Lubuntu/livecd-rootfs
3
0
Fork 0
mirror of https://git.launchpad.net/livecd-rootfs synced 2025-10-16 17:44:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
livecd-rootfs/live-build/ubuntu/hooks/030-ubuntu-live-system-seed.binary
Michael Hudson-Doyle 785c4c53d3 Fix daily-dangerous builds: 
* Fix daily-dangerous builds:
  - Copy hooks.
  - Mangle the channel of seeded snaps to use the edge risk of whichever
    track they are taken from.
  - Update the dangerous model to reference tracks that actually exist.
  - Include providers of content plugs when seeding snaps and creating
    TPMFDE system.
  - Do not attempt to build an UEFI boot image or hyperv desktop image for
    this project/subproject combination.
2025-09-15 09:09:02 +12:00

64 lines
2.4 KiB
Bash
Raw Blame History

#!/bin/bash
# create the system seed for TPM-backed FDE in the live layer of the installer.
set -eux
case ${PASS:-} in
*.live)
;;
*)
exit 0
;;
esac
. config/binary
. config/functions
# Generation of the model:
# * At https://github.com/canonical/models one can find a repo of raw,
# unsigned, input .json files, and their signed .model equivalents.
# * At least once per cycle, update the json for the new Ubuntu version.
# To do this, take the previous cycle ubuntu-classic-$ver-amd64.json file,
# rename for the new version, and do any necessary updates including fixing
# the versions of tracks.
# * When this is done, the json needs to be signed. This needs to be done by
# a Canonical employee - try asking someone who has recently opened PRs on
# https://github.com/canonical/models with the signed models.
# * Ensure the signed and unsigned version of the models are updated in the
# models repo.
# * The signed model can then be placed here in livecd-rootfs at
# live-build/${PROJECT}/ubuntu-classic-amd64.model
# env SNAPPY_STORE_NO_CDN=1 snap known --remote model series=16 brand-id=canonical model=ubuntu-classic-2410-amd64 > config/classic-model.model
model=/usr/share/livecd-rootfs/live-build/${PROJECT}/ubuntu-classic-amd64.model
prepare_args=
# for the dangerous subproject, we need the dangerous model!
if [ $SUBPROJECT = "dangerous" ]; then
# As with the "classically" seeded snaps, snaps from the edge channel may
# require different content snaps to be installed, so they must be
# included in the system as well. We just use the same list as was
# computed in snap_validate_seed.
model=/usr/share/livecd-rootfs/live-build/${PROJECT}/ubuntu-classic-amd64-dangerous.model
while read snap; do
prepare_args="$prepare_args --snap=${snap}=edge"
done < config/missing-providers
fi
channel=""
if [ -n "${CHANNEL:-}" ]; then
channel="--channel $CHANNEL"
fi
# Set UBUNTU_STORE_COHORT_KEY="+" to force prepare-image to fetch the latest
# snap versions regardless of phasing status
env SNAPPY_STORE_NO_CDN=1 UBUNTU_STORE_COHORT_KEY="+" snap prepare-image \
--classic $model $channel ${prepare_args:+$prepare_args} chroot
mv chroot/system-seed/systems/* chroot/system-seed/systems/enhanced-secureboot-desktop
rsync -av chroot/system-seed/{systems,snaps} chroot/var/lib/snapd/seed
rm -rf chroot/system-seed/
Reference in New Issue View Git Blame Copy Permalink