5 files changed, 108 insertions, 126 deletions

diff --git a/classes/image_types_ostree.bbclass b/classes/image_types_ostree.bbclass
index 05c73ff..41b8d0d 100644
--- a/classes/image_types_ostree.bbclass
+++ b/classes/image_types_ostree.bbclass
@@ -1,42 +1,28 @@
 # OSTree deployment
 
-do_image_ostree[depends] += "ostree-native:do_populate_sysroot \
-                        openssl-native:do_populate_sysroot \
-                        coreutils-native:do_populate_sysroot \
-                        unzip-native:do_populate_sysroot \
-                        virtual/kernel:do_deploy \
-                        ${INITRAMFS_IMAGE}:do_image_complete \
-"
-do_image_ostree[lockfiles] += "${OSTREE_REPO}/ostree.lock"
-
-export OSTREE_REPO
-export OSTREE_BRANCHNAME
-export GARAGE_TARGET_NAME
-
 OSTREE_KERNEL ??= "${KERNEL_IMAGETYPE}"
-
+OSTREE_ROOTFS ??= "${WORKDIR}/ostree-rootfs"
 OSTREE_COMMIT_SUBJECT ??= "Commit-id: ${IMAGE_NAME}"
 OSTREE_COMMIT_BODY ??= ""
 OSTREE_UPDATE_SUMMARY ??= "0"
 
-export SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}"
+BUILD_OSTREE_TARBALL ??= "1"
 
-IMAGE_CMD_ostree () {
-    if [ -z "$OSTREE_REPO" ]; then
-        bbfatal "OSTREE_REPO should be set in your local.conf"
-    fi
+SYSTEMD_USED = "${@oe.utils.ifelse(d.getVar('VIRTUAL-RUNTIME_init_manager', True) == 'systemd', 'true', '')}"
 
-    if [ -z "$OSTREE_BRANCHNAME" ]; then
-        bbfatal "OSTREE_BRANCHNAME should be set in your local.conf"
-    fi
+IMAGE_CMD_TAR = "tar --xattrs --xattrs-include=*"
+CONVERSION_CMD_tar = "touch ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}; ${IMAGE_CMD_TAR} --numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}.tar -C ${OTA_IMAGE_ROOTFS} . || [ $? -eq 1 ]"
+CONVERSIONTYPES_append = " tar"
 
-    OSTREE_ROOTFS=`mktemp -du ${WORKDIR}/ostree-root-XXXXX`
-    cp -a ${IMAGE_ROOTFS} ${OSTREE_ROOTFS}
+OTA_IMAGE_ROOTFS_task-image-ostree = "${OSTREE_ROOTFS}"
+do_image_ostree[dirs] = "${OSTREE_ROOTFS}"
+do_image_ostree[cleandirs] = "${OSTREE_ROOTFS}"
+do_image_ostree[depends] = "coreutils-native:do_populate_sysroot virtual/kernel:do_deploy ${INITRAMFS_IMAGE}:do_image_complete"
+IMAGE_CMD_ostree () {
+    cp -a ${IMAGE_ROOTFS}/* ${OSTREE_ROOTFS}
     chmod a+rx ${OSTREE_ROOTFS}
     sync
 
-    cd ${OSTREE_ROOTFS}
-
     for d in var/*; do
       if [ "${d}" != "var/local" ]; then
         rm -rf ${d}
@@ -64,7 +50,7 @@ IMAGE_CMD_ostree () {
         fi
     done
 
-    if [ -n "$SYSTEMD_USED" ]; then
+    if [ -n "${SYSTEMD_USED}" ]; then
         mkdir -p usr/etc/tmpfiles.d
         tmpfiles_conf=usr/etc/tmpfiles.d/00ostree-tmpfiles.conf
         echo "d /var/rootdirs 0755 root root -" >>${tmpfiles_conf}
@@ -100,7 +86,7 @@ IMAGE_CMD_ostree () {
                 bbwarn "Data in /$dir directory is not preserved by OSTree. Consider moving it under /usr"
             fi
 
-            if [ -n "$SYSTEMD_USED" ]; then
+            if [ -n "${SYSTEMD_USED}" ]; then
                 echo "d /var/rootdirs/${dir} 0755 root root -" >>${tmpfiles_conf}
             else
                 echo "mkdir -p /var/rootdirs/${dir}; chown 755 /var/rootdirs/${dir}" >>${tmpfiles_conf}
@@ -112,11 +98,10 @@ IMAGE_CMD_ostree () {
 
     if [ -d root ] && [ ! -L root ]; then
         if [ "$(ls -A root)" ]; then
-            bberror "Data in /root directory is not preserved by OSTree."
-            exit 1
+            bbfatal "Data in /root directory is not preserved by OSTree."
         fi
 
