Issue-51: Updated to use FIDO Device Onboard 1.1.7

Signed-off-by: Ben Courliss <[email protected]>
open-horizon · Jan 16, 2024 · e6f3359 · e6f3359
1 parent 3cd3595
commit e6f3359
Show file tree

Hide file tree

Showing 12 changed files with 31 additions and 68 deletions.
diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml
@@ -3,6 +3,7 @@ name: build-push
 
 # This workflow triggers on any push (or merge) to the listed branch(es)
 on:
+  workflow_dispatch:
   push:
     branches:
       - main
@@ -108,7 +109,6 @@ jobs:
         run: |
           cd ${REPO_DIR}
           make clean
-          ./getFDO.sh
           make
         env:
           VERSION: '${{ steps.config-version.outputs.VERSION }}-${{ steps.offset.outputs.BUILD_NUMBER }}'

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 # Changelog
 
 All notable changes to this project will be documented in this file.
+## [1.4.0] - 2024-01.16
+- Issue 51: Updated to support FDO `1.1.7` release.
+- Removed unneeded getFDO.sh script which was duplicated by the Makefile.
+
 ## [1.3.0] - 2023-11.06
 - Issue 48: Updated FDO to support FDO Project's `1.1.6` release.
 - Updated Golang to version `1.21.3`.

diff --git a/Makefile b/Makefile
@@ -1,9 +1,9 @@
 SHELL ?= /bin/bash -e
 # Set this before building the ocs-api binary and FDO-owner-services (for now they use the samme version number)
-export VERSION ?= 1.3.0
-export FIDO_DEVICE_ONBOARD_REL_VER ?= 1.1.6
+export VERSION ?= 1.4.0
+export FIDO_DEVICE_ONBOARD_REL_VER ?= 1.1.7
 # used by sample-mfg/Makefile. Needs to match what is in fdo/supply-chain-tools-v<version>/docker_manufacturer/docker-compose.yml
-STABLE_VERSION ?= 1.3.0
+STABLE_VERSION ?= 1.4.0
 
 #todo: add BUILD_NUMBER like in anax/Makefile
 
@@ -45,6 +45,12 @@ fdo/third-party-components.tar.gz: fdo
 fdo/third-party-components: fdo/third-party-components.tar.gz
 	tar -zxf fdo/third-party-components.tar.gz -C fdo
 
+fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz: fdo
+	wget -P fdo https://github.com/fido-device-onboard/release-fidoiot/releases/download/v$(FIDO_DEVICE_ONBOARD_REL_VER)/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz
+
+fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER): fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz
+	tar -zxf fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER).tar.gz -C fdo
+
 # Build the ocs rest api for linux for the FDO-owner-services container
 ocs-api/linux/ocs-api: ocs-api/*.go ocs-api/*/*.go Makefile
 	mkdir -p ocs-api/linux
@@ -59,7 +65,7 @@ run-ocs-api: ocs-api/ocs-api
 	tools/start-ocs-api.sh
 
 # Build the FDO services docker image - see the build environment requirements listed in docker/Dockerfile
-$(FDO_DOCKER_IMAGE): ocs-api/linux/ocs-api fdo/NOTICES-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/pri-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/third-party-components
+$(FDO_DOCKER_IMAGE): ocs-api/linux/ocs-api fdo/NOTICES-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/pri-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER) fdo/third-party-components fdo/client-sdk-fidoiot-v$(FIDO_DEVICE_ONBOARD_REL_VER)
 	- docker rm -f $(FDO_DOCKER_IMAGE) 2> /dev/null || :
 	docker build --build-arg="fido_device_onboard_rel_ver=$(FIDO_DEVICE_ONBOARD_REL_VER)" -t $(DOCKER_REGISTRY)/$@:$(VERSION) $(FDO_IMAGE_LABELS) $(DOCKER_OPTS) -f docker/Dockerfile .
 

diff --git a/README.md b/README.md
@@ -28,7 +28,7 @@ The FDO owner service are packaged as a single docker container that can be run
    # An all-in-1 environment example:
    export HZN_EXCHANGE_USER_AUTH=admin:password  # <identity>:<password>
    export HZN_ORG_ID=myorg  # <organization>
-   export FIDO_DEVICE_ONBOARD_REl_VER=1.1.6 # https://github.com/fido-device-onboard/release-fidoiot/releases
+   export FIDO_DEVICE_ONBOARD_REL_VER=1.1.7 # https://github.com/fido-device-onboard/release-fidoiot/releases
    export VERBOSE=true # optional, for debug
    ```
 
@@ -47,7 +47,7 @@ The FDO owner service are packaged as a single docker container that can be run
 5. Start the FDO owner service docker container and view the log:
 
    ```bash
-   ./docker/run-fdo-owner-service.sh 1.3.0
+   ./docker/run-fdo-owner-service.sh 1.4.0
    docker logs -f fdo-owner-service
    ```
 
