raito/lanzaboote
0
0
Fork 0
Code Issues 45 Pull requests 6 Projects Releases 6 Packages Wiki Activity Actions

bootspec: RFC-0125 final changes #148

Merged
RaitoBezarius merged 4 commits from rfc0125-post-merge into master 2023-04-29 14:01:41 +00:00
Conversation 17 Commits 4 Files changed 9 +110 -120
RaitoBezarius commented 2023-04-14 13:10:00 +00:00 (Migrated from github.com)
Copy link

This brings the final (accepted) changes of RFC-0125 and render lanzaboote unable to read the previous generations' bootspec anymore.

This brings the final (accepted) changes of RFC-0125 and render lanzaboote unable to read the previous generations' bootspec anymore.
blitz (Migrated from github.com) reviewed 2023-04-14 13:10:00 +00:00
nikstur (Migrated from github.com) reviewed 2023-04-14 13:10:00 +00:00
nikstur commented 2023-04-14 14:16:05 +00:00 (Migrated from github.com)
Copy link

I think it would be better to move the changes necessary for using stable rust into a separate PR.

I think it would be better to move the changes necessary for using stable rust into a separate PR.
RaitoBezarius commented 2023-04-14 14:25:53 +00:00 (Migrated from github.com)
Copy link

I think it would be better to move the changes necessary for using stable rust into a separate PR.

Agreed, I will do the extraction.

> I think it would be better to move the changes necessary for using stable rust into a separate PR. Agreed, I will do the extraction.
RaitoBezarius commented 2023-04-14 14:50:05 +00:00 (Migrated from github.com)
Copy link

Extracted in #149.

Extracted in #149.
blitz commented 2023-04-14 19:30:38 +00:00 (Migrated from github.com)
Copy link

Seems like the unit tests still fail. Otherwise, this looks pretty straightforward.

Awesome that bootspec is over the finishing line! 🎉

Seems like the unit tests still fail. Otherwise, this looks pretty straightforward. Awesome that bootspec is over the finishing line! 🎉
👍 2
RaitoBezarius commented 2023-04-14 20:21:39 +00:00 (Migrated from github.com)
Copy link

Seems like the unit tests still fail. Otherwise, this looks pretty straightforward.

Awesome that bootspec is over the finishing line! tada

Because the new bootspec is not merged yet! :P — I need to do something about the input.

> Seems like the unit tests still fail. Otherwise, this looks pretty straightforward. > > Awesome that bootspec is over the finishing line! tada Because the new bootspec is not merged yet! :P — I need to do something about the input.
blitz commented 2023-04-14 20:43:36 +00:00 (Migrated from github.com)
Copy link

Is there a nixpkgs PR for the final bootspec changes yet?

Is there a nixpkgs PR for the final bootspec changes yet?
RaitoBezarius commented 2023-04-14 20:47:00 +00:00 (Migrated from github.com)
Copy link

Is there a nixpkgs PR for the final bootspec changes yet?

https://github.com/NixOS/nixpkgs/pull/224489 !

> Is there a nixpkgs PR for the final bootspec changes yet? https://github.com/NixOS/nixpkgs/pull/224489 !
RaitoBezarius commented 2023-04-21 12:05:09 +00:00 (Migrated from github.com)
Copy link

Seems like the unit tests still fail.

My bad, I thought I read integration tests. This will be fixed shortly.

> Seems like the unit tests still fail. My bad, I thought I read integration tests. This will be fixed shortly.
RaitoBezarius commented 2023-04-21 12:13:45 +00:00 (Migrated from github.com)
Copy link

Two failures remaining:

error: builder for '/nix/store/571gcxbrjcqb91gbnwihgl1dvk1rfv4f-vm-test-run-specialisation-still-boot-under-secureboot.drv' failed with exit code 1
error: builder for '/nix/store/dj2sizbsdqi2an0qkvrybbmxdbyf8afl-vm-test-run-lanzaboote-initrd-secrets-update.drv' failed with exit code 1

I'm trying to understand what happened (but I am really happy our tests are super useful.)

Two failures remaining: ``` error: builder for '/nix/store/571gcxbrjcqb91gbnwihgl1dvk1rfv4f-vm-test-run-specialisation-still-boot-under-secureboot.drv' failed with exit code 1 error: builder for '/nix/store/dj2sizbsdqi2an0qkvrybbmxdbyf8afl-vm-test-run-lanzaboote-initrd-secrets-update.drv' failed with exit code 1 ``` I'm trying to understand what happened (but I am really happy our tests are super useful.)
RaitoBezarius commented 2023-04-21 12:48:35 +00:00 (Migrated from github.com)
Copy link

This is stuck on https://github.com/DeterminateSystems/bootspec/pull/112 failing in bootspec.

This is stuck on https://github.com/DeterminateSystems/bootspec/pull/112 failing in bootspec.
RaitoBezarius commented 2023-04-21 13:08:34 +00:00 (Migrated from github.com)
Copy link

This is a misinterpretation of the spec (lol) on my end; this is now fixed.

This is a misinterpretation of the spec (lol) on my end; this is now fixed.
blitz commented 2023-04-21 15:33:24 +00:00 (Migrated from github.com)
Copy link

This has to wait for https://github.com/NixOS/nixpkgs/pull/224489, doesn't it?

This has to wait for https://github.com/NixOS/nixpkgs/pull/224489, doesn't it?
RaitoBezarius commented 2023-04-21 15:40:56 +00:00 (Migrated from github.com)
Copy link

This has to wait for NixOS/nixpkgs#224489, doesn't it?

The contrary, nixpkgs has to wait for lanzaboote, because I don't want anyone to start generate bootspec that cannot be read by lanzaboote yet.

> This has to wait for [NixOS/nixpkgs#224489](https://github.com/NixOS/nixpkgs/pull/224489), doesn't it? The contrary, nixpkgs has to wait for lanzaboote, because I don't want anyone to start generate bootspec that cannot be read by lanzaboote yet.
dasJ (Migrated from github.com) reviewed 2023-04-24 10:42:38 +00:00
rust/tool/Cargo.toml
dasJ (Migrated from github.com) commented 2023-04-24 10:42:10 +00:00
Copy link
bootspec = "0.1.0"
```suggestion bootspec = "0.1.0" ```
RaitoBezarius commented 2023-04-29 13:21:01 +00:00 (Migrated from github.com)
Copy link

When CI passes, I will merge.

When CI passes, I will merge.
🎉 3
Sign in to join this conversation.
Reviewers
No reviewers
blitz
nikstur
Labels
Clear labels   
bug

Something isn't working

  
dependency

Issues related to our dependencies

  
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
question

Further information is requested

  
review-next

   
security

   
stub

   
tool

   
wontfix

This will not be worked on

No labels
bug
dependency
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
review-next
security
stub
tool
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: raito/lanzaboote#148
No description provided.
Delete branch "rfc0125-post-merge"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?