actions/build-container-installer
1
0
Fork 0
mirror of https://github.com/JasonN3/build-container-installer.git synced 2025-12-25 10:57:55 +01:00
Code Releases Activity

feat: Allow users to override secure boot key and password (#40)

Browse source 
* feat: Allow users to override secure boot key and password when using container or action

* fix: follow redirects

* chore: update docs

* fix: added comments and removed additional \n

* fix: removed defaults

* fix: added conditional for adding public key

* chore(ci): Added additional test for secure boot

* chore(ci): fixed up workflows to match production

* fix(ci): added workflow dispatch to test

* fix(ci): fixed version and added IMAGE_TAG

* chore(ci): changed to bluefin to test both 38 and 39 secure boot

* chore(ci): added required variables to entrypoint

* chore(ci): added merge_group and added paths-ignore

* chore(ci): updated description

* chore(ci): set to Silverblue since we are testing Bluefin

* chore(ci): Fixed secure boot key not found error

Received error in anaconda when check was hit, need to set as a soft failure to exit the script early without stopping anaconda installation.

* chore: fixed formatting

* chore: fixed whitespace

* chore(ci): Removed duplicate test

* chore: fix whitespace

* chore(ci): fixed test and removed upload to Github Artifacts

* chore: updated README

* fix: set password to ublue default

* fix: changed enrollment password in containerfile
This commit is contained in:
Noel Miller 2024-02-27 18:06:38 -06:00 committed by GitHub
parent 3401b10c56
commit f70e8ea027
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 99 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Makefile
View file

@ -8,6 +8,8 @@ IMAGE_TAG = $(VERSION)
EXTRA_BOOT_PARAMS =
VARIANT = Kinoite
WEB_UI = false
ENROLLMENT_PASSWORD = ublue-os
SECURE_BOOT_KEY_URL =
# Generated vars
## Formatting = _UPPERCASE
@ -50,6 +52,14 @@ lorax_templates/%.tmpl: lorax_templates/%.tmpl.in
boot.iso: lorax_templates/set_installer.tmpl lorax_templates/configure_upgrades.tmpl
rm -Rf $(_BASE_DIR)/results
# Set the enrollment password
sed 's/@ENROLLMENT_PASSWORD@/$(ENROLLMENT_PASSWORD)/' $(_BASE_DIR)/scripts/enroll-secureboot-key.sh.in > $(_BASE_DIR)/scripts/enroll-secureboot-key.sh
# Download the secure boot key
if [ -n "$(SECURE_BOOT_KEY_URL)" ]; then\
curl --fail -L -o $(_BASE_DIR)/sb_pubkey.der $(SECURE_BOOT_KEY_URL);\
fi
# Remove the "Test this media & install" menu entry
sed -i '/menuentry '\''Test this media & install @PRODUCT@ @VERSION@'\'' --class fedora --class gnu-linux --class gnu --class os {/,/}/d' /usr/share/lorax/templates.d/99-generic/config_files/x86/grub2-bios.cfg
sed -i '/menuentry '\''Test this media & install @PRODUCT@ @VERSION@'\'' --class fedora --class gnu-linux --class gnu --class os {/,/}/d' /usr/share/lorax/templates.d/99-generic/config_files/x86/grub2-efi.cfg
@ -68,6 +78,7 @@ boot.iso: lorax_templates/set_installer.tmpl lorax_templates/configure_upgrades.
sed -i 's/linux @KERNELPATH@ @ROOT@ inst.rescue quiet/linux @KERNELPATH@ @ROOT@ inst.rescue quiet $(EXTRA_BOOT_PARAMS)/g' /usr/share/lorax/templates.d/99-generic/config_files/x86/grub2-bios.cfg
sed -i 's/linuxefi @KERNELPATH@ @ROOT@ inst.rescue quiet/linuxefi @KERNELPATH@ @ROOT@ inst.rescue quiet $(EXTRA_BOOT_PARAMS)/g' /usr/share/lorax/templates.d/99-generic/config_files/x86/grub2-efi.cfg
# Build boot.iso
lorax -p $(IMAGE_NAME) -v $(VERSION) -r $(VERSION) -t $(VARIANT) \
--isfinal --buildarch=$(ARCH) --volid=$(_VOLID) \
$(_LORAX_ARGS) \