diff options
| author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2023-05-08 16:06:41 +0200 |
|---|---|---|
| committer | Daan De Meyer <daan.j.demeyer@gmail.com> | 2023-05-13 10:49:17 +0200 |
| commit | 47e5e12866af14112452aeb8bc43a66191c6fbc1 (patch) | |
| tree | f1f38524a56a3e7a5a3957ed638ba493bbb48650 /.github | |
| parent | 724683c27fd35e4828e35320ccfc62f885ca20bc (diff) | |
| download | systemd-47e5e12866af14112452aeb8bc43a66191c6fbc1.tar.gz | |
mkosi: Package a erofs usr partition with signed verity
Let's start moving towards a more involved partitioning setup to
test our stuff more when using mkosi.
The root partition is generated on boot with systemd-repart.
CentOS supports neither erofs nor btrfs so we use squashfs and xfs
instead.
We also enable SecureBoot= locally for additional coverage. This
and the use of verity means users need to run `mkosi genkey` once
to generate the keys necessary to do secure boot and verity.
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/mkosi.yml | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml index 8c71748df8..7d3ef4b186 100644 --- a/.github/workflows/mkosi.yml +++ b/.github/workflows/mkosi.yml @@ -84,11 +84,10 @@ jobs: [Distribution] Distribution=${{ matrix.distro }} Release=${{ matrix.release }} - SecureBoot=yes [Content] Environment=CI_BUILD=1 - DEFAULT_TIMEOUT_SEC=90 + DEFAULT_TIMEOUT_SEC=120 SLOW_TESTS=true [Output] @@ -101,6 +100,15 @@ jobs: ExtraSearchPaths=!* EOF + # For erofs, we have to install linux-modules-extra-azure, but that doesn't match the running kernel + # version, so we can't load the erofs module. squashfs is a builtin module so we use that instead. + + mkdir -p mkosi.presets/20-final/mkosi.repart/10-usr.conf.d + tee mkosi.presets/20-final/mkosi.repart/10-usr.conf.d/squashfs.conf <<- EOF + [Partition] + Format=squashfs + EOF + - name: Generate secure boot key run: mkosi --debug genkey @@ -113,11 +121,5 @@ jobs: - name: Boot ${{ matrix.distro }} systemd-nspawn run: sudo mkosi --debug boot - - name: Check ${{ matrix.distro }} systemd-nspawn - run: sudo mkosi --debug shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }" - - name: Boot ${{ matrix.distro }} QEMU run: timeout -k 30 10m mkosi --debug qemu - - - name: Check ${{ matrix.distro }} QEMU - run: sudo mkosi --debug shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }" |