Skip to content

Commit

Permalink
create_disk: Add bootupd-epoch, hard require new bootupd
Browse files Browse the repository at this point in the history
  • Loading branch information
cgwalters committed Oct 12, 2023
1 parent 5824720 commit ed7fce9
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 164 deletions.
3 changes: 0 additions & 3 deletions src/cosalib/cmdlib.py
Original file line number Diff line number Diff line change
Expand Up @@ -397,9 +397,6 @@ def generate_image_json(srcfile):
r = yaml.safe_load(open("/usr/lib/coreos-assembler/image-default.yaml"))
for k, v in flatten_image_yaml(srcfile).items():
r[k] = v
# Serialize our default GRUB config
with open("/usr/lib/coreos-assembler/grub.cfg") as f:
r['grub-script'] = f.read()
return r


Expand Down
86 changes: 19 additions & 67 deletions src/create_disk.sh
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ rootfs_args=$(getconfig_def "rootfs-args" "")

bootfs=$(getconfig "bootfs")
composefs=$(getconfig_def "composefs" "")
grub_script=$(getconfig "grub-script")
bootupd_epoch=$(getconfig "bootupd-epoch")
ostree_container=$(getconfig "ostree-container")
commit=$(getconfig "ostree-commit")
ref=$(getconfig "ostree-ref")
Expand Down Expand Up @@ -396,51 +396,7 @@ cat > $rootfs/.coreos-aleph-version.json << EOF
}
EOF

install_uefi() {
# https://github.com/coreos/fedora-coreos-tracker/issues/510
# See also https://github.com/ostreedev/ostree/pull/1873#issuecomment-524439883
# Unshare mount ns to work around https://github.com/coreos/bootupd/issues/367
unshare -m /usr/bin/bootupctl backend install --src-root="${deploy_root}" "${rootfs}"
# We have a "static" grub config file that basically configures grub to look
# in the RAID called "md-boot", if it exists, or the partition labeled "boot".
local target_efi="$rootfs/boot/efi"
local grubefi
grubefi=$(find "${target_efi}/EFI/" -maxdepth 1 -type d | grep -v BOOT)
local vendor_id="${grubefi##*/}"
local vendordir="${target_efi}/EFI/${vendor_id}"
mkdir -p "${vendordir}"
cat > "${vendordir}/grub.cfg" << 'EOF'
if [ -e (md/md-boot) ]; then
# The search command might pick a RAID component rather than the RAID,
# since the /boot RAID currently uses superblock 1.0. See the comment in
# the main grub.cfg.
set prefix=md/md-boot
else
if [ -f ${config_directory}/bootuuid.cfg ]; then
source ${config_directory}/bootuuid.cfg
fi
if [ -n "${BOOT_UUID}" ]; then
search --fs-uuid "${BOOT_UUID}" --set prefix --no-floppy
else
search --label boot --set prefix --no-floppy
fi
fi
set prefix=($prefix)/grub2
configfile $prefix/grub.cfg
boot
EOF
install_grub_cfg
}

# copy the grub config and any other files we might need
install_grub_cfg() {
# 0700 to match the RPM permissions which I think are mainly in case someone has
# manually set a grub password
mkdir -p $rootfs/boot/grub2
chmod 0700 $rootfs/boot/grub2
printf "%s\n" "$grub_script" | \
sed -E 's@(^# CONSOLE-SETTINGS-START$)@\1'"${platform_grub_cmds:+\\n${platform_grub_cmds}}"'@' \
> $rootfs/boot/grub2/grub.cfg
install_platforms_json() {
# Copy platforms table if it's non-empty for this arch
# shellcheck disable=SC2031
if jq -e ".$arch" < "$platforms_json" > /dev/null; then
Expand Down Expand Up @@ -472,32 +428,28 @@ generate_gpgkeys() {
rm -rf "${tmp_home}"
}

# Hard require epoch 1, but leave space for future versions
case "${bootupd_epoch}" in
1)
;;
*) echo "Unhandled ${bootupd_epoch} 1>&2; exit 1"
;;
esac

# Other arch-specific bootloader changes
# shellcheck disable=SC2031
case "$arch" in
x86_64)
# UEFI
install_uefi
x86_64|aarch64|ppc64le)
# For background on bootupd, see https://github.com/coreos/fedora-coreos-tracker/issues/510
# This requires bootupd 0.2.11 in the target system, and handles both BIOS and UEFI for x86_64 for example.
bootupd_args=()
if [ "${x86_bios_bootloader}" = 1 ]; then
# And BIOS grub in addition. See also
# https://github.com/coreos/fedora-coreos-tracker/issues/32
# Install BIOS/PReP bootloader using the target system's grub2-install,
# see https://github.com/coreos/coreos-assembler/issues/3156
chroot_run /sbin/grub2-install \
--target i386-pc \
--boot-directory $rootfs/boot \
--modules mdraid1x \
"$disk"
bootupd_args+=("--device=$disk")
fi
chroot_run env /usr/bin/bootupctl backend install --with-static-configs --src-root="${deploy_root}" "${bootupd_args[@]}" "${rootfs}"
if test -n "${platform_grub_cmds}"; then
echo "${platform_grub_cmds}" > $rootfs/boot/grub2/platform01.cfg
fi
;;
aarch64)
# Our aarch64 is UEFI only.
install_uefi
;;
ppc64le)
# to populate PReP Boot, i.e. support pseries
chroot_run /sbin/grub2-install --target=powerpc-ieee1275 --boot-directory $rootfs/boot --no-nvram "${disk}${PREPPN}"
install_grub_cfg
;;
s390x)
ostree config --repo $rootfs/ostree/repo set sysroot.bootloader zipl
Expand Down
94 changes: 0 additions & 94 deletions src/grub.cfg

This file was deleted.

3 changes: 3 additions & 0 deletions src/image-default.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ rootfs-args: ""
# Set to "true" to enable composefs
composefs: false

# - "1": adds a hard requirement of bootupd 0.2.X and updated ignition
bootupd-epoch: "1"

# Additional default kernel arguments injected into disk images
extra-kargs: []

Expand Down

0 comments on commit ed7fce9

Please sign in to comment.