IMAGE_BASENAME is not set as it defaults to PN.
This patch resolves above problem.
Addresses [YOCTO #10108].
Signed-off-by: Piotr Figiel <p.figiel@camlintechnologies.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Vopying->Copying
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
If SWUPD_BUNDLES is empty no mega-image will be built and there's
no need to try and copy the os-core bundle contents from there,
instead the original image rootfs should be used as the source of
the copy.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
If the user hasn't defined any bundles a mega-image won't be
created and there's no need to recopy the mega image rootfs.
The original rootfs can be used in this case.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Add a simple image which turns core-image-minimal into a swupd-image,
this should make it easier to start investigating and understanding
meta-swupd.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Ensure pseudo is available in the sysroot for all tasks which have
the fakeroot flag by adding virtual/fakeroot-native:do_populate_sysroot
to the depends of the tasks.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Drop and the swupd_sanity_check_image task and related
SWUPD_IMAGE_SANITY_CHECKS variable in favour of the recently added
OE-Core image QA mechanism.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The most recent version of swupd-client should now support
signed manifests.
For more details, refer to https://github.com/clearlinux/swupd-client
Signed-off-by: Igor Stoppa <igor.stoppa@intel.com>
|
|
This was a copy-and-paste of the check_output() method of the subprocess
module in order to support Python versions prior to 2.7 -- we should just
use the method from subprocess directly.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Rather than trying to determine the manifest link name by removing the value
of the DATETIME variable from the image name duplicate the logic from
rootfs-postcommands.bbclass in OE-Core to derive the manifest name in the
same way.
This prevents issues when the IMAGE_NAME (and thus manifest name) differ
significantly from the IMAGE_NAME's used in OE-Core.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
This reverts commit ba2aeec203b09d96c6e81c85cdd57054bc670c93.
Manifest files are not currently writting with IMAGE_NAME_SUFFIX
|
|
Improve the usability of fetching swupd inputs from sstate objects by
writing all known OS_VERSION-->sstate object hash mappings to a variable
assignment in an inc file.
Utilising the ability to fetch swupd inputs for previous versions then
becomes a simple case of including this file, i.e. in an auto.conf or
local.conf.
As the inc file is parsed during a build all known mappings, i.e. those
loaded from the inc file and a new mapping generated by the current build,
will be written to any newly generated inc file during a build.
Preventing swupd inputs from OS_VERSIONS from being fetched and staged
becomes a simple matter of editing the inc file to remove the no longer
required maps.
An expected workflow for building new OS_VERSIONS with a CI would be:
* copy any existing inc file from previous builds to a conf dir such as
${BUILDDIR}/conf
* edit the file to ensure only versions we care about are fetched
* ensure that file is included/required by a conf file such as local.conf
or auto.conf
* build
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The addtask line for do_swupd_update contained a task which is no longer
defined by swupd-image.bbclass
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
We don't run do_stage_swupd_inputs for derived images, resulting in
no sstate object being genereted. Therefore we must also skip
do_stage_swupd_inputs_setscene for derived images.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Ensure the manifest files are written with a uniform filename
pattern for all swupd-image derived images.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Use manifest files written to DEPLOY_DIR_IMAGE, rather than
SWUPDMANIFESTDIR, during create_rootfs as the latter are (currently)
only written for package based bundles.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The image name suffix is modifiable via the IMAGE_NAME_SUFFIX
variable, therefore when constructing image filenames we should
use the same variable.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
We now ensure the do_swupd_update task is run for the base image as
a dependency of the do_swupd_update task for any derivative image.
Therefore this message is now informative, rather than indicative
of an issue.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
We already have a variable which lists all of the bundles for the
image including os-core, make use of ALL_BUNDLES instead of
assigning a new variable to use.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
This change aims to help support more complex OS development
workflows where update artefacts:
* may not be sequential
* may have been generated on a separate system, or in a separate
build directory
With this change we now generate a file after the swupd inputs have
been staged and an sstate object for the inputs created which maps
the OS_VERSION of the build to the name of the sstate object.
A new task will read in these 'map' files and try to ensure that
the swupd inputs are available before do_swupd_update, first by
checking for an sstate objects in SSTATE_DIR and when not present
attempting to fetch the object from an sstate mirror, before
unpacking the object into the swupd directory for processing.
[YOCTO #9321]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Use tempfile.mkstemp() from the standard library, rather than our
own logic, to create a unique filename in workdir to use as the
copyfile for the tar operation.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The copyxattrtree() method will copy the entire contents of the src
directory to dst preserving extended attributes on files.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Consistently use docstrings for documenting methods in lib/swupd/*
and ensure every method is documented.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Dictionaries don't have an iteritems() method in Python 3, use the
items() method instead.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The manifest files are used for various things so we must be sure
they are available, even if the swupd inputs were staged from a
shared state.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
do_swupd_update is skipped for non-core images, however as users
may choose to only build a composed os-core + bundles image ensure
that the do_swupd_update task for all such images depends on the
core do_swupd_update task of the core image.
