Shadow OTA and hosting firmware

Hi all :slightly_smiling_face:

I am currently attempting to use mDash to perform shadow OTAs, but do not know how to ensure that only devices registered on mDash/Google IoT Core will have permission to download the firmware.

The mongoose os docs states that one simply needs to set the desired.ota.url parameter to trigger an OTA, which seems simple enough. Unfortunately, my devices are spread across various networks and I would have to provide a publicly accessible link. Is there a way of hosting my firmware which ensures that only devices registered to mDash or Google IoT core will have permission to download the hosted firmware?

I have noticed in the docs that mDash used to provide functionality for hosting firmware files, but I guess this has since been removed?

Any help and advice would be sincerely appreciated,

I’m not aware that mDash has the ability to host binary files for OTA (or other purposes).

AFAIK you can initiate OTA manually via the mDash console or via API calls.

I would agree that the mongoose os docs you’ve referenced appears to be stale. The shadow OTA would seem to be a handy feature, however.

Perhaps @Sergey_Lyubka could comment?


Was looking to do something similar to this and just came across this thread. Thought it would be better to keep all the conversation here.

Based on the doco I’ve found on google for OTA the ability to grab a new firmware from github release is available, but my repo is not publicly available.

Seems like github api does support fetching of private repo artefact but in order do it the TOKEN needs to be added to the URL based on this post.

Doesn’t feel like a great solution adding the TOKEN to the URL, would love to know if anyone has this working another way