1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
/****************************************************************************
**
** Copyright (C) 2018 Pelagicore AG
** Contact: https://www.qt.io/licensing/
**
** This file is part of the documentation of the Pelagicore Application Manager.
**
** $QT_BEGIN_LICENSE:FDL-QTAS$
** Commercial License Usage
** Licensees holding valid commercial Qt Automotive Suite licenses may use
** this file in accordance with the commercial license agreement provided
** with the Software or, alternatively, in accordance with the terms
** contained in a written agreement between you and The Qt Company. For
** licensing terms and conditions see https://www.qt.io/terms-conditions.
** For further information use the contact form at https://www.qt.io/contact-us.
**
** GNU Free Documentation License Usage
** Alternatively, this file may be used under the terms of the GNU Free
** Documentation License version 1.3 as published by the Free Software
** Foundation and appearing in the file included in the packaging of
** this file. Please review the following information to ensure
** the GNU Free Documentation License version 1.3 requirements
** will be met: https://www.gnu.org/licenses/fdl-1.3.html.
** $QT_END_LICENSE$
**
****************************************************************************/
/*!
\page appman-packager.html
\title Packager
\brief A command-line utility for managing the installation of packages.
\ingroup qtappman-tools
The \c{appman-packager} is a command-line utility that is used by the developer to manage installation
packages. It could also be used as a signing and verification tool on a app-store backend server.
This tool is meant for usage on the developer's desktop machine or packaging server, but not on the
target device.
At the moment the application-manager supports unsigned packages, packages that are signed by the
developer only (development mode), and packages that are signed by a trusted app-store. The
\c{appman-packager} can create all these variations with the following commands:
\table
\header
\li Command
\li Arguments
\li Description
\row
\li \span {style="white-space: nowrap"} {\c create-package}
\li \c{<package>}
\c{<source directory>}
\li Creates a new package named \a package from the application in \a{source directory}. The
directory needs to at least contain an \l{Manifest definition}{\c info.yaml} as well as an
\c{icon.png} file.
The tool will do a sanity-check on the \c info.yaml file before actually creating the
package.
All normal files and directories in the source directory will be copied into package. The
only meta-data that is copied from the filesystem is the filename, and the user's
eXecutable-bit. The following options are supported:
\c{--verbose}: Dump the package's meta-data header and footer information to stdout.
\c{--json}: Output in JSON format instead of YAML.
\c{--extra-metadata} or \c{-m}: Add the given YAML snippet on the commandline to the
packages's \c extra meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge).
\c{--extra-metadata-file} or \c{-M}: Add the given YAML file to the
packages's \c extra meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge)
\c{--extra-signed-metadata} or \c{-s}: Add the given YAML snippet on the commandline to the
packages's \c extraSigned meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge)
\c{--extra-signed-metadata-file} or \c{-S}: Add the given YAML file to the
packages's \c extra meta-data (see also ApplicationInstaller::taskRequestingInstallationAcknowledge)
All of the extra-meta-data options are merged together, so all options can be used together
and each option can also be given multiple times. The signed fields are added to the
package's digest, so that they cannot be changed once the package has been signed. The
normal fields can however be changed even after package signing: an example would be an
appstore-server adding custom tags.
\row
\li \span {style="white-space: nowrap"} {\c dev-sign-package}
\li \c{<package>}
\c{<signed-package>}
\c{<certificate>}
\c{<password>}
\li Takes the input \c package, adds a developer signature and writes the output to \c signed-package.
You need to supply a \c certificate in P12 format together with a \c password matching the
certificate. The following options are supported:
\c{--verbose}: Dump the package's meta-data header and footer information to stdout.
\c{--json}: Output in JSON format instead of YAML.
\row
\li \span {style="white-space: nowrap"} {\c dev-verify-package}
\li \c{<package>}
\c{<ca-certificates...>}
\li Reads the input \c package and tries to verify the developer signature using the given \c
ca-certificates. The following options are supported:
\c{--verbose}: Print details regarding the verification to stdout.
\row
\li \span {style="white-space: nowrap"} {\c store-sign-package}
\li \c{<package>}
\c{<signed-package>}
\c{<certificate>}
\c{<password>}
\c{<device-id>}
\li Takes the input \c package, adds a store signature and writes the output to \c signed-package.
You need to supply a \c certificate in P12 format together with a \c password matching the
certificate. If you don't leave the \c device-id empty, the resulting package can only be
installed on this specific device. The following options are supported:
\c{--verbose}: Dump the package's meta-data header and footer information to stdout.
\c{--json}: Output in JSON format instead of YAML.
\row
\li \span {style="white-space: nowrap"} {\c store-verify-package}
\li \c{<package>}
\c{<ca-certificates...>}
\c{<device-id>}
\li Reads the input \c package and tries to verify the store signature using the given \c
ca-certificates. The following options are supported:
\c{--json}: Output in JSON format instead of YAML.
\endtable
The \c{appman-packager} naturally supports the standard Unix \c{--help} command-line option.
*/
|
