Skip to content
This repository has been archived by the owner on May 7, 2021. It is now read-only.

gcp: Add UEFI_COMPATIBLE and SECURE_BOOT #1060

Merged
merged 1 commit into from
Oct 8, 2019
Merged

gcp: Add UEFI_COMPATIBLE and SECURE_BOOT #1060

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion cmd/ore/gcloud/create-image.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ var (
createImageRoot string
createImageName string
createImageForce bool
createImageFcos bool
)

func init() {
Expand All @@ -59,6 +60,7 @@ func init() {
"Storage image name")
cmdCreateImage.Flags().BoolVar(&createImageForce, "force",
false, "overwrite existing GCE images without prompt")
cmdCreateImage.Flags().BoolVar(&uploadFedora, "fcos", false, "Flag this is Fedora CoreOS (or a derivative); currently enables SECURE_BOOT and UEFI_COMPATIBLE")
GCloud.AddCommand(cmdCreateImage)
}

Expand Down Expand Up @@ -116,7 +118,7 @@ func runCreateImage(cmd *cobra.Command, args []string) {
_, pending, err := api.CreateImage(&gcloud.ImageSpec{
Name: imageNameGCE,
SourceImage: storageSrc,
}, createImageForce)
}, createImageForce, createImageFcos)
if err == nil {
err = pending.Wait()
}
Expand Down
6 changes: 4 additions & 2 deletions cmd/ore/gcloud/upload.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ var (
uploadImageName string
uploadBoard string
uploadFile string
uploadFedora bool
uploadForce bool
)

Expand All @@ -52,6 +53,7 @@ func init() {
cmdUpload.Flags().StringVar(&uploadFile, "file",
build+"/images/amd64-usr/latest/coreos_production_gce.tar.gz",
"path_to_coreos_image (build with: ./image_to_vm.sh --format=gce ...)")
cmdUpload.Flags().BoolVar(&uploadFedora, "fcos", false, "Flag this is Fedora CoreOS (or a derivative); currently enables SECURE_BOOT and UEFI_COMPATIBLE")
cmdUpload.Flags().BoolVar(&uploadForce, "force", false, "overwrite existing GS and GCE images without prompt")
GCloud.AddCommand(cmdUpload)
}
Expand Down Expand Up @@ -141,7 +143,7 @@ func runUpload(cmd *cobra.Command, args []string) {
_, pending, err := api.CreateImage(&gcloud.ImageSpec{
Name: imageNameGCE,
SourceImage: storageSrc,
}, uploadForce)
}, uploadForce, uploadFedora)
if err == nil {
err = pending.Wait()
}
Expand All @@ -160,7 +162,7 @@ func runUpload(cmd *cobra.Command, args []string) {
_, pending, err = api.CreateImage(&gcloud.ImageSpec{
Name: imageNameGCE,
SourceImage: storageSrc,
}, true)
}, true, uploadFedora)
if err == nil {
err = pending.Wait()
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/plume/release.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -230,7 +230,7 @@ func gceUploadImage(spec *channelSpec, api *gcloud.API, obj *gs.Object, name, de
Name: name,
Description: desc,
Licenses: spec.GCE.Licenses,
}, false)
}, false, selectedDistro == "fcos")
if err != nil {
plog.Fatalf("GCE image creation failed: %v", err)
}
Expand Down
30 changes: 21 additions & 9 deletions platform/api/gcloud/image.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ type ImageSpec struct {
// CreateImage creates an image on GCE and returns operation details and
// a Pending. If overwrite is true, an existing image will be overwritten
// if it exists.
func (a *API) CreateImage(spec *ImageSpec, overwrite bool) (*compute.Operation, *Pending, error) {
func (a *API) CreateImage(spec *ImageSpec, overwrite, fedora bool) (*compute.Operation, *Pending, error) {
licenses := make([]string, len(spec.Licenses))
for i, l := range spec.Licenses {
license, err := a.compute.Licenses.Get(a.options.Project, l).Do()
Expand Down Expand Up @@ -70,16 +70,28 @@ func (a *API) CreateImage(spec *ImageSpec, overwrite bool) (*compute.Operation,
}
}

image := &compute.Image{
Family: spec.Family,
Name: spec.Name,
Description: spec.Description,
Licenses: licenses,
GuestOsFeatures: []*compute.GuestOsFeature{
features := []*compute.GuestOsFeature{
// https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images
{
Type: "VIRTIO_SCSI_MULTIQUEUE",
},
}
if fedora {
features = append(features,
&compute.GuestOsFeature{
Type: "VIRTIO_SCSI_MULTIQUEUE",
Type: "UEFI_COMPATIBLE",
},
},
&compute.GuestOsFeature{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bgilbert do you know if CL+GCE supports this?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

UEFI should work. Secure Boot does not.

Type: "SECURE_BOOT",
})
}

image := &compute.Image{
Family: spec.Family,
Name: spec.Name,
Description: spec.Description,
Licenses: licenses,
GuestOsFeatures: features,
RawDisk: &compute.ImageRawDisk{
Source: spec.SourceImage,
},
Expand Down