Merge pull request #10930 from anonymouse64/revert-10715-bump-secboot
Reverts #10715
Sadly the new version of secboot seems to auto-upgrade v1 keys to v2, which old recovery systems and even the currently published initrds/kernels do not understand so they fail to unlock the encrypted partitions in the initrd.
This PR includes #10929 which adds the following tests:
* test from stable snapd + stable kernel refreshing to snapd from the PR
* test from stable kernel + snapd from the PR
and for each variant then do something which triggers a reseal operation and a reboot to ensure that the new snapd will not break old recovery system kernels
The test tests/nested/manual/core20-cloud-init-maas-signed-seed-data is
failing trying to create the extra-snaps directory which is being
created while the test is prepared.
+ mkdir
/home/gopath/src/github.com/snapcore/snapd/tests/nested/manual/core20-cloud-init-maas-signed-seed-data/extra-snaps
mkdir: cannot create directory
‘/home/gopath/src/github.com/snapcore/snapd/tests/nested/manual/core20-cloud-init-maas-signed-seed-data/extra-snaps’:
File exists
This test ensures that with grade signed images, MAAS is able to put cloud-init
configuration files onto ubuntu-seed and they are picked up and copied to the
appropriate directory at runtime such that cloud-init can connect to MAAS
successfully.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
There is a race here in waiting for snapd to finish this task, since the
nested tooling will wait for snapd to be seeded, but this task runs immediately
after seeding is done, so we may execute the code before the task is actually
done executing.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
This is the continuation of the nested tool changes:
1. Most of the tested tests are not using the nested helper anymore
2. Many new functinos added to the nested tool
3. Loops updated to use retry instead
4. Small fixes
This is to avoid the error
systemd-run --collect --unit fakedevicesvc fakedevicesvc localhost:11029
Failed to start transient service unit: Unit fakedevicesvc.service
already exists.
The the following tests were executed in order:
google-nested:ubuntu-20.04-64:tests/nested/manual/core20-install-device-file-install-via-hook-hack
google-nested:ubuntu-20.04-64:tests/nested/manual/grade-signed-above-testkeys-boot:secured
