Merge pull request #140 from SoftwareDefinedVehicle/airgap-containers

Airgapped installation of containers

meta-leda-bsp/recipes-bsp/uboot/files/qemux86-64/boot.cmd.in

@@ -2,7 +2,7 @@ if test -e virtio 0:1 uboot.env; then env load; fi;
 
 setenv bootpart
 setenv raucslot
-setenv default_bootargs "console=ttyS0 init=/sbin/init"
+setenv default_bootargs "net.ifnames=0 console=ttyS0 init=/sbin/init"
 
 test -n "${BOOT_ORDER}" || setenv BOOT_ORDER "SDV_A SDV_B"
 test -n "${BOOT_SDV_A_LEFT}" || setenv BOOT_SDV_A_LEFT 3

meta-leda-components/recipes-sdv/eclipse-leda/airgap-container-installer.bb

@@ -0,0 +1,50 @@
+# /********************************************************************************
+# * Copyright (c) 2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+SUMMARY = "Airgapped Container Installer"
+DESCRIPTION = "A service that installs pre-downloaded container images in a specified directory"
+
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+SRC_URI:append = " file://airgap-container-installer"
+SRC_URI:append = " file://airgap-container-installer.service.template"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${THISDIR}/files/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+PREINSTALLED_CTR_IMAGES_DIR ??= "/var/constainers/images"
+PREINSTALLED_CTR_IMAGES_DIR[doc] = "Sets the path to the directory where the downloaded container tar files are stored in the final image"
+
+inherit systemd
+SYSTEMD_AUTO_ENABLE = "enable"
+SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}"
+SYSTEMD_SERVICE:${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','airgap-container-installer.service','',d)}"
+AG_SERVICE_DIR = "${systemd_unitdir}/system"
+
+install_service() {
+    install -d ${D}${AG_SERVICE_DIR}
+    install -m 0644 ${WORKDIR}/airgap-container-installer.service.template ${D}${AG_SERVICE_DIR}/airgap-container-installer.service
+    sed -e 's,@AG_BIN_DD@,${bindir},g' \
+    -e 's,@AG_IMG_DD@,${PREINSTALLED_CTR_IMAGES_DIR},g' \
+    -i ${D}${AG_SERVICE_DIR}/airgap-container-installer.service
+}
+
+do_install() {
+    install -d ${D}${bindir}
+    install -m 0755 ${WORKDIR}/airgap-container-installer ${D}${bindir}
+    install_service
+}
+
+FILES:${PN} += " ${bindir}/airgap-container-installer"
+FILES:${PN} += " ${AG_SERVICE_DIR}/airgap-container-installer.service"
+
+PACKAGES = "${PN}"

meta-leda-components/recipes-sdv/eclipse-leda/files/airgap-container-installer

@@ -0,0 +1,67 @@
+#!/bin/sh
+# shellcheck disable=SC3043
+# shellcheck disable=SC1091
+# shellcheck disable=SC2086
+# shellcheck disable=SC2034
+# shellcheck disable=SC2059
+# /********************************************************************************
+# * Copyright (c) 2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+tar_dir=$1
+IMPORTED_CTRS_LOCK_NAME="imported-ctrs.lock"
+
+if [ -z "${tar_dir}" ]; then
+    echo "Using current working directory as image directory"
+    tar_dir=$(pwd)
+fi
+
+if [ ! -d "${tar_dir}" ]; then
+    echo "${tar_dir} either does not exist or is not a directory"
+    exit 1
+fi
+
+if [ -z "$(ls -A ${tar_dir}/*.tar* 2>/dev/null)" ]; then
+    echo "Nothing to install"
+    exit 0
+fi
+
+# ctr image import is very slow even when importing the same image twice
+# we keep a list of already imported images and we skip them
+LOCK_PATH="${tar_dir}/${IMPORTED_CTRS_LOCK_NAME}"
+if [ ! -f ${LOCK_PATH} ]; then
+    echo "Lock at ${LOCK_PATH} does not exist. Creating an empty lock."
+    echo "# THIS FILE KEEPS A LOG OF ALL IMAGES ALREADY IMPORTED BY AIRGAP-CONTAINER-INSTALLER.SERVICE" >>${LOCK_PATH}
+    echo "# DELETE ANY LINES FOR IMAGES THAT YOU WISH TO BE RE-IMPORTED ON SERVICE RESTART" >>${LOCK_PATH}
+    echo "Created ${LOCK_PATH}"
+fi
+
+for tar_image in "${tar_dir}"/*.tar*; do
+    echo "Loading ${tar_image}..."
+    tar_base_name=$(basename ${tar_image})
+    if grep -Fxq "$tar_base_name" ${LOCK_PATH}; then
+        # Container image already imported, skipping...
+        echo "Already imported...Skipping"
+        continue
+    else
+        echo "Importing new image"
+        import_msg=$(ctr --namespace kanto-cm image import ${tar_image} --no-unpack)
+        import_rc=$?
+        if [ $import_rc -eq 0 ]; then
+            echo "${tar_base_name}" >>${LOCK_PATH}
+            echo "Imported"
+        else
+            echo "Importing ${tar_image} failed with message: ${import_msg}, rc: ${import_rc}"
+            continue
+        fi
+    fi
+done

