Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-38497

OKD, vSphere fails after pivot with secure boot enabled

XMLWordPrintable

    • None
    • False
    • Hide

      None

      Show
      None
    • The current of scos has a efi secure boot failure so when fcos pivots to scos the virtual machine fails to boot. This fix resolves that issue by disabling secure boot if and only if secure boot is enabled in the coreos.ovf configuration

      This is a clone of issue OCPBUGS-37736. The following is the description of the original issue:

      Modify the import to strip or change the bootOptions.efiSecureBootEnabled

      https://redhat-internal.slack.com/archives/CLKF3H5RS/p1722368792144319

      archive := &importx.ArchiveFlag{Archive: &importx.TapeArchive{Path: cachedImage}}

      ovfDescriptor, err := archive.ReadOvf("*.ovf")
      if err != nil {
      // Open the corrupt OVA file
      f, ferr := os.Open(cachedImage)
      if ferr != nil

      { err = fmt.Errorf("%s, %w", err.Error(), ferr) }

      defer f.Close()

      // Get a sha256 on the corrupt OVA file
      // and the size of the file
      h := sha256.New()
      written, cerr := io.Copy(h, f)
      if cerr != nil

      { err = fmt.Errorf("%s, %w", err.Error(), cerr) }

      return fmt.Errorf("ova %s has a sha256 of %x and a size of %d bytes, failed to read the ovf descriptor %w", cachedImage, h.Sum(nil), written, err)
      }

      ovfEnvelope, err := archive.ReadEnvelope(ovfDescriptor)
      if err != nil

      { return fmt.Errorf("failed to parse ovf: %w", err) }

            jcallen@redhat.com Joseph Callen
            openshift-crt-jira-prow OpenShift Prow Bot
            Wenxin Wei Wenxin Wei
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: