Add debugging output

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

.github/ISSUE_TEMPLATE/file-issues-on-main-kairos-repo.md

@@ -1,12 +0,0 @@
----
-name: File issues on main Kairos repo
-about: Tell users to file their issues on the main Kairos repo
-title: ''
-labels: ''
-assignees: ''
-
----
-
-:warning: All Kairos issues are tracked in our main repo, please file your issue there, thanks! :warning:
-
-https://github.com/kairos-io/kairos/issues

.github/workflows/e2e-tests.yml

@@ -9,56 +9,9 @@ on:
     paths-ignore:
       - 'README.md'
 
-concurrency:
-  group: ci-e2e-${{ github.head_ref || github.ref }}-${{ github.repository }}
-  cancel-in-progress: true
-
 jobs:
-  build-iso:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - name: Install Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: ^1.20
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_LOGIN }}
-          password: ${{ secrets.DOCKER_PASS }}
-      - name: Install earthly
-        uses: Luet-lab/luet-install-action@v1
-        with:
-          repository: quay.io/kairos/packages
-          packages: utils/earthly
-      - name: build iso
-        run: |
-          # Configure earthly to use the docker mirror in CI
-          # https://docs.earthly.dev/ci-integration/pull-through-cache#configuring-earthly-to-use-the-cache
-          mkdir -p ~/.earthly/
-          cat << EOF > ~/.earthly/config.yml
-          global:
-            buildkit_additional_config: |
-              [registry."docker.io"]
-                mirrors = ["registry.docker-mirror.svc.cluster.local:5000"]
-              [registry."registry.docker-mirror.svc.cluster.local:5000"]
-                insecure = true
-          EOF
-
-          earthly -P +iso
-      - uses: actions/upload-artifact@v3
-        with:
-          name: challenger.iso.zip
-          path: |
-            build/*.iso
   e2e-tests:
-    needs:
+    runs-on: self-hosted
-      - build-iso
-    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
@@ -77,38 +30,41 @@ jobs:
         uses: actions/setup-go@v4
         with:
           go-version: ^1.20
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_LOGIN }}
-          password: ${{ secrets.DOCKER_PASS }}
-      - name: Install deps
-        run: |
-          curl -L https://github.com/mudler/luet/releases/download/0.33.0/luet-0.33.0-linux-amd64 -o luet
-          chmod +x luet
-          sudo mv luet /usr/bin/luet
-          sudo mkdir -p /etc/luet/repos.conf.d/
-          sudo luet repo add -y kairos --url quay.io/kairos/packages --type docker
-          LUET_NOLOCK=true sudo -E luet install -y container/kubectl utils/k3d utils/earthly
-      - name: Download artifacts
-        uses: actions/download-artifact@v3
-        with:
-          name: challenger.iso.zip
       - name: Run tests
         env:
           LABEL: ${{ matrix.label }}
+          KVM: true
         run: |
           sudo apt update && \
           sudo apt install -y git qemu-system-x86 qemu-utils swtpm jq make glibc-tools \
           openssl curl gettext ca-certificates curl gnupg lsb-release
 
-          export ISO=$PWD/$(ls *.iso)
+          curl -L  https://github.com/mudler/luet/releases/download/0.33.0/luet-0.33.0-linux-amd64 -o luet
+          chmod +x luet
+          sudo mv luet /usr/bin/luet
+          sudo mkdir -p /etc/luet/repos.conf.d/
+          sudo luet repo add -y kairos --url quay.io/kairos/packages --type docker
+          LUET_NOLOCK=true sudo -E luet install -y container/kubectl utils/k3d utils/earthly
+
+          earthly -P +iso
+          export ISO=$PWD/build/challenger.iso
+
+          go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
+          go get github.com/onsi/gomega/...
+          go get github.com/onsi/ginkgo/v2/ginkgo/internal@v2.7.1
+          go get github.com/onsi/ginkgo/v2/ginkgo/generators@v2.7.1
+          go get github.com/onsi/ginkgo/v2/ginkgo/labels@v2.7.1
+
+          # Configure earthly to use the docker mirror in CI
+          # https://docs.earthly.dev/ci-integration/pull-through-cache#configuring-earthly-to-use-the-cache
+          cat << EOF > ~/.earthly/config.yml
+          global:
+            buildkit_additional_config: |
+              [registry."docker.io"]
+                mirrors = ["registry.docker-mirror.svc.cluster.local:5000"]
+              [registry."registry.docker-mirror.svc.cluster.local:5000"]
+                insecure = true
+          EOF
 
