Disable Key Validation feature during sonic-installation for Cisco Pl…

…atforms (sonic-net#3115) Disabling key validation feature in grub file as its not yet supported for Cisco platforms What I did Check if the platform we are installing the image on is a Cisco platform Return success if it is so we are on Cisco platform. This way, we do not perform signature verification as this feature is not yet supported on our platforms. How I did it Modified sonic-installer grub.py code
ayurkiv-nvda · Jan 20, 2024 · 83a548d · 83a548d
1 parent 93c4227
commit 83a548d
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/sonic_installer/bootloader/grub.py b/sonic_installer/bootloader/grub.py
@@ -157,7 +157,10 @@ def is_secure_upgrade_image_verification_supported(self):
 
         check_if_verification_is_enabled_and_supported_code = '''
         SECURE_UPGRADE_ENABLED=0
-        if [ -d "/sys/firmware/efi/efivars" ]; then
+        #Disabling the check for cisco-8000 platforms as platform-side support is not ready yet. This will be removed once platform
+        #support is added.
+        ASIC_TYPE=$(sonic-cfggen -y /etc/sonic/sonic_version.yml -v asic_type)
+        if [ -d "/sys/firmware/efi/efivars" ] && [[ ${ASIC_TYPE} != *"cisco-8000"* ]]; then
             if ! [ -n "$(ls -A /sys/firmware/efi/efivars 2>/dev/null)" ]; then
                 mount -t efivarfs none /sys/firmware/efi/efivars 2>/dev/null
             fi