test: Do not enable UEFI secure boot on CS9

2022-11-22 22:14:55 +08:00 · 2022-11-22 22:14:55 +08:00 · f732af9e8b
commit f732af9e8b
parent 1c130ef6ed
4 changed files with 16 additions and 23 deletions
--- a/test/cases/ostree-ng.sh
+++ b/test/cases/ostree-ng.sh
@ -77,6 +77,7 @@ INSTALLER_TYPE=edge-installer
 INSTALLER_FILENAME=installer.iso
 ANSIBLE_USER_FOR_BIOS="installeruser"
 OSTREE_OSNAME=rhel
+BOOT_ARGS="uefi"

 # Set up temporary files.
 TEMPDIR=$(mktemp -d)
@ -119,6 +120,7 @@ case "${ID}-${VERSION_ID}" in
        OSTREE_REF="test/centos/9/${ARCH}/edge"
        OS_VARIANT="centos-stream9"
        EMBEDED_CONTAINER="true"
+        BOOT_ARGS="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
        ;;
    *)
        echo "unsupported distro: ${ID}-${VERSION_ID}"
@ -560,14 +562,6 @@ sudo rm -f "$LIBVIRT_BIOS_IMAGE_PATH"
 ##
 ##################################################

-# Since virt-install 4.0.0, loader attribute can't be configured here,
-# otherwise it'll report "loader attribute 'readonly' cannot be specified
-# when firmware autoselection is enabled"
-if nvrGreaterOrEqual "virt-install" "4.0.0"; then
-    BOOT_UEFI_ARGS="uefi"
-else
-    BOOT_UEFI_ARGS="uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no"
-fi
 # Install ostree image via anaconda.
 greenprint "💿 Install ostree image via installer(ISO) on UEFI VM"
 sudo virt-install  --name="${IMAGE_KEY}-uefi"\
@ -578,7 +572,7 @@ sudo virt-install  --name="${IMAGE_KEY}-uefi"\
                   --os-type linux \
                   --os-variant ${OS_VARIANT} \
                   --cdrom "/var/lib/libvirt/images/${ISO_FILENAME}" \
-                   --boot "$BOOT_UEFI_ARGS" \
+                   --boot "$BOOT_ARGS" \
                   --nographics \
                   --noautoconsole \
                   --wait=-1 \
--- a/test/cases/ostree-raw-image.sh
+++ b/test/cases/ostree-raw-image.sh
@ -71,6 +71,7 @@ CONTAINER_FILENAME=container.tar
 RAW_IMAGE_TYPE=edge-raw-image
 RAW_IMAGE_FILENAME=image.raw.xz
 OSTREE_OSNAME=redhat
+BOOT_ARGS="uefi"

 # Set up temporary files.
 TEMPDIR=$(mktemp -d)
@ -100,6 +101,7 @@ case "${ID}-${VERSION_ID}" in
    "centos-9")
        OSTREE_REF="centos/9/${ARCH}/edge"
        OS_VARIANT="centos-stream9"
+        BOOT_ARGS="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
        ;;
    "fedora-"*)
        CONTAINER_TYPE=iot-container
@ -514,13 +516,6 @@ sudo cp "${IMAGE_KEY}.qcow2" /var/lib/libvirt/images/
 greenprint "👿 Running restorecon on image directory"
 sudo restorecon -Rv /var/lib/libvirt/images/

-greenprint "💿 Installing raw image on UEFI VM"
-if nvrGreaterOrEqual "virt-install" "4"; then
-    BOOT_UEFI_ARGS="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
-else
-    BOOT_UEFI_ARGS="uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no"
-fi
-
 sudo virt-install --name="${IMAGE_KEY}-uefi"\
               --disk path="${LIBVIRT_IMAGE_PATH}",format=qcow2 \
               --ram 3072 \
@ -529,7 +524,7 @@ sudo virt-install --name="${IMAGE_KEY}-uefi"\
               --os-type linux \
               --import \
               --os-variant ${OS_VARIANT} \
-               --boot "${BOOT_UEFI_ARGS}" \
+               --boot "$BOOT_ARGS" \
               --nographics \
               --noautoconsole \
               --wait=-1 \
--- a/test/cases/ostree-rebase-uefi.sh
+++ b/test/cases/ostree-rebase-uefi.sh
@ -66,6 +66,7 @@ PROD_REPO_URL="http://${PROD_REPO_ADDRESS}:8080/repo/"
 ARTIFACTS="${ARTIFACTS:-/tmp/artifacts}"
 CONTAINER_TYPE=edge-container
 CONTAINER_FILENAME=container.tar
+BOOT_ARGS="uefi"

