Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / bdc803b54b55b61bb07cd75ba966320e42a9c3b7^! / . / metropolis / cli / metroctl / cmd_install.go
commitbdc803b54b55b61bb07cd75ba966320e42a9c3b7[log] [tgz]
authorSerge Bazanski <serge@monogon.tech>Mon Mar 27 10:55:09 2023 +0200
committerSerge Bazanski <serge@monogon.tech>Tue Apr 18 08:20:57 2023 +0000
tree9313f3d0c542c80150301718ca94ed3e2a143b84
parentb78919e7708904f042756e280015786caecf668c [diff] [blame]
metroctl: allow picking cluster TPM mode on bootstrap

Change-Id: I3822a0daabdae381e817b0d52b50173889967ec8
Reviewed-on: https://review.monogon.dev/c/monogon/+/1496
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI

diff --git a/metropolis/cli/metroctl/cmd_install.go b/metropolis/cli/metroctl/cmd_install.go
index e43e07c..62be34f 100644
--- a/metropolis/cli/metroctl/cmd_install.go
+++ b/metropolis/cli/metroctl/cmd_install.go

@@ -8,6 +8,7 @@
 	"io"
 	"log"
 	"os"
+	"strings"
 
 	"github.com/spf13/cobra"
 
@@ -15,6 +16,7 @@
 	clicontext "source.monogon.dev/metropolis/cli/pkg/context"
 	"source.monogon.dev/metropolis/cli/pkg/datafile"
 	"source.monogon.dev/metropolis/proto/api"
+	cpb "source.monogon.dev/metropolis/proto/common"
 )
 
 var installCmd = &cobra.Command{
@@ -38,10 +40,24 @@
 // the --endpoints flag.
 var bootstrap bool
 
+var bootstrapTPMMode string
+
 //go:embed metropolis/installer/kernel.efi
 var installer []byte
 
 func doGenUSB(cmd *cobra.Command, args []string) {
+	var tpmMode cpb.ClusterConfiguration_TPMMode
+	switch strings.ToLower(bootstrapTPMMode) {
+	case "required", "require":
+		tpmMode = cpb.ClusterConfiguration_TPM_MODE_REQUIRED
+	case "best-effort", "besteffort":
+		tpmMode = cpb.ClusterConfiguration_TPM_MODE_BEST_EFFORT
+	case "disabled", "disable":
+		tpmMode = cpb.ClusterConfiguration_TPM_MODE_DISABLED
+	default:
+		log.Fatalf("Invalid --bootstrap-tpm-mode (must be one of: required, best-effort, disabled)")
+	}
+
 	var bundleReader io.Reader
 	var bundleSize uint64
 	if bundlePath == nil || *bundlePath == "" {
@@ -84,6 +100,9 @@
 			Cluster: &api.NodeParameters_ClusterBootstrap_{
 				ClusterBootstrap: &api.NodeParameters_ClusterBootstrap{
 					OwnerPublicKey: pub,
+					InitialClusterConfiguration: &cpb.ClusterConfiguration{
+						TpmMode: tpmMode,
+					},
 				},
 			},
 		}
@@ -129,5 +148,6 @@
 	rootCmd.AddCommand(installCmd)
 
 	genusbCmd.Flags().BoolVar(&bootstrap, "bootstrap", false, "Create a bootstrap installer image.")
+	genusbCmd.Flags().StringVar(&bootstrapTPMMode, "bootstrap-tpm-mode", "required", "TPM mode to set on cluster (required, best-effort, disabled)")
 	installCmd.AddCommand(genusbCmd)
 }