tests: rebuild OVMF and use generated keys #14960

valentindavid · 2025-01-22T10:51:59Z

Depends on #14959

The generated OVMF_VARS also contains microsoft "other" db cert. And also the certs for the pc-kernel edge. As well as the now deprecated snakeoil cert.

github-actions · 2025-01-22T10:53:00Z

Mon Jan 27 17:33:42 UTC 2025
The following results are from: https://github.com/canonical/snapd/actions/runs/12987726291

Failures:

Preparing:

openstack:debian-12-64:tests/main/
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:nolink
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-set-efi-boot-vars:BOOTDIR_NOSEC
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-save:plain
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:snapd_reboot_link_snap
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-save:encrypted
google-nested:ubuntu-20.04-64:tests/nested/core/core20-degraded
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:bad_initrd
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-install:snapd_reboot_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core-gadget-mounted
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-install-device-file-install-ubuntu-save-via-hook
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-tpm
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-install-in-initrd:both
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_refresh_gadget_assets
google-nested:ubuntu-20.04-64:tests/nested/core/core20-reinstall-partitions
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_panic_link_snap
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:bad_text
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:empty
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject
google-nested:ubuntu-20.04-64:tests/nested/core/bad-try-kernel-no-reboot
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_refresh_gadget_assets
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:bad_linux
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_panic_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_refresh_gadget_assets
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_reboot_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:crash
google-nested:ubuntu-20.04-64:tests/nested/core/kernel-revert-after-boot
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-install:snapd_panic_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-set-efi-boot-variables
google-nested:ubuntu-20.04-64:tests/nested/core/interfaces-custom-devices
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_link_snap
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-failover:zeros
google-nested:ubuntu-20.04-64:tests/nested/core/base-revert-after-boot
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_reboot_link_snap
google-nested:ubuntu-20.04-64:tests/nested/core/connected-after-reboot-revert
google-nested:ubuntu-20.04-64:tests/nested/core/core20-basic
google-nested:ubuntu-20.04-64:tests/nested/core/save-data
google-nested:ubuntu-20.04-64:tests/nested/core/core20-gadget-reseal
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_link_snap
google-nested:ubuntu-20.04-64:tests/nested/core/core20-factory-reset:nofde
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_auto_connect
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_refresh_gadget_assets
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_link_snap
google-nested:ubuntu-20.04-64:tests/nested/core/core20-factory-reset:fde
google-nested:ubuntu-20.04-64:tests/nested/core/coreconfig-services
google-nested:ubuntu-20.04-64:tests/nested/core/core20-kernel-reseal
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:snapd_panic_link_snap
google-nested:ubuntu-20.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_link_snap
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-set-efi-boot-vars:UBUNTUDIR_NOSEC
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-install-in-initrd:none
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-boot-config-update:nogadget
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system:no_test_or_default
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-assets-secure-add-sbat:both
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-fde-hooks-v1
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-offline:local_assertions
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-boot-config-update:gadgetfull
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-custom-kernel-commandline
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-install-in-initrd:secureboot
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-simple:offline
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-offline:local_and_installed_snaps
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-storage-safety:preferunencrypted
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-create-recovery
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-fde-hooks
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-4k-sector-size:physical_only
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-factory-reset-install-device-hook
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-new-snapd-does-not-break-old-initrd
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-set-efi-boot-vars:BOOTDIR
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-assets-secure:seed
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-initramfs-time-moves-forward
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system-offline:tested
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-assets-secure:boot
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetwithoutopinion
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-grade-signed-above-testkeys-boot:secured
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-grade-signed-above-testkeys-boot:signed
google-nested:ubuntu-20.04-64:tests/nested/manual/cmdline-option:signed
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system-offline:untested
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-fault-inject-on-remodel:kernel_panic_remodel_boot_assets
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-fault-inject-on-remodel:gadget_reboot_remodel_boot_assets
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-fault-inject-on-remodel:kernel_reboot_remodel_boot_assets
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-command-line-secure
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system-offline:pre_installed_snaps
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system-offline:pre_installed_snaps_json
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-fault-inject-on-update-config:gadget_panic_command_line
google-nested:ubuntu-20.04-64:tests/nested/manual/uc20-install-in-initrd:hook
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-cross-store
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system:tested_and_default
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-fault-inject-on-remodel:gadget_panic_remodel_boot_assets
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-early-config
google-nested:ubuntu-20.04-64:tests/nested/manual/cmdline-remove-append
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-to-core22
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-offline:local_snaps
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-offline:installed_snaps
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-gadget-cloud-conf:signed
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-uc20-to-uc22:encrypted
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetsaysmaas
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-da-lockout:encrypted
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system:tested
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-assets-secure:both
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-uc20-to-uc22:notencrypted
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-4k-sector-size:logical
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-assets-secure-add-sbat:seed
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-validation-sets
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-grade-signed-cloud-init-testkeys
google-nested:ubuntu-20.04-64:tests/nested/manual/recovery-system:default
google-nested:ubuntu-20.04-64:tests/nested/manual/remodel-target-base-installed
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-save:plainwithsave
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-gadget-cloud-conf:secured
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-remodel
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-boot-config-update:gadgetextra
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-auto-remove-user
google-nested:ubuntu-20.04-64:tests/nested/manual/cmdline-option:dangerous
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-install-device-file-install-via-hook-hack
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-update-assets-secure-add-sbat:boot
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetsaysnone
google-nested:ubuntu-20.04-64:tests/nested/manual/uc-grub-boot-chains
google-nested:ubuntu-20.04-64:tests/nested/manual/devmode-snap-seeded-dangerous
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-set-efi-boot-vars:UBUNTUDIR
google-nested:ubuntu-22.04-64:tests/nested/classic/hotplug
google-nested:ubuntu-22.04-64:tests/nested/core/core20-gadget-reseal
google-nested:ubuntu-22.04-64:tests/nested/core/core20-degraded
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-fault-inject-on-remodel:gadget_reboot_remodel_boot_assets
google-nested:ubuntu-22.04-64:tests/nested/core/core20-set-efi-boot-variables
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/connected-after-reboot-revert
google-nested:ubuntu-22.04-64:tests/nested/core/base-revert-after-boot
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-gadget-cloud-conf:signed
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_panic_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/core-gadget-mounted
google-nested:ubuntu-22.04-64:tests/nested/core/interfaces-custom-devices
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-install:snapd_reboot_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_refresh_gadget_assets
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/save-data
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-reseal
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:bad_text
google-nested:ubuntu-22.04-64:tests/nested/core/bad-try-kernel-no-reboot
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:crash
google-nested:ubuntu-22.04-64:tests/nested/core/core20-factory-reset:fde
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_refresh_gadget_assets
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:bad_initrd
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_reboot_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/kernel-revert-after-boot
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:nolink
google-nested:ubuntu-22.04-64:tests/nested/core/core22-basic
google-nested:ubuntu-22.04-64:tests/nested/core/core20-factory-reset:nofde
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_refresh_gadget_assets
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:snapd_reboot_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_reboot_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-install:snapd_panic_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_panic_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/core20-reinstall-partitions
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:bad_linux
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:snapd_panic_link_snap
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:zeros
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_auto_connect
google-nested:ubuntu-22.04-64:tests/nested/core/coreconfig-services
google-nested:ubuntu-22.04-64:tests/nested/core/core20-kernel-failover:empty
google-nested:ubuntu-22.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_refresh_gadget_assets
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-offline:tested
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-4k-sector-size:logical
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-install-in-initrd:none
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-install-in-initrd:hook
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system:tested
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-set-efi-boot-vars:BOOTDIR_NOSEC
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-grade-signed-above-testkeys-boot:secured
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-grub-boot-chains
google-nested:ubuntu-22.04-64:tests/nested/manual/hybrid-remodel
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-auto-remove-user
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-early-config
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-reboot:install
google-nested:ubuntu-22.04-64:tests/nested/manual/devmode-snap-seeded-dangerous
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-fde-hooks-v1
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-boot-config-update:gadgetfull
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-offline:untested
google-nested:ubuntu-22.04-64:tests/nested/manual/cmdline-option:dangerous
google-nested:ubuntu-22.04-64:tests/nested/manual/remodel-simple:offline
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-boot-config-update:nogadget
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-reboot:recover
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-reboot:factory_reset
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-grade-signed-above-testkeys-boot:signed
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-fde-hooks-ice
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-set-efi-boot-vars:UBUNTUDIR
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-install-in-initrd:secureboot
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-set-efi-boot-vars:BOOTDIR
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-assets-secure:seed
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-command-line-secure
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-gadget-cloud-conf:secured
google-nested:ubuntu-22.04-64:tests/nested/manual/snapd-removes-vulnerable-snap-confine-revs:snapd
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-da-lockout:encrypted
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetsaysmaas
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-fde-hooks
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetsaysnone
google-nested:ubuntu-22.04-64:tests/nested/manual/remodel-min-size
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system:no_test_or_default
google-nested:ubuntu-22.04-64:tests/nested/manual/remodel-validation-sets-invalid
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-install-device-file-install-via-hook-hack
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-fault-inject-on-remodel:gadget_panic_remodel_boot_assets
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-install-in-initrd:both
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-assets-secure:both
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-grade-signed-cloud-init-testkeys
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-install-device-file-install-ubuntu-save-via-hook
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-offline:pre_installed_snaps_json
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetwithoutopinion
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-fault-inject-on-update-config:gadget_panic_command_line
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-custom-kernel-commandline
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-initramfs-time-moves-forward
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-boot-config-update:gadgetextra
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-assets-secure-add-sbat:seed
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system:default
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-remodel
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-fault-inject-on-remodel:kernel_panic_remodel_boot_assets
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-fault-inject-on-remodel:kernel_reboot_remodel_boot_assets
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-assets-secure-add-sbat:both
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system:tested_and_default
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-factory-reset-install-device-hook
google-nested:ubuntu-22.04-64:tests/nested/manual/remodel-validation-sets-downgrade
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-4k-sector-size:physical_only
google-nested:ubuntu-22.04-64:tests/nested/manual/recovery-system-offline:pre_installed_snaps
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-assets-secure:boot
google-nested:ubuntu-22.04-64:tests/nested/manual/cmdline-remove-append
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-set-efi-boot-vars:UBUNTUDIR_NOSEC
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-create-recovery
google-nested:ubuntu-22.04-64:tests/nested/manual/cmdline-option:signed
google-nested:ubuntu-22.04-64:tests/nested/manual/uc20-storage-safety:preferunencrypted
