metropolis/node: fix non-secure TPM/storage policy codepaths
This fixes enoug things to pass manually ran E2E tests with the initial
cluster confiugration changed to a number of possible combinations
(with/without TPM, with authenticated/encrypted/insecure storage).
These should, of course, be automatically tested. However, that is
pending on the extension of E2E test system that will let it run
long-term tests against real clusters. Otherwise we'd just waste tons of
time running the entire matrix of possible combinations on every CR.
Change-Id: I71a56f9a31c738ee2b2d4dfa10d2a58fd5cb0554
Reviewed-on: https://review.monogon.dev/c/monogon/+/1810
Tested-by: Jenkins CI
Reviewed-by: Tim Windelschmidt <tim@monogon.tech>
diff --git a/metropolis/node/core/cluster/cluster.go b/metropolis/node/core/cluster/cluster.go
index 529120b..9cc3f6b 100644
--- a/metropolis/node/core/cluster/cluster.go
+++ b/metropolis/node/core/cluster/cluster.go
@@ -74,7 +74,7 @@
close(m.oneway)
// Try sealed configuration first.
- configuration, err := m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal()
+ configuration, err := m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal(cpb.NodeTPMUsage_NODE_TPM_PRESENT_AND_USED)
if err == nil {
supervisor.Logger(ctx).Info("Sealed configuration present. attempting to join cluster")
@@ -88,11 +88,11 @@
return m.join(ctx, configuration, cd, true)
}
- if !errors.Is(err, localstorage.ErrNoSealed) {
+ if !errors.Is(err, localstorage.ErrNoSealed) && !errors.Is(err, localstorage.ErrSealedCorrupted) {
return fmt.Errorf("unexpected sealed config error: %w", err)
}
- configuration, err = m.storageRoot.ESP.Metropolis.SealedConfiguration.ReadUnsafe()
+ configuration, err = m.storageRoot.ESP.Metropolis.SealedConfiguration.Unseal(cpb.NodeTPMUsage_NODE_TPM_NOT_PRESENT)
if err == nil {
supervisor.Logger(ctx).Info("Non-sealed configuration present. attempting to join cluster")