[PATCH v5 06/12] Dockerfile: capsule: Setup the files needed for capsule update testing
Simon Glass
sjg at chromium.org
Wed Jul 26 00:52:38 CEST 2023
On Tue, 25 Jul 2023 at 02:58, Sughosh Ganu <sughosh.ganu at linaro.org> wrote:
>
> Support has being added through earlier commits to build capsules
> and embed the public key needed for capsule authentication as part of
> u-boot build.
>
> From the testing point-of-view, this means the input files needed for
> generating the above have to be setup before invoking the build. Set
> this up in the CI configuration docker file for testing the capsule
> update feature.
>
> Signed-off-by: Sughosh Ganu <sughosh.ganu at linaro.org>
> ---
> Changes since V4:
> * New patch which moves the setting up of the files needed for testing
> the EFI capsule update feature to the Dockerfile.
>
> Note: Earlier, this setup was being done in the azure and gitlab yaml
> files. Now that this has been moved to the Dockerfile, this will
> require generating a new container image and referencing that image in
> the yaml files for the CI to work when these patches get applied.
>
> tools/docker/Dockerfile | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile
> index 3d2b64a355..294a0b0a53 100644
> --- a/tools/docker/Dockerfile
> +++ b/tools/docker/Dockerfile
> @@ -206,6 +206,18 @@ RUN mkdir -p /opt/nokia && \
> cp /tmp/qemu-linaro/arm-softmmu/qemu-system-arm /opt/nokia && \
> rm -rf /tmp/qemu-linaro
>
> +# Set up capsule files for UEFI capsule update testing
> +RUN mkdir -p /tmp/capsules && \
> + cd /tmp/capsules/ && \
You can just use ${UBOOT_TRAVIS_BUILD_DIR} here
> + echo -n "u-boot:Old" > u-boot.bin.old && \
> + echo -n "u-boot:New" > u-boot.bin.new && \
> + echo -n "u-boot-env:Old" > u-boot.env.old && \
> + echo -n "u-boot-env:New" > u-boot.env.new && \
We don't want these files, just the certs, since they are the things
that take a long time:
> + openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=TEST_SIGNER/ -keyout SIGNER.key -out SIGNER.crt -nodes -days 365 && \
> + openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=TEST_SIGNER/ -keyout SIGNER2.key -out SIGNER2.crt -nodes -days 365 && \
> + cert-to-efi-sig-list SIGNER.crt SIGNER.esl && \
> + chmod -R uog+rw /tmp/capsules/
> +
> # Build genimage (required by some targets to generate disk images)
> RUN wget -O - https://github.com/pengutronix/genimage/releases/download/v14/genimage-14.tar.xz | tar -C /tmp -xJ && \
> cd /tmp/genimage-14 && \
> --
> 2.34.1
>
Regards,
Simon
More information about the U-Boot
mailing list