 # Set up temporary files.
 TEMPDIR=$(mktemp -d)
@ -112,6 +113,7 @@ case "${ID}-${VERSION_ID}" in
        OS_VARIANT="centos-stream9"
        BOOT_LOCATION="https://odcs.stream.centos.org/production/latest-CentOS-Stream/compose/BaseOS/x86_64/os/"
        PARENT_REF="centos/9/${ARCH}/edge"
+        BOOT_ARGS="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
        ;;
    *)
        echo "unsupported distro: ${ID}-${VERSION_ID}"
@ -363,7 +365,7 @@ sudo virt-install  --initrd-inject="${KS_FILE}" \
                   --os-type linux \
                   --os-variant ${OS_VARIANT} \
                   --location "${BOOT_LOCATION}" \
-                   --boot uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no \
+                   --boot "$BOOT_ARGS"\
                   --nographics \
                   --noautoconsole \
                   --wait=-1 \
--- a/test/cases/ostree-simplified-installer.sh
+++ b/test/cases/ostree-simplified-installer.sh
@ -83,6 +83,7 @@ CONTAINER_FILENAME=container.tar
 INSTALLER_TYPE=edge-simplified-installer
 INSTALLER_FILENAME=simplified-installer.iso
 MEMORY=3072
+BOOT_ARGS="uefi"

 # Set up temporary files.
 TEMPDIR=$(mktemp -d)
@ -112,6 +113,7 @@ case "${ID}-${VERSION_ID}" in
    "centos-9")
        OSTREE_REF="centos/9/${ARCH}/edge"
        OS_VARIANT="centos-stream9"
+        BOOT_ARGS="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
        ;;
    *)
        echo "unsupported distro: ${ID}-${VERSION_ID}"
@ -467,7 +469,7 @@ sudo virt-install --name="${IMAGE_KEY}-http"\
                  --os-type linux \
                  --os-variant "${OS_VARIANT}" \
                  --pxe \
-                  --boot uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no \
+                  --boot "$BOOT_ARGS" \
                  --tpm backend.type=emulator,backend.version=2.0,model=tpm-crb \
                  --nographics \
                  --noautoconsole \
@ -591,7 +593,7 @@ sudo virt-install  --name="${IMAGE_KEY}-fdosshkey"\
                   --os-type linux \
                   --os-variant ${OS_VARIANT} \
                   --cdrom "/var/lib/libvirt/images/${ISO_FILENAME}" \
-                   --boot uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no \
+                   --boot "$BOOT_ARGS" \
                   --tpm backend.type=emulator,backend.version=2.0,model=tpm-crb \
                   --nographics \
                   --noautoconsole \
@ -713,7 +715,7 @@ sudo virt-install  --name="${IMAGE_KEY}-fdorootcert"\
                   --os-type linux \
                   --os-variant ${OS_VARIANT} \
                   --cdrom "/var/lib/libvirt/images/${ISO_FILENAME}" \
-                   --boot uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no \
+                   --boot "$BOOT_ARGS" \
                   --tpm backend.type=emulator,backend.version=2.0,model=tpm-crb \
                   --nographics \
                   --noautoconsole \
@ -824,13 +826,13 @@ sudo qemu-img create -f qcow2 "${LIBVIRT_IMAGE_PATH}" 20G
 greenprint "💿 Install ostree image via installer(ISO) on UEFI VM"
 sudo virt-install  --name="${IMAGE_KEY}-simplified_iso_without_fdo"\
                   --disk path="${LIBVIRT_IMAGE_PATH}",format=qcow2 \
-                   --ram 3072 \
+                   --ram "${MEMORY}" \
                   --vcpus 2 \
                   --network network=integration,mac=34:49:22:B0:83:32 \
                   --os-type linux \
                   --os-variant ${OS_VARIANT} \
                   --cdrom "/var/lib/libvirt/images/${ISO_FILENAME}" \
-                   --boot uefi,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd,loader_secure=no \
+                   --boot "$BOOT_ARGS" \
                   --tpm backend.type=emulator,backend.version=2.0,model=tpm-crb \
                   --nographics \
                   --noautoconsole \