-        if [ -n "$SYSTEMD_USED" ]; then
+        if [ -n "${SYSTEMD_USED}" ]; then
             echo "d /var/roothome 0755 root root -" >>${tmpfiles_conf}
         else
             echo "mkdir -p /var/roothome; chown 755 /var/roothome" >>${tmpfiles_conf}
@@ -140,17 +125,12 @@ IMAGE_CMD_ostree () {
 
     # Copy image manifest
     cat ${IMAGE_MANIFEST} | cut -d " " -f1,3 > usr/package.manifest
+}
 
-    cd ${WORKDIR}
-
-    # Create a tarball that can be then commited to OSTree repo
-    OSTREE_TAR=${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}.rootfs.ostree.tar.bz2
-    tar -C ${OSTREE_ROOTFS} --xattrs --xattrs-include='*' -cjf ${OSTREE_TAR} .
-    sync
-
-    rm -f ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2
-    ln -s ${IMAGE_NAME}.rootfs.ostree.tar.bz2 ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2
-
+IMAGE_TYPEDEP_ostreecommit = "ostree"
+do_image_ostreecommit[depends] += "ostree-native:do_populate_sysroot"
+do_image_ostreecommit[lockfiles] += "${WORKDIR}/${OSTREE_REPO}-commit.lock"
+IMAGE_CMD_ostreecommit () {
     if ! ostree --repo=${OSTREE_REPO} refs 2>&1 > /dev/null; then
         ostree --repo=${OSTREE_REPO} init --mode=archive-z2
     fi
@@ -166,11 +146,9 @@ IMAGE_CMD_ostree () {
     if [ "${OSTREE_UPDATE_SUMMARY}" = "1" ]; then
         ostree --repo=${OSTREE_REPO} summary -u
     fi
-
-    rm -rf ${OSTREE_ROOTFS}
 }
 
-IMAGE_TYPEDEP_ostreepush = "ostree"
+IMAGE_TYPEDEP_ostreepush = "ostreecommit"
 do_image_ostreepush[depends] += "aktualizr-native:do_populate_sysroot ca-certificates-native:do_populate_sysroot"
 IMAGE_CMD_ostreepush () {
     # Print warnings if credetials are not set or if the file has not been found.
@@ -189,7 +167,7 @@ IMAGE_CMD_ostreepush () {
 }
 
 IMAGE_TYPEDEP_garagesign = "ostreepush"
-do_image_garagesign[depends] += "aktualizr-native:do_populate_sysroot"
+do_image_garagesign[depends] += "unzip-native:do_populate_sysroot"
 IMAGE_CMD_garagesign () {
     if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
         # if credentials are issued by a server that doesn't support offline signing, exit silently
@@ -197,11 +175,9 @@ IMAGE_CMD_garagesign () {
 
         java_version=$( java -version 2>&1 | awk -F '"' '/version/ {print $2}' )
         if [ "${java_version}" = "" ]; then
-            bberror "Java is required for synchronization with update backend, but is not installed on the host machine"
-            exit 1
+            bbfatal "Java is required for synchronization with update backend, but is not installed on the host machine"
         elif [ "${java_version}" \< "1.8" ]; then
-            bberror "Java version >= 8 is required for synchronization with update backend"
-            exit 1
+            bbfatal "Java version >= 8 is required for synchronization with update backend"
         fi
 
         rm -rf ${GARAGE_SIGN_REPO}
@@ -252,14 +228,12 @@ IMAGE_CMD_garagesign () {
         rm -rf ${GARAGE_SIGN_REPO}
 
         if [ "$push_success" -ne "1" ]; then
-            bberror "Couldn't push to garage repository"
-            exit 1
+            bbfatal "Couldn't push to garage repository"
         fi
     fi
 }
 
-IMAGE_TYPEDEP_garagecheck = "ostreepush garagesign"
-do_image_garagecheck[depends] += "aktualizr-native:do_populate_sysroot"
+IMAGE_TYPEDEP_garagecheck = "garagesign"
 IMAGE_CMD_garagecheck () {
     if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
         # if credentials are issued by a server that doesn't support offline signing, exit silently
diff --git a/classes/image_types_ota.bbclass b/classes/image_types_ota.bbclass
index 03fe8d8..c9d21d1 100644
--- a/classes/image_types_ota.bbclass
+++ b/classes/image_types_ota.bbclass
@@ -1,15 +1,9 @@
 # Image to use with u-boot as BIOS and OSTree deployment system
 
