From 51ea0c95eabe8dd15493dd719b8ee34079ef3bb1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Harald=20Jens=C3=A5s?= <hjensas@redhat.com>
Date: Mon, 29 Nov 2021 18:43:05 +0100
Subject: [PATCH] Fix name of iPXE efi bootrom

In change Ia30aff290ec24972f387612851f8f630ddc9403b
the file in tftproot was renamed from ipxe.efi to
snponly.efi. Later in the filename was parameterized
in change I565e3ae6388812c358e86fac49b17e0cce97b9df.

The dnsmasq DHCP configuration was not updated to
point to use the new filename, nor the parameter.

This change adds 'uefi_ipxe_bootfile_name' to
ironic::pxe::common, updates the other manifests to
use ironic::pxe::common::uefi_ipxe_bootfile_name if
set.

Also add the 'uefi_ipxe_bootfile_name' parameter to
the ironic::inspector class and update the dnsmasq
DHCP tempalte to use the parameter.

Closes-Bug: #1952652
Change-Id: I1b3ccd8ad8f3ce66c66c58b1dfdca158d749c287
---
 manifests/drivers/pxe.pp                         |  7 ++++---
 manifests/inspector.pp                           | 16 ++++++++++++----
 manifests/pxe.pp                                 |  3 ++-
 manifests/pxe/common.pp                          | 13 +++++++++----
 ...uefi-ipxe-boot-filename-83fefc1e48ea7f4f.yaml |  8 ++++++++
 spec/classes/ironic_inspector_spec.rb            |  8 ++++++++
 templates/inspector_dnsmasq_http.erb             |  4 ++--
 7 files changed, 45 insertions(+), 14 deletions(-)
 create mode 100644 releasenotes/notes/fix-inspector-dnsmasq-uefi-ipxe-boot-filename-83fefc1e48ea7f4f.yaml

diff --git a/manifests/drivers/pxe.pp b/manifests/drivers/pxe.pp
index 6b5fc66f..00c19879 100644
--- a/manifests/drivers/pxe.pp
+++ b/manifests/drivers/pxe.pp
@@ -166,8 +166,9 @@ class ironic::drivers::pxe (
 
   include ironic::deps
   include ironic::pxe::common
-  $tftp_root_real    = pick($::ironic::pxe::common::tftp_root, $tftp_root)
-  $ipxe_timeout_real = pick($::ironic::pxe::common::ipxe_timeout, $ipxe_timeout)
+  $tftp_root_real               = pick($::ironic::pxe::common::tftp_root, $tftp_root)
+  $ipxe_timeout_real            = pick($::ironic::pxe::common::ipxe_timeout, $ipxe_timeout)
+  $uefi_ipxe_bootfile_name_real = pick($::ironic::pxe::common::uefi_ipxe_bootfile_name, $uefi_ipxe_bootfile_name)
 
   if $ipxe_enabled != undef {
     warning('The ironic::drivers::pxe::ipxe_enabled parameter is deprecated and has no effect.')
@@ -201,7 +202,7 @@ Use the kernel_append_params parameter instead')
     'pxe/instance_master_path': value      => $instance_master_path;
     'pxe/uefi_pxe_bootfile_name': value    => $uefi_pxe_bootfile_name;
     'pxe/uefi_pxe_config_template': value  => $uefi_pxe_config_template;
-    'pxe/uefi_ipxe_bootfile_name': value   => $uefi_ipxe_bootfile_name;
+    'pxe/uefi_ipxe_bootfile_name': value   => $uefi_ipxe_bootfile_name_real;
     'pxe/ipxe_timeout': value              => $ipxe_timeout_real;
     'pxe/boot_retry_timeout': value        => $boot_retry_timeout;
     'pxe/boot_retry_check_interval': value => $boot_retry_check_interval;
diff --git a/manifests/inspector.pp b/manifests/inspector.pp
index 871f0c62..db863f52 100644
--- a/manifests/inspector.pp
+++ b/manifests/inspector.pp
@@ -184,6 +184,12 @@
 #   Example: {'10.10.10.0/24' => 'physnet_a', '2001:db8::/64' => 'physnet_b'}
 #   Defaults to {}
 #
+# [*uefi_ipxe_bootfile_name*]
+#   (optional) Name of efi file used to boot servers with iPXE + UEFI. This
+#   should be consistent with the uefi_ipxe_bootfile_name parameter in pxe
+#   driver.
+#   Defaults to 'snponly.efi'
+#
 # DEPRECATED PARAMETERS
 #
 # [*swift_auth_type*]
@@ -300,6 +306,7 @@ class ironic::inspector (
   $enable_ppc64le                  = false,
   $default_transport_url           = 'fake://',
   $port_physnet_cidr_map           = {},
+  $uefi_ipxe_bootfile_name         = 'snponly.efi',
   # DEPRECATED PARAMETERS
   $swift_auth_type                 = undef,
   $swift_username                  = undef,
@@ -347,10 +354,11 @@ Use ironic::inspector::ironic::endpoint_override instead.')
     include ironic::inspector::authtoken
   }
 
