Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

T861: minor improvements to secure-boot certificate handling #930

Merged
merged 6 commits into from
Mar 21, 2025
Merged

T861: minor improvements to secure-boot certificate handling #930

merged 6 commits into from
Mar 21, 2025

Conversation

c-po
Copy link
Member

@c-po c-po commented Mar 16, 2025
edited
Loading

Change summary

Place secure-boot certificates outside of chroot environment and just "copy them" into it.
Kernel will work from Git repos root directory to locate certs instead of a relative path.
Kernel will be signed by vyos-dev-2025-linux.key

Image build will fail if a private key is found on the live CD for secure-boot

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes)
  • Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • Other (please describe):

Related Task(s)

Related PR(s)

Checklist:

  • I have read the CONTRIBUTING document
  • I have linked this PR to one or more Phabricator Task(s)
  • My commit headlines contain a valid Task id
  • My change requires a change to the documentation
  • I have updated the documentation accordingly

@c-po c-po requested a review from a team as a code owner March 16, 2025 19:14
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 16, 2025
edited
Loading

👍
No issues in PR Title / Commit Title

@github-actions github-actions bot added the current VyOS rolling release label Mar 16, 2025
This was referenced Mar 16, 2025
Open
Merged
@c-po c-po force-pushed the T861-secure-boot branch from 9f247ea to 12d444c Compare March 16, 2025 19:28
@github-actions GitHub Actions
Copy link

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@c-po c-po force-pushed the T861-secure-boot branch from 12d444c to 96f1844 Compare March 18, 2025 15:24
@c-po c-po removed the conflicts label Mar 18, 2025
@c-po c-po enabled auto-merge March 21, 2025 06:31
@c-po c-po merged commit d552f7f into vyos:current Mar 21, 2025
7 checks passed
@vyosbot vyosbot added mirror-initiated This PR initiated for mirror sync workflow mirror-completed and removed mirror-initiated This PR initiated for mirror sync workflow labels Mar 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sarthurdev sarthurdev sarthurdev approved these changes

@sever-sever sever-sever sever-sever approved these changes

@dmbaturin dmbaturin Awaiting requested review from dmbaturin dmbaturin is a code owner automatically assigned from vyos/reviewers

@jestabro jestabro Awaiting requested review from jestabro jestabro is a code owner automatically assigned from vyos/reviewers

Assignees

@c-po c-po

Labels
current VyOS rolling release mirror-completed
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@c-po @sarthurdev @sever-sever @vyosbot