When invoking kvm-test.py, one can pass the --with-tpm2 option so that
we emulate a TPM and make it available in the guest.
This requires the swtpm package which is available in jammy and more
recent versions of Ubuntu.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Attempt to load autoinstall from
/run/cloud-init/combined-cloud-config.json first, if present.
Fallback to existing methods, which requires that cloud-init in the snap
is able to unpickle the data created by cloud-init outside the snap.
See also LP: #2022102.
The app command runner already knows if we're dry-run or not, so move to
that. This allows us to skip more command runs, in particular
`journalctl -b`. For my current reboot the integration tests run in
half the time!
Even if we are going to ignore a mountpoint, we still need to process
its children...
Add machine config where the installer is running from a partition of a
disk you might want to install to, and an api test.
When cloudinit.features.NETPLAN_CONFIG_ROOT_READ_ONLY is True,
cloud-init will write /etc/netplan/50-cloud-init.yaml as read-only
root.
This added security allows for subiquity to use cloud-init's
network renderer directly allowing both datasource and network
configuration passed in one place.
Read cloud-init features from
/run/cloud-init/combined-cloud-config.json when present.
Any netplan wifi configuration can be specified in a single
root-read-only network config file
/etc/cloud/cloud.cfg.d/90-installer-network.cfg instead of
having a separate config file for wifi, which could contain
credentials.
This simplifies golden image creation from images installed using
subiquity because image builders will not need to track down and
purge separate /etc/netplan/00-installer-config.yaml and
/etc/netplan/subiquity-disable-cloudinit-networking.cfg when preparing
a golden image.
Eventually, netplan config validation and cloudinit will support
separation of sensitive configuration by cloud-init without needing
to pre-categorize sensitive information.
This will allow cloud-init to grow to ability to write separate
world-readable configuration from config which is security sensitive
with no change needed in subiquity.