Implement scalable network flasher for RPi devices
From what I can tell the next step will be to
A) implement means to flash hardware devices from our tooling
B) run test cases on flashed devices
For A) my current vision is that I can startup the container in network-provision mode (or execute the script / tool on my host). Given a configuration which image to flash and probably - like in the check process - how to alter / modify the system fresh CM4 devices should pick up the server on their own and start the provisioning process over ethernet. As a plus later on I also think enabling provisioning via arm-image-installer over usb would be nice - however the CM4 requires some extra rpi-boot tooling for that which is not part of fedora. Maybe we could install that into the container
As for details on the provisioning process we require:
network flash of an image
secret creation and provisioning (possibly via TPM on the Pi) - the devices have numerous secrets, some of them inside the TPM; some of those need to also be provided on the host and stored in an SSO user storage or secret vault
configuration generation / modification - each device will require some unique identifiers and configuration initialization
So basically besides flashing the image via network, we also need to automatically alter some of the contents of the devices file system. Currently we have several system services that do these alterations on first boot. We'd like all the factory initialization steps to be done before first boot however, or at least as controlled and validated part of the provisioning process
We should probably take a second look into Zezere here if that tool can be altered to fit our needs