I’ve already setup a tcbuild.yaml to create a TEZI image containing:
custom Torizon OS (device trees, kernal arguments, …)
containers
This works as expected, and I can install it when the SoM runs Toradex Easy Installer.
Now I’ve been starting playing with Torizon Cloud, and I tried to upload my custom Torizon OS.
But the requirement is that I must provide
Should I build a different version of Torizon OS with TCB?
Or can I use the file torizon-core-docker-verdin-imx8mp.ota.tar.zst that is inside my whole TEZI image?
I see the file is .tar.zst and not .tar, but maybe I can use it.
Hi, I’m the Toradex AI Assistant. I’m in early beta, and I would appreciate your feedback.
The Toradex Support team will follow up with you shortly!
Did you like my answer?
Hello,
To meet the requirement for uploading your custom Torizon OS to Torizon Cloud, you indeed need to provide a version of the Torizon OS image that does not have containers pre-provisioned. This is essential for offline installation scenarios where the device might not have immediate access to the internet to download containers.
Given your current setup, where you have successfully created a TEZI image with customizations and containers, you should build a different version of the Torizon OS without the containers. This can be achieved by modifying your tcbuild.yaml configuration to exclude the container images or the Docker Compose file references. Essentially, you would be creating a base Torizon OS image with your custom device trees and kernel arguments, but without any pre-installed Docker containers.
Regarding the torizon-core-docker-verdin-imx8mp.ota.tar.zst file you found within your TEZI image, this file is indeed a compressed Torizon OS image. However, it’s compressed using Zstandard (.zst), which is not the plain .tar file format that is required for the upload to Torizon Cloud. You would need to decompress this file and ensure it meets the no-container requirement before considering it for upload. The decompression can be done using tools that support Zstandard, but it’s crucial to verify that the resulting image aligns with the offline installation requirements, primarily that it does not contain pre-provisioned containers.
In summary, for your purpose, it’s advisable to build a separate version of your Torizon OS specifically for Torizon Cloud, ensuring it’s a no-container image and packaged as a .tar file. This approach guarantees compatibility with the offline installation process and adherence to Torizon Cloud’s requirements.
Best regards,
Toradex AI Assistant
Please, also check if these links can help you solve your problem:
Let me summarize the process because something is not clear to me.
I get my credentials.zip from torizon cloud and put it in my tcb folder
I build my Torizon OS image using torizoncore-builder to build my tcbuild.yml file, in which I remove the ‘docker-related-part’ (bundle, docker-compose ecc).
In my tcbuild.yml file I have something like:
At the end of the build process, I get a tcberxx-****-100134-wifi-20240618 folder which can be flash via Easy Installer.
if I try to run torizoncore-builder platform push --credentials credentials.zip tcb-erxx it returns me
Traceback (most recent call last):
File "/builder/torizoncore-builder", line 222, in <module>
mainargs.func(mainargs)
File "/builder/tcbuilder/cli/platform.py", line 584, in do_platform_push
platform.push_ref(
File "/builder/tcbuilder/backend/platform.py", line 1034, in push_ref
commit = repo.read_commit(ref).out_commit
gi.repository.GLib.GError: g-io-error-quark: Refspec 'tcb-erxx' not found (1)
The following push command worked fine for me without error:
$ torizoncore-builder platform push --credentials credentials.zip tcb-erxx
Pushing tcb-erxx (commit checksum 041ebdc2185057c0bf50c54543312c90a30da3eba010f2d608813d8161d50ddd) to OTA server.
Pushed tcb-erxx successfully.
Signing OSTree package tcb-erxx (commit checksum 041ebdc2185057c0bf50c54543312c90a30da3eba010f2d608813d8161d50ddd) for Hardware Id(s) "apalis-imx8".
Signed and pushed OSTree package tcb-erxx successfully.
The error you shared claims Refspec 'tcb-erxx' not found. Did you run torizoncore-builder platform push right after torizoncore-builder build?