           # We run with sudo to be able to access /dev/kvm
-          ./scripts/e2e-tests.sh
+          sudo -E ./scripts/e2e-tests.sh
-      - uses: actions/upload-artifact@v3
-        if: failure()
-        with:
-          name: ${{ matrix.label }}-test.logs.zip
-          path: tests/**/logs/*
-          if-no-files-found: warn

.github/workflows/image.yml

@@ -8,17 +8,12 @@ on:
     tags:
       - '*'
 
-
-concurrency:
-  group: ci-image-${{ github.head_ref || github.ref }}-${{ github.repository }}
-  cancel-in-progress: true
-
 jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       - name: Prepare
         id: prep
@@ -58,7 +53,7 @@ jobs:
           password: ${{ secrets.QUAY_PASSWORD }}
 
       - name: Build
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v2
         with:
           builder: ${{ steps.buildx.outputs.name }}
           context: .

.github/workflows/lint.yml

@@ -6,12 +6,6 @@ on:
   pull_request:
     paths:
       - '**'
-
-
-concurrency:
-  group: ci-lint-${{ github.head_ref || github.ref }}-${{ github.repository }}
-  cancel-in-progress: true
-
 env:
   FORCE_COLOR: 1
 jobs:

.github/workflows/unit-tests.yml

@@ -6,11 +6,6 @@ on:
       - master
   pull_request:
 
-
-concurrency:
-  group: ci-unit-${{ github.head_ref || github.ref }}-${{ github.repository }}
-  cancel-in-progress: true
-
 jobs:
   unit-tests:
     runs-on: ubuntu-latest

Earthfile

@@ -10,7 +10,7 @@ build-challenger:
     COPY . /work
     WORKDIR /work
     RUN CGO_ENABLED=0 go build -o kcrypt-discovery-challenger ./cmd/discovery
-    SAVE ARTIFACT /work/kcrypt-discovery-challenger kcrypt-discovery-challenger AS LOCAL kcrypt-discovery-challenger
+    SAVE ARTIFACT /work/kcrypt-discovery-challenger AS LOCAL kcrypt-discovery-challenger
 
 image:
     FROM $BASE_IMAGE
@@ -50,8 +50,14 @@ test:
     COPY go.mod go.sum ./
     RUN go mod download && go mod verify
 
+    RUN go get github.com/onsi/gomega/...
+    RUN go get github.com/onsi/ginkgo/v2/ginkgo/internal@v2.1.4
+    RUN go get github.com/onsi/ginkgo/v2/ginkgo/generators@v2.1.4
+    RUN go get github.com/onsi/ginkgo/v2/ginkgo/labels@v2.1.4
+    RUN go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
+
     COPY . /work
-    RUN go run github.com/onsi/ginkgo/v2/ginkgo run --covermode=atomic --coverprofile=coverage.out -p -r pkg/challenger cmd/discovery/client
+    RUN PATH=$PATH:$GOPATH/bin ginkgo run --covermode=atomic --coverprofile=coverage.out -p -r pkg/challenger cmd/discovery/client
     SAVE ARTIFACT coverage.out AS LOCAL coverage.out
 
 # Generic targets
@@ -81,6 +87,12 @@ e2e-tests-image:
     COPY . /test
     WORKDIR /test
 
+    RUN go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
+    RUN go get github.com/onsi/gomega/...
+    RUN go get github.com/onsi/ginkgo/v2/ginkgo/internal@v2.7.1
+    RUN go get github.com/onsi/ginkgo/v2/ginkgo/generators@v2.7.1
+    RUN go get github.com/onsi/ginkgo/v2/ginkgo/labels@v2.7.1
+
     IF [ -e /test/build/kairos.iso ]
         ENV ISO=/test/build/kairos.iso
     ELSE

cmd/discovery/client/client.go

@@ -71,7 +71,7 @@ func (c *Client) generatePass(postEndpoint string, p *block.Partition) error {
 	opts := []tpm.Option{
 		tpm.WithCAs([]byte(c.Config.Kcrypt.Challenger.Certificate)),
 		tpm.AppendCustomCAToSystemCA,
-		tpm.WithAdditionalHeader("label", p.FilesystemLabel),
+		tpm.WithAdditionalHeader("label", p.Label),
 		tpm.WithAdditionalHeader("name", p.Name),
 		tpm.WithAdditionalHeader("uuid", p.UUID),
 	}