google-nested:ubuntu-22.04-64:tests/nested/manual/uc-update-assets-secure-add-sbat:boot
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system:default
google-nested:ubuntu-24.04-64:tests/nested/core/connected-after-reboot-revert
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetwithoutopinion
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_reboot_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/core20-degraded
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_refresh_gadget_assets
google-nested:ubuntu-24.04-64:tests/nested/core/core20-gadget-reseal
google-nested:ubuntu-24.04-64:tests/nested/core/interfaces-custom-devices
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-fault-inject-on-remodel:gadget_reboot_remodel_boot_assets
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-install:snapd_panic_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/core-gadget-mounted
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-fault-inject-on-update-config:gadget_panic_command_line
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:bad_linux
google-nested:ubuntu-24.04-64:tests/nested/core/core20-set-efi-boot-variables
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-reseal
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/bad-try-kernel-no-reboot
google-nested:ubuntu-24.04-64:tests/nested/core/save-data
google-nested:ubuntu-24.04-64:tests/nested/manual/cmdline-remove-append
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_refresh_gadget_assets
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/base-revert-after-boot
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_reboot_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:snapd_panic_link_snap
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-da-lockout:encrypted
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/core20-factory-reset:nofde
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_panic_refresh_gadget_assets
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:snapd_reboot_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:gadget_reboot_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/core20-factory-reset:fde
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_panic_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:bad_initrd
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:zeros
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_refresh_gadget_assets
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_panic_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/kernel-revert-after-boot
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:empty
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-install:snapd_reboot_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:kernel_reboot_auto_connect
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-reboot:recover
google-nested:ubuntu-24.04-64:tests/nested/core/coreconfig-services
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:bad_text
google-nested:ubuntu-24.04-64:tests/nested/manual/build-with-kernel-modules-components:plain
google-nested:ubuntu-24.04-64:tests/nested/core/core20-reinstall-partitions
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:nolink
google-nested:ubuntu-24.04-64:tests/nested/core/core20-fault-inject-on-refresh:base_panic_link_snap
google-nested:ubuntu-24.04-64:tests/nested/core/core20-kernel-failover:crash
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-set-efi-boot-vars:UBUNTUDIR
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-offline:tested
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-set-efi-boot-vars:UBUNTUDIR_NOSEC
google-nested:ubuntu-24.04-64:tests/nested/core/core22-basic
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-reboot:factory_reset
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system:tested_and_default
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-create-recovery
google-nested:ubuntu-24.04-64:tests/nested/manual/remodel-min-size
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-gadget-cloud-conf:signed
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-fault-inject-on-remodel:kernel_reboot_remodel_boot_assets
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-4k-sector-size:physical_only
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-grade-signed-cloud-init-testkeys
google-nested:ubuntu-24.04-64:tests/nested/manual/devmode-snap-seeded-dangerous
google-nested:ubuntu-24.04-64:tests/nested/manual/remodel-validation-sets-downgrade
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-install-device-file-install-via-hook-hack
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-set-efi-boot-vars:BOOTDIR
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-install-in-initrd:secureboot
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-reboot:install
google-nested:ubuntu-24.04-64:tests/nested/manual/component-recovery-system
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-install-in-initrd:both
google-nested:ubuntu-24.04-64:tests/nested/manual/uc-update-assets-secure:boot
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-boot-config-update:gadgetfull
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-offline:pre_installed_snaps
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system:no_test_or_default
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-fault-inject-on-remodel:kernel_panic_remodel_boot_assets
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-remodel
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-early-config
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-fault-inject-on-remodel:gadget_panic_remodel_boot_assets
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-offline:pre_installed_snaps_json
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-fde-hooks
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-boot-config-update:gadgetextra
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system-offline:untested
google-nested:ubuntu-24.04-64:tests/nested/manual/hybrid-remodel
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-grade-signed-above-testkeys-boot:secured
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-4k-sector-size:logical
google-nested:ubuntu-24.04-64:tests/nested/manual/kernel-modules-components:encrypted
google-nested:ubuntu-24.04-64:tests/nested/manual/uc-update-assets-secure:both
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-fault-inject-on-install-component:kernel_panic_prepare_kernel_components
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-storage-safety:preferunencrypted
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-install-device-file-install-ubuntu-save-via-hook
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-boot-config-update:nogadget
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-gadget-cloud-conf:secured
google-nested:ubuntu-24.04-64:tests/nested/manual/uc-update-command-line-secure
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-fde-hooks-v1
google-nested:ubuntu-24.04-64:tests/nested/manual/cmdline-option:dangerous
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-fde-hooks-ice
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-set-efi-boot-vars:BOOTDIR_NOSEC
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-install-in-initrd:hook
google-nested:ubuntu-24.04-64:tests/nested/manual/uc-update-assets-secure:seed
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-initramfs-time-moves-forward
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetsaysmaas
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-custom-kernel-commandline
google-nested:ubuntu-24.04-64:tests/nested/manual/recovery-system:tested
google-nested:ubuntu-24.04-64:tests/nested/manual/uc-grub-boot-chains
google-nested:ubuntu-24.04-64:tests/nested/manual/cmdline-option:signed
google-nested:ubuntu-24.04-64:tests/nested/manual/build-with-kernel-modules-components:encrypted
google-nested:ubuntu-24.04-64:tests/nested/manual/remodel-simple:offline
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-auto-remove-user
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-cloud-init-maas-signed-seed-data:gadgetsaysnone
google-nested:ubuntu-24.04-64:tests/nested/manual/remodel-validation-sets-invalid
google-nested:ubuntu-24.04-64:tests/nested/manual/kernel-modules-components:plain
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-grade-signed-above-testkeys-boot:signed
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-factory-reset-install-device-hook
google-nested:ubuntu-24.04-64:tests/nested/manual/uc20-install-in-initrd:none
google:ubuntu-22.04-64:tests/main/mkimage-uc22:without_snapddeb
google:ubuntu-22.04-64:tests/main/mkimage-uc22:with_snapddeb

