Skip to content

feat(power): add EnforceSecureBoot error message for CCM mode #779

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
madhavilosetty-intel wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

feat(power): add EnforceSecureBoot error message for CCM mode #779

madhavilosetty-intel wants to merge 2 commits into from
+302 −5

Conversation

@madhavilosetty-intel
Copy link
Contributor

@madhavilosetty-intel madhavilosetty-intel commented Feb 3, 2026

Add validation to Set Boot Options that prevents turning off Enforce Secure Boot when the device is in Client Control Mode (CCM).

@madhavilosetty-intel madhavilosetty-intel mentioned this pull request Feb 3, 2026
Open
4 tasks
@codecov
Copy link

codecov bot commented Feb 3, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 61.11111% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 39.69%. Comparing base (4d3e507) to head (0d03449).

Files with missing lines Patch % Lines
internal/usecase/devices/power.go 71.42% 2 Missing and 2 partials ⚠️
internal/controller/httpapi/v1/error.go 25.00% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #779      +/-   ##
==========================================
+ Coverage   39.67%   39.69%   +0.02%     
==========================================
  Files         112      112              
  Lines       10657    10673      +16     
==========================================
+ Hits         4228     4237       +9     
- Misses       6047     6052       +5     
- Partials      382      384       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@madhavilosetty-intel madhavilosetty-intel linked an issue Feb 3, 2026 that may be closed by this pull request
Console/MPS Update APIs for OCR #773
Open
4 tasks
@madhavilosetty-intel madhavilosetty-intel marked this pull request as draft February 3, 2026 20:40
Copilot AI reviewed Feb 3, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds validation to prevent disabling Enforce Secure Boot when a device is in Client Control Mode (CCM). The validation occurs in the SetBootOptions function and returns a specific error when the restriction is violated.

Changes:

  • Added CCM mode validation that prevents turning off EnforceSecureBoot in Client Control Mode
  • Changed EnforceSecureBoot from a required boolean to an optional pointer to support fallback to device values
  • Added helper function getEnforceSecureBoot to handle the optional EnforceSecureBoot parameter

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
internal/usecase/devices/power.go Implements CCM validation logic, adds error constant, and introduces helper function for handling optional EnforceSecureBoot
internal/usecase/devices/power_test.go Adds comprehensive test coverage for CCM restriction scenarios
internal/entity/dto/v1/bootsetting.go Changes EnforceSecureBoot from required boolean to optional pointer
integration-test/collections/console_mps_apis.postman_collection.json Adds integration test for CCM restriction validation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@madhavilosetty-intel madhavilosetty-intel force-pushed the enforce-secure-boot-ccm-validation branch 2 times, most recently from 7d72434 to 4a9d3d2 Compare February 11, 2026 02:43
Copilot AI reviewed Feb 11, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@madhavilosetty-intel
feat(power): add EnforceSecureBoot error message for CCM mode
25ec7b8 
Prevent EnforceSecureBoot from being disabled when the device is in Client Control Mode (CCM).
The bootOptions now checks the provisioning mode and returns a 400 error if EnforceSecureBoot is set to false in CCM.
@madhavilosetty-intel madhavilosetty-intel force-pushed the enforce-secure-boot-ccm-validation branch from 41547f8 to 25ec7b8 Compare February 11, 2026 03:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Console/MPS Update APIs for OCR

1 participant

@madhavilosetty-intel