@@ -115,7 +115,7 @@ The sample script called `start-mfg.sh` downloads and extracts all necessary com
  ```bash
 curl -sSLO https://raw.githubusercontent.com/open-horizon/FDO-support/main/sample-mfg/start-mfg.sh
 chmod +x start-mfg.sh
-export FIDO_DEVICE_ONBOARD_REL_VER=1.1.6 # https://github.com/fido-device-onboard/release-fidoiot/releases
+export FIDO_DEVICE_ONBOARD_REL_VER=1.1.7 # https://github.com/fido-device-onboard/release-fidoiot/releases
 export FDO_MFG_SVC_AUTH=apiUser:password # apiUser:<password>
 export FDO_MFG_PORT=8039
 export FDO_OWN_COMP_SVC_PORT=9008
@@ -143,7 +143,7 @@ All the following steps interacting with localhost:8039 are automated by the `./
 2. On your VM to be initialized, go to the device directory and run the following command to initialize your VM "Device":
 
    ```bash
-   cd "fdo/pri-fidoiot-v$FIDO_DEVICE_ONBOARD_REl_VER/device"
+   cd "fdo/pri-fidoiot-v$FIDO_DEVICE_ONBOARD_REL_VER/device"
    java -jar device.jar
    ```
    The response should end with
@@ -340,7 +340,7 @@ DROP DATABASE fdo;
 
 #### <a name="troubleshooting"></a>Troubleshooting
 
-- If the edge device does not give a `[INFO ] TO2 completed successfully. [INFO ] Starting Fdo Completed`, check /fdo/pri-fidoiot-v1.1.6/owner/app-data/service.log or use command `docker logs -f fdo-owner-service` for error messages.
+- If the edge device does not give a `[INFO ] TO2 completed successfully. [INFO ] Starting Fdo Completed`, check /fdo/pri-fidoiot-v1.1.7/owner/app-data/service.log or use command `docker logs -f fdo-owner-service` for error messages.
 - If your Owner, RV or Manufacturer service does not respond, you can check the logs in the same location as above. If the logs never printed that it started the service, for example: "Started Owner Service", then make sure you have all dependencies installed and environment variables correctly exported.
 - If your Service Info Package fails during the process of getting onboarded to the edge device, make sure you posted the file correctly to the owner service DB. Also make sure that you posted the correct To2 address.
 

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -78,11 +78,11 @@ USER fdouser
 WORKDIR $WORKDIR
 
 ARG fido_device_onboard_rel_ver
-ENV FIDO_DEVICE_ONBOARD_REL_VER=${fido_device_onboard_rel_ver:-1.1.6}
+ENV FIDO_DEVICE_ONBOARD_REL_VER=${fido_device_onboard_rel_ver:-1.1.7}
 
 # Get the license file
 COPY LICENSE.txt /licenses/
-#${FIDO_DEVICE_ONBOARD_REL_VER} 1.1.6 uses 1.1.5.
+#${FIDO_DEVICE_ONBOARD_REL_VER} 1.1.7 uses 1.1.5.
 COPY fdo/NOTICES-v1.1.5/pri-fidoiot/* /licenses/FDOIotPlatformSDK/
 
 # Get owner db files. The owner subdir will be created automatically by COPY

diff --git a/docker/run-fdo-owner-service.sh b/docker/run-fdo-owner-service.sh
@@ -6,7 +6,7 @@ if [[ "$1" == "-h" || "$1" == "--help" ]]; then
     cat << EndOfMessage
 Usage: ${0##*/} [<image-version>]
 Arguments:
-  <image-version>  The image tag to use. Defaults to '1.3.0'
+  <image-version>  The image tag to use. Defaults to '1.4.0'
 Required environment variables:
   HZN_MGMT_HUB_CERT: the base64 encoded content of the management hub cluster ingress self-signed certificate (can be set to 'N/A' if the mgmt hub does not require a cert). If set, this certificate is given to the edge nodes in the HZN_MGMT_HUB_CERT_PATH variable.
 
@@ -50,7 +50,7 @@ generateToken() { head -c 1024 /dev/urandom | base64 | tr -cd "[:alpha:][:digit:
 export CSS_PORT_EXTERNAL=${CSS_PORT_EXTERNAL:-9443}
 export EXCHANGE_INTERNAL_URL=${EXCHANGE_INTERNAL_URL:-http://exchange-api:8080/v1} # Internal docker network, for this container.
 export EXCHANGE_PORT_EXTERNAL=${EXCHANGE_PORT_EXTERNAL:-3090}
