Artifact-verify-key.pem missing

Board Integrations Yocto Project
1

Hi,

I wanted to migrate from Mender 3.5 to 4.0 on kirkstone and noticed that the artifact verify key was not installed to /etc/mender. I think the reason is that the file is not assigned to the new mender-update package. Instead, bitbake creates a new package mender which gets not installed into the rootfs. I solved this by assigning the file to the mender-update package manually in the mender_%.bbappend:

FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
SRC_URI:append = " file://artifact-verify-key.pem"
FILES:mender-update += "${sysconfdir}/mender/artifact-verify-key.pem"

I think this should be either fixed or documented.

1 Like
2

Hi @hesmar,

Thanks a lot for bringing it up. Can you file a ticket on Jira? So you’ll get immediately notified on the progress :slight_smile:

Greets,
Josef

3

Hi @TheYoctoJester,

not sure how to do that. It seems that I am not allowed to create issues as guest. So I tried to join the team, was that correct?

4

Ok thanks, I was able to create the ticket now. The issue is tracked here.

2 Likes
5

Note that only the FILES:mender-update part should be implemented in the fix. If you are using the MENDER_ARTIFACT_VERIFY_KEY variable to specify the key file, you won’t want the FILESEXTRAPATHS:prepend or SRC_URI:append lines. And the need to have those lines in a bbappend file are documented in Building for production | Mender documentation