Executing:

google-nested:ubuntu-20.04-64:tests/nested/manual/core20-preseed
google-nested:ubuntu-20.04-64:tests/nested/manual/minimal-smoke:secboot_enabled
google-nested:ubuntu-20.04-64:tests/nested/manual/minimal-smoke:secboot_disabled
google-nested:ubuntu-20.04-64:tests/nested/manual/install-volume-assignment
google-nested:ubuntu-20.04-64:tests/nested/manual/install-min-size
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-install-mode-shutdown-via-hook
google-nested:ubuntu-20.04-64:tests/nested/manual/preseed
google-nested:ubuntu-20.04-64:tests/nested/manual/gadget-connections
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller
google-nested:ubuntu-22.04-64:tests/nested/manual/install-min-size
google-nested:ubuntu-22.04-64:tests/nested/manual/minimal-smoke:secboot_disabled
google-nested:ubuntu-22.04-64:tests/nested/manual/install-volume-assignment
google-nested:ubuntu-22.04-64:tests/nested/manual/minimal-smoke:secboot_enabled
google-nested:ubuntu-22.04-64:tests/nested/manual/core20-install-mode-shutdown-via-hook
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-core:install_optional_snap
google-nested:ubuntu-22.04-64:tests/nested/manual/fde-on-classic
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-real:seeded
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-real:encrypted
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-core:install_optional_snap_and_comp
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-core:plain
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-real:partial
google-nested:ubuntu-22.04-64:tests/nested/manual/split-refresh
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-real:plain
google-nested:ubuntu-22.04-64:tests/nested/manual/muinstaller-core:install_optional_all
google-nested:ubuntu-24.04-64:tests/nested/manual/minimal-smoke:secboot_disabled
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller
google-nested:ubuntu-24.04-64:tests/nested/manual/core20-install-mode-shutdown-via-hook
google-nested:ubuntu-24.04-64:tests/nested/manual/install-min-size
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-core:install_optional_all
google-nested:ubuntu-24.04-64:tests/nested/manual/install-volume-assignment
google-nested:ubuntu-24.04-64:tests/nested/manual/minimal-smoke:secboot_enabled
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-real:encrypted
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-real:seeded
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-core:install_optional_snap_and_comp
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-core:install_optional_snap
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-core:plain
google-nested:ubuntu-24.04-64:tests/nested/manual/split-refresh
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-real:plain
google-nested:ubuntu-24.04-64:tests/nested/manual/muinstaller-real:partial
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-pre-download:ignore
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-pre-download:restart
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-pre-download:close
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh:regular
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-pre-download:close_mid_restart
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-gating
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-retry
openstack:opensuse-tumbleweed-64:tests/main/snap-refresh-hold
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-gating-from-snap
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh-backoff
openstack:opensuse-tumbleweed-64:tests/main/auto-refresh:parallel
openstack:opensuse-tumbleweed-64:tests/main/refresh-app-awareness-notify
google-arm:ubuntu-core-22-arm-64:tests/core/gadget-update-pc

