Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bootz skip ownership check #908

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

bootz skip ownership check #908

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
fe6073e
bootz skip ownership check
xw-g Jul 11, 2023
2abba4e
update version
xw-g Jul 11, 2023
4d00898
add reference
xw-g Jul 12, 2023
8c4f1cc
Merge branch 'master' into bootz_skip_ownership
dplore Oct 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 38 additions & 1 deletion release/models/system/openconfig-system-bootz.yang
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,18 @@ module openconfig-system-bootz {
"This module adds configuration and operational state relating to bootz
service running on a network device.";

dplore marked this conversation as resolved.
Show resolved Hide resolved
reference "https://github.com/openconfig/bootz";

oc-ext:openconfig-version "1.0.0";
oc-ext:openconfig-version "1.1.0";
oc-ext:catalog-organization "openconfig";
oc-ext:origin "openconfig";

revision "2023-07-11" {
description
"Introduce the support of skipping ownership validation.";
reference "1.1.0";
}

revision "2023-06-16" {
description
"Creation of bootz state paths needed for the service.";
Expand All @@ -38,15 +45,34 @@ module openconfig-system-bootz {
description
"Bootz protocol container for management of bootz protocol state.";

container config {
description
"Configuration parameters related to bootz service.";
uses validate-ownership;
}

container state {
config false;
description
"Operational state relating to the bootz service.";
uses bootz-state;
uses validate-ownership;
}
}
}

grouping validate-ownership {
description
"Configuration related to ownership validation";
leaf validate-ownership {
type boolean;
default true;
description
"This field controls if the device should validate the ownership in
the next bootz workflow";
Comment on lines +71 to +72
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"This field controls if the device should validate the ownership in
the next bootz workflow";
"This field controls if the device should validate the ownership
voucher as described in the bootz bootstrapping service API
flow.";

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I denied your suggestions, because we need to call it out that it's for next bootz workflow that runs.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was attempting to be more precise on two dimensions:

  • This leaf refers specifically to the bootz bootstrapping service which is a specific step within the bootz API Flow. (although admittedly, the bootz specification specifies a section header as API Flow but then also uses the words 'workflow' occasionally inside the API Flow section, I guess API Flow and Workflow are the same thing?).

  • This setting should be honored for every invocation of the bootstrapping service, not just the 'next' workflow? I guess since the configuration is persistent, the 'next' workflow could be considered all future workflows.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The parent container is Bootz, so the all the leaves here is about the Bootz spec.

}
}

grouping bootz-state {
description
"State parameters required to monitor bootz service.";
Expand Down Expand Up @@ -79,6 +105,7 @@ module openconfig-system-bootz {
enum BOOTZ_CONFIGURATION_APPLIED;
enum BOOTZ_OK;
enum BOOTZ_OV_INVALID;
enum BOOTZ_OV_SKIPPED;
enum BOOTZ_OS_UPGRADE_IN_PROGRESS;
enum BOOTZ_OS_UPGRADE_COMPLETE;
enum BOOTZ_OS_INVALID_IMAGE;
Expand All @@ -91,6 +118,7 @@ module openconfig-system-bootz {
BOOTZ_UNSPECIFIED <- system initial state
BOOTZ_SENT <- bootz request sent
BOOTZ_RECEIVED <- bootz response received
BOOTZ_OV_SKIPPED <- (if configured) OV validation is skipped.
BOOTZ_OS_UPGRADE_IN_PROGRESS <- (if needed)
BOOTZ_OS_UPGRADE_COMPLETE <- (if needed)
BOOTZ_CONFIGURATION_APPLIED <- bootz configuration applied
Expand All @@ -104,6 +132,15 @@ module openconfig-system-bootz {
description
"The timestamp of the last bootz attempt.";
}

leaf ownership-validated {
type boolean;
default false;
description
"This field indicates if the device has succesfully validated the
ownership in the latest bootz workflow.
This field MUST be reset to false when a new bootz workflow starts.";
}
}

augment "/oc-sys:system" {
Expand Down
Loading