fido-device-onboard · yih-redhat · Nov 3, 2025
diff --git a/.packit.yaml b/.packit.yaml
@@ -118,8 +118,15 @@ jobs:
   # because they are the only ones officially released with golang >= 1.25.0
   - job: tests
     trigger: pull_request
-    identifier: e2e-fedora
-    tmt_plan: test/fmf/plans/e2e
+    identifier: rpm-e2e-fedora
+    tmt_plan: test/fmf/plans/rpm-e2e
+    packages: [go-fdo-server-fedora]
+    targets: *copr_fedora_targets
+
+  - job: tests
+    trigger: pull_request
+    identifier: bootc-e2e-fedora
+    tmt_plan: test/fmf/plans/bootc-e2e
     packages: [go-fdo-server-fedora]
     targets: *copr_fedora_targets
 
@@ -155,7 +162,7 @@ jobs:
   #
   - job: tests
     trigger: pull_request
-    identifier: e2e-centos
-    tmt_plan: test/fmf/plans/e2e
+    identifier: rpm-e2e-centos
+    tmt_plan: test/fmf/plans/rpm-e2e
     packages: [go-fdo-server-centos]
     targets: *copr_centos_targets
diff --git a/test/bootc/test-onboarding.sh b/test/bootc/test-onboarding.sh
@@ -0,0 +1,110 @@
+#!/bin/bash
+set -euox pipefail
+
+# Import util functions
+source "$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)/utils.sh"
+
+# Configuration
+ssh_options=(-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=5)
+ssh_key="id_rsa"
+sudo ssh-keygen -f id_rsa -N "" -q -t rsa-sha2-256 -b 2048 <<< y
+ssh_key_pub=$(cat "${ssh_key}.pub")
+manufacturer_ip="192.168.100.1"
+rendezvous_ip="192.168.100.1"
+owner_ip="192.168.100.1"
+
+source /etc/os-release
+log_info "Detected OS: ${ID} ${VERSION_ID}"
+
+case "${ID}-${VERSION_ID}" in
+    "fedora-43")
+        os_variant="fedora-unknown"
+        base_image_url="quay.io/fedora/fedora-bootc:43"
+        bib_url="quay.io/centos-bootc/bootc-image-builder:latest"
+        boot_args="uefi"
+        ;;
+    "fedora-44")
+        os_variant="fedora-rawhide"
+        base_image_url="quay.io/fedora/fedora-bootc:44"
+        bib_url="quay.io/centos-bootc/bootc-image-builder:latest"
+        boot_args="uefi"
+        ;;
+    "centos-9")
+        os_variant="centos-stream9"
+        base_image_url="quay.io/centos-bootc/centos-bootc:stream9"
+        bib_url="quay.io/centos-bootc/bootc-image-builder:latest"
+        boot_args="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
+        ;;
+    "centos-10")
+        os_variant="centos-stream9"
+        base_image_url="quay.io/centos-bootc/centos-bootc:stream10"
+        bib_url="quay.io/centos-bootc/bootc-image-builder:latest"
+        boot_args="uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=no"
+        ;;
+    *)
+        log_error "Unsupported distro: ${ID}-${VERSION_ID}"
+        exit 1
+        ;;
+esac
+
+run_test() {
+
+  log_info "Setting the error trap handler"
+  trap on_failure ERR
+
+  log_info "Environment variables"
+  show_env
+
+  log_info "Creating directories"
+  create_directories
+
+  log_info "Generating service certificates"
+  generate_service_certs
+
+  log_info "Adding host entries for FDO services in host machine"
+  echo -e "${manufacturer_ip} manufacturer\n${rendezvous_ip} rendezvous\n${owner_ip} owner" | sudo tee -a /etc/hosts > /dev/null
+
+  log_info "Build and install 'go-fdo-server' binary"
+  install_server
+
+  log_info "Configuring services"
+  configure_services
+
+  log_info "Start services"
+  start_services
+
+  log_info "Wait for the services to be ready"
+  wait_for_services_ready
+
+  log_info "Setting or updating Rendezvous Info (RendezvousInfo)"
+  set_or_update_rendezvous_info "${manufacturer_url}" "${rendezvous_service_name}" "${rendezvous_dns}" "${rendezvous_port}"
+
+  log_info "Build bootc container from bootc base image"
+  install_client $base_image_url $bib_url
+
+  log_info "Run Device Initialization"
+  run_device_initialization $os_variant $boot_args
+
+  log_info "Get device initialization voucher guid"
+  guid=$(get_voucher_guid)
+  log_info "Device initialized with GUID: ${guid}"
+
+  log_info "Sending Ownership Voucher to the Owner"
+  send_manufacturer_ov_to_owner "${manufacturer_url}" "${guid}" "${owner_url}"
+
+  log_info "Setting or updating Owner Redirect Info (RVTO2Addr)"
+  set_or_update_owner_redirect_info "${owner_url}" "${owner_service_name}" "${owner_dns}" "${owner_port}"
+
+  sleep 60
+
+  log_info "Running FIDO Device Onboard"
+  run_fido_device_onboard || log_error "Onboarding failed!"
+
+  log_info "Unsetting the error trap handler"
+  trap - ERR
+  test_pass
+
+}
+
+# Allow running directly
+[[ "${BASH_SOURCE[0]}" != "$0" ]] || { run_test; cleanup; }