Undo set_secure_boot_template + feedback

Author: maheeraeron

petri/src/vm/hyperv/mod.rs

@@ -57,7 +57,6 @@ pub struct PetriVmConfigHyperV {
     // Specifies the path to a virtual hard disk file(s) to attach to the
     // virtual machine as SCSI (Gen2) or IDE (Gen1) drives.
     vhd_paths: Vec<Vec<PathBuf>>,
-    secure_boot_enabled: bool,
     secure_boot_template: Option<powershell::HyperVSecureBootTemplate>,
     openhcl_igvm: Option<ResolvedArtifact>,
     openhcl_command_line: String,
@@ -367,8 +366,8 @@ impl PetriVmConfigHyperV {
             })?;
         }
 
-        if self.generation == powershell::HyperVGeneration::Two {
-            vm.set_secure_boot_state(self.secure_boot_enabled, self.secure_boot_template)?;
+        if let Some(secure_boot_template) = self.secure_boot_template {
+            vm.set_secure_boot_template(secure_boot_template)
         }
 
         for (i, vhds) in self.vhd_paths.iter().enumerate() {

petri/src/vm/hyperv/powershell.rs

@@ -392,8 +392,6 @@ pub struct HyperVSetVMFirmwareArgs<'a> {
     /// Specifies the ID of virtual machines for which you want to modify the
     /// firmware configuration.
     pub vmid: &'a Guid,
-    /// Specifies whether to enable secure boot for the virtual machine.
-    pub secure_boot_enabled: bool,
     /// Specifies the name of the secure boot template. If secure boot is
     /// enabled, you must have a valid secure boot template for the guest
     /// operating system to start.
@@ -402,32 +400,24 @@ pub struct HyperVSetVMFirmwareArgs<'a> {
 
 /// Runs Set-VMFirmware with the given arguments.
 pub fn run_set_vm_firmware(args: HyperVSetVMFirmwareArgs<'_>) -> anyhow::Result<()> {
-    // Determine the boot state based on whether secure boot is enabled
-    let boot_state = if args.secure_boot_enabled {
-        ps::RawVal::new("On")
-    } else {
-        ps::RawVal::new("Off")
-    };
-
-    // Build the PowerShell command
     let mut builder = PowerShellBuilder::new()
         .cmdlet("Get-VM")
         .arg("Id", args.vmid)
-        .pipeline()
-        .cmdlet("Set-VMFirmware")
-        .arg("EnableSecureBoot", boot_state);
+        .pipeline();
 
-    // Add the secure boot template if specified
-    if let Some(template) = args.secure_boot_template {
-        builder = builder.arg("SecureBootTemplate", template);
-    }
+    builder = match args.secure_boot_template {
+        None => builder
+            .cmdlet("Set-VMFirmware")
+            .arg("EnableSecureBoot", ps::RawVal::new("Off"))
+            .finish(),
+        Some(template) => builder
+            .cmdlet("Set-VMFirmware")
+            .arg("EnableSecureBoot", ps::RawVal::new("On"))
+            .arg("SecureBootTemplate", template)
+            .finish(),
+    };
 
-    // Execute the command
-    builder
-        .finish()
-        .output(true)
-        .map(|_| ())
-        .context("set_vm_firmware")
+    builder.output(true).map(|_| ()).context("set_vm_firmware")
 }
 
 /// Runs Set-VMFirmware with the given arguments.

petri/src/vm/hyperv/vm.rs

@@ -225,16 +225,14 @@ impl HyperVVM {
         )
     }
 
-    /// Set the secure boot state
-    pub fn set_secure_boot_state(
+    /// Set the secure boot template
+    pub fn set_secure_boot_template(
         &mut self,
-        enabled: bool,
-        secure_boot_template: Option<powershell::HyperVSecureBootTemplate>,
+        secure_boot_template: powershell::HyperVSecureBootTemplate,
     ) -> anyhow::Result<()> {
         powershell::run_set_vm_firmware(powershell::HyperVSetVMFirmwareArgs {
             vmid: &self.vmid,
-            secure_boot_enabled: enabled,
-            secure_boot_template,
+            secure_boot_template: Some(secure_boot_template),
         })
     }