rancher/kcrypt
1
0
Fork 0
mirror of https://github.com/kairos-io/kcrypt.git synced 2025-04-27 19:29:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
58 Commits 9 Branches 38 Tags 8.3 MiB
15cc284978
Commit Graph

58 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mauro Morales
15cc284978
Part of previous commit 
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
 2023-03-29 17:00:06 +02:00
Mauro Morales
b7352829ff
Add yamllint 
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
 2023-03-29 17:00:06 +02:00
Mauro Morales
57aef89b02
⬆️ bump go version to 1.20.2 
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
 2023-03-29 16:59:56 +02:00
Dimitris Karakasilis
2dbd13c984
Merge pull request #14 from kairos-io/use-collector-insted-of-config 
 Switch to using new collector pkg
 2023-03-29 17:38:49 +03:00
Dimitris Karakasilis
ff42570ec7
Fix go.sum/go.mod with go mod tidy 
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2023-03-29 17:29:41 +03:00
Mauro Morales
36fafa38cf
Add test for header when writing mappings 
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
 2023-03-29 17:27:55 +03:00
Mauro Morales
f977f72e8d
Switch to using new collector pkg 
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
 2023-03-29 17:27:55 +03:00
Itxaka
608b465afc
Merge pull request #13 from kairos-io/move_to_immucore 2023-03-15 10:37:10 +01:00
Itxaka
79fbcc2f73
Merge branch 'main' into move_to_immucore 2023-03-09 23:55:05 +01:00
Itxaka
7298e9c0dd
Merge pull request #12 from kairos-io/Itxaka-patch-1 2023-03-09 23:54:36 +01:00
Itxaka
94cfbcfe88
Update dracut/29kcrypt/generator.sh 
Co-authored-by: Mauro Morales <contact@mauromorales.com>
 2023-03-01 16:58:08 +01:00
Itxaka
1296f284cb
Update dracut/29kcrypt/generator.sh 
Co-authored-by: Mauro Morales <contact@mauromorales.com>
 2023-03-01 16:58:01 +01:00
Itxaka
4cff0323af Depend on immucore-service 
Signed-off-by: Itxaka <itxaka.garcia@spectrocloud.com>
 2023-03-01 12:45:19 +01:00
Itxaka
9c7c27af89 Skip kcrypt on non-immmutable systems 
Disable the module creating any services if the inmutability layer is not gonna run as it makes no sense to load kcrypt if we are not mounting our stuff.

Fixes https://github.com/kairos-io/kairos/issues/642

Signed-off-by: Itxaka <itxaka.garcia@spectrocloud.com>
 2023-03-01 12:44:08 +01:00
Dimitris Karakasilis
fa9eb79998
Merge pull request #11 from kairos-io/bump-go-pluggable 
Bump go-pluggable to show output from kcrypt-challenger when somethin…
 2023-02-08 16:28:12 +02:00
Dimitris Karakasilis
11bfa53dc1
Bump go-pluggable to show output from kcrypt-challenger when something fails 
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2023-02-08 16:15:05 +02:00
Ettore Di Giacinto
930d7433ae
📖 Create README 2023-02-07 12:32:55 +01:00
Dimitris Karakasilis
845f5984b1
Merge pull request #10 from kairos-io/no_challenger 
🌱 Remove challenger traces from here
 2023-01-19 15:25:40 +02:00
mudler
71506ff020 🌱 Remove challenger traces from here 
The challenger has no business logic in here, and kcrypt should just
read what it needs. This goes in parallel with https://github.com/kairos-io/kcrypt-challenger/pull/10
Not blocking each other.

Signed-off-by: mudler <mudler@c3os.io>
 2023-01-19 12:28:46 +01:00
Dimitris Karakasilis
27183fbce7
Merge pull request #9 from kairos-io/399-kcrypt-configuration 
Move from partition_info to config package
 2023-01-18 14:59:49 +02:00
Dimitris Karakasilis
018322ff00
Move from partition_info to config package 
Now the kcrypt configuration will be just a block (`kcrypt`) in the regular
kairos configuration files.

We will use the config mechanism of looking up in multiple directories
becase the old code was only looking at `/oem` but at boot time
(initramfs) the configuration was present in `/sysroot/oem`.

The reason it "worked" was that we had a bug and a sealedvolume was
matching our request simply because we sent an empty UUID/Label/Name
and the sealedvolume had and empty UUID (empty matches empty, right?)

With that fixed on the challenger server side, it became obvious that we
never actually read the partition_info file because we were looking for
it at the wrong place.

