Stop adding `rd.luks.key=/etc/luks/cex.key` for CEX support in sugar/config and move logic to `rdcore rootmap`

Right now (or soon), when CEX is enabled in the `boot_device` sugar, the user also has to add an `rd.luks.key` karg using either an Ignition karg (on non-OpenShift variants), or an OpenShift/MCO-level karg (on OpenShift; those are different right now -- the MCO has its own kargs logic and doesn't yet use Ignition kargs for first boot).

This unnecessarily incurs an additional reboot (in the case of non-OpenShift variants, upfront, in the case of OpenShift variants, by the MCO). Instead, we should probably have `rdcore rootmap` inject this karg like [it does other LUKS-related kargs](https://github.com/coreos/coreos-installer/blob/04f3e5f4c2effbc7ac6d017721ddd7b87d19b70e/src/bin/rdcore/rootmap.rs#L153).

See:
- https://github.com/coreos/butane/pull/605
- https://github.com/coreos/butane/pull/610
- https://coreos.github.io/ignition/migrating-configs/#luks-cex
- https://coreos.github.io/butane/upgrading-fcos/#luks-cex-support

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Stop adding `rd.luks.key=/etc/luks/cex.key` for CEX support in sugar/config and move logic to `rdcore rootmap` #613

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Stop adding rd.luks.key=/etc/luks/cex.key for CEX support in sugar/config and move logic to rdcore rootmap #613

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Stop adding `rd.luks.key=/etc/luks/cex.key` for CEX support in sugar/config and move logic to `rdcore rootmap` #613