-  $tftp_root_real    = pick($::ironic::pxe::common::tftp_root, $tftp_root)
-  $http_root_real    = pick($::ironic::pxe::common::http_root, $http_root)
-  $http_port_real    = pick($::ironic::pxe::common::http_port, $http_port)
-  $ipxe_timeout_real = pick($::ironic::pxe::common::ipxe_timeout, $ipxe_timeout)
+  $tftp_root_real               = pick($::ironic::pxe::common::tftp_root, $tftp_root)
+  $http_root_real               = pick($::ironic::pxe::common::http_root, $http_root)
+  $http_port_real               = pick($::ironic::pxe::common::http_port, $http_port)
+  $ipxe_timeout_real            = pick($::ironic::pxe::common::ipxe_timeout, $ipxe_timeout)
+  $uefi_ipxe_bootfile_name_real = pick($::ironic::pxe::common::uefi_ipxe_bootfile_name, $uefi_ipxe_bootfile_name)
 
   file { '/etc/ironic-inspector/inspector.conf':
     ensure  => 'present',
diff --git a/manifests/pxe.pp b/manifests/pxe.pp
index ce37c0cf..978c5367 100644
--- a/manifests/pxe.pp
+++ b/manifests/pxe.pp
@@ -88,6 +88,7 @@ class ironic::pxe (
   $tftp_root_real = pick($::ironic::pxe::common::tftp_root, $tftp_root)
   $http_root_real = pick($::ironic::pxe::common::http_root, $http_root)
   $http_port_real = pick($::ironic::pxe::common::http_port, $http_port)
+  $uefi_ipxe_bootfile_name_real = pick($::ironic::pxe::common::uefi_ipxe_bootfile_name, $uefi_ipxe_bootfile_name)
 
   if $::os['family'] == 'RedHat' {
     $arch = "-${::os['architecture']}"
@@ -242,7 +243,7 @@ class ironic::pxe (
     tag     => 'ironic-tftp-file',
   }
 