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2023-01-18 14:55:25 +02:00
Ettore Di Giacinto
361e1ab817
Merge pull request #7 from kairos-io/fix/umount 
Do not umount oem if we have found it out
 2022-11-23 16:25:16 +01:00
Ettore Di Giacinto
4234ae7034 Incorporating feedback review 2022-11-23 15:11:48 +00:00
Ettore Di Giacinto
193a7da9ee
Update main.go 
Co-authored-by: Dimitris Karakasilis <jimmykarily@gmail.com>
 2022-11-23 16:05:44 +01:00
Ettore Di Giacinto
e0316ade0a Add earthly.sh 2022-11-23 15:16:04 +01:00
Ettore Di Giacinto
1c3a3ac510 Do not fail if we can't find a partition file 2022-11-23 14:09:44 +01:00
Ettore Di Giacinto
641fc6ffa7 Try to run kcrypt directly 2022-11-23 14:01:46 +01:00
Ettore Di Giacinto
214ae51333 Bind it to sysroot 2022-11-23 14:01:46 +01:00
Ettore Di Giacinto
7f397a3459 Try to wait for oem mount instead 2022-11-23 14:01:46 +01:00
Ettore Di Giacinto
b3d7b86591 Do not umount oem if we have found it out 
Signed-off-by: Ettore Di Giacinto <mudler@users.noreply.github.com>
 2022-11-23 14:01:46 +01:00
Ettore Di Giacinto
24240b6421
Merge pull request #8 from kairos-io/dont-hide-errors 
Don't hide there error when it's not about file not existing
 2022-11-23 14:00:57 +01:00
Dimitris Karakasilis
bb144f204a
Don't hide there error when it's not about file not existing 
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-23 14:53:02 +02:00
Dimitris Karakasilis
7d077c9353
Merge pull request #6 from kairos-io/dont-let-mapping-be-nil 
Don't let the mapping be nil when reading an empty file
 2022-11-16 09:30:31 +02:00
Dimitris Karakasilis
0e278a89f0
Don't let the mapping be nil when reading an empty file 
e.g. when we first create it

because it throws this error:

```
panic: assignment to entry in nil map

goroutine 1 [running]:
github.com/kairos-io/kcrypt/pkg/partition_info.PartitionInfo.UpdateMapping({{0xa60325?, 0x18?}, 0x0?}, {0xc000302000?, 0x1?})
	/go/pkg/mod/github.com/kairos-io/kcrypt@v0.4.2/pkg/partition_info/partition_info.go:69 +0x99

```

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-15 19:45:44 +02:00
Dimitris Karakasilis
7310c313ee
Merge pull request #5 from kairos-io/fix-version-bug-and-typpos 
Fix typo in name, bad function call and version of the binary
 2022-11-15 15:13:05 +02:00
Dimitris Karakasilis
b9572125e1
Fix typo in name, bad function call and version of the binary 
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-15 15:09:56 +02:00
Dimitris Karakasilis
44ccb84dfb
Merge pull request #4 from kairos-io/create-info-file-if-not-exists 
Create the partition file if it doesn't exist
 2022-11-15 12:39:00 +02:00
Dimitris Karakasilis
a0a7c1269f
Create the partition file if id doesn't exist 
so that the caller doesn't have to care if it's the first time the
partition is encrypted or not.

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-15 12:17:32 +02:00
Dimitris Karakasilis
14664b6644
Merge pull request #3 from kairos-io/380-return-partition-mapping-data 
Make `kcrypt encrypt` return useful lable/uuid mapping data
 2022-11-11 15:13:16 +02:00
Dimitris Karakasilis
29f22e7f92
Update partition label with the store one before asking for a passphrase 
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-11 13:14:31 +02:00
Dimitris Karakasilis
4a6c79f6a6
Change to a more object-oriented approach 
Now the code can simply initialize a PartitionInfo from a file and then
call LookupUUIDForLabel on it.

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-11 13:06:00 +02:00
Dimitris Karakasilis
8ca95e953b
Add functions to produce a string representation of a partition 
so that we encapsulate all the logic in the same package

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-11 12:11:43 +02:00
Dimitris Karakasilis
c0d6b81b5d
Add github action pipeline to run unit tests 
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-11 11:47:18 +02:00
Dimitris Karakasilis
82c6e8fcd0
Create parition info parsing library 
to be used both here (when trying to find the partition UUID using a
label) and on the kairos side when updating the file after calling
kcrypt to encrypt a partition (which causes the UUID to change).

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-11 10:55:46 +02:00
Dimitris Karakasilis
d84b1ea2c2
Make kcrypt encrypt return useful lable/uuid mapping data 
part of: https://github.com/kairos-io/kairos/issues/380

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
 2022-11-10 16:21:48 +02:00
Ettore Di Giacinto
aa620714a5 Add /oem/system/discovery 2022-10-17 19:15:40 +00:00
Ettore Di Giacinto
c9680590bf Conditionals bring still deps in systemd 
Generate instead of enabling both services
 2022-10-15 21:14:06 +00:00
Ettore Di Giacinto
d496900927 Add online service 2022-10-15 17:17:10 +00:00
Ettore Di Giacinto
4c073ca50c Make mkfs call more compatible 2022-10-15 16:34:18 +00:00
Ettore Di Giacinto
ce6ef0573b Wait mapper to be ready before formatting 2022-10-15 16:19:36 +00:00