diff --git a/go.mod b/go.mod index de17a279..1f0d3345 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/jaypipes/ghw v0.12.0 github.com/joho/godotenv v1.5.1 github.com/kairos-io/kairos-sdk v0.2.3 - github.com/kairos-io/kcrypt v0.11.2 + github.com/kairos-io/kcrypt v0.11.3 github.com/labstack/echo/v4 v4.12.0 github.com/mitchellh/mapstructure v1.5.0 github.com/mudler/go-nodepair v0.0.0-20221223092639-ba399a66fdfb @@ -43,7 +43,6 @@ require ( ) require ( - github.com/google/go-github/v62 v62.0.0 github.com/google/go-github/v62 v62.0.0 github.com/twpayne/go-vfs/v4 v4.3.0 ) diff --git a/go.sum b/go.sum index 0d45c5c4..41a14e4a 100644 --- a/go.sum +++ b/go.sum @@ -321,6 +321,10 @@ github.com/kairos-io/kairos-sdk v0.2.3 h1:QXqjVtOm5Ki4N1diI+H6ydrStFhDHDbDkK25HJ github.com/kairos-io/kairos-sdk v0.2.3/go.mod h1:wbQNMckCGT/kKd+tqhAZo4thDBPWxpcKaymWJmRqSUg= github.com/kairos-io/kcrypt v0.11.2 h1:qu00WGDKvOn6tm9xaWho3RRpo0iRQBzZa9M/hnXhLbs= github.com/kairos-io/kcrypt v0.11.2/go.mod h1:znIdTYzsTtePMDA2v5bDJeikqxIb0W6YJMH77TU2Phs= +github.com/kairos-io/kcrypt v0.11.3-0.20240619144533-2bc901ed2c56 h1:gSNrbmZwc2bC1weuZCeds4ogbwwCbLfMd6tfq9JitG8= +github.com/kairos-io/kcrypt v0.11.3-0.20240619144533-2bc901ed2c56/go.mod h1:6i6IsIsjxKt5mC/xvHniTfEw6j7ewKm5t6oZ+a+BNpE= +github.com/kairos-io/kcrypt v0.11.3 h1:SDjd1eCTZ4EMI3pKCN4G3HO5rZnc4HXBSl5Eqloiv4w= +github.com/kairos-io/kcrypt v0.11.3/go.mod h1:6i6IsIsjxKt5mC/xvHniTfEw6j7ewKm5t6oZ+a+BNpE= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= github.com/kbinani/screenshot v0.0.0-20210720154843-7d3a670d8329 h1:qq2nCpSrXrmvDGRxW0ruW9BVEV1CN2a9YDOExdt+U0o= github.com/kbinani/screenshot v0.0.0-20210720154843-7d3a670d8329/go.mod h1:2VPVQDR4wO7KXHwP+DAypEy67rXf+okUx2zjgpCxZw4= diff --git a/internal/agent/hooks/kcrypt.go b/internal/agent/hooks/kcrypt.go index c5263c86..572c55d7 100644 --- a/internal/agent/hooks/kcrypt.go +++ b/internal/agent/hooks/kcrypt.go @@ -32,7 +32,7 @@ func (k Kcrypt) Run(c config.Config, _ v1.Spec) error { }() for _, p := range c.Install.Encrypt { - _, err := kcrypt.Luksify(p, "luks1", false) + _, err := kcrypt.Luksify(p, c.Logger.Logger) if err != nil { c.Logger.Errorf("could not encrypt partition: %s", err) if c.FailOnBundleErrors { diff --git a/internal/agent/hooks/kcrypt_uki.go b/internal/agent/hooks/kcrypt_uki.go index 6526409b..5a02c912 100644 --- a/internal/agent/hooks/kcrypt_uki.go +++ b/internal/agent/hooks/kcrypt_uki.go @@ -91,7 +91,9 @@ func (k KcryptUKI) Run(c config.Config, spec v1.Spec) error { for _, p := range append([]string{constants.OEMLabel, constants.PersistentLabel}, c.Install.Encrypt...) { c.Logger.Infof("Encrypting %s", p) - _, err := kcrypt.Luksify(p, "luks2", true) + _ = os.Setenv("SYSTEMD_LOG_LEVEL", "debug") + err := kcrypt.LuksifyMeasurements(p, []string{"11"}, []string{}, c.Logger.Logger) + _ = os.Unsetenv("SYSTEMD_LOG_LEVEL") if err != nil { c.Logger.Errorf("could not encrypt partition: %s", err) if c.FailOnBundleErrors { @@ -106,7 +108,10 @@ func (k KcryptUKI) Run(c config.Config, spec v1.Spec) error { _, _ = utils.SH("sync") - err = kcrypt.UnlockAll(true) + _ = os.Setenv("SYSTEMD_LOG_LEVEL", "debug") + err = kcrypt.UnlockAllWithLogger(true, c.Logger.Logger) + + _ = os.Unsetenv("SYSTEMD_LOG_LEVEL") if err != nil { c.Logger.Errorf("could not unlock partitions: %s", err) return err @@ -138,7 +143,7 @@ func (k KcryptUKI) Run(c config.Config, spec v1.Spec) error { time.Sleep(time.Duration(i) * time.Second) // Retry the unlock as well, because maybe the partition was not refreshed on time for unlock to unlock it // So no matter how many tries we do, it will still be locked and will never appear - err := kcrypt.UnlockAll(true) + err := kcrypt.UnlockAllWithLogger(true, c.Logger.Logger) if err != nil { c.Logger.Debugf("UnlockAll returned: %s", err) }