[yocto] Fwd: Doubts about image "equalness"

Alan Martinovic alan.martinovic at senic.com
Mon Aug 20 06:06:43 PDT 2018 

Hey Matthias,
thanks for the response

> it seems a non trivial task to generate an image out
> of another image by hand. So much, that can get messed up (permissions,
> owner...).

I don't see it as that big of a problem.
In our case it would end up mounting the production image and editing
config files
to i.e.
enable ssh, point to a different logging server, have the debug log level...

The overhead is that it would have to be done manually after the production
image is build, where as believing in yocto would mean a single build step :)


> We try to
> automatize the tests as much as possible. If a test on production fails,
> we retest with debug image to see what went wrong...


For us the case problematic case is the beta testing that happens in
field with selected customers. Can't automate that much :)

> We opt to build both images through
yocto / openembedded.

Have you so far experienced issues in which the images behaved differently
besides the obvious changes that you wanted?

Be Well,
Alan

On Mon, Aug 20, 2018 at 1:46 PM, Matthias Schoepfer
<matthias.schoepfer at googlemail.com> wrote:
> Hi Alan,
>
> we face the same problems here. We opt to build both images through
> yocto / openembedded. If you look at the tools and steps needed, to
> generate an image, it seems a non trivial task to generate an image out
> of another image by hand. So much, that can get messed up (permissions,
> owner...).
>
> I think, there is no way around to test production image. We try to
> automatize the tests as much as possible. If a test on production fails,
> we retest with debug image to see what went wrong...
>
> Regards,
>
>     Matthias
>
>
> On 08/17/2018 10:35 AM, Alan Martinovic wrote:
>> Hi,
>> I'm hoping to get opinions on a doubt regarding a certain yocto related
>> problem.
>>
>> We have a following images in place:
>>
>> * production-image.bb
>>         * core features, max security
>>
>> * beta-image.bb
>>         * require production-image.bb
>>         * added logging, reduced security for dev intervention
>>
>>
>> At the moment, we first build the beta end if all is good we again build the
>> production.
>> This means we need to build and test twice even when no flaws are found in the
>> beta image.
>>
>> We do that because, not knowing the internals of yocto enough,
>> it seems to risky to run the tests on the beta-image and afterwards
>> just ship the production-image assuming they are the same.
>>
>> Because of that, a second approach has been suggested in which yocto
>> doesn't build the beta-image, but it gets created by manually modifying the
>> built production-image binary.
>>
>> The core problem is we don't know the core of yocto that well to vouch
>> for the yocto option, on the other hand, this could be just a
>> psychological problem
>> and the manual approach is as dangerous if not worse :)
>>
>> Did anyone how similar problems?
>> Would like to hear your opinions on how you approached them?
>>
>> Be Well,
>> Alan
>

More information about the yocto mailing list