State of APK package manger integration
Paul Spooren
mail at aparcar.org
Thu Jun 13 04:29:17 PDT 2024
Dear all,
With great contributions from Timo, Ansuel, Jonas, Daniel, Petr, John, and many others, APK is evolving smoothly, and the integration is progressing well!
We have established a staging buildbot environment[1] that compiles firmware images and certain packages. To replicate this setup locally, simply enable “Use APK instead of OPKG to build distribution” (`USE_APK`) in the “Global build settings”.
Once the firmware is compiled, it is uploaded to the staging downloads page[2]. Currently, we have limited the targets created to a subset that we have found useful for testing purposes.The firmware images boot up successfully and allow for the installation of external feeds[3]!
Be aware, there is still some work required on the package feeds to accommodate the new version requirements. If you are maintaining something, please take a look (e.g. [4]).
We are facing an architectural challenge that needs to be addressed. In the past, both OPKG and APKv2 would only sign the package indexes and automatically trust the included packages. With APKv3 (the version we are using), each individual package is signed. We are exploring ways to securely integrate this into the existing setup, where build workers do not have a private key but upload the package index to a dedicated server for signing. We will keep you updated on our progress.
I will provide more updates as we make further advancements. Please stay tuned for more information.
Sunshine,
Paul
PS: since we do parallel experiments with the Buildbot itself some packages are missing, please be aware that your milage may vary when testing package installation
[1]: https://buildbot.staging.openwrt.org <https://buildbot.staging.openwrt.org/>
[2]: https://downloads.staging.openwrt.org/snapshots/targets/
[2]: apk add --allow-untrusted kmod-usb-serial-cp210x
[4]: https://github.com/openwrt/packages/issues/23706
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20240613/2f45e557/attachment.sig>
More information about the openwrt-devel
mailing list