cmd/discovery/client/config.go

@@ -1,9 +1,8 @@
 package client
 
 import (
-	"github.com/kairos-io/kairos-sdk/collector"
+	"github.com/kairos-io/kairos/pkg/config"
 	kconfig "github.com/kairos-io/kcrypt/pkg/config"
-	"gopkg.in/yaml.v3"
 )
 
 type Client struct {
@@ -27,21 +26,12 @@ type Config struct {
 func unmarshalConfig() (Config, error) {
 	var result Config
 
-	o := &collector.Options{NoLogs: true, MergeBootCMDLine: false}
+	c, err := config.Scan(config.Directories(kconfig.ConfigScanDirs...), config.NoLogs)
-	if err := o.Apply(collector.Directories(append(kconfig.ConfigScanDirs, "/tmp/oem")...)); err != nil {
-		return result, err
-	}
-
-	c, err := collector.Scan(o, func(d []byte) ([]byte, error) {
-		return d, nil
-	})
 	if err != nil {
 		return result, err
 	}
 
-	a, _ := c.String()
+	if err = c.Unmarshal(&result); err != nil {
-	err = yaml.Unmarshal([]byte(a), &result)
-	if err != nil {
 		return result, err
 	}
 

cmd/discovery/client/enc.go

@@ -20,7 +20,7 @@ func getPass(server, certificate string, partition *block.Partition) (string, bo
 	msg, err := tpm.Get(server,
 		tpm.WithCAs([]byte(certificate)),
 		tpm.AppendCustomCAToSystemCA,
-		tpm.WithAdditionalHeader("label", partition.FilesystemLabel),
+		tpm.WithAdditionalHeader("label", partition.Label),
 		tpm.WithAdditionalHeader("name", partition.Name),
 		tpm.WithAdditionalHeader("uuid", partition.UUID))
 	if err != nil {

controllers/suite_test.go

@@ -20,13 +20,14 @@ import (
 	"path/filepath"
 	"testing"
 
-	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/envtest"
+	"sigs.k8s.io/controller-runtime/pkg/envtest/printer"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 
@@ -43,7 +44,10 @@ var testEnv *envtest.Environment
 
 func TestAPIs(t *testing.T) {
 	RegisterFailHandler(Fail)
-	RunSpecs(t, "Control")
+
+	RunSpecsWithDefaultAndCustomReporters(t,
+		"Controller Suite",
+		[]Reporter{printer.NewlineReporter{}})
 }
 
 var _ = BeforeSuite(func() {

earthly.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 
-docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm -t -v $(pwd):/workspace -v earthly-tmp:/tmp/earthly:rw earthly/earthly:v0.7.8 --allow-privileged $@
+docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm -t -v $(pwd):/workspace -v earthly-tmp:/tmp/earthly:rw earthly/earthly:v0.6.21 --allow-privileged $@

go.mod

@@ -5,158 +5,140 @@ go 1.20
 require (
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/websocket v1.5.0
-	github.com/jaypipes/ghw v0.11.0
+	github.com/jaypipes/ghw v0.9.0
-	github.com/kairos-io/kairos-sdk v0.0.8
+	github.com/kairos-io/kairos v1.24.3-56.0.20230208235509-4d28f3b87f60
-	github.com/kairos-io/kcrypt v0.7.0
+	github.com/kairos-io/kcrypt v0.5.0
 	github.com/kairos-io/tpm-helpers v0.0.0-20230119140150-3fa97128ef6b
 	github.com/mudler/go-pluggable v0.0.0-20230126220627-7710299a0ae5
 	github.com/mudler/go-processmanager v0.0.0-20220724164624-c45b5c61312d
-	github.com/mudler/yip v1.2.0
+	github.com/mudler/yip v1.0.0
-	github.com/onsi/ginkgo/v2 v2.10.0
+	github.com/onsi/ginkgo v1.16.5
-	github.com/onsi/gomega v1.27.8
+	github.com/onsi/ginkgo/v2 v2.8.1
+	github.com/onsi/gomega v1.26.0
 	github.com/pkg/errors v0.9.1
-	github.com/spectrocloud/peg v0.0.0-20230407121159-2e15270c4a46
+	github.com/spectrocloud/peg v0.0.0-20230214140930-4d6672f825b2
 	gopkg.in/yaml.v3 v3.0.1
-	k8s.io/api v0.27.2
+	k8s.io/api v0.24.2
-	k8s.io/apimachinery v0.27.2
+	k8s.io/apimachinery v0.24.2
-	k8s.io/client-go v0.27.2
+	k8s.io/client-go v0.24.2
-	sigs.k8s.io/controller-runtime v0.15.0
+	sigs.k8s.io/controller-runtime v0.12.2
 )
 
