-
Notifications
You must be signed in to change notification settings - Fork 0
/
aktualizr_notes.txt
91 lines (58 loc) · 4.22 KB
/
aktualizr_notes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# Standard cmake line:
cmake ../ -GNinja -DCMAKE_BUILD_TYPE=Debug -DBUILD_SOTA_TOOLS=ON -DBUILD_OSTREE=ON -DFAULT_INJECTION=ON -DSOTA_PACKED_CREDENTIALS=/home/patti/Downloads/here-ota-patti-test.zip \
-DCMAKE_C_FLAGS=-fdiagnostics-color=always -DCMAKE_CXX_FLAGS=-fdiagnostics-color=always
# Standard ninja build and test command:
ninja all build_tests format && CTEST_OUTPUT_ON_FAILURE=1 CTEST_PARALLEL_LEVEL=8 ctest
# Connect to Raspberry Pi over serial:
sudo picocom -b 115200 /dev/ttyUSB0
# Build with Docker:
# https://github.com/advancedtelematic/aktualizr#building-with-docker
# Old method:
docker build -t advancedtelematic/aktualizr .
# Run with Docker:
docker run --rm -it advancedtelematic/aktualizr src/scripts/test.sh
docker run --rm -it advancedtelematic/aktualizr src/scripts/coverage.sh
# The following command will get a shell to perform an interactive build, but note that your local working copy will not be synchronised with the Docker container. The recommended development workflow is perform local cmake builds, but passing -v $(pwd):/aktualizr-local to docker run is an alternative.
docker run --rm -it advancedtelematic/aktualizr
# Build with PKCS11 support:
cmake ../ -DBUILD_P11=ON -DTEST_PKCS11_ENGINE_PATH=/usr/lib/x86_64-linux-gnu/engines-1.1/libpkcs11.so -DTEST_PKCS11_MODULE_PATH="/usr/lib/softhsm/libsofthsm2.so"
# Install these:
sudo apt install libengine-pkcs11-openssl opensc libp11-3 libp11-dev softhsm2
# Then run scripts/setup_hsm.sh as sudo. May need to `sudo rm /var/lib/softhsm/tokens/` or change some paths.
# aktualizr-cert-provider usage from bitbake build dir:
tmp/work/x86_64-linux/aktualizr-native/1.0+gitAUTOINC+<hash>-7/build/src/cert-provider/aktualizr-cert-provider -c ~/Documents/creds/<creds>.zip -t qemu -s -u -r -g tmp/work/x86_64-linux/aktualizr-native/1.0+gitAUTOINC+<hash>-7/git/config/sota_implicit_prov_ca.toml
# Find garage-push command:
find tmp/work -iname 'run*ostreepush'
# Should be something like this:
./tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0-r0/temp/run.do_image_ostreepush
# Bitbake command to run only that command (although will most likely be cached):
bitbake -c do_image_ostreepush core-image-minimal
# Basic garage-deploy usage (get commit hash with above command):
garage-deploy -f <fetch-creds> -p <push-creds> --commit <hash> -h qemux86-64 --name qemux86-64 --cacert tmp/sysroots-components/x86_64/ca-certificates-native/etc/ssl/certs/ca-certificates.crt
# From bitbake build dir:
tmp/work/x86_64-linux/aktualizr-native/1.0+gitAUTOINC+<hash>-7/build/src/sota_tools/garage-deploy --commit <commit> --name qemux86-64 \
-f ~/Documents/creds/<creds>.zip -p ~/Documents/creds/<creds>.zip -h qemux86-64 --cacert /etc/ssl/certs/ca-certificates.crt
# Build .debs for release:
./scripts/run_docker_test.sh docker/Dockerfile.ubuntu.bionic -eTEST_INSTALL_DESTDIR=$PWD/temp -- ./scripts/build_ubuntu.sh
# Calculate hash of a json file:
cat <file.json> | jq -M -c --sort-keys . | tr -d '\n' | sha256sum
# Dump contents of a p12 (requires jdk):
keytool -list -v -keystore autoprov_credentials.p12 -storepass ""
# Print OSTree repo tree:
ostree --repo=<repo-path> ls <commit-hash> -RC
# Find latest OSTree repo ref:
cat tmp/deploy/images/qemux86-64/ostree_repo/refs/heads/qemux86-64
cat build/tmp-glibc/deploy/images/imx6ulmdb/ostree_repo/refs/heads/imx6ulmdb
# Mount a wic file:
# https://community.nxp.com/t5/i-MX-Processors-Knowledge-Base/Yocto-Project-reading-partitons-in-the-sdcard-image-from-a-Linux/ta-p/1129002
sudo mount -o loop,offset=$((512 * 8192)) core-image-base-imx6sxsabresd.wic /mnt/mp1
# Run aktualizr tests in CI docker:
export DOCKER_TAG=docker.pkg.github.com/uptane/aktualizr/aktualizr-ci:bionic-master
docker run -v "$PWD:$PWD" -w "$PWD" -eTEST_CMAKE_BUILD_TYPE=Valgrind -eTEST_WITH_COVERAGE=1 -eTEST_WITH_P11=1 -eTEST_WITH_FAULT_INJECTION=1 \
-eTEST_TESTSUITE_EXCLUDE=credentials -eTEST_SOTA_PACKED_CREDENTIALS=dummy-credentials -it "$DOCKER_TAG" ./scripts/test.sh
# Open another terminal in a docker container:
docker exec -it <name-or-id> bash
# OSTree commit/deployment pinning to prevent pruning/garbage collection:
# https://dustymabe.com/2018/05/22/pinning-deployments-in-ostree-based-systems/
# Get OSTree HTTP logging:
# Set OSTREE_DEBUG_HTTP=1 env variable for the process