Restoring:

openstack:debian-12-64:tests/main/
openstack:opensuse-tumbleweed-64:tests/main/refresh-app-awareness-notify
google-arm:ubuntu-core-22-arm-64:tests/core/gadget-update-pc
google-arm:ubuntu-core-22-arm-64:tests/core/
google-arm:ubuntu-core-22-arm-64

codecov · 2025-01-22T11:10:09Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (master@2cbce28). Learn more about missing BASE report.
Report is 23 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff            @@
##             master   #14960   +/-   ##
=========================================
  Coverage          ?   78.25%           
=========================================
  Files             ?     1155           
  Lines             ?   153556           
  Branches          ?        0           
=========================================
  Hits              ?   120170           
  Misses            ?    25990           
  Partials          ?     7396

Flag	Coverage Δ
unittests	`78.25% <ø> (?)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

bboozzoo · 2025-01-22T11:11:41Z

tests/lib/snaps/ovmf/snapcraft.yaml

+      - nasm
+      - acpica-tools
+    plugin: nil
+    source: https://github.com/tianocore/edk2.git


could we use ovmf and efi-shell from 24.04 instead?

bboozzoo

The remaining open question is whether we should have a tests which uses ovmf packages from the repo to run the VM like the docs page at https://ubuntu.com/core/docs/testing-with-qemu state. Or perhaps that's a job to be run in some other repository (core-base?)

