From 59387cad23518c5e5c6700f1147877187eb3e30f Mon Sep 17 00:00:00 2001
From: John Gallagher <john@oxidecomputer.com>
Date: Wed, 20 Aug 2025 15:37:16 -0400
Subject: [PATCH 1/2] Make BORD and SIGN values a little more realistic

---
 artifact/src/kind.rs         | 30 +++++++++++++++++++++++++
 lib/src/assemble/manifest.rs | 43 ++++++++++++++++++++----------------
 2 files changed, 54 insertions(+), 19 deletions(-)

diff --git a/artifact/src/kind.rs b/artifact/src/kind.rs
index d6eb8d4..4157645 100644
--- a/artifact/src/kind.rs
+++ b/artifact/src/kind.rs
@@ -246,6 +246,36 @@ impl KnownArtifactKind {
     pub fn iter() -> KnownArtifactKindIter {
         <Self as IntoEnumIterator>::iter()
     }
+
+    /// For fake artifacts we generate for tests, what `SIGN` value do we insert
+    /// in the Hubris caboose for this artifact kind?
+    pub fn fake_artifact_hubris_sign(&self) -> Option<String> {
+        match self {
+            // Only RoT and RoT bootloader artifacts are signed. We want to use
+            // a distinct sign value for kind of system, just like real systems
+            // have.
+            KnownArtifactKind::GimletRot
+            | KnownArtifactKind::GimletRotBootloader => {
+                Some("sign-gimlet".to_string())
+            }
+            KnownArtifactKind::SwitchRot
+            | KnownArtifactKind::SwitchRotBootloader => {
+                Some("sign-switch".to_string())
+            }
+            KnownArtifactKind::PscRot | KnownArtifactKind::PscRotBootloader => {
+                Some("sign-psc".to_string())
+            }
+
+            KnownArtifactKind::GimletSp
+            | KnownArtifactKind::Host
+            | KnownArtifactKind::Trampoline
+            | KnownArtifactKind::InstallinatorDocument
+            | KnownArtifactKind::ControlPlane
+            | KnownArtifactKind::Zone
+            | KnownArtifactKind::PscSp
+            | KnownArtifactKind::SwitchSp => None,
+        }
+    }
 }
 
 #[derive(Debug, Error)]
diff --git a/lib/src/assemble/manifest.rs b/lib/src/assemble/manifest.rs
index 7b5471b..5a20908 100644
--- a/lib/src/assemble/manifest.rs
+++ b/lib/src/assemble/manifest.rs
@@ -427,9 +427,6 @@ impl<'a> FakeDataAttributes<'a> {
         use hubtools::{CabooseBuilder, HubrisArchiveBuilder};
 
         let board = match self.kind {
-            KnownArtifactKind::GimletRotBootloader
-            | KnownArtifactKind::PscRotBootloader
-            | KnownArtifactKind::SwitchRotBootloader => "SimRotStage0",
             // non-Hubris artifacts: just make fake data
             KnownArtifactKind::Host
             | KnownArtifactKind::Trampoline
@@ -447,27 +444,35 @@ impl<'a> FakeDataAttributes<'a> {
                 );
             }
 
-            // hubris artifacts: build a fake archive (SimGimletSp and
+            // In production, all the bootloaders and RoTs claim to have the
+            // same board (currently: `oxide-rot-1`). Let's do that here too.
+            KnownArtifactKind::GimletRotBootloader
+            | KnownArtifactKind::PscRotBootloader
+            | KnownArtifactKind::SwitchRotBootloader
+            | KnownArtifactKind::GimletRot
+            | KnownArtifactKind::PscRot
+            | KnownArtifactKind::SwitchRot => "SimRot",
+
+            // SP artifacts: build a fake archive (SimGimletSp and
             // SimGimletRot are used by sp-sim)
             KnownArtifactKind::GimletSp => "SimGimletSp",
-            KnownArtifactKind::GimletRot => "SimRot",
-            KnownArtifactKind::PscSp => "fake-psc-sp",
-            KnownArtifactKind::PscRot => "fake-psc-rot",
             KnownArtifactKind::SwitchSp => "SimSidecarSp",
-            KnownArtifactKind::SwitchRot => "SimRot",
+            KnownArtifactKind::PscSp => "SimPscSp",
         };
 
-        // For our purposes sign = board represents what we want for the RoT
-        // and we don't care about the sign value for the SP
-        // We now have an assumption that board == name for our production
-        // images
-        let caboose = CabooseBuilder::default()
-            .git_commit("this-is-fake-data")
-            .board(board)
-            .version(self.version.to_string())
-            .name(board)
-            .sign(board)
-            .build();
+        let caboose = {
+            let mut builder = CabooseBuilder::default()
+                .git_commit("this-is-fake-data")
+                .board(board)
+                .name(board)
+                .version(self.version.to_string());
+
+            if let Some(sign) = self.kind.fake_artifact_hubris_sign() {
+                builder = builder.sign(sign);
+            }
+
+            builder.build()
+        };
 
         let mut builder = HubrisArchiveBuilder::with_fake_image();
         builder.write_caboose(caboose.as_slice()).unwrap();

From afadab1fd6287f5edf8b81f294ba28d3a0632942 Mon Sep 17 00:00:00 2001
From: John Gallagher <john@oxidecomputer.com>
Date: Wed, 20 Aug 2025 16:02:42 -0400
Subject: [PATCH 2/2] make RoT and bootloader artifacts distinct

---
 lib/src/assemble/manifest.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/src/assemble/manifest.rs b/lib/src/assemble/manifest.rs
index 5a20908..e7a1f05 100644
--- a/lib/src/assemble/manifest.rs
+++ b/lib/src/assemble/manifest.rs
@@ -461,8 +461,11 @@ impl<'a> FakeDataAttributes<'a> {
         };
 
         let caboose = {
+            // We use a fake git commit that contains `self.kind` to ensure that
+            // the artifacts we produce are distinct for each `kind`, even if
+            // all the other caboose fields are identical.
             let mut builder = CabooseBuilder::default()
-                .git_commit("this-is-fake-data")
+                .git_commit(format!("this-is-a-fake-{}", self.kind))
                 .board(board)
                 .name(board)
                 .version(self.version.to_string());