If you ran another build command or unpack command in between, then any previous branches would have been cleaned up from the tool’s internal storage and no longer exist. Or if the tool’s internal storage was wiped for any other reason. The tool uses a docker volume to store it’s data. Otherwise though your process seems fine as show by my test.
Thanks for your reply.
The process seems fine to me too, however it throws the error.
My only concern is related to my build process: currently we have a python script which runs the powershell commands reported in the tasks.ps1 file (we are working in a TCB-vscode project).
The error comes when I run my python script to build my custom image and then I run manually (since I’m in a developing phase) torizoncore-builder platform push --credentials credentials.zip tcb-erxx.
From your response I think that the problem could come from the two different ‘environments’ in which tcb runs.
So I started importing the ‘push’ command in my script.
To achieve the torizoncore-builder platform push --credentials credentials.zip tcb-erxx command within my python script, I call the tcb-platform-push-ostree task.
Here come a one problem and a question. Maybe @matheus.tx could be helpful here.
Problem: the task fails with PLATFORM_CLIENT_ID not set. Looking into the code, it seems that the ps script is looking for the TorizonOS client ID and secret. But why? For this specific task the credentials.zip should be strictly sufficient to push on the cloud.
Question: why this task is asking me docker-related stuffs (such as docker registry, login and password)? Your documentation (and the purpose of this entire topic) reports that the image to be pushed on the cloud must be docker-free. So why asking for these?
Okay so you have a python script that invokes the tasks defined in the VSCode project to execute TorizonCore Builder commands?
May I ask your reason for why you have things setup like this? If the idea is to automate the usage of TorizonCore Builder. Then why not just directly use the TorizonCore Builder commands in your python script? What’s the purpose of going through tasks.ps1 which end up executing the commands anyways?
From your response I think that the problem could come from the two different ‘environments’ in which tcb runs.
I believe this is the problem as well. I can see in the tasks.json for the TCB-VSCode project when TorizonCore Builder is invoked it sets the storage to be in the project folder at ${workspaceFolder}/storage.
Now when you ran the torizoncore-builder push command manually, I assume you setup the tool with default configuration. Meaning the storage would have been setup as a docker volume. So what most likely happened is that you ran your python script and it saved the information about tcb-erxx to ${workspaceFolder}/storage. Then you ran the push command manually but this instance of TorizonCore Builder was setup to use a docker volume as a storage meaning it had no knowledge about tcb-erxx which was in a different storage.
Problem: the task fails with PLATFORM_CLIENT_ID not set. Looking into the code, it seems that the ps script is looking for the TorizonOS client ID and secret. But why? For this specific task the credentials.zip should be strictly sufficient to push on the cloud.
I’m not entirely sure either. Maybe you could share your python script so we can see how it’s invoking tasks.ps1. Then we can trace how the execution path could be occurring to get to his error.
why this task is asking me docker-related stuffs (such as docker registry, login and password)? Your documentation (and the purpose of this entire topic) reports that the image to be pushed on the cloud must be docker-free. So why asking for these?
I assume you’re asking about the tcb-platform-push-ostree task here yes? I can see in the task definition it asks for docker login information. Though that does not make sense to me either. This task should just be pushing the contents of an OS update package and therefore have nothing to do with Docker. I’ll run this by our IDE team to see if they have an idea.
May I ask your reason for why you have things setup like this? If the idea is to automate the usage of TorizonCore Builder. Then why not just directly use the TorizonCore Builder commands in your python script? What’s the purpose of going through tasks.ps1 which end up executing the commands anyways?
Because to run torizoncore-builder commands we must source the tcb-env-setup.sh which is not an easy and good thing to in python. However, run directly the tasks.ps1 file allows us to enjoy all the automations of the `tasks.ps1’.
I’m not entirely sure either. Maybe you could share your python script so we can see how it’s invoking tasks.ps1. Then we can trace how the execution path could be occurring to get to his error.
