diff --git a/ci-automation/ci-config.env b/ci-automation/ci-config.env index e7da0157e3..ccef5fcbeb 100644 --- a/ci-automation/ci-config.env +++ b/ci-automation/ci-config.env @@ -60,13 +60,15 @@ QEMU_PARALLEL="${PARALLEL_TESTS:-20}" # Whether kola can use loop devices to capture serial console output and check for error patterns QEMU_KOLA_SKIP_MANGLE="${QEMU_KOLA_SKIP_MANGLE:-}" -# BIOS path within the SDK -QEMU_BIOS="/usr/share/qemu/bios-256k.bin" +# Firmware path within the SDK +QEMU_FIRMWARE="/usr/share/qemu/bios-256k.bin" -# UEFI bios filename on build cache. +# UEFI firmware filename on build cache. # Published by vms.sh as part of the qemu vendor build. -QEMU_UEFI_BIOS="${QEMU_UEFI_BIOS:-flatcar_production_qemu_uefi_efi_code.fd}" -QEMU_UEFI_SECURE_BIOS="${QEMU_UEFI_SECURE_BIOS:-flatcar_production_qemu_uefi_secure_efi_code.fd}" +QEMU_UEFI_FIRMWARE="${QEMU_UEFI_FIRMWARE:-flatcar_production_qemu_uefi_efi_code.fd}" +QEMU_UEFI_SECURE_FIRMWARE="${QEMU_UEFI_SECURE_FIRMWARE:-flatcar_production_qemu_uefi_secure_efi_code.fd}" +QEMU_UEFI_OVMF_VARS="${QEMU_UEFI_OVMF_VARS:-flatcar_production_qemu_uefi_efi_vars.fd}" +QEMU_UEFI_SECURE_OVMF_VARS="${QEMU_UEFI_SECURE_OVMF_VARS:-flatcar_production_qemu_uefi_secure_efi_vars.fd}" # Update payload for the qemu_update.sh test. # The default path set below is relative to TEST_WORK_DIR diff --git a/ci-automation/vendor-testing/qemu.sh b/ci-automation/vendor-testing/qemu.sh index 75c97fb855..a826511216 100755 --- a/ci-automation/vendor-testing/qemu.sh +++ b/ci-automation/vendor-testing/qemu.sh @@ -10,6 +10,9 @@ set -euo pipefail source ci-automation/vendor_test.sh +enablesecureboot="" +ovmf_vars="" + # ARM64 qemu tests only supported on UEFI if [ "${CIA_ARCH}" = "arm64" ] && [ "${CIA_TESTSCRIPT}" != "qemu_uefi.sh" ] ; then echo "1..1" > "${CIA_TAPFILE}" @@ -21,7 +24,7 @@ if [ "${CIA_ARCH}" = "arm64" ] && [ "${CIA_TESTSCRIPT}" != "qemu_uefi.sh" ] ; th exit 1 fi -# Fetch image and BIOS if not present +# Fetch image and firmware if not present if [ -f "${QEMU_IMAGE_NAME}" ] ; then echo "++++ ${CIA_TESTSCRIPT}: Using existing ${QEMU_IMAGE_NAME} for testing ${CIA_VERNUM} (${CIA_ARCH}) ++++" else @@ -31,21 +34,30 @@ else lbunzip2 "${QEMU_IMAGE_NAME}.bz2" fi -bios="${QEMU_BIOS}" +firmware="${QEMU_FIRMWARE}" if [ "${CIA_TESTSCRIPT}" = "qemu_uefi.sh" ] ; then - bios="${QEMU_UEFI_BIOS}" + firmware="${QEMU_UEFI_FIRMWARE}" + ovmf_vars=${QEMU_UEFI_OVMF_VARS}" fi if [ "${CIA_TESTSCRIPT}" = "qemu_uefi_secure.sh" ] ; then - bios="${QEMU_UEFI_SECURE_BIOS}" + firmware="${QEMU_UEFI_SECURE_FIRMWARE}" + ovmf_vars=${QEMU_UEFI_SECURE_OVMF_VARS}" + enablesecureboot="--enable-secureboot" fi if [ "${CIA_TESTSCRIPT}" = "qemu_uefi.sh" ] || [ "${CIA_TESTSCRIPT}" = "qemu_uefi_secure.sh" ] ; then - if [ -f "${bios}" ] ; then - echo "++++ ${CIA_TESTSCRIPT}: Using existing ${bios} ++++" + if [ -f "${firmware}" ] ; then + echo "++++ ${CIA_TESTSCRIPT}: Using existing ${firmware} ++++" else - echo "++++ ${CIA_TESTSCRIPT}: downloading ${bios} for ${CIA_VERNUM} (${CIA_ARCH}) ++++" - copy_from_buildcache "images/${CIA_ARCH}/${CIA_VERNUM}/${bios}" . + echo "++++ ${CIA_TESTSCRIPT}: downloading ${firmware} for ${CIA_VERNUM} (${CIA_ARCH}) ++++" + copy_from_buildcache "images/${CIA_ARCH}/${CIA_VERNUM}/${firmware}" . + fi + if [ -f "${ovmf_vars}" ] ; then + echo "++++ ${CIA_TESTSCRIPT}: Using existing ${ovmf_vars} ++++" + else + echo "++++ ${CIA_TESTSCRIPT}: downloading ${ovmf_vars} for ${CIA_VERNUM} (${CIA_ARCH}) ++++" + copy_from_buildcache "images/${CIA_ARCH}/${CIA_VERNUM}/${ovmf_vars}" . fi fi @@ -68,11 +80,13 @@ kola run \ --board="${CIA_ARCH}-usr" \ --parallel="${QEMU_PARALLEL}" \ --platform=qemu \ - --qemu-bios="${bios}" \ + --qemu-firmware="${firmware}" \ --qemu-image="${QEMU_IMAGE_NAME}" \ --tapfile="${CIA_TAPFILE}" \ + ${ovmf_vars} \ ${QEMU_KOLA_SKIP_MANGLE:+--qemu-skip-mangle} \ "${devcontainer_opts[@]}" \ + "${enablesecureboot}" \ "${@}" set +x diff --git a/sdk_container/.repo/manifests/mantle-container b/sdk_container/.repo/manifests/mantle-container index 594b747f8e..55d86b55ab 100644 --- a/sdk_container/.repo/manifests/mantle-container +++ b/sdk_container/.repo/manifests/mantle-container @@ -1 +1 @@ -ghcr.io/flatcar/mantle:git-ac3b4872aecbcfd4771234c8e4fda5ce32e0099b +ghcr.io/flatcar/mantle:pr-547