commit 72c1f2b4fde0477c9e1d02803fe8c5ffef116f42
author Serge Bazanski <serge@monogon.tech> Tue Jun 04 13:42:48 2024 +0000
committer Serge Bazanski <serge@monogon.tech> Tue Jun 11 17:01:21 2024 +0000
tree 1b7ef9cd58d07415af303a392e221e8844ec1618
parent 00986a95f02c76d1a5691170ddc7688a48c880aa

third_party: add boringssl, libtpms, swtpm

This isn't yet used, but will soon be used as the main swtpm
implementation (instead of whatever is provided by the ambient
environment and/or sandbox).

Change-Id: I8c8cc7fd7841f10e14d6390595805a8b905d4f4e
Reviewed-on: https://review.monogon.dev/c/monogon/+/3127
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI

third_party/swtpm/external.bzl

diff --git a/third_party/swtpm/external.bzl b/third_party/swtpm/external.bzl
new file mode 100644
index 0000000..903bb33
--- /dev/null
+++ b/third_party/swtpm/external.bzl
@@ -0,0 +1,21 @@
+load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+
+def swtpm_external(name, version):
+    sums = {
+        # master at 2024/06/04
+        "0c9a6c4a12a63b86ab472e69e95bd75853d4fa96": "169ddb139597fa808e112d452457445c79ed521bb34f999066d20de9214056ce",
+    }
+
+    http_archive(
+        name = name,
+        patch_args = ["-p1"],
+        patches = [
+            "//third_party/swtpm/patches:0001-bazel-compat-glib.h-glib-glib.h.patch",
+            "//third_party/swtpm/patches:0002-swtpm_localca-replace-gmp-mpz-dependency-with-boring.patch",
+            "//third_party/swtpm/patches:0003-swtpm_setup-replace-dep-on-JSON-GLib-with-sheredom-j.patch",
+            "//third_party/swtpm/patches:0004-bazel-support-implement.patch",
+        ],
+        sha256 = sums[version],
+        strip_prefix = "swtpm-" + version,
+        urls = ["https://github.com/stefanberger/swtpm/archive/%s.tar.gz" % version],
+    )