Skip to content

Commit

Permalink
Generate secure-boot directory structuire
Browse files Browse the repository at this point in the history
  • Loading branch information
kreeuwijk committed May 6, 2024
1 parent daaf2e2 commit f8bf35b
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
15 changes: 15 additions & 0 deletions Earthfile
Original file line number Diff line number Diff line change
Expand Up @@ -475,6 +475,21 @@ uki-byok:

SAVE ARTIFACT /output/*

secure-boot-dirs:
FROM ubuntu:latest
RUN mkdir -p --mode=0644 /secure-boot/enrollment
RUN mkdir -p --mode=0600 /secure-boot/exported-keys
RUN mkdir -p --mode=0600 /secure-boot/private-keys
RUN mkdir -p --mode=0644 /secure-boot/public-keys
COPY --if-exists --keep-ts secure-boot/enrollment/ /secure-boot/enrollment
COPY --if-exists --keep-ts secure-boot/exported-keys/ /secure-boot/exported-keys
COPY --if-exists --keep-ts secure-boot/private-keys/ /secure-boot/private-keys
COPY --if-exists --keep-ts secure-boot/public-keys/ /secure-boot/public-keys
RUN chmod 0600 /secure-boot/exported-keys
RUN chmod 0600 /secure-boot/private-keys
RUN chmod 0644 /secure-boot/public-keys
SAVE ARTIFACT --keep-ts /secure-boot AS LOCAL ./secure-boot

# Used to create the provider images. The --K8S_VERSION will be passed in the earthly build
provider-image:
FROM --platform=linux/${ARCH} +base-image
Expand Down
2 changes: 1 addition & 1 deletion sb-private-ca/howto.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ PK.pem
KEK.pem
db.pem

5. Create a `secure-boot` directory in CanvOS.
5. Run `./earthly.sh +secure-boot-dirs` to create the secure-boot directory structure in CanvOS.
6. Place the files in the following directory structure:
```
CanvOS/
Expand Down

0 comments on commit f8bf35b

Please sign in to comment.