diff options
| author | Patrick Vacek <patrickvacek@gmail.com> | 2019-08-20 16:59:49 +0200 |
|---|---|---|
| committer | Patrick Vacek <patrickvacek@gmail.com> | 2019-08-20 16:59:49 +0200 |
| commit | 8434da1a579dc15090cbd1dc57cd8d83c6de613e (patch) | |
| tree | 4907dd06e689269e4f241239ca53197a69354a21 /classes | |
| parent | 3bc650084e9db3320c67b6e5abe36920080ff576 (diff) | |
| download | meta-updater-8434da1a579dc15090cbd1dc57cd8d83c6de613e.tar.gz | |
aktualizr: latest garage-sign with expiration support.
Use GARAGE_TARGET_EXPIRES or GARAGE_TARGET_EXPIRE_AFTER (but not both!)
to set the garage-sign parameters.
Signed-off-by: Patrick Vacek <patrickvacek@gmail.com>
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/image_types_ostree.bbclass | 17 | ||||
| -rw-r--r-- | classes/sota.bbclass | 2 |
2 files changed, 15 insertions, 4 deletions
diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass index 2e8e8f5..fd67865 100644 --- a/classes/image_types_ostree.bbclass +++ b/classes/image_types_ostree.bbclass | |||
| @@ -237,10 +237,18 @@ IMAGE_CMD_garagesign () { | |||
| 237 | # Push may fail due to race condition when multiple build machines try to push simultaneously | 237 | # Push may fail due to race condition when multiple build machines try to push simultaneously |
| 238 | # in which case targets.json should be pulled again and the whole procedure repeated | 238 | # in which case targets.json should be pulled again and the whole procedure repeated |
| 239 | push_success=0 | 239 | push_success=0 |
| 240 | target_url="" | 240 | target_url="" |
| 241 | if [ -n "${GARAGE_TARGET_URL}" ]; then | 241 | if [ -n "${GARAGE_TARGET_URL}" ]; then |
| 242 | target_url='--url ${GARAGE_TARGET_URL}' | 242 | target_url="--url ${GARAGE_TARGET_URL}" |
| 243 | fi | 243 | fi |
| 244 | target_expiry="" | ||
| 245 | if [ -n "${GARAGE_TARGET_EXPIRES}" ] && [ -n "${GARAGE_TARGET_EXPIRE_AFTER}" ]; then | ||
| 246 | bbfatal "Both GARAGE_TARGET_EXPIRES and GARAGE_TARGET_EXPIRE_AFTER are set. Only one can be set at a time." | ||
| 247 | elif [ -n "${GARAGE_TARGET_EXPIRES}" ]; then | ||
| 248 | target_expiry="--expires ${GARAGE_TARGET_EXPIRES}" | ||
| 249 | elif [ -n "${GARAGE_TARGET_EXPIRE_AFTER}" ]; then | ||
| 250 | target_expiry="--expire-after ${GARAGE_TARGET_EXPIRE_AFTER}" | ||
| 251 | fi | ||
| 244 | 252 | ||
| 245 | for push_retries in $( seq 3 ); do | 253 | for push_retries in $( seq 3 ); do |
| 246 | garage-sign targets pull --repo tufrepo \ | 254 | garage-sign targets pull --repo tufrepo \ |
| @@ -262,6 +270,7 @@ IMAGE_CMD_garagesign () { | |||
| 262 | fi | 270 | fi |
| 263 | garage-sign targets sign --repo tufrepo \ | 271 | garage-sign targets sign --repo tufrepo \ |
| 264 | --home-dir ${GARAGE_SIGN_REPO} \ | 272 | --home-dir ${GARAGE_SIGN_REPO} \ |
| 273 | ${target_expiry} \ | ||
| 265 | --key-name=targets | 274 | --key-name=targets |
| 266 | errcode=0 | 275 | errcode=0 |
| 267 | garage-sign targets push --repo tufrepo \ | 276 | garage-sign targets push --repo tufrepo \ |
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index 86863d9..5b06397 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
| @@ -51,6 +51,8 @@ GARAGE_SIGN_KEYNAME ?= "garage-key" | |||
| 51 | GARAGE_TARGET_NAME ?= "${OSTREE_BRANCHNAME}" | 51 | GARAGE_TARGET_NAME ?= "${OSTREE_BRANCHNAME}" |
| 52 | GARAGE_TARGET_VERSION ?= "" | 52 | GARAGE_TARGET_VERSION ?= "" |
| 53 | GARAGE_TARGET_URL ?= "" | 53 | GARAGE_TARGET_URL ?= "" |
| 54 | GARAGE_TARGET_EXPIRES ?= "" | ||
| 55 | GARAGE_TARGET_EXPIRE_AFTER ?= "" | ||
| 54 | GARAGE_CUSTOMIZE_TARGET ?= "" | 56 | GARAGE_CUSTOMIZE_TARGET ?= "" |
| 55 | 57 | ||
| 56 | SOTA_MACHINE ??="none" | 58 | SOTA_MACHINE ??="none" |