From cf797bee9b516285290bacf108678c14a9339d3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mathieu=20Dupr=C3=A9?= Date: Mon, 16 May 2022 16:18:44 +0200 Subject: [PATCH] playbooks/ci_set_efi_boot_entries: add a playbook to set boot entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The playbook ci_set_efi_boot_entries.yaml configures the UEFI boot entries to add SEAPATH boot entries if needed and reboot if a change was done. Signed-off-by: Mathieu Dupré --- playbooks/ci_configure_hosts.yaml | 1 + playbooks/ci_set_efi_boot_entries.yaml | 20 ++++ .../replace_machine_setup_new_machine.yaml | 1 + scripts/add_seapath_boot_entries.sh | 98 +++++++++++++++++++ 4 files changed, 120 insertions(+) create mode 100644 playbooks/ci_set_efi_boot_entries.yaml create mode 100644 scripts/add_seapath_boot_entries.sh diff --git a/playbooks/ci_configure_hosts.yaml b/playbooks/ci_configure_hosts.yaml index 504d6f94e..b18686797 100644 --- a/playbooks/ci_configure_hosts.yaml +++ b/playbooks/ci_configure_hosts.yaml @@ -5,4 +5,5 @@ - import_playbook: ci_restart_machines.yaml vars: machines: cluster_machines +- import_playbook: ci_set_efi_boot_entries.yaml - import_playbook: cluster_setup_configure_hosts.yaml diff --git a/playbooks/ci_set_efi_boot_entries.yaml b/playbooks/ci_set_efi_boot_entries.yaml new file mode 100644 index 000000000..d9ed8a70e --- /dev/null +++ b/playbooks/ci_set_efi_boot_entries.yaml @@ -0,0 +1,20 @@ +# Copyright (C) 2022, RTE (http://www.rte-france.com) +# SPDX-License-Identifier: Apache-2.0 +# This playbook will add SEAPATH EFI boot entries + +--- +- name: Configure EFI boot entries + hosts: cluster_machines + gather_facts: false + tasks: + - name: Define SEAPATH boot entries if needed + script: "../scripts/add_seapath_boot_entries.sh" + register: result + changed_when: result.rc == 2 + failed_when: result.rc == 1 + - name: Reboot on default slot + reboot: + when: result.rc == 2 + - name: Wait for host to be online + wait_for_connection: + when: result.rc == 2 diff --git a/playbooks/replace_machine_setup_new_machine.yaml b/playbooks/replace_machine_setup_new_machine.yaml index e245fd1bb..fcb8a66c0 100644 --- a/playbooks/replace_machine_setup_new_machine.yaml +++ b/playbooks/replace_machine_setup_new_machine.yaml @@ -36,5 +36,6 @@ wait_for_connection: when: need_to_be_reflashed +- import_playbook: ci_set_efi_boot_entries.yaml - import_playbook: cluster_setup_configure_hosts.yaml - import_playbook: ci_configure_cluster.yaml diff --git a/scripts/add_seapath_boot_entries.sh b/scripts/add_seapath_boot_entries.sh new file mode 100644 index 000000000..0c995299b --- /dev/null +++ b/scripts/add_seapath_boot_entries.sh @@ -0,0 +1,98 @@ +#!/bin/bash +# Copyright (C) 2022, RTE (http://www.rte-france.com) +# SPDX-License-Identifier: Apache-2.0 + + +if [ $# -gt 1 ] ; then + echo "Error $0 takes no arguments" 1>&2 + exit 3 +fi + +if [ ! -d /sys/firmware/efi/efivars ] ; then + echo "No EFI system" + exit 0 +fi + +echo "EFI image." +active_boot=$(efibootmgr | awk '/SEAPATH slot 0/{ gsub("Boot", ""); gsub("*", ""); print $1 }') +passive_boot=$(efibootmgr | awk '/SEAPATH slot 1/{ gsub("Boot", ""); gsub("*", ""); print $1 }') +if [ -n "$active_boot" ] && \ + efibootmgr | grep "$active_boot" | cut -d ' ' -f 1 | grep -q '*' && \ + [ -n "$passive_boot" ] && \ + efibootmgr | grep "$active_boot" | cut -d ' ' -f 1 | grep -vq '*' ; then + echo "Boot entries already defined" + exit 0 +fi +root_part=$(mount | grep ' / ' | cut -d ' ' -f 1) +disk=/dev/$(lsblk -ndo pkname "$root_part") + +if [ -z "$passive_boot" ] ; then + command="efibootmgr -q -c -d \"$disk\" -p 2 -L \"SEAPATH slot 1\" -l /EFI/BOOT/bootx64.efi" + if eval "$command" ; then + echo "Entry SEAPATH slot 1 successfully created" + else + echo "Error while creating entry SEAPATH slot 1" + exit 1 + fi +fi + +if [ -z "$active_boot" ] ; then + command="efibootmgr -q -c -d \"$disk\" -p 1 -L \"SEAPATH slot 0\" -l /EFI/BOOT/bootx64.efi" + if eval "$command" ; then + echo "Entry SEAPATH slot 0 successfully created" + else + echo "Error while creating entry SEAPATH slot 0" + exit 1 + fi +fi + + +# Disable slot 1 +passive_boot=$(efibootmgr | awk '/SEAPATH slot 1/{ gsub("Boot", ""); gsub("*", ""); print $1 }') +if efibootmgr -q -b "${passive_boot}" -A ; then + echo "Entry ${passive_boot} sucessfully disabled" +else + echo "Error while disabling entry ${passive_boot}" 1>&2 + exit 1 +fi + +# Enable slot 1 +active_boot=$(efibootmgr | awk '/SEAPATH slot 0/{ gsub("Boot", ""); gsub("*", ""); print $1 }') +if efibootmgr -q -b "${active_boot}" -a ; then + echo "Entry ${active_boot} sucessfully disabled" +else + echo "Error while disabling entry ${active_boot}" 1>&2 + exit 1 +fi + +echo "Move SEAPATH boot at the end of the boot order" +echo "Disable all unwanted boot entries in UEFI setup or with the efibootmgr" +echo "command" + +# Set top boot order priority for USB and PXE entries +boot_order=$(efibootmgr | grep "BootOrder" | awk '{ print $2}') + +# Remove SEAPATH entries from bootOrder +boot_order=$(echo "$boot_order" | sed "s/$active_boot//") +boot_order=$(echo "$boot_order" | sed "s/$passive_boot//") + +# Remove unwanted commas +boot_order=$(echo "$boot_order" | sed "s/,,/,/") +boot_order=$(echo "$boot_order" | sed 's/,$//') +boot_order=$(echo "$boot_order" | sed 's/^,//') + +# Add SEAPATH entries at the end +boot_order="$boot_order,$active_boot,$passive_boot" + +# Change boot order +if efibootmgr -q -o "$boot_order" ; then + echo "Boot order successfully changed" +else + echo "Error while changing boot order" + exit 1 +fi +echo "Set the next reboot to be on SEAPATH slot 0" +efibootmgr --bootnext "$active_boot" +efibootmgr + +exit 2