-#inherit image_types
-
 # Boot filesystem size in MiB
 # OSTree updates may require some space on boot file system for
 # boot scripts, kernel and initramfs images
 #
-
-
-do_image_ota_ext4[depends] += "e2fsprogs-native:do_populate_sysroot"
-
 calculate_size () {
         BASE=$1
         SCALE=$2
@@ -43,34 +37,14 @@ calculate_size () {
         echo "${SIZE}"
 }
 
-export OSTREE_OSNAME
-export OSTREE_BRANCHNAME
-export OSTREE_REPO
-export OSTREE_BOOTLOADER
-
-export GARAGE_TARGET_NAME
-
-export OTA_SYSROOT="${WORKDIR}/ota-sysroot"
-
-## Common OTA image setup
-fakeroot do_otasetup () {
-        
-        if [ -z "$OSTREE_REPO" ]; then
-                bbfatal "OSTREE_REPO should be set in your local.conf"
-        fi
-
-        if [ -z "$OSTREE_OSNAME" ]; then
-                bbfatal "OSTREE_OSNAME should be set in your local.conf"
-        fi
-
-        if [ -z "$OSTREE_BRANCHNAME" ]; then
-                bbfatal "OSTREE_BRANCHNAME should be set in your local.conf"
-        fi
-
-        # HaX! Since we are using a peristent directory, we need to be sure to clean it on run.
-        mkdir -p ${OTA_SYSROOT}
-        rm -rf ${OTA_SYSROOT}/*
-
+OTA_SYSROOT = "${WORKDIR}/ota-sysroot"
+OTA_IMAGE_ROOTFS_task-image-ota = "${OTA_SYSROOT}"
+IMAGE_TYPEDEP_ota = "ostreecommit"
+do_image_ota[dirs] = "${OTA_SYSROOT}"
+do_image_ota[cleandirs] = "${OTA_SYSROOT}"
+do_image_ota[depends] = "${@'grub:do_populate_sysroot' if d.getVar('OSTREE_BOOTLOADER', True) == 'grub' else ''} \
+                         ${@'virtual/bootloader:do_deploy' if d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot' else ''}"
+IMAGE_CMD_ota () {
         ostree admin --sysroot=${OTA_SYSROOT} init-fs ${OTA_SYSROOT}
         ostree admin --sysroot=${OTA_SYSROOT} os-init ${OSTREE_OSNAME}
         mkdir -p ${OTA_SYSROOT}/boot/loader.0
@@ -82,13 +56,12 @@ fakeroot do_otasetup () {
         elif [ "${OSTREE_BOOTLOADER}" = "u-boot" ]; then
                 touch ${OTA_SYSROOT}/boot/loader/uEnv.txt
         else
-                bberror "Invalid bootloader: ${OSTREE_BOOTLOADER}"
-        fi;
+                bbfatal "Invalid bootloader: ${OSTREE_BOOTLOADER}"
+        fi
 
         ostree_target_hash=$(cat ${OSTREE_REPO}/refs/heads/${OSTREE_BRANCHNAME})
 
         ostree --repo=${OTA_SYSROOT}/ostree/repo pull-local --remote=${OSTREE_OSNAME} ${OSTREE_REPO} ${ostree_target_hash}
-        export OSTREE_BOOT_PARTITION="/boot"
         kargs_list=""
         for arg in ${OSTREE_KERNEL_ARGS}; do
                 kargs_list="${kargs_list} --karg-append=$arg"
@@ -96,19 +69,14 @@ fakeroot do_otasetup () {
 
         ostree admin --sysroot=${OTA_SYSROOT} deploy ${kargs_list} --os=${OSTREE_OSNAME} ${ostree_target_hash}
 
-        # Copy deployment /home and /var/sota to sysroot
-        HOME_TMP=`mktemp -d ${WORKDIR}/home-tmp-XXXXX`
-
-        tar --xattrs --xattrs-include='*' -C ${HOME_TMP} -xf ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.rootfs.ostree.tar.bz2 ./usr/homedirs ./var/local || true
-
         cp -a ${IMAGE_ROOTFS}/var/sota ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true
         # Create /var/sota if it doesn't exist yet
         mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota
         # Ensure the permissions are correctly set
         chmod 700 ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota
 
