Open sw-dev-code opened 5 years ago
Assuming that with OTA you mean: Over The Air update of the firmware. That is supported by either the API, which is used by the OTA example in the lib, or by FTP file upload of the image to flash/sys. In either case, the new image will not be activated until ota_finish() is called. There use be be a checksum verification, which got lost during one of the previous firmware versions. In any case the old firmware is kept. Looking at the code ota.py in the OTA example, it will indeed call ota_finish() once it does not receive further data from the server, which may lead to a broken system, if not all data has been transferred. So some checks should be added or re-established, which prevent activation of an corrupt image, in which case the old image is still active.
Sorry for not being precise, by OTA I meant update of main.py, config.py or any file inside lib directory. Like it said at https://docs.pycom.io/tutorials/all/ota.html - "even though it does backup previous versions of files, the roll back procedure is not implemented. This is left of the end user to do.". I wanted to point my issue at this case. Should I expect to see this rool back procedure implemented in near future, or to start implementing by myself?
Feature Request 🚀
Is your feature request related to a problem? Please describe.
OTA library - Add support for OTA restore in case of bad or broken OTA process.
Describe the solution you'd like
In case of failed OTA update, files should be replaces with their .bak files which are already generated.
Describe alternatives you've considered
No alternatives.
Teachability, Documentation, Adoption, Migration Strategy
Users should not be aware of this restore process. Most important thing is that after failed OTA update user doesn't end up with broken device.