OTA Connect Developer Guide

Manage metadata expiry dates

Once you take the keys for signing metadata offline, you need to be aware of when this metadata expires. You need to refresh the expiry date before it is reached, otherwise you won’t be able to push updates.

The default expiry dates are as follows:

  • For targets.json, the expiry date is 31 days from when the metadata was last updated.

  • For root.json, the expiry date is 365 days from when the metadata was last updated.

You can refresh the expiry date one of the following ways:

  • With garage-sign:

    If you previously followed the procedure to take Uptane-related keys offline, you would have created a local image repository called myimagerepo and a key called mytargets. You use these same repository and key names to refresh the expiry dates.

    • Resign the current targets.json with your existing key:

      garage-sign targets sign --repo myimagerepo --key-name mytargets
    • Upload the newly signed targets.json to OTA Connect:

      garage-sign targets push --repo myimagerepo
  • With the bitbake command:

    Another option is to bitbake your main disk image again. Specifically, the disk image that you flashed to your devices.

    Bitbaking again shouldn’t take long as files are usually cached from the previous build. You don’t have to do anything with the image, it’s just that process of bitbaking also refreshes the expiry date for targets.json.