kernel-snap: fail-on-resource job kernel extract

A job that explicit fails if the force-kernel-extraction flag is missing (implemented as a file in the kernel snap). This test should be considered for inclusion in UC16/18 projects that use FDE.
author: Jonathan Cave <jonathan.cave@canonical.com> 2019-10-08 13:32:48 +0100
committer: Jonathan Cave <jonathan.cave@canonical.com> 2019-10-08 13:45:40 +0100
commit: b5c98c3cb6a6289c79f7ce61e018a1958fe192e9 (patch)
tree: 38abf6b26047d64e5df8a2edac9c704107b035f8 /units
parent: 26cc8a96b718ffde13d57965279f6869a3adf710 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/units/kernel-snap/jobs.pxu b/units/kernel-snap/jobs.pxu
index 5b573fd4..ddc35818 100644
--- a/units/kernel-snap/jobs.pxu
+++ b/units/kernel-snap/jobs.pxu
@@ -1,4 +1,19 @@
 
+id: kernel-snap/force-kernel-extraction
+category_id: kernel-snap
+_summary: Kernel snap contains force-kernel-extraction flag
+_description:
+ In Ubuntu Core 16 & Ubuntu Core 18 images for devices using Full Disk
+ Encryption it is necessary to inform snapd that when a kernel snap is
+ refreshed the kernel image should be extracted and placed in the boot
+ partition.
+flags: simple fail-on-resource
+command: echo "force-kernel-extraction file found in kernel snap"
+imports:
+ from com.canonical.certification import ubuntu_core_features
+requires:
+ ubuntu_core_features.force_kernel_extraction == 'True'
+
 id: kernel-snap/booted-kernel-matches-current
 category_id: kernel-snap
 _summary: The booted kernel image matches image in current kernel snap
author	Jonathan Cave <jonathan.cave@canonical.com>	2019-10-08 13:32:48 +0100
committer	Jonathan Cave <jonathan.cave@canonical.com>	2019-10-08 13:45:40 +0100
commit	b5c98c3cb6a6289c79f7ce61e018a1958fe192e9 (patch)
tree	38abf6b26047d64e5df8a2edac9c704107b035f8 /units
parent	26cc8a96b718ffde13d57965279f6869a3adf710 (diff)