Add support for setting fwup environment variables

lib/nerves_hub_link_common/fwup_config.ex

@@ -7,6 +7,7 @@ defmodule NervesHubLinkCommon.FwupConfig do
 
   defstruct fwup_public_keys: [],
             fwup_devpath: "/dev/mmcblk0",
+            fwup_env: [],
             fwup_task: "upgrade",
             handle_fwup_message: nil,
             update_available: nil
@@ -35,6 +36,7 @@ defmodule NervesHubLinkCommon.FwupConfig do
           fwup_public_keys: [String.t()],
           fwup_devpath: Path.t(),
           fwup_task: String.t(),
+          fwup_env: [{String.t(), String.t()}],
           handle_fwup_message: handle_fwup_message_fun,
           update_available: update_available_fun
         }
@@ -45,6 +47,7 @@ defmodule NervesHubLinkCommon.FwupConfig do
     args
     |> validate_fwup_public_keys!()
     |> validate_fwup_devpath!()
+    |> validate_fwup_env!()
     |> validate_handle_fwup_message!()
     |> validate_update_available!()
   end
@@ -74,4 +77,10 @@ defmodule NervesHubLinkCommon.FwupConfig do
 
   defp validate_update_available!(%__MODULE__{}),
     do: raise(ArgumentError, message: "update_available function signature incorrect")
+
+  defp validate_fwup_env!(%__MODULE__{fwup_env: list} = args) when is_list(list),
+    do: args
+
+  defp validate_fwup_env!(%__MODULE__{}),
+    do: raise(ArgumentError, message: "invalid arg: fwup_env")
 end

lib/nerves_hub_link_common/update_manager.ex

@@ -201,7 +201,10 @@ defmodule NervesHubLinkCommon.UpdateManager do
     pid = self()
     fun = &send(pid, {:download, &1})
     {:ok, download} = Downloader.start_download(update_info.firmware_url, fun)
-    {:ok, fwup} = Fwup.stream(pid, fwup_args(state.fwup_config))
+
+    {:ok, fwup} =
+      Fwup.stream(pid, fwup_args(state.fwup_config), fwup_env: state.fwup_config.fwup_env)
+
     Logger.info("[NervesHubLink] Downloading firmware: #{update_info.firmware_url}")
 
     %State{

test/nerves_hub_link_common/update_manager_test.exs

@@ -70,6 +70,31 @@ defmodule NervesHubLinkCommon.UpdateManagerTest do
       assert_received :rescheduled
       refute_received {:fwup, _}
 
+      assert_receive {:fwup, {:progress, 0}}, 250
+      assert_receive {:fwup, {:progress, 100}}
+      assert_receive {:fwup, {:ok, 0, ""}}
+    end
+
+    test "apply with fwup environment", %{update_payload: update_payload, devpath: devpath} do
+      test_pid = self()
+      fwup_fun = &send(test_pid, {:fwup, &1})
+      update_available_fun = fn _ -> :apply end
+
+      fwup_config = %FwupConfig{
+        fwup_devpath: devpath,
+        fwup_task: "secret_upgrade",
+        fwup_env: [
+          {"SUPER_SECRET", "1234567890123456789012345678901234567890123456789012345678901234"}
+        ],
+        handle_fwup_message: fwup_fun,
+        update_available: update_available_fun
+      }
+
+      # If setting SUPER_SECRET in the environment doesn't happen, then test fails
+      # due to fwup getting a bad aes key.
+      {:ok, manager} = UpdateManager.start_link(fwup_config)
+      assert UpdateManager.apply_update(manager, update_payload) == {:updating, 0}
+
       assert_receive {:fwup, {:progress, 0}}
       assert_receive {:fwup, {:progress, 100}}
       assert_receive {:fwup, {:ok, 0, ""}}

test/support/fixtures.ex

@@ -142,16 +142,16 @@ defmodule Fwup.TestSupport.Fixtures do
     meta-architecture = "#{meta_params.architecture}"
     meta-author = "#{meta_params.author}"
 
-    file-resource  #{Ecto.UUID.generate()}.txt {
-    contents = "Hello, world!"
-    }
-
-    task complete {
-
+    file-resource hello.txt {
+      contents = "Hello, world!"
     }
 
     task upgrade {
+      on-resource hello.txt { raw_write(0) }
+    }
 
+    task secret_upgrade {
+      on-resource hello.txt { raw_write(0, "cipher=aes-cbc-plain", "secret=\\${SUPER_SECRET}") }
     }
     """
   end