From e6f3359a53a7a342651ce6c7041d8ac68098c92b Mon Sep 17 00:00:00 2001 From: Ben Courliss Date: Tue, 16 Jan 2024 11:22:05 -0500 Subject: [PATCH] Issue-51: Updated to use FIDO Device Onboard 1.1.7 Signed-off-by: Ben Courliss --- .github/workflows/build-push.yml | 2 +- CHANGELOG.md | 4 +++ Makefile | 14 ++++++--- README.md | 10 +++---- docker/Dockerfile | 4 +-- docker/run-fdo-owner-service.sh | 6 ++-- docker/start-fdo-owner-service.sh | 2 +- docs/ocs-api-swagger.yml | 2 +- getFDO.sh | 47 ------------------------------- sample-mfg/fdo_to.service | 4 +-- sample-mfg/start-mfg.sh | 2 +- tools/grabCreds.sh | 2 +- 12 files changed, 31 insertions(+), 68 deletions(-) delete mode 100755 getFDO.sh diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 1924f82..31f8b1c 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -3,6 +3,7 @@ name: build-push # This workflow triggers on any push (or merge) to the listed branch(es) on: + workflow_dispatch: push: branches: - main @@ -108,7 +109,6 @@ jobs: run: | cd ${REPO_DIR} make clean - ./getFDO.sh make env: VERSION: '${{ steps.config-version.outputs.VERSION }}-${{ steps.offset.outputs.BUILD_NUMBER }}' diff --git a/CHANGELOG.md b/CHANGELOG.md index 9ff5bfc..34e28df 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ # Changelog All notable changes to this project will be documented in this file. +## [1.4.0] - 2024-01.16 +- Issue 51: Updated to support FDO `1.1.7` release. +- Removed unneeded getFDO.sh script which was duplicated by the Makefile. + ## [1.3.0] - 2023-11.06 - Issue 48: Updated FDO to support FDO Project's `1.1.6` release. - Updated Golang to version `1.21.3`. diff --git a/Makefile b/Makefile index 75a120f..37b4182 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,9 @@ SHELL ?= /bin/bash -e # Set this before building the ocs-api binary and FDO-owner-services (for now they use the samme version number) -export VERSION ?= 1.3.0 -export FIDO_DEVICE_ONBOARD_REL_VER ?= 1.1.6 +export VERSION ?= 1.4.0 +export FIDO_DEVICE_ONBOARD_REL_VER ?= 1.1.7 # used by sample-mfg/Makefile. Needs to match what is in fdo/supply-chain-tools-v/docker_manufacturer/docker-compose.yml -STABLE_VERSION ?= 1.3.0 +STABLE_VERSION ?= 1.4.0 #todo: add BUILD_NUMBER like in anax/Makefile @@ -45,6 +45,12 @@ fdo/third-party-components.tar.gz: fdo fdo/third-party-components: fdo/third-party-components.tar.gz tar -zxf fdo/third-party-components.tar.gz -C fdo +fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz: fdo + wget -P fdo https://github.com/fido-device-onboard/release-fidoiot/releases/download/v$(FIDO_DEVICE_ONBOARD_REL_VER)/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz + +fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER): fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz + tar -zxf fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz -C fdo + # Build the ocs rest api for linux for the FDO-owner-services container ocs-api/linux/ocs-api: ocs-api/*.go ocs-api/*/*.go Makefile mkdir -p ocs-api/linux @@ -59,7 +65,7 @@ run-ocs-api: ocs-api/ocs-api tools/start-ocs-api.sh # Build the FDO services docker image - see the build environment requirements listed in docker/Dockerfile -$(FDO_DOCKER_IMAGE): ocs-api/linux/ocs-api fdo/NOTICES-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/pri-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/third-party-components +$(FDO_DOCKER_IMAGE): ocs-api/linux/ocs-api fdo/NOTICES-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/pri-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/third-party-components fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER) - docker rm -f $(FDO_DOCKER_IMAGE) 2> /dev/null || : docker build --build-arg="fido_device_onboard_rel_ver=$(FIDO_DEVICE_ONBOARD_REL_VER)" -t $(DOCKER_REGISTRY)/$@:$(VERSION) $(FDO_IMAGE_LABELS) $(DOCKER_OPTS) -f docker/Dockerfile . diff --git a/README.md b/README.md index e69c882..398940e 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ The FDO owner service are packaged as a single docker container that can be run # An all-in-1 environment example: export HZN_EXCHANGE_USER_AUTH=admin:password # : export HZN_ORG_ID=myorg # - export FIDO_DEVICE_ONBOARD_REl_VER=1.1.6 # https://github.com/fido-device-onboard/release-fidoiot/releases + export FIDO_DEVICE_ONBOARD_REL_VER=1.1.7 # https://github.com/fido-device-onboard/release-fidoiot/releases export VERBOSE=true # optional, for debug ``` @@ -47,7 +47,7 @@ The FDO owner service are packaged as a single docker container that can be run 5. Start the FDO owner service docker container and view the log: ```bash - ./docker/run-fdo-owner-service.sh 1.3.0 + ./docker/run-fdo-owner-service.sh 1.4.0 docker logs -f fdo-owner-service ``` @@ -115,7 +115,7 @@ The sample script called `start-mfg.sh` downloads and extracts all necessary com ```bash curl -sSLO https://raw.githubusercontent.com/open-horizon/FDO-support/main/sample-mfg/start-mfg.sh chmod +x start-mfg.sh -export FIDO_DEVICE_ONBOARD_REL_VER=1.1.6 # https://github.com/fido-device-onboard/release-fidoiot/releases +export FIDO_DEVICE_ONBOARD_REL_VER=1.1.7 # https://github.com/fido-device-onboard/release-fidoiot/releases export FDO_MFG_SVC_AUTH=apiUser:password # apiUser: export FDO_MFG_PORT=8039 export FDO_OWN_COMP_SVC_PORT=9008 @@ -143,7 +143,7 @@ All the following steps interacting with localhost:8039 are automated by the `./ 2. On your VM to be initialized, go to the device directory and run the following command to initialize your VM "Device": ```bash - cd "fdo/pri-fidoiot-v$FIDO_DEVICE_ONBOARD_REl_VER/device" + cd "fdo/pri-fidoiot-v$FIDO_DEVICE_ONBOARD_REL_VER/device" java -jar device.jar ``` The response should end with @@ -340,7 +340,7 @@ DROP DATABASE fdo; #### Troubleshooting -- If the edge device does not give a `[INFO ] TO2 completed successfully. [INFO ] Starting Fdo Completed`, check /fdo/pri-fidoiot-v1.1.6/owner/app-data/service.log or use command `docker logs -f fdo-owner-service` for error messages. +- If the edge device does not give a `[INFO ] TO2 completed successfully. [INFO ] Starting Fdo Completed`, check /fdo/pri-fidoiot-v1.1.7/owner/app-data/service.log or use command `docker logs -f fdo-owner-service` for error messages. - If your Owner, RV or Manufacturer service does not respond, you can check the logs in the same location as above. If the logs never printed that it started the service, for example: "Started Owner Service", then make sure you have all dependencies installed and environment variables correctly exported. - If your Service Info Package fails during the process of getting onboarded to the edge device, make sure you posted the file correctly to the owner service DB. Also make sure that you posted the correct To2 address. diff --git a/docker/Dockerfile b/docker/Dockerfile index 01a9453..c34ca44 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -78,11 +78,11 @@ USER fdouser WORKDIR $WORKDIR ARG fido_device_onboard_rel_ver -ENV FIDO_DEVICE_ONBOARD_REL_VER=${fido_device_onboard_rel_ver:-1.1.6} +ENV FIDO_DEVICE_ONBOARD_REL_VER=${fido_device_onboard_rel_ver:-1.1.7} # Get the license file COPY LICENSE.txt /licenses/ -#${FIDO_DEVICE_ONBOARD_REL_VER} 1.1.6 uses 1.1.5. +#${FIDO_DEVICE_ONBOARD_REL_VER} 1.1.7 uses 1.1.5. COPY fdo/NOTICES-v1.1.5/pri-fidoiot/* /licenses/FDOIotPlatformSDK/ # Get owner db files. The owner subdir will be created automatically by COPY diff --git a/docker/run-fdo-owner-service.sh b/docker/run-fdo-owner-service.sh index 975fb76..b006814 100755 --- a/docker/run-fdo-owner-service.sh +++ b/docker/run-fdo-owner-service.sh @@ -6,7 +6,7 @@ if [[ "$1" == "-h" || "$1" == "--help" ]]; then cat << EndOfMessage Usage: ${0##*/} [] Arguments: - The image tag to use. Defaults to '1.3.0' + The image tag to use. Defaults to '1.4.0' Required environment variables: HZN_MGMT_HUB_CERT: the base64 encoded content of the management hub cluster ingress self-signed certificate (can be set to 'N/A' if the mgmt hub does not require a cert). If set, this certificate is given to the edge nodes in the HZN_MGMT_HUB_CERT_PATH variable. @@ -50,7 +50,7 @@ generateToken() { head -c 1024 /dev/urandom | base64 | tr -cd "[:alpha:][:digit: export CSS_PORT_EXTERNAL=${CSS_PORT_EXTERNAL:-9443} export EXCHANGE_INTERNAL_URL=${EXCHANGE_INTERNAL_URL:-http://exchange-api:8080/v1} # Internal docker network, for this container. export EXCHANGE_PORT_EXTERNAL=${EXCHANGE_PORT_EXTERNAL:-3090} -export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.6} +export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.7} export FDO_OWN_COMP_SVC_PORT=${FDO_OWN_COMP_SVC_PORT:-9008} export FDO_OWN_SVC_PORT=${FDO_OWN_SVC_PORT:-8042} export FDO_OWN_DB=${FDO_OWN_DB:-fdo} @@ -73,7 +73,7 @@ export HZN_MGMT_HUB_CERT=${HZN_MGMT_HUB_CERT:-$(cat ./agent-install.crt | base64 export VERBOSE=${VERBOSE:-false} EXCHANGE_INTERNAL_CERT="${HZN_MGMT_HUB_CERT:-N/A}" -VERSION="${1:-1.3.0}" +VERSION="${1:-1.4.0}" DOCKER_REGISTRY=${DOCKER_REGISTRY:-openhorizon} FDO_DOCKER_IMAGE=${FDO_DOCKER_IMAGE:-fdo-owner-services} diff --git a/docker/start-fdo-owner-service.sh b/docker/start-fdo-owner-service.sh index 1e4ed67..89580b2 100755 --- a/docker/start-fdo-owner-service.sh +++ b/docker/start-fdo-owner-service.sh @@ -10,7 +10,7 @@ ocsDbDir="${1:-"ocs-db/"}" ocsApiPort="${2:-${SDO_OCS_API_TLS_PORT:-${SDO_OCS_API_PORT:-$ocsApiPortDefault}}}" # precedence: arg, or tls port, or non-tls port, or default workingDir='/home/fdouser' -FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.6} # https://github.com/fido-device-onboard/release-fidoiot/releases +FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.7} # https://github.com/fido-device-onboard/release-fidoiot/releases deviceBinaryDir="pri-fidoiot-v$FIDO_DEVICE_ONBOARD_REL_VER" # These can be passed in via CLI args or env vars tmp_pass=`head -c 15 /dev/random | base64` diff --git a/docs/ocs-api-swagger.yml b/docs/ocs-api-swagger.yml index b309050..676e4ee 100644 --- a/docs/ocs-api-swagger.yml +++ b/docs/ocs-api-swagger.yml @@ -13,7 +13,7 @@ info: license: name: Apache 2.0 url: http://www.apache.org/licenses/LICENSE-2.0.html - version: 1.3.0 + version: 1.4.0 externalDocs: description: Find out more about Open Horizon Support for FDO url: https://github.com/open-horizon/FDO-support diff --git a/getFDO.sh b/getFDO.sh deleted file mode 100755 index 8fefdf5..0000000 --- a/getFDO.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# This script only needs to be run by developers of this project when needing to move up to a new version of FDO. -# Before running, update the versions of the tar files as necessary. - -SCRIPT_LOCATION=$(dirname "$0") - -# Check the exit code passed in and exit if non-zero -chk() { - local exitCode=$1 - local task=$2 - if [[ $exitCode == 0 ]]; then return; fi - echo "Error: exit code $exitCode from: $task" - exit $exitCode -} - -echo "Retrieving FDO Release 1.1.6 dependencies..." -mkdir -p ${SCRIPT_LOCATION}/fdo && cd ${SCRIPT_LOCATION}/fdo -chk $? 