Hi,
I want to build Secure Boot enabled vmx appliance(SLES 15.4 based) and below is my kiwi profile. Per documentation (to enabled Secure Boot), I chose firmware type as "uefi" but the generated .vmx file doesn't have
firmware and uefi.secureBoot.enabled attributes. If I manually add these 2 attributes, then my VM boots with EFI Secure Boot enabled.
Please suggest if these can be added by kiwi tool or if I need to add afterwards?
Also, as mentioned in the code comments (grub2.py), for .vmx profile, how/what stage do we run shim-install script or is there something else we need to do (such as setting an attribute in vmx?) to add boot loader entry in efi variable? The above mentioned appliance is booting from default location (/EFI/BOOT/bootx64.efi)
Thanks
Attributes that I added in .vmx file:
============================
firmware = "efi"
uefi.secureBoot.enabled = "TRUE"
config.kiwi profile:
===============
<preferences profiles="ovf">
<version>15.0</version>
<type image="vmx" filesystem="ext4" format="vmdk" firmware="uefi" efipartsize="512" bootpartition="false" bootkernel="custom">
<bootloader name="grub2"/>
<machine memory="16384" guestOS="sles15-64" ovftype="vmware" HWversion="19">
......
</machine>
<size additive="true" unit="G">40</size>
<systemdisk name="VG">
<volume name="swap" freespace="8192M"/>
</systemdisk>
</type>
</preferences>