-
Task
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
False
-
None
-
False
-
Testable
-
-
In the case of custom hardware, the customer is responsible for the device firmware and is unwilling or not allowed to publish it in LVFS as it has no reason to live outside their Edge product.
org.osbuild.fwupd.firmware
{ "type": "org.osbuild.fwupd.firmware", "inputs": { "images": { "type": "org.osbuild.containers", "origin": "org.osbuild.source", "references": { "sha256:d4ee….": { "name": "quay.io/company/radar-firmware" } } } }, "options": { "destination": { "type": "vendor-firmware", "path": "/usr/share/fwupd/remotes.d/vendor/firmware", "quirks": "/usr/share/fwupd/quirks.d", } } },
Would install:
- any cab file within the container into /usr/share/fwupd/remotes.d/vendor/firmware
- any file in the quirks.d directory inside the container into /usr/share/fwupd/quirks.d.
An example of how such embedded container firmware could be created by customers would be:
#!/usr/bin/bash IMAGE=quay.io/mangelajo/firmware-test TAG=0.2 CONTAINER=$(buildah from --arch "embedded" --os "none" scratch) buildah add "${CONTAINER}" stm32f103-example-vcp-0.2.cab quirks.d/* buildah config -l fwupd.cab.container=true "${CONTAINER}" buildah commit "${CONTAINER}" "${IMAGE}:${TAG}" podman push "${IMAGE}:${VERSION}" buildah rm "${CONTAINER}" # optional signature DIGEST=$(podman inspect "${IMAGE}:${TAG}" | jq '.[]["Digest"]' | cut -d\" -f 2) cosign sign --key cosign.key "${IMAGE}@${DIGEST}"
And this is an example of how the contents of such container can be extracted in the osbuild pipeline code:
$ IMAGE=quay.io/mangelajo/firmware-test $ TAG=0.2 $ CONTAINER=$(buildah from --name firmware_extract --platform none/embedded "${IMAGE}:${TAG}") $ buildah unshare -m firmware_extract << 'EOF' ls $firmware_extract EOF stm32f103-example-vcp-0.2.cab $ buildah rm $CONTAINER
- is depended on by
-
COMPOSER-1934 composer: implement firmware embedding in images
- New