dey-image-container is not a full image, so the regular image cleanup
does not remove old DCP artifacts from the deploy directory.
Add a dedicated cleanup task that honors RM_OLD_IMAGE and removes previous
LXC and Podman DCP artifacts before generating the new ones.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Generate the LXC payload tarball with config and rootfs/ at the
archive root so it matches the documented DCP format and the strict
installer expectations.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the complete Digi recommended set of Wi-Fi tools, if not wpa-cli or
hostapd are not included.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The package is no longer fetched from Git, so rename the recipe to a
versioned .bb file and fetch the proprietary artifact from Digi server.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The shutdown helper was installed and enabled, but during reboot it was
never started.
Hook the helper directly into shutdown.target.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The Cloud Connector depends on syslog for logging, so this package is
required to properly collect its messages.
https://onedigi.atlassian.net/browse/DEL-10080
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Create task temporary directories under `${T}` instead of the host `/tmp`
and remove them when the task exits.
This avoids leaving large temporary directories behind during container
artifact generation.
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Generate the package if from logical name when it is not specified in
the json. If case it is set, use it.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Propagate an optional manifest name field through the DCP generator, so the
container manager can publish friendly names DRM.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Align the policy DRM block with the latest changes done in the
cc-container-mng tool.
https://onedigi.atlassian.net/browse/DEL-10075
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Keep the shutdown helper active during normal system operation and run the
managed container stop path from ExecStop when shutdown begins.
This makes the container stop happen before the general system teardown,
so network and CCCS are still available and reboot is less likely to
block waiting for late shutdown ordering.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Currently only the CCMP25 and CC95 will officially support containers.
For these platforms, "/root" is a common path with enough free space.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
As cc-containerd uses DRM to publish metrics, start the service after
cccs (this is optional, as the container will retry it) and stop our
service before cccsd (to do our best to try to upload the STOP status
to DRM)
https://onedigi.atlassian.net/browse/DEL-10035
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
There is no need to have a dedicated folder, as we only use a configuration
file. Other data is stored in a different path.
https://onedigi.atlassian.net/browse/DEL-10035
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Include curl in the container-manager image so basic HTTP checks can be
run directly on target when validating containers published ports.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Enable netavark bridge networking in the trimmed Podman recipe
so container images support publish-port arguments
such as -p 80:8080 and restore iptables dependency.
It's needed to install iptables-modules because it is not
populated due to NO_RECOMMENDATIONS.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Switch the Yocto LXC bundle output to tar.gz and require the same format
in the external DCP generator so the DCP can embed the payload
without extra conversion.
This saves time on the device when installing.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Instead of using the internal logic, move to use the external
script to generate the DCP, so internal and external DCP are
using a common flow.
https://onedigi.atlassian.net/browse/DEL-10037
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Mark the trimmed runtime variants as conflicting with the standard
packages so images cannot include both Podman or LXC flavors at the
same time.
This avoids ambiguous runtime layouts and configuration ownership when a
minimal container-manager image uses the trimmed packages while other
images may select the standard runtimes.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Generate /etc/containers/containers.conf so Podman does not depend on
its internal default network backend at runtime.
If not, at runtime, the default podman network fails with:
"""
Error: could not find "netavark" in one of {[/usr/local/libexec/podman /usr/local/l
ib/podman /usr/libexec/podman /usr/lib/podman] {<nil>}}. To resolve this error, se
t the helper_binaries_dir key in the `[engine]` section of containers.conf to the d
irectory containing your helper binaries.
"""
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The container entrypoint already runs docker-init, so there is no
need to chain a second instance.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Include default registration settings in the generated DCP manifest so
future install flows can bootstrap the container configuration directly
from the package metadata.
Add registration_defaults with autostart, monitor and restart policy,
and populate those values for the lvgl and webkit container profiles.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Populate the DCP manifest for the ccmp25 lvgl and webkit profiles with
the Podman runtime arguments required to create the containers on the
target.
Keep only runtime options in CONTAINER_CREATE_ARGS_PODMAN and compose the
entrypoint automatically from CONTAINER_INIT_MANAGER and
CONTAINER_INIT_SCRIPT when generating the Podman artifact metadata.
https://onedigi.atlassian.net/browse/DEL-10033
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The ccmp25 WebKit container needs a small set of extra device nodes
to run the embedded AI demos reliably.
Bind only the device nodes validated on target for the browser demos:
galcore, DRM, framebuffer, input, and the camera video/media/subdevice
nodes used by the AI examples.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
The WebKit container profile was missing runtime pieces that are
present in the native WebKit image and required by the embedded
ConnectCore demos.
Add the font and icon packages needed by the fish tank WebGL demo,
include the Weston and GStreamer runtime packages used by the browser
demo stack, and switch the ccmp25 profile to the GCNano userspace
packages used by the native image.
Keep the machine learning packagegroup scoped to ccmp25, since the
ST X-LINUX-AI subset and its demo integration are specific to that
platform.
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Standalone GPU and video tests perform as expected in the WebKit
container, but rendering degrades once Cog runs on top of Weston.
Align the container Weston startup with the native setup by
loading the default Weston options, enabling the systemd-notify
module and exporting WL_EGL_GBM_FENCE=0 before starting the compositor.
https://onedigi.atlassian.net/browse/DEL-10038https://onedigi.atlassian.net/browse/DEL-10039
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Package recommendations are disable, so some recommended packages might
be missed.
For HW detecting add the next explicit packages, which solves the
microSD card detection.
https://onedigi.atlassian.net/browse/DEL-10042
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Set KillMode=process in the systemd unit so 'systemctl stop
cc-containerd' only terminates the daemon itself.
Without this, systemd uses the default control-group kill mode and
can terminate container processes that share the service cgroup,
which changes container runtime state when the service is stopped.
https://onedigi.atlassian.net/browse/DEL-9963https://onedigi.atlassian.net/browse/DEL-10005
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Document dey-image-container-manager in meta-digi-containers and
update the ccmp25-dvk and ccimx95-dvk build template notes so the
image is listed during environment setup together with its
virtualization requirement.
https://onedigi.atlassian.net/browse/DEL-9996
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the dey-image-container-manager image recipe to provide a
dedicated DEY image for container management using the trimmed LXC
and Podman runtimes from meta-digi-containers.
https://onedigi.atlassian.net/browse/DEL-9996
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add dedicated trimmed runtime wrappers for LXC and Podman in
meta-digi-containers so dey-image-container-manager can install
reduced container runtimes without affecting other DEY images.
https://onedigi.atlassian.net/browse/DEL-9996
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the artifact packaging stage that assembles deployable LXC/Podman
bundles with a normalized layout (manifest, payload, checksums, metadata).
The task also computes digests/metadata and removes intermediate build
outputs once final artifacts are produced.
https://onedigi.atlassian.net/browse/DEL-10004
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Introduce the base dey-image-container recipe and split core logic into
dedicated include files for rootfs overlays, LXC bundle generation and
Podman archive conversion.
This commit defines the profile-driven variables/overrides and the
native build tasks required to produce runtime-specific container outputs.
Also allow the recipe to overwrite WAYLAND_DISPLAY on init scripts to match
with different platforms.
https://onedigi.atlassian.net/browse/DEL-10004
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Add the new meta-digi-containers layer skeleton for Yocto 5.0 and wire it into bitbake layer discovery.
This initial layer commit provides:
- layer metadata and compatibility/dependency declarations
- recipe/bbappend file discovery for container-related content
- base structure used by subsequent commits for container images and runtime integration
https://onedigi.atlassian.net/browse/DEL-10004
Signed-off-by: Francisco Gil <francisco.gilmartinez@digi.com>
Signed-off-by: Isaac Hermida <isaac.hermida@digi.com>
Isaac Hermida
Arturo Buzarra
Francisco Gil