[PATCH 0/6] Add target bootstrapper framework
9 views
Skip to first unread message
alexander...@siemens.com
Sep 22, 2025, 1:04:54 PM (5 days ago) Sep 22
to isar-...@googlegroups.com, Alexander Heinisch
From: Alexander Heinisch <alexander...@siemens.com>
Currently the installer deploys images embedded to itself.
In many situations this is fine, but for some more demanding requirements
are in place. e.g.:
- enrollment of keys (e.g. Secure Boot),
- setup for disk encryption,
- collection and reporting of device information (serial number, mac addresses, ...)
- resize / repartition of disk during comissioning
- generation of a commissioning report
While many of these tasks can be done on first-boot doing so during
device setup can be beneficial in many cases.
e.g.
- additional time required for "first-boot" when performing tasks
with high effort on site may not be desired
- the comissioning environment oftentimes allows for failures during
that phase - worst case the device is put aside. On site failures during
the wrong bootstrapping phases (secure boot setup, disk encryption)
can be severe.
This patch extends current installer behaviour to support a flexible
framework to define multiple tasks to be executed in sequence during
the "target (device) bootstrapping" phase.
Note: Current patchset uses installer and target-bootstrapper interchangeably.
Imo the name target-bootstrapper fits better to the actual purpose,
while installer is already established for some time in isar and changing
the naming would probably break some downstream. Although, that could be
fixed in a backwards compatible way, I left this exercise open upon agreement.
Alexander Heinisch (6):
isar-installer: Moved installer related Kconfig to separate file.
isar-installer: Added target bootstrapper framework
isar-installer: Use target-bootstrapper-service in favour of
deploy-image-service
isar-installer: Removed deploy-image-service
isar-installer: Fixing race between ttys in unattended mode.
isar-installer: Added example target bootstrapper task to collect
device information.
kas/image/Kconfig | 83 ++------------
kas/image/isar-image-installer.yaml | 6 +
kas/installer/Kconfig | 104 ++++++++++++++++++
kas/installer/add-device-info-collector.yaml | 14 +++
kas/installer/unattended.yaml | 18 +++
meta-isar/classes/target-bootstrapper.bbclass | 37 +++++++
.../images/isar-image-installer.bb | 2 +-
.../deploy-image-service.bb | 21 ----
.../files/install.override.conf | 5 -
.../device-info-collector.bb | 27 +++++
.../files/usr/bin/device-info-collector.sh | 28 +++++
.../files/target-bootstrapper.override.conf | 3 +
.../target-bootstrapper-service.bb | 38 +++++++
.../files/target-bootstrapper.sh.tmpl | 44 ++++++++
.../target-bootstrapper.bb | 41 +++++++
15 files changed, 369 insertions(+), 102 deletions(-)
create mode 100644 kas/installer/Kconfig
create mode 100644 kas/installer/add-device-info-collector.yaml
create mode 100644 kas/installer/unattended.yaml
create mode 100644 meta-isar/classes/target-bootstrapper.bbclass
delete mode 100644 meta-isar/recipes-installer/deploy-image-service/deploy-image-service.bb
delete mode 100644 meta-isar/recipes-installer/deploy-image-service/files/install.override.conf
create mode 100644 meta-isar/recipes-installer/device-info-collector/device-info-collector.bb
create mode 100755 meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh
create mode 100644 meta-isar/recipes-installer/target-bootstrapper-service/files/target-bootstrapper.override.conf
create mode 100644 meta-isar/recipes-installer/target-bootstrapper-service/target-bootstrapper-service.bb
create mode 100644 meta-isar/recipes-installer/target-bootstrapper/files/target-bootstrapper.sh.tmpl
create mode 100644 meta-isar/recipes-installer/target-bootstrapper/target-bootstrapper.bb
--
2.39.5
Currently the installer deploys images embedded to itself.
In many situations this is fine, but for some more demanding requirements
are in place. e.g.:
- enrollment of keys (e.g. Secure Boot),
- setup for disk encryption,
- collection and reporting of device information (serial number, mac addresses, ...)
- resize / repartition of disk during comissioning
- generation of a commissioning report
While many of these tasks can be done on first-boot doing so during
device setup can be beneficial in many cases.
e.g.
