Skip to content

Commit

Permalink
doc: clarifications regards tuf keys
Browse files Browse the repository at this point in the history 
Signed-off-by: Camila Macedo <[email protected]>
  • Loading branch information
Camila Macedo committed Oct 3, 2023
1 parent 288bd30 commit 035fd34
Show file tree
Hide file tree
Showing 2 changed files with 241 additions and 34 deletions.
21 changes: 20 additions & 1 deletion source/reference-manual/ota/production-targets.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,12 @@ Waves allow Factory operators to control an exact time when devices see a new ve
Performing a Production OTA
---------------------------

.. important::

Before performing a Production OTA, ensure you have the `targets.key.tgz` in your
possession. This key is crucial for the operation and should be provided by the Factory admin.
For a deeper understanding of how this key is generated, refer to :ref:`ref-offline-keys`.

A user should define a process to select CI builds which need to be delivered to production devices.
Let's assume a user selected a CI build version 42 as ready to be run in production.
To start the production release process, a user would create a new wave using the below command::
Expand All @@ -45,9 +51,22 @@ To start the production release process, a user would create a new wave using th
This creates a new TUF targets role version for production devices which listen to OTA updates for the ``production`` tag.
That TUF targets role only includes a single Target from CI build (in above example, that target version is 42).

.. note::
.. important::

We recommend that a user generates :ref:`OSTree static deltas<ref-static-deltas>` before rolling out waves to devices.
Static Deltas will optimize your OTA update download.

.. note::

If you encounter issues while creating the weave, particularly the following error:

.. code-block:: shell
409 CONFLICT
= Conflict: /ota/repo/qemu/api/v1/user_repo/root/updates?
= Only one TUF root updates transaction can be active at a time
This indicates a conflict with an active TUF root update transaction. In such cases, it is advisable to contact the Factory admin. They should cancel the conflicting update by executing the `fioctl keys tuf updates cancel` command and then generate a fresh `targets.key.tgz` for your use.

Check warning on line 69 in source/reference-manual/ota/production-targets.rst

View workflow job for this annotation

GitHub Actions / runner / vale 

[vale] reported by reviewdog 🐶
[Fio-docs.sentence-length] Aim for sentences no longer than 25 words

Raw Output:
{"message": "[Fio-docs.sentence-length] Aim for sentences no longer than 25 words", "location": {"path": "source/reference-manual/ota/production-targets.rst", "range": {"start": {"line": 69, "column": 135}}}, "severity": "INFO"}

Check failure on line 69 in source/reference-manual/ota/production-targets.rst

View workflow job for this annotation

GitHub Actions / runner / vale 

[vale] reported by reviewdog 🐶
[Fio-docs.Branding-and-names] Use 'Fioctl' instead of 'fioctl'

Raw Output:
{"message": "[Fio-docs.Branding-and-names] Use 'Fioctl' instead of 'fioctl'", "location": {"path": "source/reference-manual/ota/production-targets.rst", "range": {"start": {"line": 69, "column": 195}}}, "severity": "ERROR"}

Once created, a new wave can be rolled out to Factory production devices, all at once or in phases.
There are several ways how a wave can be rolled out:
Expand Down
Loading

0 comments on commit 035fd34

Please sign in to comment.