-  file { "${tftp_root_real}/${uefi_ipxe_bootfile_name}":
+  file { "${tftp_root_real}/${uefi_ipxe_bootfile_name_real}":
     ensure  => 'file',
     seltype => 'tftpdir_t',
     owner   => 'ironic',
diff --git a/manifests/pxe/common.pp b/manifests/pxe/common.pp
index 52b43a82..712b0b71 100644
--- a/manifests/pxe/common.pp
+++ b/manifests/pxe/common.pp
@@ -37,11 +37,16 @@
 #   (optional) ipxe timeout in second. Should be an integer.
 #   Defaults to undef.
 #
+# [*uefi_ipxe_bootfile_name*]
+#   (optional) Name of efi file used to boot servers with iPXE + UEFI.
+#   Defaults to undef.
+#
 class ironic::pxe::common (
-  $tftp_root        = undef,
-  $http_root        = undef,
-  $http_port        = undef,
-  $ipxe_timeout     = undef,
+  $tftp_root               = undef,
+  $http_root               = undef,
+  $http_port               = undef,
+  $ipxe_timeout            = undef,
+  $uefi_ipxe_bootfile_name = undef,
 ) {
   include ironic::deps
 }
diff --git a/releasenotes/notes/fix-inspector-dnsmasq-uefi-ipxe-boot-filename-83fefc1e48ea7f4f.yaml b/releasenotes/notes/fix-inspector-dnsmasq-uefi-ipxe-boot-filename-83fefc1e48ea7f4f.yaml
new file mode 100644
index 00000000..e0451c24
--- /dev/null
+++ b/releasenotes/notes/fix-inspector-dnsmasq-uefi-ipxe-boot-filename-83fefc1e48ea7f4f.yaml
@@ -0,0 +1,8 @@
+---
+fixes:
+  - |
+    Fixed an issue where dnsmasq DHCP configuration for ironic-
+    inspector would point to the wrong UEFI iPXE bootfile. See
+    bug: `1952652
+    <https://bugs.launchpad.net/puppet-ironic/+bug/1952652>`_.
+
diff --git a/spec/classes/ironic_inspector_spec.rb b/spec/classes/ironic_inspector_spec.rb
index 8ecf95e4..1330ef29 100644
--- a/spec/classes/ironic_inspector_spec.rb
+++ b/spec/classes/ironic_inspector_spec.rb
@@ -242,6 +242,7 @@ describe 'ironic::inspector' do
           :always_store_ramdisk_logs   => true,
           :port_physnet_cidr_map       => {'192.168.20.0/24' => 'physnet_a',
                                            '2001:db8::/64' => 'physnet_b'},
+          :uefi_ipxe_bootfile_name     => 'otherpxe.efi',
         )
       end
       it 'should replace default parameter with new value' do
@@ -291,6 +292,13 @@ describe 'ironic::inspector' do
         is_expected.not_to contain_file('/etc/ironic-inspector/dnsmasq.conf').with_content(
             /dhcp-sequential-ip/
         )
+        is_expected.to contain_file('/etc/ironic-inspector/dnsmasq.conf').with_content(
+            /dhcp-boot=tag:efi,tag:!ipxe,otherpxe.efi/
+        )
+        is_expected.to contain_file('/etc/ironic-inspector/dnsmasq.conf').with_content(
+            /dhcp-option=tag:efi6,tag:!ipxe6,option6:bootfile-url,tftp:\/\/.*\/otherpxe.efi/
+        )
+
       end
       it 'should contain file /var/www/httpboot/inspector.ipxe' do
         is_expected.to contain_file('/var/www/httpboot/inspector.ipxe').with(
diff --git a/templates/inspector_dnsmasq_http.erb b/templates/inspector_dnsmasq_http.erb
index 37c8af86..71fb6893 100644
--- a/templates/inspector_dnsmasq_http.erb
+++ b/templates/inspector_dnsmasq_http.erb
@@ -54,8 +54,8 @@ dhcp-userclass=set:ipxe6,iPXE
 dhcp-boot=tag:ipxe,http://<%= @dnsmasq_local_ip_real %>:<%= @http_port_real %>/inspector.ipxe
 dhcp-option=tag:ipxe6,option6:bootfile-url,http://<%= @dnsmasq_local_ip_real %>:<%= @http_port_real %>/inspector.ipxe
 # Client is PXE booting over EFI without iPXE ROM; send EFI version of iPXE chainloader
-dhcp-boot=tag:efi,tag:!ipxe,ipxe.efi
-dhcp-option=tag:efi6,tag:!ipxe6,option6:bootfile-url,tftp://<%= @dnsmasq_local_ip_real %>/ipxe.efi
+dhcp-boot=tag:efi,tag:!ipxe,<%= @uefi_ipxe_bootfile_name_real %>
+dhcp-option=tag:efi6,tag:!ipxe6,option6:bootfile-url,tftp://<%= @dnsmasq_local_ip_real %>/<%= @uefi_ipxe_bootfile_name_real %>
 # Client is running PXE over BIOS; send BIOS version of iPXE chainloader
 dhcp-boot=undionly.kpxe,localhost.localdomain,<%= @dnsmasq_local_ip %>
 <% if @dnsmasq_dhcp_hostsdir %>