feat(pxe): use bfb bmc reboot feature#3506
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
Summary by CodeRabbit
WalkthroughThe BMC firmware update template enables the BFB installer’s native reboot, checks Redfish readiness through a custom hook, centralizes authenticated CURL settings, and retains VLAN creation, certificate restoration, and account cleanup during post-install processing. ChangesBMC reboot flow
Estimated code review effort: 3 (Moderate) | ~20 minutes Sequence Diagram(s)sequenceDiagram
participant BFBInstaller
participant BMC
participant Redfish
BFBInstaller->>BMC: Apply firmware update
BFBInstaller->>BMC: Trigger native reboot via BMC_REBOOT
BFBInstaller->>Redfish: Poll root endpoint after reboot
Redfish-->>BFBInstaller: Return HTTP 200 readiness response
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@pxe/templates/bmc_fw_update`:
- Around line 64-65: Update the shared CURL_CMD usage in add_db_cert so the
non-idempotent certificate POST does not use --retry-all-errors or automatic
retries. Keep retry behavior for safe operations by introducing a separate
command or per-call options, while preserving the existing authentication and
TLS settings.
- Around line 64-65: Update the shared CURL_CMD used by bmc_custom_action4() to
remove --verbose and --insecure, keeping it quiet and certificate-verified by
default. Add or retain a separate debug-only curl command that explicitly
enables those flags where diagnostic output is required, without affecting the
readiness loop or authenticated production requests.
- Around line 101-103: Update the timeout branch in the BMC readiness wait to
fail the hook by returning a nonzero status or marking the operation failed
after logging the warning. Ensure the flow cannot advance to completion when
Redfish remains unavailable, while preserving successful readiness behavior.
- Around line 94-98: Update the retry loop counters in the while block to avoid
post-increment expressions that can return failure under set -e. Replace both
tries_ok and tries increments with arithmetic assignments or prefix increments,
preserving the existing retry limits and success-count behavior.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: c2790471-d1a4-432e-bf3f-0e1d5ab1b87e
📒 Files selected for processing (1)
pxe/templates/bmc_fw_update
🔍 Container Scan Summary
Per-CVE detail lives in the per-service |
Use BFB installer's native
BMC_REBOOTfeature instead of manually callingbmc_rebootinbfb_post_install().Changes:
BMC_REBOOT="yes"to enable automatic BMC reboot after firmware updatebmc_reboot+wait_bmc_boot()withbmc_custom_action4()hookCURL_CMDdefinition earlier so it's available inadd_db_cert()set -x/set +xdebug noiseRelated issues
Type of Change
Breaking Changes
Testing
Additional Notes
The
bmc_custom_action4()hook is called by the BFB installer after BMC reboot completes. It waits for Redfish API readiness before continuing deleting of a temporary BMC userReference: BFB installer BMC hooks