-export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.6}
+export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.7}
 export FDO_OWN_COMP_SVC_PORT=${FDO_OWN_COMP_SVC_PORT:-9008}
 export FDO_OWN_SVC_PORT=${FDO_OWN_SVC_PORT:-8042}
 export FDO_OWN_DB=${FDO_OWN_DB:-fdo}
@@ -73,7 +73,7 @@ export HZN_MGMT_HUB_CERT=${HZN_MGMT_HUB_CERT:-$(cat ./agent-install.crt | base64
 export VERBOSE=${VERBOSE:-false}
 
 EXCHANGE_INTERNAL_CERT="${HZN_MGMT_HUB_CERT:-N/A}"
-VERSION="${1:-1.3.0}"
+VERSION="${1:-1.4.0}"
 
 DOCKER_REGISTRY=${DOCKER_REGISTRY:-openhorizon}
 FDO_DOCKER_IMAGE=${FDO_DOCKER_IMAGE:-fdo-owner-services}

diff --git a/docker/start-fdo-owner-service.sh b/docker/start-fdo-owner-service.sh
@@ -10,7 +10,7 @@ ocsDbDir="${1:-"ocs-db/"}"
 ocsApiPort="${2:-${SDO_OCS_API_TLS_PORT:-${SDO_OCS_API_PORT:-$ocsApiPortDefault}}}"  # precedence: arg, or tls port, or non-tls port, or default
 
 workingDir='/home/fdouser'
-FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.6} # https://github.com/fido-device-onboard/release-fidoiot/releases
+FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.7} # https://github.com/fido-device-onboard/release-fidoiot/releases
 deviceBinaryDir="pri-fidoiot-v$FIDO_DEVICE_ONBOARD_REL_VER"
 # These can be passed in via CLI args or env vars
 tmp_pass=`head -c 15 /dev/random | base64`

diff --git a/docs/ocs-api-swagger.yml b/docs/ocs-api-swagger.yml
@@ -13,7 +13,7 @@ info:
   license:
     name: Apache 2.0
     url: http://www.apache.org/licenses/LICENSE-2.0.html
-  version: 1.3.0
+  version: 1.4.0
 externalDocs:
   description: Find out more about Open Horizon Support for FDO
   url: https://github.com/open-horizon/FDO-support

diff --git a/getFDO.sh b/getFDO.sh
diff --git a/sample-mfg/fdo_to.service b/sample-mfg/fdo_to.service
@@ -10,8 +10,8 @@ Before=user-sessions.service
 [Service]
 # For oneshot, systemd expects the command to NOT fork itself, and timeout is disabled by default
 Type=oneshot
-WorkingDirectory=/home/device/fdo/pri-fidoiot-v1.1.6/device
-ExecStart=/bin/java -jar /home/device/fdo/pri-fidoiot-v1.1.6/device/device.jar
+WorkingDirectory=/home/device/fdo/pri-fidoiot-v1.1.7/device
+ExecStart=/bin/java -jar /home/device/fdo/pri-fidoiot-v1.1.7/device/device.jar
 
 [Install]
 WantedBy=multi-user.target
diff --git a/sample-mfg/start-mfg.sh b/sample-mfg/start-mfg.sh
@@ -63,7 +63,7 @@ export FDO_MFG_PORT=${FDO_MFG_PORT:-8039}
 export FDO_MFG_SVC_AUTH=${FDO_MFG_SVC_AUTH:-apiUser:$(generateToken 15)}
 export FDO_OWN_COMP_SVC_PORT=${FDO_OWN_COMP_SVC_PORT:-9008}
 export FDO_RV_URL=${FDO_RV_URL:-http://fdorv.com} # set to the production domain by default. Development domain is Owner's service public key protected as of v1.1.6.
-export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.6} # https://github.com/fido-device-onboard/release-fidoiot/releases
+export FIDO_DEVICE_ONBOARD_REL_VER=${FIDO_DEVICE_ONBOARD_REL_VER:-1.1.7} # https://github.com/fido-device-onboard/release-fidoiot/releases
 export HZN_DOCK_NET=${HZN_DOCK_NET:-hzn_horizonnet}
 #export HZN_EXCHANGE_USER_AUTH=${HZN_EXCHANGE_USER_AUTH:-admin:} # Default to organization admin provided by all-in-1 environment
 export HZN_LISTEN_IP=${HZN_LISTEN_IP:-127.0.0.1}

diff --git a/tools/grabCreds.sh b/tools/grabCreds.sh
@@ -7,7 +7,7 @@ grabCreds() {
     for i in ${components[@]}; do
         if [[ "${components[@]}" =~ "$i" ]]; then
 
-            keypwd="$(grep -E '^ *api_password=' fdo/pri-fidoiot-v1.1.6/$i/service.env)"
+            keypwd="$(grep -E '^ *api_password=' fdo/pri-fidoiot-v1.1.7/$i/service.env)"
             API_PWD=${keypwd#api_password=}
 
 	    echo export "$i"=$API_PWD