feat: install_secureblue rebases to signed image if used on secureblue (#629)

2025-10-31 02:17:45 +00:00 · 2024-12-01 21:01:15 +00:00
parent e3e985af67
commit f44ec21e2d
1 changed files with 4 additions and 0 deletions
--- a/install/install_secureblue.sh
+++ b/install/install_secureblue.sh
@@ -76,6 +76,10 @@ image_name+="$additional_params-hardened"

 rebase_command="rpm-ostree rebase ostree-unverified-registry:ghcr.io/secureblue/$image_name:latest"

+if [ -n "$(rpm-ostree status | grep '● ostree-image-signed:docker://ghcr.io/secureblue/')" ] ; then
+    rebase_command="rpm-ostree rebase ostree-image-signed:docker://ghcr.io/secureblue/$image_name:latest"
+fi
+
 echo "Commands to execute:"
 echo "$rebase_command"
 echo ""