bboozzoo · 2025-01-22T11:15:14Z

tests/lib/snaps/ovmf/snapcraft.yaml

@@ -0,0 +1,140 @@
+name: ovmf


we can name it test-snapd-ovmf, update description to mention that that it's ovmf binaries with some testing keys enrolled used for snapd CI and push it to the store

I've opened a name request for test-snapd-ovmf. Can move the snap files to tests/lib/snaps/store/test-snapd-ovmf ?

bboozzoo · 2025-01-22T11:20:02Z

tests/lib/snaps/ovmf/snapcraft.yaml

+      install -Dm644 -t "${CRAFT_PART_INSTALL}/secboot" \
+        LockDown.efi {PK,KEK,DB}.{key,crt}


this will generate new keys each time during the build which isn't obvious. Probably not a problem but users need to be aware of it. Or we can drop pre-generated keys into the snap.

The point here is people not to test explicitly a key. They have to test if a key matches specifically DB or KEK. And not just a constant hash in some test.

bboozzoo · 2025-01-22T11:21:07Z

tests/lib/snaps/ovmf/snapcraft.yaml

+        -drive "if=pflash,file=${OVMF}_VARS.fd,format=raw" \
+        -drive "if=virtio,file=${CRAFT_STAGE}/lockdown.img,format=raw" >qemu.out 2>qemu.err </dev/null
+
+      install -Dm644 "${OVMF}_VARS.fd" "${CRAFT_PART_INSTALL}/fw/${OVMF}_VARS.secboot.fd"


Suggested change

install -Dm644 "${OVMF}_VARS.fd" "${CRAFT_PART_INSTALL}/fw/${OVMF}_VARS.secboot.fd"

install -Dm644 "${OVMF}_VARS.fd" "${CRAFT_PART_INSTALL}/fw/${OVMF}_VARS.secboot-testkeys.fd"

bboozzoo · 2025-01-22T11:23:15Z

tests/lib/nested.sh

+        return
+    fi
+    if ! [ -f "${NESTED_ASSETS_DIR}/ovmf.snap" ]; then
+        (cd "${TESTSLIB}/snaps/ovmf"; run_snapcraft --use-lxd --verbosity quiet --output="${NESTED_ASSETS_DIR}/ovmf.snap")


I think I'd rather download the snap from store rather than build it, or even fail explicitly and expect run-spread to do the download.

I agree. I will keep it in the draft for now. When the tests seem to work, I will add some CI step that uploads it.

valentindavid · 2025-01-22T11:33:50Z

The remaining open question is whether we should have a tests which uses ovmf packages from the repo to run the VM like the docs page at https://ubuntu.com/core/docs/testing-with-qemu state.

We have tests/main/mkimage-uc22

bboozzoo · 2025-01-22T11:42:13Z

tests/lib/snaps/ovmf/snapcraft.yaml

@@ -0,0 +1,140 @@
+name: ovmf


I've opened a name request for test-snapd-ovmf. Can move the snap files to tests/lib/snaps/store/test-snapd-ovmf ?

bboozzoo · 2025-01-22T11:49:49Z

tests/lib/snaps/ovmf/snapcraft.yaml

+summary: EDK2
+description: EDK2


Suggested change

summary: EDK2

description: EDK2

summary: Pre-built OVMF blobs with test keys for snapd CI

description: |

Pre-built OVMF blobs with enrolled test keys for use in snapd CI loop.

The following known keys are enrolled:

- snakeoil - ## ref?

- kernel PPA

<whichever we key we add>

bboozzoo · 2025-01-24T10:28:19Z

tests/lib/snaps/ovmf/snapcraft.yaml

can you rename the directory to tests/lib/snaps/store/test-snapd-ovmf?

