commit 65bf311fbf47fec70019477237f6411123ef5727
author Tim Windelschmidt <tim@monogon.tech> Mon Apr 08 21:32:14 2024 +0200
committer Tim Windelschmidt <tim@monogon.tech> Thu Apr 11 19:21:02 2024 +0000
tree daaa15a7c708f746e16301a2ea8e8175ebeff466
parent 37cfcc109508d5370900228d5f20f2183ed2d65b

third_party: expose firmware and ucode targets

That way we don't have to redefine it with every target that does
any kind of takeover.

Change-Id: I816b42a87c755da7b42944b2768f71b53d8d77f3
Reviewed-on: https://review.monogon.dev/c/monogon/+/2929
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

cloud/agent/takeover/BUILD.bazel

diff --git a/cloud/agent/takeover/BUILD.bazel b/cloud/agent/takeover/BUILD.bazel
index 855621a..2727f19 100644
--- a/cloud/agent/takeover/BUILD.bazel
+++ b/cloud/agent/takeover/BUILD.bazel
@@ -9,7 +9,7 @@
     srcs = ["takeover.go"],
     embedsrcs = [
         "//third_party/linux",  #keep
-        ":ucode",  #keep
+        "//third_party:ucode",  #keep
         ":initramfs",  #keep
     ],
     importpath = "source.monogon.dev/cloud/agent/takeover",
@@ -37,7 +37,7 @@
     },
     fsspecs = [
         "//metropolis/node/build:earlydev.fsspec",
-        ":firmware",
+        "//third_party:firmware",
     ],
     visibility = ["//cloud/agent:__subpackages__"],
 )
@@ -48,21 +48,6 @@
     visibility = ["//visibility:public"],
 )
 
-cpio_ucode(
-    name = "ucode",
-    ucode = {
-        "@linux-firmware//:amd_ucode": "AuthenticAMD",
-        "@intel_ucode//:fam6h": "GenuineIntel",
-    },
-)
-
-fsspec_linux_firmware(
-    name = "firmware",
-    firmware_files = ["@linux-firmware//:all_files"],
-    kernel = "//third_party/linux",
-    metadata = "@linux-firmware//:metadata",
-)
-
 # Used by container_images, forces a static build of the test_agent.
 static_binary_tarball(
     name = "takeover_layer",

cloud/agent/takeover/takeover.go

diff --git a/cloud/agent/takeover/takeover.go b/cloud/agent/takeover/takeover.go
index d313174..ec7e416 100644
--- a/cloud/agent/takeover/takeover.go
+++ b/cloud/agent/takeover/takeover.go
@@ -41,7 +41,7 @@
 //go:embed third_party/linux/bzImage
 var kernel []byte
 
-//go:embed ucode.cpio
+//go:embed third_party/ucode.cpio
 var ucode []byte
 
 //go:embed initramfs.cpio.zst

metropolis/installer/BUILD.bazel

diff --git a/metropolis/installer/BUILD.bazel b/metropolis/installer/BUILD.bazel
index 3b4144c..f94d134 100644
--- a/metropolis/installer/BUILD.bazel
+++ b/metropolis/installer/BUILD.bazel
@@ -51,7 +51,7 @@
     name = "kernel",
     cmdline = "console=ttyS0,115200 console=tty0 quiet",
     initrd = [
-        "//metropolis/node:ucode",
+        "//third_party:ucode",
         ":initramfs",
     ],
     kernel = "//third_party/linux",

metropolis/node/BUILD.bazel

diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index 52c5d56..b056dc3 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel
@@ -2,8 +2,6 @@
 load("//metropolis/node/build:def.bzl", "erofs_image", "verity_image")
 load("//metropolis/node/build:efi.bzl", "efi_unified_kernel_image")
 load("//metropolis/node/build/mkimage:def.bzl", "node_image")
-load("//metropolis/node/build/fwprune:def.bzl", "fsspec_linux_firmware")
-load("//metropolis/node/build/mkucode:def.bzl", "cpio_ucode")
 load("@rules_pkg//:pkg.bzl", "pkg_zip")
 
 go_library(
@@ -30,22 +28,6 @@
     },
 )
 
-fsspec_linux_firmware(
-    name = "firmware",
-    firmware_files = ["@linux-firmware//:all_files"],
-    kernel = "//third_party/linux",
-    metadata = "@linux-firmware//:metadata",
-)
-
-cpio_ucode(
-    name = "ucode",
-    ucode = {
-        "@linux-firmware//:amd_ucode": "AuthenticAMD",
-        "@intel_ucode//:fam6h": "GenuineIntel",
-    },
-    visibility = ["//metropolis:__subpackages__"],
-)
-
 erofs_image(
     name = "rootfs",
     files = {
@@ -104,7 +86,7 @@
     fsspecs = [
         ":erofs-layout.fsspec",
         "//metropolis/node/build:earlydev.fsspec",
-        ":firmware",
+        "//third_party:firmware",
     ],
     symlinks = {
         "/ephemeral/machine-id": "/etc/machine-id",
@@ -120,7 +102,7 @@
 efi_unified_kernel_image(
     name = "kernel_efi",
     cmdline = "console=ttyS0,115200 console=ttyS1,115200 console=tty0 quiet rootfstype=erofs init=/init loadpin.exclude=kexec-image,kexec-initramfs kernel.unknown_nmi_panic=1",
-    initrd = [":ucode"],
+    initrd = ["//third_party:ucode"],
     kernel = "//third_party/linux",
     os_release = ":os-release-info",
     verity = ":verity_rootfs",

third_party/BUILD.bazel

diff --git a/third_party/BUILD.bazel b/third_party/BUILD.bazel
index e69de29..7d507bc 100644
--- a/third_party/BUILD.bazel
+++ b/third_party/BUILD.bazel
@@ -0,0 +1,20 @@
+load("//metropolis/node/build/fwprune:def.bzl", "fsspec_linux_firmware")
+
+fsspec_linux_firmware(
+    name = "firmware",
+    firmware_files = ["@linux-firmware//:all_files"],
+    kernel = "//third_party/linux",
+    metadata = "@linux-firmware//:metadata",
+    visibility = ["//visibility:public"],
+)
+
+load("//metropolis/node/build/mkucode:def.bzl", "cpio_ucode")
+
+cpio_ucode(
+    name = "ucode",
+    ucode = {
+        "@linux-firmware//:amd_ucode": "AuthenticAMD",
+        "@intel_ucode//:fam6h": "GenuineIntel",
+    },
+    visibility = ["//visibility:public"],
+)