If you try to run the tcb-platform-push-ostree command you will be asked for PLATFORM_CLIENT_ID and for PLATFORM_CLIENT_SECRET. But this has no sense has for the Docker login information, since the credentials.zip must be sufficient
Because to run torizoncore-builder commands we must source the tcb-env-setup.sh which is not an easy and good thing to in python. However, run directly the tasks.ps1 file allows us to enjoy all the automations of the `tasks.ps1’.
The alias can just be setup manually. In fact that’s what most people do when using TorizonCore Builder in CI/CD automation. We do this in our own testing automation as well.
If you try to run the tcb-platform-push-ostree command you will be asked for PLATFORM_CLIENT_ID and for PLATFORM_CLIENT_SECRET. But this has no sense has for the Docker login information, since the credentials.zip must be sufficient
I’ve already raised this to our IDE extensions team and they will be looking into this behavior.
Hi @jeremias.tx,
I started playing with tcb-platform-push-ostree but, after having asked me for some parameters, it does nothing (without showing any message).
Do you know why?
As an eample, tcb-build works.
I tried to reproduce this. When I run tcb-platform-push-ostree I get a little popup in the corner of VSCode saying “HTTP request failed”, but no other log messages of any kind. Do you not even see this?
In any case, let me bring this up with the IDE team since I’m not even sure why I’m getting a HTTP request issue on my side since I’m fairly sure all the information I inputted was valid.
After speaking with the team I figured out what the issue is at least on my setup. When you execute the task and provide it with your Client ID/Secret, the credentials you provide here should correspond to an API client that has access type api-v2. if you use credentials that only have access for api-minimal then it will not work. Once I updated this the tcb-platform-push-ostree task worked as expected.
Well that’s the only idea I had. So you truly have no output or feedback of any kind? Not even a pop-up in the corner like I did for “HTTP request failed” or something similar?
I’m not sure what what I could even investigate with 0 logs to work off of. As I said on my side once I used the proper api-v2 client the task worked for me. So I’m not sure how I would even reproduce or investigate this on my side. I can ask our IDE team again, but there’s not really a lot of information to work off of here.
EDIT: Just to make sure it’s not related to your client ID/secret try the following. In your project’s vscode/tasks.json, modify the tcb-platform-push-ostree task. Remove the command:tcb.getNextPackageVersion from the task definition and replace it with some static version value. The invocation command:tcb.getNextPackageVersion calls an internal function that uses your client ID/secret. So if the task now works for you after removing this, then there must be something weird with your client ID/secret. If it still does not work then I’m fairly stumped.
I deleted tcb.clientId and tcb.clientSecret from settings.json
I deleted my old client and create a new one
I tried to run tcb-platform-push-ostree and I’ve been asked for client id and secret
I filled in the info and the task worked
if I run it again, it worked
So I tried to do the same steps one more time, but entering a wrong secret id.
In this way Ive been able to reproduce the original situation (i.e., the task is not executed without any message).
At this point I’m almost sure that I entered the wrong secret id when I filled in the first time.
Can you reproduce the behavior in this way?
Is it possible showing a message in this case?
One final question: I need to supply tcb.clientId, tcb.clientSecret and credentials.zip. Is this expected?
That’s good to hear, so it was related to your client ID/secret.
Can you reproduce the behavior in this way?
Is it possible showing a message in this case?
If I my client ID/secret is invalid in any way then I get a small pop-up in the corner of VSCode complaining about “HTTP request failed”. I would imagine you should have something similar, though I’m not sure why you’re not seeing anything like this.
One final question: I need to supply tcb.clientId, tcb.clientSecret and credentials.zip. Is this expected?
Yes this is expected, according to our IDE extensions team.
indeed, these docker credentials are not needed if you are not using the canonicalization, this will be fixed in the next release, thanks for the report.
About the PLATFORM_CLIENT_ID not set: the task get the package version and bump it automatically. Because of it the Torizon Platform credentials are needed. If you want to handle the package version yourself you can remove the ${command:tcb.getNextPackageVersion} from the task description and set the version yourself.
