Firmware release procedures: Difference between revisions
Jump to navigation
Jump to search
(Update.) |
|||
| Line 5: | Line 5: | ||
===Stage one: EC:=== |
===Stage one: EC:=== |
||
* Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP |
|||
* Quanta stores current EC build in a laptop.org GIT tree |
|||
** along with EC changelog and file hashes |
|||
** see notes below |
** see notes below |
||
* Quanta and OLPC test this version of EC |
* Quanta and OLPC test this version of EC |
||
* Quanta tags for release |
|||
* Quanta sends mail to OLPC announcing the release, along with hashes from their build system |
|||
* OLPC acknowledges receipt |
|||
===Stage two: Buildrom:=== |
===Stage two: Buildrom:=== |
||
* Pull EC release from |
* Pull EC release from http://dev.laptop.org/pub/ec/, check hashes |
||
* Update buildrom changelog and tag for release |
* Update buildrom changelog and tag for release |
||
* Update SPI flash version string in buildrom binary |
* Update SPI flash version string in buildrom binary |
||
* Create buildrom SRPM |
* Create buildrom SRPM |
||
| Line 24: | Line 20: | ||
* announce build to BIOS team and Ray, release candidate testing begins |
* announce build to BIOS team and Ray, release candidate testing begins |
||
* |
* test on a 256M board |
||
* install the binary RPMs on Tinderbox machines |
* install the binary RPMs on Tinderbox machines |
||
* >12 hours of burn-in warm reboot testing on Tinderbox |
* >12 hours of burn-in warm reboot testing on Tinderbox |
||
| Line 36: | Line 32: | ||
* Release builds kept in a separate directory |
* Release builds kept in a separate directory |
||
* Update the version number in LB from release candidate to final |
* Update the version number in LB from release candidate to final |
||
** Could we do this without rebuilding and changing the hashes? |
|||
* Announce new build and hashes to devel-boards@ (requires moderation). |
* Announce new build and hashes to devel-boards@ (requires moderation). |
||
==Using |
==Using PGP for EC code== |
||
Download and run ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.5.exe |
|||
Using a revision-control system allows us to keep a copy of old EC releases, the changes between releases, and to know which EC binary was part of which release. There is already a GIT server running on laptop.org; the appropriate person at Quanta would need to install [http://git.or.cz/ GIT] and SSH, both of which work under [http://www.cygwin.com/ Cygwin], and would need to send us their SSH public key. |
|||
Download and install from http://www.mozilla.com/thunderbird/ |
|||
A draft set of instructions would be: |
|||
Download Enigmail from http://www.mozilla-enigmail.org/downloads/enigmail-0.94.1.1-tb15-linux.xpi |
|||
git clone git+ssh://user@dev.laptop.org/git/projects/quanta-ec |
|||
cd quanta-ec |
|||
cp /latestec . |
|||
git add latestec # this line only needs to be run the first time through |
|||
git commit -a # this will prompt for a commit message, which should be the changelog |
|||
git push --all |
|||
Download http://dev.laptop.org/pub/ec/olpc-bios-key.pub |
|||
There is a GIT tutorial [http://www.kernel.org/pub/software/scm/git/docs/tutorial.html here], and our own instructions [http://dev.laptop.org/wiki/ImportingYourProject here]. |
|||
Run Thunderbird |
|||
Set up an e-mail account; when asked for name, use "Quanta OLPC BIOS" |
|||
Tools menu->Extensions: |
|||
* Click install, find downloaded Enigmail .xpi |
|||
* Restart Thunderbird |
|||
OpenPGP menu->Key Management: |
|||
* choose "No", don't use wizard |
|||
* Generate menu->new key pair: |
|||
** Enter passphrase twice |
|||
** Set key expiry to 2 months |
|||
** Supply key fingerprint to OLPC |
|||
Tools menu->Account Settings->OpenPGP Security: |
|||
* OpenPGP support should be enabled |
|||
* Check "encrypt messages by default" and "sign encrypted messages by default" |
|||
Tools menu->Account Settings->Copies & folders: |
|||
* Uncheck "Place a copy in" |
|||
Tools menu->Account Settings->Composition & Addressing: |
|||
* Uncheck "Compose messages in HTML format" |
|||
OpenPGP menu->Key Management: |
|||
* File menu->import keys from file |
|||
* Choose the downloaded olpc-bios-key.pub file |
|||
Click "Write": |
|||
* To: bios@laptop.org |
|||
* OpenPGP menu->"Send My Public Key" |
|||
* Attach changelog |
|||
* Attach EC file |
|||
* Click "Send" |
|||
* Choose "inline pgp" |
|||
Revision as of 20:47, 20 October 2006
Release procedure
Here is a draft of a BIOS release procedure.
Stage one: EC:
- Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP
- see notes below
- Quanta and OLPC test this version of EC
Stage two: Buildrom:
- Pull EC release from http://dev.laptop.org/pub/ec/, check hashes
- Update buildrom changelog and tag for release
- Update SPI flash version string in buildrom binary
- Create buildrom SRPM
- Build two flavors of binary RPM for the two RAM variants
Stage three: Testing:
- announce build to BIOS team and Ray, release candidate testing begins
- test on a 256M board
- install the binary RPMs on Tinderbox machines
- >12 hours of burn-in warm reboot testing on Tinderbox
- cold boot tests
- we need a cold boot solution; X10 doesn't seem to like the power at OLPC
- After automated tests, send "Who has tested?" mail asking for problem reports
- Release after twelve hours if no problem reports
Stage four: Release:
- Release builds kept in a separate directory
- Update the version number in LB from release candidate to final
- Announce new build and hashes to devel-boards@ (requires moderation).
Using PGP for EC code
Download and run ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.5.exe
Download and install from http://www.mozilla.com/thunderbird/
Download Enigmail from http://www.mozilla-enigmail.org/downloads/enigmail-0.94.1.1-tb15-linux.xpi
Download http://dev.laptop.org/pub/ec/olpc-bios-key.pub
Run Thunderbird
Set up an e-mail account; when asked for name, use "Quanta OLPC BIOS"
Tools menu->Extensions:
- Click install, find downloaded Enigmail .xpi
- Restart Thunderbird
OpenPGP menu->Key Management:
- choose "No", don't use wizard
- Generate menu->new key pair:
- Enter passphrase twice
- Set key expiry to 2 months
- Supply key fingerprint to OLPC
Tools menu->Account Settings->OpenPGP Security:
- OpenPGP support should be enabled
- Check "encrypt messages by default" and "sign encrypted messages by default"
Tools menu->Account Settings->Copies & folders:
- Uncheck "Place a copy in"
Tools menu->Account Settings->Composition & Addressing:
- Uncheck "Compose messages in HTML format"
OpenPGP menu->Key Management:
- File menu->import keys from file
- Choose the downloaded olpc-bios-key.pub file
Click "Write":
- To: bios@laptop.org
- OpenPGP menu->"Send My Public Key"
- Attach changelog
- Attach EC file
- Click "Send"
- Choose "inline pgp"