-        mv ${HOME_TMP}/var/local ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true
-        mv ${HOME_TMP}/usr/homedirs/home ${OTA_SYSROOT}/ || true
+        cp -a ${OSTREE_ROOTFS}/var/local ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true
+        cp -a ${OSTREE_ROOTFS}/usr/homedirs/home ${OTA_SYSROOT}/ || true
         # Ensure that /var/local exists (AGL symlinks /usr/local to /var/local)
         install -d ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/local
         # Set package version for the first deployment
@@ -120,10 +88,10 @@ fakeroot do_otasetup () {
         fi
         mkdir -p ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import
         echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${OTA_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import/installed_versions
-        echo "All done. Cleaning up dir: ${HOME_TMP}"
-        rm -rf ${HOME_TMP}
 }
 
+IMAGE_TYPEDEP_ota-ext4 = "ota"
+do_image_ota_ext4[depends] = "e2fsprogs-native:do_populate_sysroot"
 IMAGE_CMD_ota-ext4 () {
         # Calculate image type
         OTA_ROOTFS_SIZE=$(calculate_size `du -ks $OTA_SYSROOT | cut -f 1`  "${IMAGE_OVERHEAD_FACTOR}" "${IMAGE_ROOTFS_SIZE}" "${IMAGE_ROOTFS_MAXSIZE}" `expr ${IMAGE_ROOTFS_EXTRA_SPACE}` "${IMAGE_ROOTFS_ALIGNMENT}")
@@ -142,16 +110,4 @@ IMAGE_CMD_ota-ext4 () {
         mkfs.ext4 -O ^64bit ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-ext4 -L otaroot -d ${OTA_SYSROOT}
 }
 
-IMAGE_CMD_ota-tar () {
-        tar -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ota-tar -C ${OTA_SYSROOT} .
-}
-
-do_otasetup[doc] = "Sets up the base ota rootfs used for subsequent image generation"
-do_otasetup[depends] += "virtual/fakeroot-native:do_populate_sysroot \
-                        ${@'grub:do_populate_sysroot' if d.getVar('OSTREE_BOOTLOADER', True) == 'grub' else ''} \
-                        ${@'virtual/bootloader:do_deploy' if d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot' else ''}"
-
-addtask do_otasetup after do_image_ostree before do_image_ota_ext4 do_image_ota_tar
-
-IMAGE_TYPEDEP_ota-ext4 = "ostree"
-IMAGE_TYPEDEP_ota-tar = "ostree"
+do_image_wic[depends] += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', '%s:do_image_ota_ext4' % d.getVar('IMAGE_BASENAME', True), '', d)}"
diff --git a/classes/sota.bbclass b/classes/sota.bbclass
index 7fb54dc..93f59eb 100644
--- a/classes/sota.bbclass
+++ b/classes/sota.bbclass
@@ -1,9 +1,3 @@
-export BUILD_OTA_TARBALL
-python __anonymous() {
-    if bb.utils.contains('DISTRO_FEATURES', 'sota', True, False, d):
-        d.appendVarFlag("do_image_wic", "depends", " %s:do_image_ota_ext4" % d.getVar("IMAGE_BASENAME", True))
-}
-
 OVERRIDES .= "${@bb.utils.contains('DISTRO_FEATURES', 'sota', ':sota', '', d)}"
 
 HOSTTOOLS_NONFATAL += "java"
@@ -17,7 +11,8 @@ IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PRO
 IMAGE_CLASSES += " image_types_ostree image_types_ota"
 
 IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck ota-ext4 wic', ' ', d)}"
-IMAGE_FSTYPES += "${@bb.utils.contains('BUILD_OTA_TARBALL', '1', 'ota-tar ota-tar.xz', ' ', d)}"
+IMAGE_FSTYPES += "${@bb.utils.contains('BUILD_OSTREE_TARBALL', '1', 'ostree.tar.bz2', ' ', d)}"
+IMAGE_FSTYPES += "${@bb.utils.contains('BUILD_OTA_TARBALL', '1', 'ota.tar.xz', ' ', d)}"
 
 PACKAGECONFIG_append_pn-curl = " ssl"
 PACKAGECONFIG_remove_pn-curl = "gnutls"
@@ -29,11 +24,13 @@ EXTRA_IMAGEDEPENDS_append_sota = " parted-native mtools-native dosfstools-native
 INITRAMFS_FSTYPES ??= "${@oe.utils.ifelse(d.getVar('OSTREE_BOOTLOADER', True) == 'u-boot', 'cpio.gz.u-boot', 'cpio.gz')}"
 
