commit 79ffbbe040d0db6c4ff6f8cdc84fe13d537e2bfe
author Tim Windelschmidt <tim@monogon.tech> Thu Feb 22 19:15:51 2024 +0100
committer Tim Windelschmidt <tim@monogon.tech> Tue Feb 27 15:41:41 2024 +0000
tree c187ae1162f232707d835fcf507e8b88c6f5d452
parent 1dd0c6591533bf63389e81a2104bca3c8326e871

cloud: move takeover to agent/takeover

The takeover package is tightly coupled with the agent, so lets move it
there.

Change-Id: I38ae69d4f4e7a4f6a04b0fefb5f127ebc71f5961
Reviewed-on: https://review.monogon.dev/c/monogon/+/2790
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI

cloud/agent/takeover/BUILD.bazel

diff --git a/cloud/agent/takeover/BUILD.bazel b/cloud/agent/takeover/BUILD.bazel
new file mode 100644
index 0000000..855621a
--- /dev/null
+++ b/cloud/agent/takeover/BUILD.bazel
@@ -0,0 +1,71 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
+load("//metropolis/node/build/mkucode:def.bzl", "cpio_ucode")
+load("//build/static_binary_tarball:def.bzl", "static_binary_tarball")
+load("//metropolis/node/build:def.bzl", "node_initramfs")
+load("//metropolis/node/build/fwprune:def.bzl", "fsspec_linux_firmware")
+
+go_library(
+    name = "takeover_lib",
+    srcs = ["takeover.go"],
+    embedsrcs = [
+        "//third_party/linux",  #keep
+        ":ucode",  #keep
+        ":initramfs",  #keep
+    ],
+    importpath = "source.monogon.dev/cloud/agent/takeover",
+    visibility = ["//visibility:private"],
+    deps = [
+        "//cloud/agent/api",
+        "//metropolis/pkg/bootparam",
+        "//metropolis/pkg/kexec",
+        "//net/dump",
+        "//net/proto",
+        "@com_github_cavaliergopher_cpio//:cpio",
+        "@com_github_klauspost_compress//zstd",
+        "@org_golang_google_protobuf//proto",
+        "@org_golang_x_sys//unix",
+    ],
+)
+
+node_initramfs(
+    name = "initramfs",
+    files = {
+        "//cloud/agent:agent": "/init",
+        "@com_github_coredns_coredns//:coredns": "/kubernetes/bin/coredns",
+        "//metropolis/node/core/network/dns:resolv.conf": "/etc/resolv.conf",
+        "@cacerts//file": "/etc/ssl/cert.pem",
+    },
+    fsspecs = [
+        "//metropolis/node/build:earlydev.fsspec",
+        ":firmware",
+    ],
+    visibility = ["//cloud/agent:__subpackages__"],
+)
+
+go_binary(
+    name = "takeover",
+    embed = [":takeover_lib"],
+    visibility = ["//visibility:public"],
+)
+
+cpio_ucode(
+    name = "ucode",
+    ucode = {
+        "@linux-firmware//:amd_ucode": "AuthenticAMD",
+        "@intel_ucode//:fam6h": "GenuineIntel",
+    },
+)
+
+fsspec_linux_firmware(
+    name = "firmware",
+    firmware_files = ["@linux-firmware//:all_files"],
+    kernel = "//third_party/linux",
+    metadata = "@linux-firmware//:metadata",
+)
+
+# Used by container_images, forces a static build of the test_agent.
+static_binary_tarball(
+    name = "takeover_layer",
+    executable = ":takeover",
+    visibility = ["//visibility:public"],
+)