- additional time required for "first-boot" when performing tasks
with high effort on site may not be desired
- the comissioning environment oftentimes allows for failures during
that phase - worst case the device is put aside. On site failures during
the wrong bootstrapping phases (secure boot setup, disk encryption)
can be severe.
This patch extends current installer behaviour to support a flexible
framework to define multiple tasks to be executed in sequence during
the "target (device) bootstrapping" phase.
Note: Current patchset uses installer and target-bootstrapper interchangeably.
Imo the name target-bootstrapper fits better to the actual purpose,
while installer is already established for some time in isar and changing
the naming would probably break some downstream. Although, that could be
fixed in a backwards compatible way, I left this exercise open upon agreement.
Alexander Heinisch (6):
isar-installer: Moved installer related Kconfig to separate file.
isar-installer: Added target bootstrapper framework
isar-installer: Use target-bootstrapper-service in favour of
deploy-image-service
isar-installer: Removed deploy-image-service
isar-installer: Fixing race between ttys in unattended mode.
isar-installer: Added example target bootstrapper task to collect
device information.
kas/image/Kconfig | 83 ++------------
kas/image/isar-image-installer.yaml | 6 +
kas/installer/Kconfig | 104 ++++++++++++++++++
kas/installer/add-device-info-collector.yaml | 14 +++
kas/installer/unattended.yaml | 18 +++
meta-isar/classes/target-bootstrapper.bbclass | 37 +++++++
.../images/isar-image-installer.bb | 2 +-
.../deploy-image-service.bb | 21 ----
.../files/install.override.conf | 5 -
.../device-info-collector.bb | 27 +++++
.../files/usr/bin/device-info-collector.sh | 28 +++++
.../files/target-bootstrapper.override.conf | 3 +
.../target-bootstrapper-service.bb | 38 +++++++
.../files/target-bootstrapper.sh.tmpl | 44 ++++++++
.../target-bootstrapper.bb | 41 +++++++
15 files changed, 369 insertions(+), 102 deletions(-)
create mode 100644 kas/installer/Kconfig
create mode 100644 kas/installer/add-device-info-collector.yaml
create mode 100644 kas/installer/unattended.yaml
create mode 100644 meta-isar/classes/target-bootstrapper.bbclass
delete mode 100644 meta-isar/recipes-installer/deploy-image-service/deploy-image-service.bb
delete mode 100644 meta-isar/recipes-installer/deploy-image-service/files/install.override.conf
create mode 100644 meta-isar/recipes-installer/device-info-collector/device-info-collector.bb
create mode 100755 meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh
create mode 100644 meta-isar/recipes-installer/target-bootstrapper-service/files/target-bootstrapper.override.conf
create mode 100644 meta-isar/recipes-installer/target-bootstrapper-service/target-bootstrapper-service.bb
create mode 100644 meta-isar/recipes-installer/target-bootstrapper/files/target-bootstrapper.sh.tmpl
create mode 100644 meta-isar/recipes-installer/target-bootstrapper/target-bootstrapper.bb
--
2.39.5
alexander...@siemens.com
Sep 22, 2025, 1:04:55 PM (5 days ago) Sep 22
to isar-...@googlegroups.com, Alexander Heinisch
From: Alexander Heinisch <alexander...@siemens.com>
Signed-off-by: Alexander Heinisch <alexander...@siemens.com>
---
kas/image/isar-image-installer.yaml | 6 ++++++
meta-isar/recipes-core/images/isar-image-installer.bb | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/kas/image/isar-image-installer.yaml b/kas/image/isar-image-installer.yaml
index 970e0a89..336b3942 100644
--- a/kas/image/isar-image-installer.yaml
+++ b/kas/image/isar-image-installer.yaml
@@ -11,3 +11,9 @@ target: mc:isar-installer:isar-image-installer
local_conf_header:
installer_multiconfig: |
BBMULTICONFIG += "isar-installer installer-target"
+
+ target_bootstrapper: |
+ TARGET_BOOTSTRAPPER_ADDITIONAL_PACKAGES ?= "deploy-image"
