From b75959afd99dec433a7719f5c5235ab26e6220f9 Mon Sep 17 00:00:00 2001 From: Javier Viguera Date: Fri, 2 Jun 2017 12:07:12 +0200 Subject: [PATCH] meta-digi-dey: add new recipe for AWS Greengrass core https://jira.digi.com/browse/DEL-4302 Signed-off-by: Javier Viguera --- ...ve-bashisms-in-launcher-shell-script.patch | 83 ++++++++++ .../greengrass/greengrass_0.9.0.bb | 152 ++++++++++++++++++ 2 files changed, 235 insertions(+) create mode 100644 meta-digi-dey/recipes-aws/greengrass/greengrass/0001-greengrassd-remove-bashisms-in-launcher-shell-script.patch create mode 100644 meta-digi-dey/recipes-aws/greengrass/greengrass_0.9.0.bb diff --git a/meta-digi-dey/recipes-aws/greengrass/greengrass/0001-greengrassd-remove-bashisms-in-launcher-shell-script.patch b/meta-digi-dey/recipes-aws/greengrass/greengrass/0001-greengrassd-remove-bashisms-in-launcher-shell-script.patch new file mode 100644 index 000000000..fd722576a --- /dev/null +++ b/meta-digi-dey/recipes-aws/greengrass/greengrass/0001-greengrassd-remove-bashisms-in-launcher-shell-script.patch @@ -0,0 +1,83 @@ +From: Javier Viguera +Date: Wed, 31 May 2017 13:52:30 +0200 +Subject: [PATCH] greengrassd: remove bashisms in launcher shell script + +So it runs properly in other Posix shells (like the one in Busybox) + +Signed-off-by: Javier Viguera +--- + greengrassd | 20 ++++++++++---------- + 1 file changed, 10 insertions(+), 10 deletions(-) + +diff --git a/greengrassd b/greengrassd +index c312d23dda3c..1d4b3ad6dd22 100755 +--- a/greengrassd ++++ b/greengrassd +@@ -1,4 +1,4 @@ +-#!/usr/bin/env bash ++#!/bin/sh + + ##########Environment Requirement for Greengrass Daemon########## + # by default, the daemon assumes it's going to be launched from a directory +@@ -35,19 +35,19 @@ setup() { + mkdir -p $GGC_ROOT_FS + + # Mask greengrass directory for containers +- mknod $GGC_ROOT_FS/greengrass c 1 3 &>/dev/null || true ++ mknod $GGC_ROOT_FS/greengrass c 1 3 >/dev/null 2>&1 || true + + } + + validatePlatformSecurity() { + +- if [[ -f $FS_SETTINGS/protected_hardlinks && +- -f $FS_SETTINGS/protected_symlinks ]]; then ++ if [ -f $FS_SETTINGS/protected_hardlinks ] && ++ [ -f $FS_SETTINGS/protected_symlinks ]; then + + PROT_HARDLINK_VAL=$(cat $FS_SETTINGS/protected_hardlinks) + PROT_SOFTLINK_VAL=$(cat $FS_SETTINGS/protected_symlinks) + +- if [[ "$PROT_HARDLINK_VAL" -ne 1 || "$PROT_SOFTLINK_VAL" -ne 1 ]]; then ++ if [ "$PROT_HARDLINK_VAL" -ne 1 ] || [ "$PROT_SOFTLINK_VAL" -ne 1 ]; then + echo "Insecure configuration detected: No hardlink/softlink protection" | tee -a $CRASH_LOG + exit 1 + fi +@@ -124,7 +124,7 @@ validateEnvironment() { + + start() { + setup +- if [[ $INSECURE -ne 1 ]]; then ++ if [ "${INSECURE}" != "1" ]; then + validatePlatformSecurity + fi + +@@ -169,7 +169,7 @@ stop() { + break + fi + done; +- echo -e "\nStopped greengrass daemon" ++ printf "\nStopped greengrass daemon\n" + rm $PID_FILE + else + echo "Unable to kill the process with pid: $PID" +@@ -186,16 +186,16 @@ usage() { + echo "" + echo "Usage: $0 [FLAGS] {start|stop|restart}" + echo "" +- echo -e "[FLAGS]: -i, --insecure \t Run GGC in insecure mode, (highly discouraged!)" ++ printf "[FLAGS]: -i, --insecure \t Run GGC in insecure mode, (highly discouraged!)