Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 1445396219351e711f82d4cebad6e84a46553bda
commit1445396219351e711f82d4cebad6e84a46553bda[log] [tgz]
authorMateusz Zalega <mateusz@monogon.tech>Fri Jul 23 16:58:02 2021 +0200
committerMateusz Zalega <mateusz@monogon.tech>Tue Aug 10 14:39:14 2021 +0000
tree798347e10dba644f861fd9dbf55fe59cef9fb82f
parent6767e052c761f2b19a4966f707c65d8bc08c3c3c [diff]
m/n/b/mkverity: implement a dm-verity hash image generator

Background: https://github.com/monogon-dev/monogon/issues/57

The piece of code included implements a subset of veritysetup
functionality (see: dm-verity). It was written in an attempt to
minimize projected higher maintenance cost of packaging cryptsetup
for metropolis in the long term.

The implementation was verified with the original veritysetup tool:
>$ ./go-veritysetup format file1 file2
>33359c1f1bdd25e7afc2e98cd27c440e7af9ef2fb55462ce562a1b8254bf02e4
>$ veritysetup --debug --verbose verify file1 file2 33359c1f1bdd25e7afc2e98cd27c440e7af9ef2fb55462ce562a1b8254bf02e4

Ktest-based tests and buildsystem integration are still pending.

Compatibility with the original cryptsetup tool might be dropped
eventually, if it's found beneficial to do so.

Change-Id: I5a6e1b18b692b1701e405013f132f6f2711b2c96
Reviewed-on: https://review.monogon.dev/c/monogon/+/250
Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>
2 files changed
tree: 798347e10dba644f861fd9dbf55fe59cef9fb82f
  1. build/
  2. intellij/
  3. metropolis/
  4. scripts/
  5. third_party/
  6. .bazelignore
  7. .bazelproject
  8. .bazelrc
  9. .git-ignore-revs
  10. .gitignore
  11. BUILD
  12. LICENSE
  13. README.md
  14. WORKSPACE
README.md

Monogon Monorepo

This is the main repository containing the source code for the Monogon Project.

⚠️ This is pre-release software that happens to be publicly available. Nothing to see here, please move along.

Environment

Our build environment requires a working Podman binary (your distribution should have one).

Usage

Spinning up: scripts/create_container.sh

Spinning down: scripts/destroy_container.sh

Running commands: scripts/run_in_container.sh <...>

Using bazel using a wrapper script: scripts/bin/bazel <...> (add to your local $PATH for convenience)

IntelliJ

This repository is compatible with the IntelliJ Bazel plugin, which enables full autocompletion for external dependencies and generated code. All commands run inside the container, and necessary paths are mapped into the container.

The following steps are necessary:

  • Install Google's Bazel plugin in IntelliJ. On IntelliJ 2020.3 or later, you need to install a beta release of the plugin.

  • Add the absolute path to your ~/.cache/bazel-monogon folder to your idea64.vmoptions (Help → Edit Custom VM Options) and restart IntelliJ:

    -Dbazel.bep.path=/home/leopold/.cache/bazel-monogon

  • Set "Bazel Binary Location" in Other Settings → Bazel Settings to the absolute path of scripts/bin/bazel. This is a wrapper that will execute Bazel inside the container.

  • Use File → Import Bazel project... to create a new project from .bazelproject.

After running the first sync, everything should now resolve in the IDE, including generated code.

Metropolis

Run a single node cluster

Launch the node:

scripts/bin/bazel run //:launch

Run a kubectl command:

scripts/bin/bazel run //metropolis/cli/dbg -- kubectl describe

Run tests:

scripts/bin/bazel test //...