+ TARGET_BOOTSTRAPPER_TASK_deploy-image[script] ?= "deploy-image-wic.sh"
+ TARGET_BOOTSTRAPPER_TASK_deploy-image[workdir] ?= "/usr/bin"
+ TARGET_BOOTSTRAPPER_TASK_deploy-image[effort] ?= "2"
diff --git a/meta-isar/recipes-core/images/isar-image-installer.bb b/meta-isar/recipes-core/images/isar-image-installer.bb
index db379f5d..f0f0570c 100644
--- a/meta-isar/recipes-core/images/isar-image-installer.bb
+++ b/meta-isar/recipes-core/images/isar-image-installer.bb
@@ -23,6 +23,6 @@ ADDITIONAL_KERNEL_CMDLINE:append:unattended-installer = " \
IMAGER_INSTALL:wic:append = " ${SYSTEMD_BOOTLOADER_INSTALL}"
-IMAGE_INSTALL += "deploy-image-service"
+IMAGE_INSTALL += "target-bootstrapper-service"
IMAGE_INSTALL:remove = "expand-on-first-boot"
--
2.39.5
Signed-off-by: Alexander Heinisch <alexander...@siemens.com>
---
kas/image/isar-image-installer.yaml | 6 ++++++
meta-isar/recipes-core/images/isar-image-installer.bb | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/kas/image/isar-image-installer.yaml b/kas/image/isar-image-installer.yaml
index 970e0a89..336b3942 100644
--- a/kas/image/isar-image-installer.yaml
+++ b/kas/image/isar-image-installer.yaml
@@ -11,3 +11,9 @@ target: mc:isar-installer:isar-image-installer
local_conf_header:
installer_multiconfig: |
BBMULTICONFIG += "isar-installer installer-target"
+
+ target_bootstrapper: |
+ TARGET_BOOTSTRAPPER_ADDITIONAL_PACKAGES ?= "deploy-image"
+ TARGET_BOOTSTRAPPER_TASK_deploy-image[script] ?= "deploy-image-wic.sh"
+ TARGET_BOOTSTRAPPER_TASK_deploy-image[workdir] ?= "/usr/bin"
+ TARGET_BOOTSTRAPPER_TASK_deploy-image[effort] ?= "2"
diff --git a/meta-isar/recipes-core/images/isar-image-installer.bb b/meta-isar/recipes-core/images/isar-image-installer.bb
index db379f5d..f0f0570c 100644
--- a/meta-isar/recipes-core/images/isar-image-installer.bb
+++ b/meta-isar/recipes-core/images/isar-image-installer.bb
@@ -23,6 +23,6 @@ ADDITIONAL_KERNEL_CMDLINE:append:unattended-installer = " \
IMAGER_INSTALL:wic:append = " ${SYSTEMD_BOOTLOADER_INSTALL}"
-IMAGE_INSTALL += "deploy-image-service"
+IMAGE_INSTALL += "target-bootstrapper-service"
IMAGE_INSTALL:remove = "expand-on-first-boot"
--
2.39.5
alexander...@siemens.com
Sep 22, 2025, 1:04:55 PM (5 days ago) Sep 22
to isar-...@googlegroups.com, Alexander Heinisch
From: Alexander Heinisch <alexander...@siemens.com>
Signed-off-by: Alexander Heinisch <alexander...@siemens.com>
---
kas/installer/Kconfig | 10 +++++++
Signed-off-by: Alexander Heinisch <alexander...@siemens.com>
---
kas/installer/add-device-info-collector.yaml | 14 ++++++++++
.../device-info-collector.bb | 27 ++++++++++++++++++
.../files/usr/bin/device-info-collector.sh | 28 +++++++++++++++++++
4 files changed, 79 insertions(+)
create mode 100644 kas/installer/add-device-info-collector.yaml
create mode 100644 meta-isar/recipes-installer/device-info-collector/device-info-collector.bb
create mode 100755 meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh
diff --git a/kas/installer/Kconfig b/kas/installer/Kconfig
create mode 100755 meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh
index 0b891c9a..ccac6471 100644
--- a/kas/installer/Kconfig
+++ b/kas/installer/Kconfig
@@ -82,6 +82,16 @@ config INSTALLER_TARGET_OVERWRITE
endif
+
+config INSTALLER_ADD_DEVICE_INFO_COLLECTOR
+ bool "Add Device Info Collector"
+ default n
+
+config KAS_INCLUDE_INSTALLER_ADD_DEVICE_INFO_COLLECTOR
+ string
+ default "kas/installer/add-device-info-collector.yaml"
+ depends on INSTALLER_ADD_DEVICE_INFO_COLLECTOR
+
config INSTALLER_TTY_SERVICES
string "TTY Service to use"
default "getty@tty1 serial-getty@ttyS0" if !INSTALL_UNATTENDED
diff --git a/kas/installer/add-device-info-collector.yaml b/kas/installer/add-device-info-collector.yaml
new file mode 100644
index 00000000..22020679
--- /dev/null
+++ b/kas/installer/add-device-info-collector.yaml
@@ -0,0 +1,14 @@
+# This software is a part of ISAR.