'making fdo dir' - -echo "Getting client-sdk-fidoiot" -curl --progress-bar -LO https://github.com/fido-device-onboard/release-fidoiot/releases/download/v1.1.6/client-sdk-fidoiot-v1.1.6.tar.gz -chk $? 'downloading client-sdk-fidoiot' -tar -zxf client-sdk-fidoiot-v1.1.6.tar.gz -chk $? 'unpacking client-sdk-fidoiot' - - -echo "Getting Protocol Reference Implementation" -curl --progress-bar -LO https://github.com/fido-device-onboard/release-fidoiot/releases/download/v1.1.6/pri-fidoiot-v1.1.6.tar.gz -chk $? 'downloading pri' -tar -zxf pri-fidoiot-v1.1.6.tar.gz -chk $? 'unpacking pri' - -echo "Getting NOTICES" -curl --progress-bar -LO https://github.com/fido-device-onboard/release-fidoiot/releases/download/v1.1.6/NOTICES-v1.1.6.tar.gz -chk $? 'downloading NOTICES' -tar -zxf NOTICES-v1.1.6.tar.gz -chk $? 'unpacking NOTICES' - -echo "Getting Third Party Components" -curl --progress-bar -LO https://github.com/fido-device-onboard/release-fidoiot/releases/download/v1.1.6/third-party-components.tar.gz -chk $? 'downloading third-party-components' -tar -zxf third-party-components.tar.gz -chk $? 'unpacking third-party-components' - -cd ${SCRIPT_LOCATION} -echo "Complete." \ No newline at end of file diff --git a/sample-mfg/fdo_to.service b/sample-mfg/fdo_to.service index f112ff2..b46795a 100644 --- a/sample-mfg/fdo_to.service +++ b/sample-mfg/fdo_to.service @@ -10,8 +10,8 @@ Before=user-sessions.service [Service] # For oneshot, systemd expects the command to NOT fork itself, and timeout is disabled by default Type=oneshot -WorkingDirectory=/home/device/fdo/pri-fidoiot-v1.1.6/device -ExecStart=/bin/java -jar /home/device/fdo/pri-fidoiot-v1.1.6/device/device.jar +WorkingDirectory=/home/device/fdo/pri-fidoiot-v1.1.7/device +ExecStart=/bin/java -jar /home/device/fdo/pri-fidoiot-v1.1.7/device/device.jar [Install] WantedBy=multi-user.target \ No newline at end of file diff --git a/sample-mfg/start-mfg.sh b/sample-mfg/start-mfg.sh index 9adb626..fc19f53 100755 --- a/sample-mfg/start-mfg.sh +++ b/sample-mfg/start-mfg.sh @@ -63,7 +63,7 @@ export FDO_MFG_PORT=${FDO_MFG_PORT:-8039} export FDO_MFG_SVC_AUTH=${FDO_MFG_SVC_AUTH:-apiUser:$(generateToken 15)} export FDO_OWN_COMP_SVC_PORT=${FDO_OWN_COMP_SVC_PORT:-9008} export FDO_RV_URL=${FDO_RV_URL:-http://fdorv.com} # set to the production domain by default. Development domain is Owner's service public key protected as of v1.1.6. -export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.6} # https://github.com/fido-device-onboard/release-fidoiot/releases +export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.7} # https://github.com/fido-device-onboard/release-fidoiot/releases export HZN_DOCK_NET=${HZN_DOCK_NET:-hzn_horizonnet} #export HZN_EXCHANGE_USER_AUTH=${HZN_EXCHANGE_USER_AUTH:-admin:} # Default to organization admin provided by all-in-1 environment export HZN_LISTEN_IP=${HZN_LISTEN_IP:-127.0.0.1} diff --git a/tools/grabCreds.sh b/tools/grabCreds.sh index a5c2343..b5f9289 100644 --- a/tools/grabCreds.sh +++ b/tools/grabCreds.sh @@ -7,7 +7,7 @@ grabCreds() { for i in ${components[@]}; do if [[ "${components[@]}" =~ "$i" ]]; then - keypwd="$(grep -E '^ *api_password=' fdo/pri-fidoiot-v1.1.6/$i/service.env)" + keypwd="$(grep -E '^ *api_password=' fdo/pri-fidoiot-v1.1.7/$i/service.env)" API_PWD=${keypwd#api_password=} echo export "$i"=$API_PWD