UEFI expects non volatile memory which `-bios` can not provide. So to have a behavior that every where what we expect, we should stop using `-bios`. Otherwise, we cannot test UEFI boot entries, sbat revocation, DBX update, etc.

valentindavid added the Run nested The PR also runs tests inluded in nested suite label Jan 22, 2025

valentindavid force-pushed the valentindavid/build-ovmf branch from ca6ff95 to a01e5da Compare January 22, 2025 10:52

bboozzoo reviewed Jan 22, 2025

View reviewed changes

valentindavid force-pushed the valentindavid/build-ovmf branch from a01e5da to 8cce59c Compare January 22, 2025 11:26

bboozzoo reviewed Jan 22, 2025

View reviewed changes

bboozzoo mentioned this pull request Jan 22, 2025

tests/nested, tests/lib/snaps: make core20-fde-dbx test more realistic, add required dependencies #14952

Open

bboozzoo reviewed Jan 22, 2025

View reviewed changes

valentindavid force-pushed the valentindavid/build-ovmf branch 6 times, most recently from 19ba700 to 81ccf1d Compare January 24, 2025 10:01

bboozzoo reviewed Jan 24, 2025

View reviewed changes

tests/lib/snaps/ovmf/snapcraft.yaml Outdated

Copy link

Contributor

bboozzoo Jan 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you rename the directory to tests/lib/snaps/store/test-snapd-ovmf?

valentindavid force-pushed the valentindavid/build-ovmf branch 8 times, most recently from cdc4f7a to 855b088 Compare January 24, 2025 16:34

tests: remove occurences of -bios parameters to qemu

f2bbcaf

UEFI expects non volatile memory which `-bios` can not provide. So to have a behavior that every where what we expect, we should stop using `-bios`. Otherwise, we cannot test UEFI boot entries, sbat revocation, DBX update, etc.

valentindavid force-pushed the valentindavid/build-ovmf branch 4 times, most recently from 9574bbf to 5bfbbd3 Compare January 26, 2025 21:19

valentindavid force-pushed the valentindavid/build-ovmf branch 4 times, most recently from 6701186 to 1092cf5 Compare January 27, 2025 11:13

tests: rebuild OVMF and use generated keys

c67349b

valentindavid force-pushed the valentindavid/build-ovmf branch from 1092cf5 to c67349b Compare January 27, 2025 17:33

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tests: rebuild OVMF and use generated keys #14960

tests: rebuild OVMF and use generated keys #14960

valentindavid commented Jan 22, 2025 •

edited

Loading

github-actions bot commented Jan 22, 2025 •

edited

Loading

codecov bot commented Jan 22, 2025 •

edited

Loading

bboozzoo Jan 22, 2025

bboozzoo left a comment

bboozzoo Jan 22, 2025

bboozzoo Jan 22, 2025

bboozzoo Jan 22, 2025

valentindavid Jan 22, 2025

bboozzoo Jan 22, 2025

bboozzoo Jan 22, 2025

valentindavid Jan 22, 2025

valentindavid commented Jan 22, 2025

bboozzoo Jan 22, 2025

bboozzoo Jan 22, 2025

bboozzoo Jan 24, 2025

		install -Dm644 -t "${CRAFT_PART_INSTALL}/secboot" \
		LockDown.efi {PK,KEK,DB}.{key,crt}

	install -Dm644 "${OVMF}_VARS.fd" "${CRAFT_PART_INSTALL}/fw/${OVMF}_VARS.secboot.fd"
	install -Dm644 "${OVMF}_VARS.fd" "${CRAFT_PART_INSTALL}/fw/${OVMF}_VARS.secboot-testkeys.fd"

-summary: EDK2
-description: EDK2
+summary: Pre-built OVMF blobs with test keys for snapd CI
+description: |
+  Pre-built OVMF blobs with enrolled test keys for use in snapd CI loop.
+  The following known keys are enrolled:
+    - snakeoil - ## ref?
+    - kernel PPA
+    <whichever we key we add>

tests: rebuild OVMF and use generated keys #14960

Are you sure you want to change the base?

tests: rebuild OVMF and use generated keys #14960

Conversation

valentindavid commented Jan 22, 2025 • edited Loading

github-actions bot commented Jan 22, 2025 • edited Loading

Failures:

Preparing:

Executing:

Restoring:

codecov bot commented Jan 22, 2025 • edited Loading

Codecov Report

Choose a reason for hiding this comment

bboozzoo left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

valentindavid commented Jan 22, 2025

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

valentindavid commented Jan 22, 2025 •

edited

Loading

github-actions bot commented Jan 22, 2025 •

edited

Loading

codecov bot commented Jan 22, 2025 •

edited

Loading