+# Copyright (C) Siemens AG, 2025
+#
+# SPDX-License-Identifier: MIT
+
+header:
+ version: 14
+
+local_conf_header:
+ target_bootstrapper-add-device-info-collector: |
+ TARGET_BOOTSTRAPPER_ADDITIONAL_PACKAGES:append = " device-info-collector"
+ TARGET_BOOTSTRAPPER_TASK_device-info-collector[script] = "device-info-collector.sh"
+ TARGET_BOOTSTRAPPER_TASK_device-info-collector[workdir] = "/usr/bin"
+ TARGET_BOOTSTRAPPER_TASK_device-info-collector[effort] = "1"
diff --git a/meta-isar/recipes-installer/device-info-collector/device-info-collector.bb b/meta-isar/recipes-installer/device-info-collector/device-info-collector.bb
new file mode 100644
index 00000000..e858869c
--- /dev/null
+++ b/meta-isar/recipes-installer/device-info-collector/device-info-collector.bb
@@ -0,0 +1,27 @@
+# This software is a part of ISAR.
+# Copyright (C) Siemens AG, 2024-2025
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg-raw
+
+DEBIAN_DEPENDS += "\
+ , dmidecode \
+ , lshw, pci.ids, usb.ids \
+ , pciutils \
+ , usbutils \
+ , util-linux \
+ "
+
+SRC_URI += " \
+ file://usr/bin/device-info-collector.sh \
+ "
+
+do_install[cleandirs] = " \
+ ${D}/usr/bin/ \
+ ${D}/usr/lib/device-info-collector/ \
+ ${D}/install/device-infos/ \
+ "
+do_install() {
+ install -m 0755 ${WORKDIR}/usr/bin/device-info-collector.sh ${D}/usr/bin/device-info-collector.sh
+}
diff --git a/meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh b/meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh
new file mode 100755
index 00000000..257d80a1
--- /dev/null
+++ b/meta-isar/recipes-installer/device-info-collector/files/usr/bin/device-info-collector.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+# This software is a part of ISAR.
+# Copyright (C) Siemens AG, 2024-2025
+#
+# SPDX-License-Identifier: MIT
+
+BASE_DIR="/install/device-infos"
+
+SERIAL_NUMBER=$(dmidecode -s system-serial-number | tr '[:upper:]' '[:lower:]' | tr -d "[:space:]")
+TARGET_DIR="${BASE_DIR}/${SERIAL_NUMBER}/$(date -u +%4Y-%m-%d_%H-%S)"
+
+echo "Use ${TARGET_DIR} to store the collected device infos."
+mkdir -p ${TARGET_DIR}
+
+echo "Collecting most important device attributes..."
+
+echo "Collecting peripherals"
+lshw >> ${TARGET_DIR}/lshw.out
+lspci >> ${TARGET_DIR}/lspci.out
+lsusb >> ${TARGET_DIR}/lsusb.out
+lsblk >> ${TARGET_DIR}/lsblk.out
+
+echo "Collecting cpu info..."
+lscpu >> ${TARGET_DIR}/lscpu.out
+cat /proc/cpuinfo > ${TARGET_DIR}/proc_cpuinfo
+
+echo "Collecting dmi / smbios..."
+dmidecode --dump-bin ${TARGET_DIR}/dmidecode.dump
--
2.39.5
Reply all
Reply to author
Forward
0 new messages