 require (
 	atomicgo.dev/cursor v0.1.1 // indirect
 	atomicgo.dev/keyboard v0.2.9 // indirect
-	atomicgo.dev/schedule v0.0.2 // indirect
+	cloud.google.com/go v0.93.3 // indirect
+	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
+	github.com/Azure/go-autorest/autorest v0.11.18 // indirect
+	github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect
+	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
+	github.com/Azure/go-autorest/logger v0.2.1 // indirect
+	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
-	github.com/Masterminds/semver/v3 v3.2.1 // indirect
+	github.com/Masterminds/semver/v3 v3.1.1 // indirect
-	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
+	github.com/Masterminds/sprig/v3 v3.2.2 // indirect
-	github.com/Microsoft/go-winio v0.6.1 // indirect
+	github.com/PuerkitoBio/purell v1.1.1 // indirect
-	github.com/Microsoft/hcsshim v0.10.0-rc.8 // indirect
+	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
 	github.com/StackExchange/wmi v1.2.1 // indirect
 	github.com/avast/retry-go v3.0.0+incompatible // indirect
 	github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bramvdbogaerde/go-scp v1.2.1 // indirect
 	github.com/cavaliergopher/grab/v3 v3.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9 // indirect
 	github.com/codingsince1985/checksum v1.2.6 // indirect
-	github.com/containerd/cgroups v1.1.0 // indirect
 	github.com/containerd/console v1.0.3 // indirect
-	github.com/containerd/containerd v1.7.1 // indirect
-	github.com/containerd/continuity v0.3.0 // indirect
-	github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/denisbrodbeck/machineid v1.0.1 // indirect
-	github.com/docker/cli v23.0.5+incompatible // indirect
+	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
-	github.com/docker/distribution v2.8.1+incompatible // indirect
+	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
-	github.com/docker/docker v23.0.5+incompatible // indirect
-	github.com/docker/docker-credential-helpers v0.7.0 // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
-	github.com/docker/go-units v0.5.0 // indirect
-	github.com/emicklei/go-restful/v3 v3.10.1 // indirect
-	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
 	github.com/folbricht/tpmk v0.1.2-0.20230104073416-f20b20c289d7 // indirect
-	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/form3tech-oss/jwt-go v3.2.5+incompatible // indirect
+	github.com/fsnotify/fsnotify v1.5.4 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
-	github.com/go-logr/logr v1.2.4 // indirect
+	github.com/go-logr/logr v1.2.3 // indirect
-	github.com/go-logr/zapr v1.2.4 // indirect
+	github.com/go-logr/zapr v1.2.0 // indirect
 	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
-	github.com/go-openapi/jsonreference v0.20.1 // indirect
+	github.com/go-openapi/jsonreference v0.19.5 // indirect
-	github.com/go-openapi/swag v0.22.3 // indirect
+	github.com/go-openapi/swag v0.19.14 // indirect
-	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
-	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/certificate-transparency-go v1.1.4 // indirect
 	github.com/google/gnostic v0.5.7-v3refs // indirect
 	github.com/google/go-attestation v0.4.4-0.20220404204839-8820d49b18d9 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/google/go-containerregistry v0.15.2 // indirect
 	github.com/google/go-tpm v0.3.3 // indirect
 	github.com/google/go-tpm-tools v0.3.10 // indirect
 	github.com/google/go-tspi v0.3.0 // indirect
-	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
-	github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/gookit/color v1.5.3 // indirect
+	github.com/gookit/color v1.5.2 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/huandu/xstrings v1.3.3 // indirect
+	github.com/huandu/xstrings v1.3.2 // indirect
