Skip to content

Commit

Permalink
Merge pull request #163 from nix-community/synthesis
Browse files Browse the repository at this point in the history
feat: enable synthesis support
  • Loading branch information
RaitoBezarius authored Apr 29, 2023
2 parents 484b2c2 + 4ef6957 commit 64b903c
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 4 deletions.
12 changes: 12 additions & 0 deletions nix/tests/lanzaboote.nix
Original file line number Diff line number Diff line change
Expand Up @@ -239,6 +239,18 @@ in
'';
};

# We test if we can install Lanzaboote without Bootspec support.
synthesis = mkSecureBootTest {
name = "lanzaboote-synthesis";
machine = { lib, ... }: {
boot.bootspec.enable = lib.mkForce false;
};
testScript = ''
machine.start()
assert "Secure Boot: enabled (user)" in machine.succeed("bootctl status")
'';
};

systemd-boot-loader-config = mkSecureBootTest {
name = "lanzaboote-systemd-boot-loader-config";
machine = {
Expand Down
13 changes: 9 additions & 4 deletions rust/tool/src/generation.rs
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,15 @@ pub struct Generation {
impl Generation {
pub fn from_link(link: &GenerationLink) -> Result<Self> {
let bootspec_path = link.path.join("boot.json");
let boot_json: BootJson = serde_json::from_slice(
&fs::read(bootspec_path).context("Failed to read bootspec file")?,
)
.context("Failed to parse bootspec json")?;
let boot_json: BootJson = fs::read(bootspec_path)
.context("Failed to read bootspec file")
.and_then(|raw| serde_json::from_slice(&raw).context("Failed to read bootspec JSON"))
// TODO: this should be much easier, add a From<GenerationVX> for BootspecGeneration
// this should enable us to do `into()` on the Result
// anyhow compatibility of bootspec would be nice too.
.or_else(|_err| BootJson::synthesize_latest(&link.path)
.map_err(|err| anyhow!(err))
.context("Failed to read a bootspec (missing bootspec?) and failed to synthesize a valid replacement bootspec."))?;

// TODO: replace me when https://github.com/DeterminateSystems/bootspec/pull/109 lands.
let bootspec: BootSpec = match boot_json.generation {
Expand Down

0 comments on commit 64b903c

Please sign in to comment.