fixed sonic installer test issues

sonic-net · Aug 30, 2022 · baa6918 · baa6918
1 parent 311b702
commit baa6918
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 18 deletions.
diff --git a/sonic_installer/bootloader/grub.py b/sonic_installer/bootloader/grub.py
@@ -153,6 +153,16 @@ def verify_image_platform(self, image_path):
         # Check if platform is inside image's target platforms
         return self.platform_in_platforms_asic(platform, image_path)
 
+    def verify_image_sign(self, image_path):
+        verification_script_name = 'verify_image_sign.sh'
+        script_path = os.path.join('/usr', 'local', 'bin', verification_script_name)
+        if not os.path.exists(script_path):
+            click.echo("Unable to find verification script in path " + script_path)
+            return False
+        verification_result = subprocess.run([script_path, image_path], capture_output=True)
+        click.echo(str(verification_result.stdout) + " " + str(verification_result.stderr))
+        return verification_result.returncode == 0
+
     @classmethod
     def detect(cls):
         return os.path.isfile(os.path.join(HOST_PATH, 'grub/grub.cfg'))
diff --git a/sonic_installer/main.py b/sonic_installer/main.py
@@ -570,7 +570,7 @@ def install(url, force, skip_platform_check=False, skip_migration=False, skip_pa
 
         # Calling verification script by default - signature will be checked if enabled in bios
         echo_and_log("Verifing image {} signature...".format(binary_image_version))
-        if not _verify_signature(image_path):
+        if not bootloader.verify_image_sign(image_path):
             echo_and_log('Error: Failed verify image signature', LOG_ERR)
             raise click.Abort()
         else:
@@ -959,22 +959,5 @@ def verify_next_image():
     click.echo('Image successfully verified')
 
 
-def _verify_signature(image_path):
-    verification_script_name = 'verify_image_sign.sh'
-    script_path = os.path.join('/usr', 'local', 'bin', verification_script_name)
-    if not os.path.exists(script_path):
-        script_path = os.path.join(os.path.dirname(__file__), '..', 'scripts', verification_script_name)
-        if not os.path.exists(script_path):
-            echo_and_log("Unable to find verification script")
-            return False
-    verification_result = subprocess.Popen([script_path, image_path], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    stdout, stderr = verification_result.communicate()
-    if verification_result.returncode != 0:
-        echo_and_log(str(stdout) + " " + str(stderr), LOG_ERR)
-    else:
-        echo_and_log(str(stdout) + " " + str(stderr))
-    return verification_result.returncode == 0
-
-
 if __name__ == '__main__':
     sonic_installer()
diff --git a/tests/test_sonic_installer.py b/tests/test_sonic_installer.py
@@ -31,6 +31,7 @@ def test_install(run_command, run_command_or_raise, get_bootloader, swap, fs):
     mock_bootloader.get_binary_image_version = Mock(return_value=new_image_version)
     mock_bootloader.get_installed_images = Mock(return_value=[current_image_version])
     mock_bootloader.get_image_path = Mock(return_value=new_image_folder)
+    mock_bootloader.verify_image_sign = Mock(return_value=True)
 
     @contextmanager
     def rootfs_path_mock(path):