Firmware release procedures: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 48: | Line 48: | ||
-----BEGIN PGP SIGNATURE----- |
-----BEGIN PGP SIGNATURE----- |
||
Version: GnuPG v1.4.5 (MingW32) |
Version: GnuPG v1.4.5 (MingW32) |
||
iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB+pul5sEUR+wCYIQvt+/wCguqrV |
iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB+pul5sEUR+wCYIQvt+/wCguqrV |
||
5GRPVDpdH155fwsDwnu7B4M= |
5GRPVDpdH155fwsDwnu7B4M= |
Revision as of 04:24, 12 November 2006
Release procedure
Here is a draft of a BIOS release procedure.
Stage one: EC:
- Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP
- see notes below
- Quanta and OLPC test this version of EC
Stage two: Buildrom:
- Pull EC release from http://dev.laptop.org/pub/ec/, check hashes
- Update buildrom changelog and tag for release
- Update SPI flash version string in buildrom binary
- Create buildrom SRPM
- Build two flavors of binary RPM for the two RAM variants
Stage three: Testing:
- announce build to BIOS team and Ray, release candidate testing begins
- test on a 256M board
- install the binary RPMs on Tinderbox machines
- >12 hours of burn-in warm reboot testing on Tinderbox
- cold boot tests
- we need a cold boot solution; X10 doesn't seem to like the power at OLPC
- After automated tests, send "Who has tested?" mail asking for problem reports
- Release after twelve hours if no problem reports
Stage four: Release:
- Release builds kept in a separate directory
- Update the version number in LB from release candidate to final
- Announce new build and hashes to devel-boards@ (requires moderation).
Using PGP for EC code
For first release only: This is already done
Download and install GPG4Win from http://www.gpg4win.org/download.html
Create a PGP key and get dwmw2 to sign it to verify that it is Quanta's.
For subsequent releases
Right-click on the EC binary and select the option to create a "detached signature", in plain text. It should create a separate file like 'ECv21.bin.asc', which looks something like this:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB+pul5sEUR+wCYIQvt+/wCguqrV 5GRPVDpdH155fwsDwnu7B4M= =URby -----END PGP SIGNATURE-----
Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary.