Package com.tccc.kos.commons.manifest.chained

Class ChainedManifest

java.lang.Object

com.tccc.kos.commons.manifest.DeviceManifestVersion

com.tccc.kos.commons.manifest.install.InstallManifest

com.tccc.kos.commons.manifest.chained.ChainedManifest

public class ChainedManifest
extends InstallManifest

A ChainedManifest defines a collection of sections that contains artifacts that are used to resolve external references from a NodeManifest. This allows for the creation of device manifests that can be augmented in controlled ways by chained manifests which can be generated by other organizations. Since the device manifest can never be modified by other organizations as there would be no way to sign it with the correct authority, this mechanism provides supply chain security and also ensures that upstream organizations cannot modify any device manifest in ways not defined by the originating organization.

Every ChainedManifest contains a name. This must be unique within the chain and the name must be well known so that a node manifest can reference it by its name.

Since the ChainedManifest is delivered as a KAB, the manifest has an associated authority established by the keys used to sign the manifest. Consumers of this manifest must specify the authority in order to use it. This ensures that other organizations can't supply a chained manifest with the same name and override the resolution process.

Each section defined in the manifest is identified by a name and contains a list of artifacts. When referenced by a node manifest using ChainedSectionRef, the name is matched using the srcSection property. When the section is placed in the node manfiest it will appear with the dstSection name. This allows upstream systems to build common manifests that can be used across many devices as the device developer can map section names as needed within their references.

A ChainedManifest contains a collection of properties. These are not used by kOS, but are available for tooling to inject data for upstream use. For example, in a system where multiple chained manifests are built by different systems, upstream systems may not have access to the original device manifest. Intermediate tooling can pass data from the original manifest to upstream processes, or provide information about the chained manifest itself to the next upstream process without needing to pass additional out of band data.

Version:

2024-03-25

Field Summary

Fields

Modifier and Type	Field	Description
static final String	TYPE

Fields inherited from class com.tccc.kos.commons.manifest.install.InstallManifest

PROP_INSTALL_DETAIL, PROP_INSTALL_SUMMARY

Constructor Summary

Constructors

Constructor	Description
ChainedManifest()

Method Summary

Modifier and Type	Method	Description
String	getAuthority()
String	getName()
Map<String,Set<BaseManifestArtifact>>	getSections()
void	setAuthority(String authority)
void	setName(String name)
void	setSections(Map<String,Set<BaseManifestArtifact>> sections)

Methods inherited from class com.tccc.kos.commons.manifest.install.InstallManifest

getDeviceType, getInstallArtifacts, getInstallDetails, getInstallLayers, getInstallSummary, getManifestType, getNextManifestId, getProperties, setDeviceType, setInstallArtifacts, setInstallLayers, setManifestType, setNextManifestId, setProperties

Methods inherited from class com.tccc.kos.commons.manifest.DeviceManifestVersion

getVersion, setVersion

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

TYPE

public static final String TYPE

See Also:

• Constant Field Values

Constructor Details

ChainedManifest

public ChainedManifest()

Method Details

getName

public String getName()

getSections

public Map<String,Set<BaseManifestArtifact>> getSections()

getAuthority

public String getAuthority()

setName

public void setName(String name)

setSections

public void setSections(Map<String,Set<BaseManifestArtifact>> sections)

setAuthority

public void setAuthority(String authority)