feat(cli): enable GCP Shielded VM (Secure Boot) by default#3450
Merged
Conversation
Provision every GCP instance as a Shielded VM (Secure Boot + vTPM + integrity monitoring) by default. This is what the Cloudflare (CF) skill needs to attest the VM, and is good hygiene for all spawns. GCP's default Ubuntu LTS images are Shielded-VM-compatible, so boots are unaffected. Opt out with the new --no-secure-boot flag (sets GCP_NO_SECURE_BOOT=1) for custom images that are not UEFI/Secure-Boot-capable. Secure Boot is GCP-only here; AWS spawns run on Lightsail, which does not expose Secure Boot, so the flag is a no-op on other clouds.
louisgv
approved these changes
Jun 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Make GCP Shielded VM the default for every spawned GCP instance — Secure Boot + vTPM + integrity monitoring are now enabled automatically:
This is what the Cloudflare (CF) skill needs to attest the VM, and it's good security hygiene for all spawns. GCP's default Ubuntu LTS images are Shielded-VM-compatible, so boots are unaffected.
Opt out
The new
--no-secure-bootflag setsGCP_NO_SECURE_BOOT=1, for the rare custom image that isn't UEFI/Secure-Boot-capable.Why GCP only
Per discussion, default-on was requested for GCP and AWS. GCP is done here. AWS is not technically possible as-is: spawn's AWS provider runs on Lightsail, whose
CreateInstancesAPI exposes no Secure Boot / UEFI / NitroTPM option (that's EC2-only). Honoring "default-on for AWS" would require migrating the AWS provider from Lightsail → EC2 — a separate, much larger change. The flag is a no-op on non-GCP clouds.Changes
packages/cli/src/gcp/gcp.ts— new purebuildShieldedArgs()helper (env-gated), spliced intocreateInstanceargspackages/cli/src/flags.ts— register--no-secure-bootinKNOWN_FLAGSpackages/cli/src/index.ts— extract--no-secure-boot→GCP_NO_SECURE_BOOT=1; add--helplineREADME.md— flags table row + "Secure Boot (GCP)" sectiongcp-cov.test.ts(default-on / opt-out / exact-value-match) +unknown-flags.test.ts(flag registration)Testing
bun test— all 2269 tests passbunx @biomejs/biome check packages/cli/src/ packages/shared/src/— clean (matches CI)Filed from Slack by Spa