This ensures that the swupd update stream is generated for a new
OS release when suitable (i.e. when an update stream doesn't already
exist for that OS_VERSION).
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When creating a composed rootfs for swupdimage images we also write
an updated manifest of the composed image's content. To better match
behaviour of other manifests in DEPLOY_DIR_IMAGE also create a
symlink to the latest manifest.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When swupdimage rootfs are constructed they rely on reading the
contents of the rootfs.manifest files for each bundle they contain
in order to determine the image's contents. However it's possible,
especially with the addition of a sstate accelerated
do_stage_swupd_inputs, that the manifests will have been generated
in a different bitbake invocation and therefore that the DATETIME
in the IMAGE_NAME will be different.
This change accounts for that eventuality by falling back to the
manifest's symlink when the composed manifest filename (including
DATETIME) doesn't exist.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
swupdimage was not ported when we moved the various helper methods
out of swupd-image into the lib/swupd module -- this change
rectifies that.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When writing the rootfs.manifest for package manager staged bundles
also create a symlink to the manifest to better match the pattern
of manifests created for images.
We'll use this in a future commit to make the composed rootfs
construction in swupdimage based images more robust.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
SWUPD_FILE_BLACKLIST allows a user to list files, with a path in
the target rootfs, that they do not wish to be copied into the
swupd state directory for processing.
This mechanism can be used to prevent files being processed by
swupd which should not be tracked in a manifest file and thus not
processed by swupd-client.
The primary use for this is to exclude files in /etc which are
runtime modified (/etc/mtab) or generated at boot (/etc/machine-id)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
swupd-client doesn't support bundles being removed from the server,
if a bundle receipt still exists on the client but the manifest
disapears from the server the client doesn't know how to handle it.
Prevent a workaround for this by adding a SWUPD_EMPTY_BUNDLES
variable which can be used to continue to provide a manifest entry
for a bundle which is otherwise empty. With this workaround the
client can update to the empty bundle, removing files that it used
to provide (unless they are now provided by an alternative bundle).
Note: this was implemented as a separate variable, rather than
allowing SWUPD_BUNDLES to be defined without a corresponding
BUNDLE_CONTENTS varflag as it is expected the latter is more likely
to lead to unexpected results due to accidental misconfiguration.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Rather than depend on the base image having been created, instead
depend on the swupd inputs having been staged, as this allows us
to know that processing of bundle contents has finished.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When implementing cleaner input staging for swupd during #9599
most of the places where we copy the entire mega image contents and
then prune unwanted items were removed.
This commit removes the final user of copyxattrtree() and
remove_unlisted_files_from_directory() by switching
swupd_create_rootfs() to using the copyxattrfiles() method.
[YOCTO #9325]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When creating a list of files to copy from the mega-rootfs to
stage the contents of a bundle which was determined via a delta
between two images, ensure each component of a path is added to
the list of files to copy.
Otherwise we end up with directories automatically created with the
default permissions which may not match the expected permissions.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Before we generate the bundle contents manifest:
* remove package manager artefacts, these never want to end up in
a bundle as the final system isn't package-manager enabled.
* remove any empty directories created by the package-manager to
reduce noise in the bundle manifest.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Mariano has proposed a similar get_package_manager method to OE-Core,
make our local copy match the implementation proposed to OE-Core so
that we can just switch to that when it lands.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When a bundle sets BUNDLE_FEATURES we can't be certain that there's
a distinct mapping from the defined bundle contents to packages we
can install into a bundle staging directory. To ensure the bundle
contents are correctly staged we switch back to building virtual
bundle images for bundles which set BUNDLE_FEATURES and copying
only the contents of the built bundle which aren't present in the
base image's rootfs as the bundle's swupd inputs.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The previous process of creating images for each bundle which consisted
of the base image plus the bundles contents is resource intensive,
especially when a bundle consists of only a few files.
Instead of creating bundle images and performing several copies of the
entire mega-image rootfs, then pruning it down, we now make use of the
package manager to stage the files for non os-core bundles and generate
manifests based on the files installed by the package manager.
Once the mega image has been built and post-processed the contents
are re-copied from the mega rootfs to ensure that the final files
in the bundle 'chroot' match the files that will be used to populate
the image.
This patch refactors all of the logic for deploying the required inputs
for swupd (and the do_swupd_update task) into a single task, simplifying
the task scheduling for swupd-image significantly.
[YOCTO #9599]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Based on observation of Clear Linux's Mixer and the fact that
swupd-server, since the addition of bundle includes in 3.20,
segfaults when loading a manifest for a previous OS release that
includes the os-core (the default behaviour since the addition of
includes) we infer that it's previously expected and now required
to include the os-core bundle in the groups.ini file.
With this change generating updates beyond the first using
swupd-server v3.x no longer causes swupd_create_update to segfault.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Rebasing the fullfiles.c-work-around-pseudo-bug.patch patch for newer
swupd 3.x branches prevents it from being applied cleanly to the 2.53
version. Resolve this by keeping a separate copy of the original patch
for swupd-server-2.53
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|