Disable Key Validation feature during sonic-installation for Cisco Pl…

…atforms (sonic-net#3115) Disabling key validation feature in grub file as its not yet supported for Cisco platforms What I did Check if the platform we are installing the image on is a Cisco platform Return success if it is so we are on Cisco platform. This way, we do not perform signature verification as this feature is not yet supported on our platforms. How I did it Modified sonic-installer grub.py code
mssonicbld · Feb 2, 2024 · 61e04c1 · 61e04c1
1 parent be6224a
commit 61e04c1
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/sonic_installer/bootloader/grub.py b/sonic_installer/bootloader/grub.py
@@ -157,7 +157,10 @@ def is_secure_upgrade_image_verification_supported(self):
 
         check_if_verification_is_enabled_and_supported_code = '''
         SECURE_UPGRADE_ENABLED=0
-        if [ -d "/sys/firmware/efi/efivars" ]; then
+        #Disabling the check for cisco-8000 platforms as platform-side support is not ready yet. This will be removed once platform
+        #support is added.
+        ASIC_TYPE=$(sonic-cfggen -y /etc/sonic/sonic_version.yml -v asic_type)
+        if [ -d "/sys/firmware/efi/efivars" ] && [[ ${ASIC_TYPE} != *"cisco-8000"* ]]; then
             if ! [ -n "$(ls -A /sys/firmware/efi/efivars 2>/dev/null)" ]; then
                 mount -t efivarfs none /sys/firmware/efi/efivars 2>/dev/null
             fi