From e9c96f49a1478aaa677d26f3cb84dd1bd15bf116 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Mon, 29 Jul 2024 02:31:55 -0400 Subject: [PATCH] update signing instructions --- static/build.html | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/static/build.html b/static/build.html index 014aea4a..752d0df4 100644 --- a/static/build.html +++ b/static/build.html @@ -644,33 +644,38 @@ cd ../.. 
m otatools-package
-

Generate a signed release build with the release.sh script:

+

Copy build artifacts to releases directory:

- 
script/release.sh raven
+ 
script/finalize.sh
+ +

Generate a signed release build with the generate-release.sh script:

+ + 
script/generate-release.sh raven BUILD_NUMBER

The factory images and update package will be in - out/release-raven-BUILD_NUMBER. The update zip performs a full OS - installation so it can be used to update from any previous version. More efficient - incremental updates are used for official over-the-air GrapheneOS updates and can be - generated by keeping around past signed target_files zips and generating - incremental updates from those to the most recent signed target_files - zip.

+ releases/BUILD_NUMBER/release-raven-BUILD_NUMBER. + The update zip performs a full OS installation so it can be used to update from + any previous version. More efficient incremental updates are used for official + over-the-air GrapheneOS updates and can be generated by keeping around past + signed target_files zips and generating incremental updates from + those to the most recent signed target_files zip.

See the install page for information on how to use the factory images. See the usage guide section on sideloading updates for information on how to use the update packages.

-

Running script/release.sh also generates channel metadata for the - update server. If you configured the Updater client URL and set the build to include - it (see the information on OFFICIAL_BUILD above), you can push signed - over-the-air updates via the update system. Simply upload the update package to the - update server along with the channel metadata for the release channel, and it will be - pushed out to the update client. The DEVICE-beta and - DEVICE-stable metadata provide the Beta and Stable release channels used - by the update client. The DEVICE-testing metadata provides - an internal testing channel for the OS developers, which can be temporarily - enabled using adb shell setprop sys.update.channel testing. The name is - arbitrary and you can also use any other name for internal testing channels.

+

Running script/generate-release.sh also generates channel + metadata for the update server. If you configured the Updater client URL and set + the build to include it (see the information on OFFICIAL_BUILD + above), you can push signed over-the-air updates via the update system. Simply + upload the update package to the update server along with the channel metadata + for the release channel, and it will be pushed out to the update client. The + DEVICE-beta and DEVICE-stable + metadata provide the Beta and Stable release channels used by the update client. + The DEVICE-testing metadata provides an internal testing + channel for the OS developers, which can be temporarily enabled using adb + shell setprop sys.update.channel testing. The name is arbitrary and you + can also use any other name for internal testing channels.

For GrapheneOS itself, the testing channel is used to push out updates to developer devices, followed by a sample future release to test that the release which is about