| Message ID | 20251227172301.1967831-1-adrian.freihofer@siemens.com |
|---|---|
| State | New |
| Headers | show |
| Series | fragments: add a 'devtool-ide-sdk' fragment | expand |
On Sat, 27 Dec 2025 at 18:23, Adrian Freihofer via lists.openembedded.org <adrian.freihofer=siemens.com@lists.openembedded.org> wrote: > Add a configuration fragment that enables devtool ide-sdk workflow > for development and remote debugging. > The configuration is intended to streamline the development workflow > where developers can modify recipes with devtool and debug them > remotely on target devices using IDEs like VSCode. There are tests for ide-sdk in meta/lib/oeqa/selftest/cases/devtool.py, should they be adjusted to use the fragment? > This also includes the EXTRA_IMAGE_FEATURES from > root-login-with-exmpty-password.conf. Ideally there would be a possibility > to define fragment dependencies, so that this fragment could just depend on > that one instead of duplicating the content here. This is somewhat more worrying. Having the settings bundled into the fragment this way quietly opens a big security hole in users' configuration, something they did not necessarily consent to. The original fragment at least warns the users of the dangers involved, this one doesn't. I would much rather take an opportunity to set up proper key-based authentication or something else better than simply not having a password. There was already reluctance to having the original empty-password fragment (because it's the easy way out that only delays solving the problem properly), and spreading these settings to other fragments makes the situation worse. Alex
diff --git a/meta/conf/fragments/yocto/devtool-ide-sdk.conf b/meta/conf/fragments/yocto/devtool-ide-sdk.conf new file mode 100644 index 0000000000..4e09eb82a5 --- /dev/null +++ b/meta/conf/fragments/yocto/devtool-ide-sdk.conf @@ -0,0 +1,32 @@ +BB_CONF_FRAGMENT_SUMMARY = "Use devtool ide-sdk for development and remote debugging." +BB_CONF_FRAGMENT_DESCRIPTION = "\ +This configuration enables the use of devtool ide-sdk. \ +Example usage: \ + 1. The recipe (my-recipe in this case) must be in IMAGE_INSTALL. \ + 2. Devtool modify --debug-build my-recipe \ + 3. devtool ide-sdk my-recipe core-image-full-cmdline --target root@192.168.7.2' \ + 4. runqemu snapshot \ + 5. code $BUILDDIR/workspace/sources/my-recipe \ + 6. Develop and debug the sources of my-recipe from VSCode remotely on the device. \ +" + +# Build the companion debug file system +IMAGE_GEN_DEBUGFS = "1" + +# Optimize build time: with devtool ide-sdk the dbg tar is not needed +# (if booting the target via NFS is not used for remote debugging) +IMAGE_FSTYPES_DEBUGFS = "" + +# Without copying the binaries into roofs-dbg, GDB does not find all source files. +IMAGE_CLASSES += "image-combined-dbg" + +# SSH is mandatory, no password simplifies the usage +EXTRA_IMAGE_FEATURES += "\ + ssh-server-openssh \ + allow-empty-password \ + allow-root-login \ + empty-root-password \ +" + +# Remote debugging needs gdbserver on the target device +IMAGE_INSTALL:append = " gdbserver"