Firmware release procedures: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 32: | Line 32: | ||
===Stage four: Release:=== |
===Stage four: Release:=== |
||
* Sign the firmware |
|||
* Release builds kept in a separate directory |
* Release builds kept in a separate directory |
||
* Update the version number |
* Update the version number from release candidate to final |
||
* |
* Repackage signed copy for the build, and submit to joyride and active stable branches. |
||
==Using PGP for EC code== |
==Using PGP for EC code== |
Revision as of 17:05, 20 December 2007
Release procedure
Here is a draft of a BIOS release procedure.
Stage one: EC:
- Quanta e-mails EC release and changelog to the OLPC BIOS contact, signed and encrypted with PGP
- see notes below
- Quanta and OLPC test this version of EC
Stage two: Buildrom:
- Pull EC release from http://dev.laptop.org/pub/ec/, check hashes
- Update buildrom changelog and tag for release
- Update SPI flash version string in buildrom binary
- Create buildrom SRPM
- Build two flavors of binary RPM for the two RAM variants
Stage three: Testing:
- announce build to BIOS team and Ray, release candidate testing begins
- test on a 256M board
- install the binary RPMs on Tinderbox machines
- >12 hours of burn-in warm reboot testing on Tinderbox
- cold boot tests
- we need a cold boot solution; X10 doesn't seem to like the power at OLPC
- After automated tests, send "Who has tested?" mail asking for problem reports
- Release after twelve hours if no problem reports
Stage four: Release:
- Sign the firmware
- Release builds kept in a separate directory
- Update the version number from release candidate to final
- Repackage signed copy for the build, and submit to joyride and active stable branches.
Using PGP for EC code
For first release only: This is already done
Download and install GPG4Win from http://www.gpg4win.org/download.html
Create a PGP key and get dwmw2 to sign it to verify that it is Quanta's.
For subsequent releases
Right-click on the EC binary and select the option to create a "detached signature", in plain text. It should create a separate file like 'ECv21.bin.asc', which looks something like this:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) iD8DBQBFTxvGmfQ2bFM/BesRAoKzAJ0RNczipB pul5sEUR wCYIQvt /wCguqrV 5GRPVDpdH155fwsDwnu7B4M= =URby -----END PGP SIGNATURE-----
Send the EC binary as you normally would, and _also_ attach the separate signature file which is used to verify the binary. There is no need to send another copy of the key itself (0x533F05EB.asc), because we already have that.
Send the EC binary and signature (2 attachments) to software-team@laptop.org