\n" + echo "" + exit 1 + } + +-if [[ $# -eq 0 ]]; then ++if [ $# -eq 0 ]; then + usage + fi + +-while [[ $# -gt 0 ]] ++while [ $# -gt 0 ] + do + key="$1" + case $key in diff --git a/meta-digi-dey/recipes-aws/greengrass/greengrass_0.9.0.bb b/meta-digi-dey/recipes-aws/greengrass/greengrass_0.9.0.bb new file mode 100644 index 000000000..486c4ed35 --- /dev/null +++ b/meta-digi-dey/recipes-aws/greengrass/greengrass_0.9.0.bb @@ -0,0 +1,152 @@ +# Copyright (C) 2017, Digi International Inc. + +SUMMARY = "AWS IoT Greengrass core" +HOMEPAGE = "https://aws.amazon.com/greengrass/" +# +# The package includes different licenses: +# +# [Apache-2.0] +# LICENSE/github_aws_aws_sdk_go_License.txt +# LICENSE/github_coreos_go_systemd_License.txt +# LICENSE/github_docker_docker_License.txt +# LICENSE/github_docker_go_units_License.txt +# LICENSE/github_go_ini_ini_License.txt +# LICENSE/github_jmespath_go_jmespath_License.txt +# LICENSE/github_opencontainers_runc_License.txt +# LICENSE/github_opencontainers_runtime_spec_License.txt +# LICENSE/github_pquerna_ffjson_License.txt +# LICENSE/github_vishvananda_netlink_License.txt +# [BSD-2-Clause] +# LICENSE/github_godbus_dbus_License.txt +# LICENSE/github_huin_gobinarytest_License.txt +# LICENSE/github_seccomp_libseccomp_golang_License.txt +# LICENSE/github_syndtr_gocapability_License.txt +# [BSD-3-Clause] +# LICENSE/github_golang_protobuf_License.txt +# LICENSE/github_jeffallen_mqtt_License.txt +# LICENSE/Golang_License.txt +# [MIT] +# LICENSE/github_huin_mqtt_License.txt +# LICENSE/github_mattn_go_sqlite3_License.txt +# LICENSE/github_nu7hatch_gouuid_License.txt +# LICENSE/github_Sirupsen_logrus_License.txt +# LICENSE/github_urfave_cli_License.txt +# LICENSE/github_yosssi_gmq_License.txt +# [Proprietary] +# LICENSE/GG-BetaMaterials-License.txt +# +LICENSE = "Apache-2.0 | BSD-2-Clause | BSD-3-Clause | MIT | Proprietary" +LIC_FILES_CHKSUM = " \ + file://LICENSE/GG-BetaMaterials-License.txt;md5=a33101714f905fe97db6fe085c1271ef \ + file://LICENSE/github_aws_aws_sdk_go_License.txt;md5=d273d63619c9aeaf15cdaf76422c4f87 \ + file://LICENSE/github_coreos_go_systemd_License.txt;md5=715f3348ed8b9bf4fac3b08133384a4d \ + file://LICENSE/github_docker_docker_License.txt;md5=bba4ee48af378e39b452d742d29c710b \ + file://LICENSE/github_docker_go_units_License.txt;md5=bb99db20f1c48c2c4952c27c72855e36 \ + file://LICENSE/github_godbus_dbus_License.txt;md5=b03a62440372a9acf9692ad365932c87 \ + file://LICENSE/github_go_ini_ini_License.txt;md5=715f3348ed8b9bf4fac3b08133384a4d \ + file://LICENSE/github_golang_protobuf_License.txt;md5=16fe162f7848190010b6ec7bfaac030a \ + file://LICENSE/github_huin_gobinarytest_License.txt;md5=f2b3138d9d314bccf5297dea7e3e6d14 \ + file://LICENSE/github_huin_mqtt_License.txt;md5=12fd125064676697934b7d8c09bed0e8 \ + file://LICENSE/github_jeffallen_mqtt_License.txt;md5=b7269d52765d477e10f319c19d8a9d33 \ + file://LICENSE/github_jmespath_go_jmespath_License.txt;md5=640d33f0070c9dc3a194d2ed7db02974 \ + file://LICENSE/github_mattn_go_sqlite3_License.txt;md5=948f36a2300ac729e60416063190f664 \ + file://LICENSE/github_nu7hatch_gouuid_License.txt;md5=6b18748dcc29fda05fa5aaef44d517fd \ + file://LICENSE/github_opencontainers_runc_License.txt;md5=587c01b2dcc5dc3b4bed51b918c64731 \ + file://LICENSE/github_opencontainers_runtime_spec_License.txt;md5=ef95ed297310c3d09ba16c06d5e161a5 \ + file://LICENSE/github_pquerna_ffjson_License.txt;md5=d273d63619c9aeaf15cdaf76422c4f87 \ + file://LICENSE/github_seccomp_libseccomp_golang_License.txt;md5=9205c4c469bfb9d3a63f346539ee445b \ + file://LICENSE/github_Sirupsen_logrus_License.txt;md5=29baae91637760ae68feb57ca93e5a0a \ + file://LICENSE/github_syndtr_gocapability_License.txt;md5=321f58fa53a0b1bb9a887f14660d436b \ + file://LICENSE/github_urfave_cli_License.txt;md5=f1f14a2449300559aed90bedc36a71ed \ + file://LICENSE/github_vishvananda_netlink_License.txt;md5=c95fd0efd62139c155e956a448df8fd6 \ + file://LICENSE/github_yosssi_gmq_License.txt;md5=2509f45544da1ecce869ce2de1aa44dd \ + file://LICENSE/Golang_License.txt;md5=3d7ed06383c65a3161b36c6a0b0b98f5 \ +" + +SRC_URI = " \ + http:///not/exist/greengrass-linux-armv6l-${PV}-release.tar.gz \ + file://0001-greengrassd-remove-bashisms-in-launcher-shell-script.patch \ +" +SRC_URI[md5sum] = "eb7e6dbdfe00e51db8b7ffbd2284ae59" +SRC_URI[sha256sum] = "24da4016345eeeb6a86067619d385015139437fbd16dba9a91461758692f933f" + +GG_TARBALL_LOCAL_PATH ?= "" + +# The tarball is only available for downloading after registration, so provide +# a PREMIRROR to a local directory that can be configured in the project's +# local.conf file using GG_TARBALL_LOCAL_PATH variable. +python() { + gg_tarball_local_path = d.getVar('GG_TARBALL_LOCAL_PATH', True) + if gg_tarball_local_path: + premirrors = d.getVar('PREMIRRORS', True) + d.setVar('PREMIRRORS', "http:///not/exist/greengrass.* file://%s \\n %s" % (gg_tarball_local_path, premirrors)) +} + +S = "${WORKDIR}/${BPN}" + +inherit useradd + +GG_USESYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'yes', 'no', d)}" + +# Disable tasks not needed for the binary package +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +do_install() { + install -d ${D}/opt/${BPN} + tar --no-same-owner --exclude='./patches' --exclude='./.pc' -cpf - -C ${S} . \ + | tar --no-same-owner -xpf - -C ${D}/opt/${BPN} + + # Configure whether to use systemd or not + sed -i -e "/useSystemd/{s,\[yes|no],${GG_USESYSTEMD},g}" ${D}/opt/${BPN}/configuration/config.json +} + +pkg_postinst_${PN}() { + # Enable protection for hardlinks and symlinks + if ! grep -qs 'protected_.*links' $D${sysconfdir}/sysctl.conf; then + cat >> $D${sysconfdir}/sysctl.conf <<-_EOF_ + # Greengrass: protect hardlinks/symlinks + fs.protected_hardlinks = 1 + fs.protected_symlinks = 1 + _EOF_ + fi + + # Customize '/etc/fstab' + if [ -f "$D${sysconfdir}/fstab" ]; then + # Disable TMPFS /var/volatile + sed -i -e '\#^tmpfs[[:blank:]]\+/var/volatile#s,^,#,g' $D${sysconfdir}/fstab + + # Mount a cgroup hierarchy with all available subsystems + if ! grep -qs '^cgroup' $D${sysconfdir}/fstab; then + cat >> $D${sysconfdir}/fstab <<-_EOF_ + # Greengrass: mount cgroups + cgroup /sys/fs/cgroup cgroup defaults 0 0 + _EOF_ + fi + fi + + # Disable '/etc/resolv.conf' symlink + if [ -f "$D${sysconfdir}/default/volatiles/00_core" ]; then + sed -i -e '/resolv.conf/d' $D${sysconfdir}/default/volatiles/00_core + cat >> $D${sysconfdir}/default/volatiles/00_core <<-_EOF_ + # Greengrass: create a real (no symlink) resolv.conf + f root root 0644 /etc/resolv.conf none + _EOF_ + fi +} + +FILES_${PN} = "/opt/${BPN}" + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "-r ggc_group" +USERADD_PARAM_${PN} = "-r -M -N -g ggc_group -s /bin/false ggc_user" + +# +# Disable failing QA checks: +# +# Binary was already stripped +# No GNU_HASH in the elf binary +# +INSANE_SKIP_${PN} += "already-stripped ldflags" + +RDEPENDS_${PN} += "ca-certificates python-core sqlite3"