Skip to content

Add docker-based update system #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jinnko wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Add docker-based update system #52

jinnko wants to merge 11 commits into from

Conversation

@jinnko
Copy link
Contributor

@jinnko jinnko commented Aug 12, 2017

We get a Dockerfile and associated .dockerignore to create an Ubuntu
16.04 LTS container that can be used for generating updates. A Makefile
is used with a few targets to make invocation of docker related tasks
easier.

The README is updated to reflect the docker implementation.

Several scripts are updated to:

  • support set -x debugging when the DEBUG env var is set
  • be quieter when running

The .gitignore gets some changes to ignore artefacts generated during
the docker-update process.

A new update-wrapper.sh script is used as the docker entry point.

The get-release-image.py script will now only validate if it's downloaded,
and will exit 1 if the validation failed.

The install-su.sh script forces the copy of keys, which would otherwise
break the set -e mode.

The strip-cpio tool is inherently noisy. The easy workaround here is to
simply send all stderr output from it to /dev/null.

Add usage output to the update.sh script, along with a trap handler to
inform the user of an error if the script unexpectedly exits. There's
also a new --scheduled argument to change the behaviour when the
new signed image is ready: without --scheduled the behaviour is the
same as before; with the flag set instructions are provided for what to
do next. The script will also clone the helper repos if they're not
already in place.

The make_keys.sh script is also moved as it makes it hard to
manage our keys in the folder. With only keys in that folder we can
handle those secrets as we please, for example as a git repository with
blackbox GPG encryption.

jinnko added 2 commits August 12, 2017 20:17
@jinnko
Set up docker based update system
b633b5c 
We get a Dockerfile and associated .dockerignore to create an Ubuntu
16.04 LTS container that can be used for generating updates.  A Makefile
is used with a few targets to make invocation of docker related tasks
easier.

The README is updated to reflect the docker implementation.

Several scripts are updated to:

- support `set -x` debugging when the DEBUG env var is set
- be quieter when running

The .gitignore gets some changes to ignore artefacts generated during
the docker-update process.

A new update-wrapper.sh script is used as the docker entry point.

The get-release-image.py script will now only validate if it's downloaded,
and will exit 1 if the validation failed.

The install-su.sh script forces the copy of keys, which would otherwise
break the `set -e` mode.

The strip-cpio tool is inherently noisy.  The easy workaround here is to
simply send all stderr output from it to /dev/null.

Add usage output to the update.sh script, along with a trap handler to
inform the user of an error if the script unexpectedly exits.  There's
also a new `--scheduled` argument to change the behaviour when the
new signed image is ready: without `--scheduled` the behaviour is the
same as before; with the flag set instructions are provided for what to
do next.  The script will also clone the helper repos if they're not
already in place.
@jinnko
Move make_keys.sh script
f5fcb61 
With the make_keys.sh script in the keys folder it becomes harder to
manage our keys in the folder.  With only keys in that folder we can
handle those secrets as we please, for example as a git repository with
blackbox GPG encryption.
@jinnko
Copy link
Contributor Author

jinnko commented Aug 12, 2017

The changes here also benefit from the changes in mikeperry-tor/super-bootimg#1

@jinnko
Fix DEBUG logic
e74d3bf 
The conditionals requred the DEBUG var to always be set.
@jinnko
Remove MyAppList
7f50ae4 
It's no longer available
@jinnko
Fixes for 2017-09 CopperheadOS releases
ef2543a 
A series of new vdex files are in the latest images.  Missing out these
files during the installation of gapps is causing the builds to fail, so
we need to have these in both the gapps-removelist and the docker-sudoers
config.
@jinnko
Set signed update file name to match factory file name
044a0e8 
When generating signed updates we set the file name to match the factory
name so it's easier to be clear about which update you're applying.

We also generate a hash of the file for validation, especially useful if
we're moving the update around and want to validate it's integrity before
using the new update image.
@jinnko
Copy link
Contributor Author

jinnko commented Sep 25, 2017
edited
Loading

Have made some changes to accommodate the 2017-09 CopperheadOS images that contain some new vdex files that were causing problems for applying gapps-delta.

Older commits that are added here have had commit author corrected and signed.

@jinnko
Use legacy URLs for angler and bullhead
2bc55e2 
CopperheadOS have changed the URLs from which the updates are retrieved.
The new logic implemented here reflects what the javascript on their
site is doing.
@jinnko
Use new format for getting published images
2520e1a 
CopperheadOS have chaned the update mechanism.  The new method is now
used by the get-release-image.py script.

Additionally created images were not being ignored.
@jinnko
Fix update process for angler
8bacb0d 
The previous update-binary was not successfully getting the properties,
and therefore wasn't detecting that the device was an angler device.

This binary has been taken from here:

    https://legacy.copperhead.co/angler-ota_update-2017.09.29.01.zip

The end of the updater-script is causing some odd output when applied,
so following the example from the stock one the last command is a
set_progress(), and the bang (!) is taken out of the ui_print() in case
that was causing any issues too.
@jinnko
Copy link
Contributor Author

jinnko commented Sep 29, 2017

Latest updates handle changes to how CopperheadOS make update metadata available, and fix regressions in angler updates. I don't have any other device to test with, but it's likely that the update-binary for other devices will need to be updated to successfully apply updates of android 8.

jinnko added 2 commits October 15, 2017 11:32
@jinnko
Handle image metadata failures
a079d3e 
When the metadata can't be retrieved we should exit with an error and prevent
the rest of the process continuing.
@jinnko
Clean up intermediate docker build images
c7ca5e0 
We don't need intermediates to be kept and they use up space.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jinnko