35coreos-ignition: skip reboot if changed kargs match current boot

overlay.d/05core/usr/lib/dracut/modules.d/35coreos-ignition/coreos-kargs.sh

@@ -1,12 +1,65 @@
 #!/bin/bash
 set -euo pipefail
 
+
+# There are a few cases we need to handle here. To illustrate this
+# we'll use scenarios below where:
+#
+# - "booted":   The kernel arguments from the currently booting system.
+# - "ignition": The kernel arguments in the Ignition configuration.
+# - "bls":      The kernel arguments currently baked into the disk
+#               image BLS configs.
+#
+# The scenarios are:
+#
+# A.
+#   - Scenario:
+#       - booted: ""
+#       - ignition: "foobar"
+#       - bls: ""
+#   - Action: -> Update BLS configs, perform reboot
+# B.
+#   - Scenario:
+#       - booted: "foobar"
+#       - ignition: "foobar"
+#       - bls: ""
+#   - Action: -> Update BLS configs, skip reboot
+# C.
+#   - Scenario:
+#       - booted: ""
+#       - ignition: "foobar"
+#       - bls: "foobar"
+#   - Action: -> Skip update of BLS configs (they match already), perform reboot
+#
+# The logic here boils down to:
+#   if "ignition" != "booted"; then needreboot=1; fi
+#   if "ignition" != "bls"; then updatebls(); fi
+
+# NOTE: we write info messages to kmsg here because stdout gets swallowed
+#       by Ignition if there is no failure. This forces the info into the
+#       journal, but sometimes the journal will miss these messages because
+#       of ratelimiting. We've decided to accept this limitation rather than
+#       add the systemd-cat or logger utlities to the initramfs.
+
+# If the desired state isn't reflected by the current boot we'll need to reboot.
+/usr/bin/rdcore kargs --current --create-if-changed /run/coreos-kargs-reboot "$@"
+if [ -e /run/coreos-kargs-reboot ]; then
+    msg="Desired kernel arguments don't match current boot. Requesting reboot."
+    echo "$msg" > /dev/kmsg
+fi
+
 if is-live-image; then
-    /usr/bin/rdcore kargs --current --create-if-changed /run/coreos-kargs-changed "$@"
-    if [ -e /run/coreos-kargs-changed ]; then
+	# If we're in a live system and the kargs don't match then we must error.
+    if [ -e /run/coreos-kargs-reboot ]; then
+        # Since we exit with error here the stderr will get shown by Ignition
         echo "Need to modify kernel arguments, but cannot affect live system." >&2
         exit 1
     fi
 else
-    /usr/bin/rdcore kargs --boot-device /dev/disk/by-label/boot --create-if-changed /run/coreos-kargs-reboot "$@"
+    # Update the BLS configs if they need to be updated.
+    /usr/bin/rdcore kargs --boot-device /dev/disk/by-label/boot --create-if-changed /run/coreos-kargs-changed "$@"
+    if [ -e /run/coreos-kargs-changed ]; then
+        msg="Kernel arguments in BLS config were updated."
+        echo "$msg" > /dev/kmsg
+    fi
 fi

tests/kola/ignition/kargs/basic/config.bu

@@ -0,0 +1,7 @@
+variant: fcos
+version: 1.4.0
+kernel_arguments:
+  should_exist:
+    - foobar
+  should_not_exist:
+    - mitigations=auto,nosmt

tests/kola/ignition/kargs/basic/data/commonlib.sh

@@ -0,0 +1 @@
+../../../../data/commonlib.sh

tests/kola/ignition/kargs/basic/test.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+# TODO: Doc
+
+set -xeuo pipefail
+# This test runs on all platforms and verifies Ignition kernel argument setting.
+
+. $KOLA_EXT_DATA/commonlib.sh
+
+kargchecks() {
+    if ! grep foobar /proc/cmdline; then
+        fatal "missing foobar in kernel cmdline"
+    fi
+    if grep mitigations /proc/cmdline; then
+        fatal "found mitigations in kernel cmdline"
+    fi
+}
+
+case "${AUTOPKGTEST_REBOOT_MARK:-}" in
+  "")
+      kargchecks
+      # Now reboot the machine and verify the kernel argument persists
+      /tmp/autopkgtest-reboot nextboot
+      ;;
+  nextboot)
+      kargchecks
+      ;;
+  *) fatal "unexpected mark: ${AUTOPKGTEST_REBOOT_MARK}";;
+esac
+
+ok "Ignition kargs"

tests/kola/ignition/kargs/skipreboot/config.bu

@@ -0,0 +1,5 @@
+variant: fcos
+version: 1.4.0
+kernel_arguments:
+  should_exist:
+    - foobar

tests/kola/ignition/kargs/skipreboot/data/commonlib.sh

@@ -0,0 +1 @@
+../../../../data/commonlib.sh

tests/kola/ignition/kargs/skipreboot/test.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+set -xeuo pipefail
+# kola: { "platforms": "qemu", "appendFirstbootKernelArgs": "foobar" }
+# This test verifies that if a kernel argument that is set as "should_exist"
+# in the Ignition config already exists on the kernel command line of the machine
+# then we can skip the reboot when applying kernel arguments but we must still
+# update the BLS configs to make it permanent. This is Scenario B from
+# the documentation in 35coreos-ignition/coreos-kargs.sh.
+#
+# - platforms: qemu
+#   - appendFirstbootKernelArgs is only supported on qemu.
+# - appendFirstbootKernelArgs: foobar
+#   - The kernel argument to apply transiently only on the first boot.
+
+. $KOLA_EXT_DATA/commonlib.sh
+
+kargchecks() {
+    if ! grep foobar /proc/cmdline; then
+        fatal "missing expected kernel arg in kernel cmdline"
+    fi
+    if ! grep foobar /boot/loader/entries/*.conf; then
+        fatal "missing expected kernel arg in BLS config"
+    fi
+}
+
+case "${AUTOPKGTEST_REBOOT_MARK:-}" in
+  "")
+      kargchecks
+      # If this file exists then reboot was skipped. See
+      # 35coreos-ignition/coreos-kargs.sh
+      if [ ! -e /run/coreos-kargs-changed ]; then
+          fatal "missing file that should exist if no reboot happened"
+      fi
+      # Now reboot the machine and verify the kernel argument persists
+      /tmp/autopkgtest-reboot nextboot
+      ;;
+  nextboot)
+      kargchecks
+      ;;
+  *) fatal "unexpected mark: ${AUTOPKGTEST_REBOOT_MARK}";;
+esac
+
+ok "Ignition kargs skip reboot"