Cases have been seen where installing a system node with patches leads
to ostree pull failures with the following error:
"GPG verification enabled, but no signatures found"
The system is not able to configure gpg-verify=false option for the
kickstart remote pull cases.
This update adds the --no-gpg-verify option to the ostree remote add
command in the kickstart so that the kickstart and LAT pull operations
can be gpg unverified. Doing so automatically adds the gpg-verify=false
option to the local ostree_repo/config file.
This update also adds support for of a instgpg=1 install option to
enable gpg verify to the kickstart. This option is not used by default
but could be made to through the modification of system node install
grub menus in the future.
Test Plan:
PASS: Verify AIO DX Install
PASS: Verify controller system node install with an unsigned patch.
PASS: Verify worker system node install with an unsigned patch.
PASS: Verify gpg-verify=false install option is set in controller feed
ostree_repo/config file following the install of a controller.
PASS: Verify update fixes reported issue of trying to install a system
node with an unsigned patch.
PASS: Verify kernel parameter instgpg=1 enables a gpg verified install
and that install fails with the same issue the source bug reports
Regression:
PASS: Verify worker system node install without patch
PASS: Verify controller syustem node install without patch
Closes-Bug: 2077556
Change-Id: I48343e6469bf1dd0ad7f46f0119ec8bfb5f18f26
Signed-off-by: Eric MacDonald <eric.macdonald@windriver.com>
f072dd9a4c