 # Please redefine OSTREE_REPO in order to have a persistent OSTree repo
-OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo"
-OSTREE_BRANCHNAME ?= "${SOTA_HARDWARE_ID}"
-OSTREE_OSNAME ?= "poky"
+export OSTREE_REPO ?= "${DEPLOY_DIR_IMAGE}/ostree_repo"
+export OSTREE_BRANCHNAME ?= "${SOTA_HARDWARE_ID}"
+export OSTREE_OSNAME ?= "poky"
+export OSTREE_BOOTLOADER ??= 'u-boot'
+export OSTREE_BOOT_PARTITION ??= "/boot"
+
 INITRAMFS_IMAGE ?= "initramfs-ostree-image"
-OSTREE_BOOTLOADER ??= 'u-boot'
 
 GARAGE_SIGN_REPO ?= "${DEPLOY_DIR_IMAGE}/garage_sign_repo"
 GARAGE_SIGN_KEYNAME ?= "garage-key"
@@ -49,6 +46,7 @@ SOTA_MACHINE_intel-corei7-64 ?= "minnowboard"
 SOTA_MACHINE_qemux86-64 ?= "qemux86-64"
 SOTA_MACHINE_am335x-evm ?= "am335x-evm-wifi"
 
-inherit sota_${SOTA_MACHINE}
+SOTA_OVERRIDES_BLACKLIST = "ostree ota"
+SOTA_REQUIRED_VARIABLES = "OSTREE_REPO OSTREE_BRANCHNAME OSTREE_OSNAME OSTREE_BOOTLOADER OSTREE_BOOT_PARTITION GARAGE_SIGN_REPO GARAGE_TARGET_NAME"
 
-inherit image_repo_manifest
+inherit sota_sanity sota_${SOTA_MACHINE} image_repo_manifest
diff --git a/classes/sota_sanity.bbclass b/classes/sota_sanity.bbclass
new file mode 100644
index 0000000..e47de19
--- /dev/null
+++ b/classes/sota_sanity.bbclass
@@ -0,0 +1,54 @@
+# Sanity check the sota setup for common misconfigurations
+
+def sota_check_overrides(status, d):
+    for var in (d.getVar('SOTA_OVERRIDES_BLACKLIST', True) or "").split():
+        if var in d.getVar('OVERRIDES', True).split(':'):
+            status.addresult("%s should not be a overrides, because it is a image fstype in updater layer, please check your OVERRIDES setting.\n" % var)
+
+def sota_check_required_variables(status, d):
+    for var in (d.getVar('SOTA_REQUIRED_VARIABLES', True) or "").split():
+        if not d.getVar(var, True):
+            status.addresult("%s should be set in your local.conf.\n" % var)
+
+def sota_raise_sanity_error(msg, d):
+    if d.getVar("SANITY_USE_EVENTS", True) == "1":
+        bb.event.fire(bb.event.SanityCheckFailed(msg), d)
+        return
+
+    bb.fatal("Sota's config sanity checker detected a potential misconfiguration.\n"
+             "Please fix the cause of this error then you can continue to build.\n"
+             "Following is the list of potential problems / advisories:\n"
+             "\n%s" % msg)
+
+def sota_check_sanity(sanity_data):
+    class SanityStatus(object):
+        def __init__(self):
+            self.messages = ""
+            self.reparse = False
+
+        def addresult(self, message):
+            if message:
+                self.messages = self.messages + message
+
+    status = SanityStatus()
+
+    sota_check_overrides(status, sanity_data)
+    sota_check_required_variables(status, sanity_data)
+
+    if status.messages != "":
+        sota_raise_sanity_error(sanity_data.expand(status.messages), sanity_data)
+
+addhandler sota_check_sanity_eventhandler
+sota_check_sanity_eventhandler[eventmask] = "bb.event.SanityCheck"
+
+python sota_check_sanity_eventhandler() {
+    if bb.event.getName(e) == "SanityCheck":
+        sanity_data = copy_data(e)
+        if e.generateevents:
+            sanity_data.setVar("SANITY_USE_EVENTS", "1")
+        reparse = sota_check_sanity(sanity_data)
+        e.data.setVar("BB_INVALIDCONF", reparse)
+        bb.event.fire(bb.event.SanityCheckPassed(), e.data)
+
+    return
+}
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb
index 41af7c0..e2d52da 100644
--- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb
+++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb
@@ -33,7 +33,7 @@ do_install() {
         fi
 
         if [ -z ${SOTA_CAKEY_PATH} ]; then
-            bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning"
+            bbfatal "SOTA_CAKEY_PATH should be set when using implicit provisioning"
         fi
 
         install -m 0700 -d ${D}${localstatedir}/sota