Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-05-02 06:16:08 -04:00
Code Issues Projects Releases Packages Wiki Activity

CI: Add secure boot prod keys (#462)

Browse source 
* Add production secure boot keys
* Refactor OS build and upload settings
This commit is contained in:
Malte Poll 2022-11-04 16:48:52 +01:00 committed by GitHub
parent 5ffdbc9bd6
commit ed58fcccd3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
23 changed files with 424 additions and 100 deletions
Download patch file Download diff file Expand all files Collapse all files

15
cli/internal/libvirt/Dockerfile
View file

@ -1,12 +1,12 @@
FROM fedora:36@sha256:455fec9590de794fbc21f61dbc7e90bf9918b58492d2a03fa269c09db47b43f6 AS deploy
RUN dnf -y update && \
dnf -y install dnf-plugins-core \
libvirt-daemon-config-network \
libvirt-daemon-kvm \
qemu-kvm \
swtpm \
swtpm-tools \
libvirt-client && \
libvirt-daemon-config-network \
libvirt-daemon-kvm \
qemu-kvm \
swtpm \
swtpm-tools \
libvirt-client && \
dnf clean all
# Prevent cgroup issues on Fedora and configure libvirt
@ -19,8 +19,7 @@ RUN echo "cgroup_controllers = []" >> /etc/libvirt/qemu.conf && \
# Copy nvram templates
COPY ./cli/internal/libvirt/nvram/constellation_vars.testing.fd /usr/share/OVMF/constellation_vars.testing.fd
# TODO: Uncomment this line when we have a production template
# COPY ./cli/internal/libvirt/nvram/constellation_vars.production.fd /usr/share/OVMF/constellation_vars.production.fd
COPY ./cli/internal/libvirt/nvram/constellation_vars.production.fd /usr/share/OVMF/constellation_vars.production.fd
COPY --chmod=755 ./cli/internal/libvirt/start.sh /start.sh

BIN
cli/internal/libvirt/nvram/constellation_vars.production.fd Normal file
View file

Binary file not shown.