-	github.com/imdario/mergo v0.3.15 // indirect
+	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/ipfs/go-log v1.0.5 // indirect
 	github.com/ipfs/go-log/v2 v2.5.1 // indirect
-	github.com/itchyny/gojq v0.12.12 // indirect
+	github.com/itchyny/gojq v0.12.11 // indirect
 	github.com/itchyny/timefmt-go v0.1.5 // indirect
 	github.com/joho/godotenv v1.5.1 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/kairos-io/kairos v1.24.3-56.0.20230329142538-b6ae4b58c07d // indirect
+	github.com/lithammer/fuzzysearch v1.1.5 // indirect
-	github.com/klauspost/compress v1.16.5 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
-	github.com/lithammer/fuzzysearch v1.1.7 // indirect
-	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/mattn/go-runewidth v0.0.14 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
-	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
-	github.com/moby/sys/sequential v0.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 // indirect
-	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/nxadm/tail v1.4.8 // indirect
-	github.com/opencontainers/image-spec v1.1.0-rc3 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 // indirect
-	github.com/prometheus/client_golang v1.15.1 // indirect
+	github.com/prometheus/client_golang v1.13.0 // indirect
-	github.com/prometheus/client_model v0.4.0 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.42.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
-	github.com/prometheus/procfs v0.9.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
-	github.com/pterm/pterm v0.12.61 // indirect
+	github.com/pterm/pterm v0.12.54 // indirect
 	github.com/qeesung/image2ascii v1.0.1 // indirect
-	github.com/rivo/uniseg v0.4.4 // indirect
+	github.com/rivo/uniseg v0.4.3 // indirect
-	github.com/sergi/go-diff v1.3.1 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
-	github.com/sirupsen/logrus v1.9.0 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stretchr/testify v1.8.1 // indirect
 	github.com/twpayne/go-vfs v1.7.2 // indirect
-	github.com/vbatts/tar-split v0.11.3 // indirect
 	github.com/wayneashleyberry/terminal-dimensions v1.1.0 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
-	go.opencensus.io v0.24.0 // indirect
 	go.uber.org/atomic v1.10.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	go.uber.org/zap v1.24.0 // indirect
-	golang.org/x/crypto v0.7.0 // indirect
+	golang.org/x/crypto v0.6.0 // indirect
-	golang.org/x/mod v0.10.0 // indirect
+	golang.org/x/net v0.6.0 // indirect
-	golang.org/x/net v0.10.0 // indirect
+	golang.org/x/oauth2 v0.4.0 // indirect
-	golang.org/x/oauth2 v0.7.0 // indirect
+	golang.org/x/sys v0.5.0 // indirect
-	golang.org/x/sync v0.2.0 // indirect
+	golang.org/x/term v0.5.0 // indirect
-	golang.org/x/sys v0.8.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
-	golang.org/x/term v0.8.0 // indirect
+	golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
-	golang.org/x/text v0.9.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.9.3 // indirect
-	gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20230323212658-478b75c54725 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
-	google.golang.org/grpc v1.54.0 // indirect
-	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	howett.net/plist v1.0.0 // indirect
-	k8s.io/apiextensions-apiserver v0.27.2 // indirect
+	k8s.io/apiextensions-apiserver v0.24.2 // indirect
-	k8s.io/component-base v0.27.2 // indirect
+	k8s.io/component-base v0.24.2 // indirect
-	k8s.io/klog/v2 v2.90.1 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
+	k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42 // indirect
-	k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 // indirect
+	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect
-	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )

pkg/challenger/challenger.go

@@ -141,12 +141,17 @@ func Start(ctx context.Context, kclient *kubernetes.Clientset, reconciler *contr
 			uuid := r.Header.Get("uuid")
 			v := &payload.Data{}
 
+			fmt.Printf("Header label = %+v\n", label)
+			fmt.Printf("Header name = %+v\n", name)
+			fmt.Printf("Header uuid = %+v\n", uuid)
+
 			volumeList := &keyserverv1alpha1.SealedVolumeList{}
 			if err := reconciler.List(ctx, volumeList, &client.ListOptions{Namespace: namespace}); err != nil {
 				fmt.Println("Failed listing volumes")
 				fmt.Println(err)
 				continue
 			}
+			fmt.Printf("volumeList = %+v\n", volumeList)
 
 			sealedVolumeData := findVolumeFor(PassphraseRequestData{
 				TPMHash:    hashEncoded,
@@ -220,6 +225,10 @@ func Start(ctx context.Context, kclient *kubernetes.Clientset, reconciler *contr
 			name := r.Header.Get("name")
 			uuid := r.Header.Get("uuid")
 
+			fmt.Printf("Header label = %+v\n", label)
+			fmt.Printf("Header name = %+v\n", name)
+			fmt.Printf("Header uuid = %+v\n", uuid)
+
 			if err := tpm.AuthRequest(r, conn); err != nil {
 				fmt.Println("error validating challenge", err.Error())
 				return
@@ -238,6 +247,7 @@ func Start(ctx context.Context, kclient *kubernetes.Clientset, reconciler *contr
 				UUID:       uuid,
 			}, volumeList)
 
+			fmt.Printf("sealedVolumeData = %+v\n", sealedVolumeData)
 			if sealedVolumeData == nil {
 				writer, _ := conn.NextWriter(websocket.BinaryMessage)
 				errorMessage(writer, fmt.Sprintf("Invalid hash: %s", hashEncoded))
@@ -247,6 +257,7 @@ func Start(ctx context.Context, kclient *kubernetes.Clientset, reconciler *contr
 
 			writer, _ := conn.NextWriter(websocket.BinaryMessage)
 			if !sealedVolumeData.Quarantined {
+				fmt.Println("not quarantined")
 				secretName, secretPath := sealedVolumeData.DefaultSecret()
 
 				// 1. The admin sets a specific cleartext password from Kube manager
@@ -307,7 +318,10 @@ func Start(ctx context.Context, kclient *kubernetes.Clientset, reconciler *contr
 func findVolumeFor(requestData PassphraseRequestData, volumeList *keyserverv1alpha1.SealedVolumeList) *SealedVolumeData {
 	for _, v := range volumeList.Items {
 		if requestData.TPMHash == v.Spec.TPMHash {
+			fmt.Printf("found a matching volume for TPM hash = %+v\n", v.Spec.TPMHash)
 			for _, p := range v.Spec.Partitions {
+				fmt.Printf("requestData = %+v\n", requestData)
+				fmt.Printf("p = %+v\n", p)
 				deviceNameMatches := requestData.DeviceName != "" && p.DeviceName == requestData.DeviceName
 				uuidMatches := requestData.UUID != "" && p.UUID == requestData.UUID
 				labelMatches := requestData.Label != "" && p.Label == requestData.Label
@@ -319,7 +333,13 @@ func findVolumeFor(requestData PassphraseRequestData, volumeList *keyserverv1alp
 				if p.Secret != nil && p.Secret.Path != "" {
 					secretPath = p.Secret.Path
 				}
+				fmt.Printf("secretName = %+v\n", secretName)
+				fmt.Printf("secretPath = %+v\n", secretPath)
 				if labelMatches || uuidMatches || deviceNameMatches {
+					fmt.Printf("labelMatches = %+v\n", labelMatches)
+					fmt.Printf("uuidMatches = %+v\n", uuidMatches)
+					fmt.Printf("deviceNameMatches = %+v\n", deviceNameMatches)
+					fmt.Println("Matched a sealed volume")
 					return &SealedVolumeData{
 						Quarantined:    v.Spec.Quarantined,
 						SecretName:     secretName,

renovate.json

@@ -1,6 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:base"
-  ]
-}

scripts/e2e-tests.sh

@@ -59,4 +59,4 @@ kubectl apply -k "$SCRIPT_DIR/../tests/assets/"
 # https://stackoverflow.com/a/6752280
 export KMS_ADDRESS="10.0.2.2.challenger.sslip.io"
 
-go run github.com/onsi/ginkgo/v2/ginkgo -v --nodes $GINKGO_NODES --label-filter $LABEL --fail-fast -r ./tests/
+PATH=$PATH:$GOPATH/bin ginkgo -v --nodes $GINKGO_NODES --label-filter $LABEL --fail-fast -r ./tests/

tests/encryption_test.go

@@ -47,7 +47,6 @@ var _ = Describe("kcrypt encryption", func() {
 	})
 
 	AfterEach(func() {
-		vm.GatherLog("/run/immucore/immucore.log")
 		err := vm.Destroy(func(vm VM) {
 			// Stop TPM emulator
 			tpmPID, err := os.ReadFile(path.Join(vm.StateDir, "tpm", "pid"))