Skip to content

Commit

Permalink
EFI & Secure Boot
Browse files Browse the repository at this point in the history
Co-authored-by: Ewoud Kohl van Wijngaarden <[email protected]>
  • Loading branch information
stejskalleos and ekohl committed Jun 24, 2024
1 parent 21d1bf8 commit a4fb77c
Show file tree
Hide file tree
Showing 3 changed files with 64 additions and 1 deletion.
4 changes: 4 additions & 0 deletions .rubocop.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,7 @@ SignalException:

Metrics/ClassLength:
Enabled: false

Metrics/BlockLength:
Exclude:
- tests/**/*.rb
18 changes: 17 additions & 1 deletion lib/fog/libvirt/models/compute/server.rb
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ class Server < Fog::Compute::Server

attribute :cpus
attribute :cputime
attribute :os_firmware
attribute :os_firmware_features
attribute :os_type
attribute :memory_size
attribute :max_memory_size
Expand Down Expand Up @@ -281,14 +283,28 @@ def to_xml
end

xml.vcpu(cpus)
xml.os do
os_tags = {}

# Set firmware only if it's EFI, BIOS don't need to be set
os_tags[:firmware] = "efi" if os_firmware == "efi"

xml.os(**os_tags) do
type = xml.type(os_type, :arch => arch)
type[:machine] = "q35" if ["i686", "x86_64"].include?(arch)

boot_order.each do |dev|
xml.boot(:dev => dev)
end

if os_firmware == "efi"
xml.firmware do
os_firmware_features.each_pair do |key, value|
xml.feature(:name => key, :enabled => value)
end
end
end
end

xml.features do
xml.acpi
xml.apic
Expand Down
43 changes: 43 additions & 0 deletions tests/libvirt/models/compute/server_tests.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@
attributes = [ :id,
:cpus,
:cputime,
:os_firmware,
:os_firmware_features,
:os_type,
:memory_size,
:max_memory_size,
Expand Down Expand Up @@ -60,6 +62,7 @@
end
test('be a kind of Fog::Libvirt::Compute::Server') { server.kind_of? Fog::Libvirt::Compute::Server }
tests("serializes to xml") do
test("without firmware") { server.to_xml.include?("<os>") }
test("with memory") { server.to_xml.match?(%r{<memory>\d+</memory>}) }
test("with disk of type file") do
xml = server.to_xml
Expand All @@ -79,5 +82,45 @@
end
test("with q35 machine type on x86_64") { server.to_xml.match?(%r{<type arch="x86_64" machine="q35">hvm</type>}) }
end
test("with efi firmware") do
server = Fog::Libvirt::Compute::Server.new(
{
:os_firmware => "efi",
:os_firmware_features => {
"secure-boot" => "no",
"enrolled-keys" => "no"
},
:nics => [],
:volumes => []
}
)
xml = server.to_xml

os_firmware = xml.include?('<os firmware="efi">')
secure_boot = !xml.include?('<feature name="secure-boot" enabled="no" />')
enrolled_keys = !xml.include?('<feature name="enrolled-keys" enabled="no" />')

os_firmware && secure_boot && enrolled_keys
end
test("with secure boot") do
server = Fog::Libvirt::Compute::Server.new(
{
:os_firmware => "efi",
:os_firmware_features => {
"secure-boot" => "yes",
"enrolled-keys" => "yes"
},
:nics => [],
:volumes => []
}
)
xml = server.to_xml

os_firmware = xml.include?('<os firmware="efi">')
secure_boot = xml.include?('<feature name="secure-boot" enabled="yes"/>')
enrolled_keys = xml.include?('<feature name="enrolled-keys" enabled="yes"/>')

os_firmware && secure_boot && enrolled_keys
end
end
end

0 comments on commit a4fb77c

Please sign in to comment.