meta-leda-components/recipes-sdv/eclipse-leda/files/airgap-container-installer.service.template

@@ -0,0 +1,28 @@
+# /********************************************************************************
+# * Copyright (c) 2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+# Eclipse Leda
+
+[Unit]
+Description=Airgap Container Installer
+After=containerd.service
+Before=container-management.service
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+Restart=on-failure
+RestartSec=5s
+ExecStart=@AG_BIN_DD@/airgap-container-installer @AG_IMG_DD@

meta-leda-components/recipes-sdv/eclipse-leda/files/kanto-auto-deployer.service.template

@@ -23,4 +23,4 @@ WantedBy=multi-user.target
 [Service]
 Restart=on-failure
 RestartSec=5s
-ExecStart=@KD_BIN_DD@/kanto-auto-deployer @KD_CFG_DD@
+ExecStart=@KD_BIN_DD@/kanto-auto-deployer @KD_CFG_DD@

meta-leda-components/recipes-sdv/packagegroups/packagegroup-sdv-airgap-containers.bb

@@ -0,0 +1,27 @@
+# /********************************************************************************
+# * Copyright (c) 2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+SUMMARY = "SDV pre-downloaded containers"
+DESCRIPTION = "Pre-downloaded (airgapped) containers that would be installed in the image by default"
+
+inherit packagegroup
+
+RDEPENDS:${PN} = "\
+    sdv-kuksa-val-databroker \
+    sdv-container-seatservice \
+    sdv-container-selfupdateagent \
+    sdv-container-cloudconnector \
+    sdv-container-vehicleupdatemanager  \
+    sdv-container-hvacservice \
+    sdv-container-feedercan \
+ "

meta-leda-components/recipes-sdv/packagegroups/packagegroup-sdv-core.bb

@@ -27,3 +27,5 @@ RDEPENDS:${PN} = "\
     leda-utils \
     openvpn \
     "
+
+RDEPENDS:${PN}:append = " ${@bb.utils.contains("DISTRO_FEATURES", "airgap-containers", "airgap-container-installer", "", d)}"

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-cloudagent_0.1.bb → meta-leda-components/recipes-sdv/sdv-containers/sdv-container-cloudconnector_git.bb

@@ -25,8 +25,8 @@ LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://${WORKDIR}/git/LICENSE;md5=2b42edef8fa55315f34f2370b4715ca9"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-incubator-cloud-connector/cloudconnector"
-SDV_IMAGE_TAG="main-13add98ec32e077d0f125e333a24aaf908187c9b"
+SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-contrib-cloud-connector/cloudconnector"
+SDV_IMAGE_TAG="main-47c01227a620a3dbd85b66e177205c06c0f7a52e"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.
 #CONTAINER_ARCH="arm64"

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-feedercan_0.1.bb

@@ -21,11 +21,11 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-incubator-vehicleapi/feeder_can"
-SDV_IMAGE_TAG="v0.18.0"
+SDV_IMAGE_REF="ghcr.io/eclipse/kuksa.val.feeders/dbc2val"
+SDV_IMAGE_TAG="v0.1.1"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.
 #CONTAINER_ARCH="arm64"

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-hvacservice_0.1.bb

@@ -0,0 +1,35 @@
+# /********************************************************************************
+# * Copyright (c) 2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+SUMMARY = "SDV Example HVAC Service"
+DESCRIPTION = "Example HVAC service"
+
+inherit sdv-container-cache
+
+SRC_URI += "file://README.txt \
+            file://LICENSE"
+
+# According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+# Define image to be pulled
+SDV_IMAGE_REF="ghcr.io/eclipse/kuksa.val.services/hvac_service"
+SDV_IMAGE_TAG="v0.1.0"
+
+# Override container architecture. If not set, recipe tries autodetection for target machine architecture.
+#CONTAINER_ARCH="arm64"
+
+# Skip pre-caching of a container if target architecture does not exist
+CONTAINER_SKIP_MISSING_ARCH="1"
+

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-otelagent_0.1.bb

@@ -21,10 +21,10 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-incubator-otel/otelcol-sdv-ext"
+SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-contrib-otel/otelcol-sdv-ext"
 SDV_IMAGE_TAG="v0.0.1"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-otelexporter_0.1.bb

@@ -21,10 +21,10 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-incubator-otel/otelcol-sdv-exporter"
+SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-contrib-otel/otelcol-sdv-exporter"
 SDV_IMAGE_TAG="v0.0.1"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-seatservice_0.1.bb → meta-leda-components/recipes-sdv/sdv-containers/sdv-container-seatservice_0.3.bb

@@ -21,11 +21,11 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-incubator-vehicleapi/seat_service"
-SDV_IMAGE_TAG="v0.18.0"
+SDV_IMAGE_REF="ghcr.io/boschglobal/kuksa.val.services/seat_service"
+SDV_IMAGE_TAG="v0.3.0"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.
 #CONTAINER_ARCH="arm64"

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-selfupdateagent_0.1.bb → meta-leda-components/recipes-sdv/sdv-containers/sdv-container-selfupdateagent_0.66.bb

@@ -21,11 +21,11 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/sdv-self-update-agent/sua"
-SDV_IMAGE_TAG="v0.1.16"
+SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-contrib-self-update-agent/self-update-agent"
+SDV_IMAGE_TAG="build-66"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.
 #CONTAINER_ARCH="arm64"

meta-leda-components/recipes-sdv/sdv-containers/sdv-container-vehicleupdatemanager_0.1.bb → meta-leda-components/recipes-sdv/sdv-containers/sdv-container-vehicleupdatemanager_git.bb

@@ -21,11 +21,11 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
-SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-incubator-containersm/vehicleupdatemanager"
-SDV_IMAGE_TAG="v0.7"
+SDV_IMAGE_REF="ghcr.io/eclipse-leda/leda-contrib-vehicle-update-manager/vehicleupdatemanager"
+SDV_IMAGE_TAG="main-1d8dca55a755c4b3c7bc06eabfa06ad49e068a48"
 
 # Override container architecture. If not set, recipe tries autodetection for target machine architecture.
 #CONTAINER_ARCH="arm64"

meta-leda-components/recipes-sdv/sdv-containers/sdv-kuksa-val-databroker_0.2.bb → meta-leda-components/recipes-sdv/sdv-containers/sdv-kuksa-val-databroker_0.3.bb

@@ -21,9 +21,9 @@ SRC_URI += "file://README.txt \
 
 # According to https://wiki.yoctoproject.org/wiki/License_Infrastructure_Interest_Group
 LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=d9fc0efef5228704e7f5b37f27192723"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 
 # Define image to be pulled
 SDV_IMAGE_REF = "ghcr.io/eclipse/kuksa.val/databroker"
-SDV_IMAGE_TAG = "0.2.5"
+SDV_IMAGE_TAG = "0.3.0"
 

meta-leda-distro/recipes-sdv-distro/images/sdv-image-data.bb

@@ -21,7 +21,7 @@ LICENSE = "Apache-2.0"
 IMAGE_INSTALL += "sdv-core-containers"
 IMAGE_INSTALL += "sdv-example-containers"
 IMAGE_INSTALL += "sdv-example-certificate"
-
+IMAGE_INSTALL:append = " ${@bb.utils.contains("DISTRO_FEATURES", "airgap-containers", "packagegroup-sdv-airgap-containers", "", d)}"
 IMAGE_FSTYPES += "ext4.gz"
 IMAGE_LINGUAS = ""
 IMAGE_ROOTFS_SIZE ?= "2097152"