Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 4c4a7048de54e4e5d3400ecd3c22ae582e3abe9a / . / metropolis / node / BUILD.bazel
blob: e69d00a54bbb6610182702a652cc5cbc96cd4bc4 [file] [log] [blame]
Jan Schär7c38e782025-04-29 09:23:37 +0000[diff] [blame]1load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
Jan Schäre6c0c322025-05-12 16:14:25 +0000[diff] [blame]2load("//osbase/build/genproductinfo:defs.bzl", "product_info")
Tim Windelschmidtbed76d92025-02-18 03:04:14 +0100[diff] [blame]3load("//osbase/build/mkerofs:def.bzl", "erofs_image")
Jan Schär5fdca562025-04-14 11:33:29 +0000[diff] [blame]4load("//osbase/build/mkoci:def.bzl", "oci_os_image")
Jan Schärd4309bb2025-07-18 10:13:22 +0200[diff] [blame]5load("//osbase/build/mkoci/index:def.bzl", "oci_index")
Tim Windelschmidtbed76d92025-02-18 03:04:14 +0100[diff] [blame]6load("//osbase/build/mkpayload:def.bzl", "efi_unified_kernel_image")
7load("//osbase/build/mkverity:def.bzl", "verity_image")
Serge Bazanski77cb6c52020-12-19 00:09:22 +0100[diff] [blame]8
9go_library(
Lorenz Brund13c1c62022-03-30 19:58:58 +0200[diff] [blame]10 name = "node",
Lorenz Brune306d782021-09-01 13:01:06 +0200[diff] [blame]11 srcs = [
Serge Bazanski1f789542024-05-22 14:01:50 +0200[diff] [blame]12 "labels.go",
Lorenz Brun4bde9312025-08-06 05:04:11 +0200[diff] [blame]13 "net_status.go",
Jan Schär39f4f5c2024-10-29 09:41:50 +0100[diff] [blame]14 "validation.go",
Lorenz Brune306d782021-09-01 13:01:06 +0200[diff] [blame]15 ],
Serge Bazanski31370b02021-01-07 16:31:14 +0100[diff] [blame]16 importpath = "source.monogon.dev/metropolis/node",
Jan Schär0f8ce4c2025-09-04 13:27:50 +0200[diff] [blame]17 visibility = ["//metropolis:__subpackages__"],
Timon Stampfli91bcf462024-12-15 16:57:05 +0100[diff] [blame]18 deps = ["//metropolis/proto/common"],
Serge Bazanski77cb6c52020-12-19 00:09:22 +0100[diff] [blame]19)
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]20
Lorenz Brun313816f2020-12-22 16:52:26 +0100[diff] [blame]21# debug_build checks if we're building in debug mode and enables various debug features for the image.
Lorenz Brun70f65b22020-07-08 17:02:47 +0200[diff] [blame]22config_setting(
23 name = "debug_build",
24 values = {
25 "compilation_mode": "dbg",
26 },
27)
28
Jan Schär7c38e782025-04-29 09:23:37 +0000[diff] [blame]29go_binary(
Tim Windelschmidt25e0d8f2024-12-02 23:46:24 +0100[diff] [blame]30 name = "runc",
Jan Schär7c38e782025-04-29 09:23:37 +0000[diff] [blame]31 embed = ["@com_github_opencontainers_runc//:runc_lib"],
32 gotags = [
33 "osusergo",
34 "netgo",
35 "seccomp",
36 ],
Jan Schär0fd36f42025-04-29 10:26:03 +0000[diff] [blame]37 pure = "off",
Tim Windelschmidt25e0d8f2024-12-02 23:46:24 +0100[diff] [blame]38)
39
Lorenz Brun3a99c592021-01-26 19:57:21 +0100[diff] [blame]40erofs_image(
41 name = "rootfs",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]42 files = {
Jan Schär69b76872025-05-14 16:39:47 +0000[diff] [blame]43 "/init": "//metropolis/node/minit",
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]44 "/core": "//metropolis/node/core",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]45
Jan Schärb86917b2025-05-14 16:31:08 +0000[diff] [blame]46 # Product info
47 "/etc/product-info.json": ":product_info",
48
Jan Schär91bf1c82024-07-29 17:31:33 +0200[diff] [blame]49 # CA Certificate bundle & os-release & resolv.conf & hosts
Lorenz Brun3a99c592021-01-26 19:57:21 +0100[diff] [blame]50 # These should not be explicitly used by Metropolis code and are only here for compatibility with
51 # paths hardcoded by standard libraries (like Go's).
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]52 "/etc/ssl/cert.pem": "@cacerts//file",
53 "/etc/passwd": ":passwd",
54 "/etc/resolv.conf": "//osbase/net/dns:resolv.conf",
55 "/etc/hosts": "//osbase/net/dns:hosts",
Jan Schäre6c0c322025-05-12 16:14:25 +0000[diff] [blame]56 "/etc/os-release": ":product_info_os_release",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]57
Serge Bazanski6d563ca2023-06-14 13:44:20 +0200[diff] [blame]58 # Metrics exporters
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]59 "/metrics/bin/node_exporter": "@com_github_prometheus_node_exporter//:node_exporter",
Serge Bazanski6d563ca2023-06-14 13:44:20 +0200[diff] [blame]60
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]61 # Hyperkube
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]62 "/kubernetes/bin/kube": "//metropolis/node/kubernetes/hyperkube",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]63
64 # runsc/gVisor
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]65 "/containerd/bin/runsc": "@dev_gvisor_gvisor//runsc",
66 "/containerd/bin/containerd-shim-runsc-v1": "@dev_gvisor_gvisor//shim",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]67
Jan Schär0fd36f42025-04-29 10:26:03 +0000[diff] [blame]68 # runc
69 "/containerd/bin/runc": ":runc",
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]70 "/containerd/bin/containerd-shim-runc-v2": "@com_github_containerd_containerd_v2//cmd/containerd-shim-runc-v2",
Lorenz Brun5e4fc2d2020-09-22 18:35:15 +0200[diff] [blame]71
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]72 # Containerd
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]73 "/containerd/bin/containerd": "@com_github_containerd_containerd_v2//cmd/containerd",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]74
75 # Containerd config files
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]76 "/containerd/conf/runsc.toml": "//metropolis/node/kubernetes/containerd:runsc.toml",
77 "/containerd/conf/config.toml": "//metropolis/node/kubernetes/containerd:config.toml",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]78
Lorenz Brun8b0431a2020-07-13 16:56:36 +0200[diff] [blame]79 # Containerd preseed bundles
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]80 "/containerd/preseed/k8s.io/preseedtest.tar": "//metropolis/test/e2e/preseedtest:preseedtest_tarball",
81 "/containerd/preseed/k8s.io/pause.tar": "//metropolis/node/kubernetes/pause:pause_tarball",
Lorenz Brun8b0431a2020-07-13 16:56:36 +0200[diff] [blame]82
Lorenz Brun70f65b22020-07-08 17:02:47 +0200[diff] [blame]83 # Delve
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]84 "/dlv": "@com_github_go_delve_delve//cmd/dlv:dlv",
Jan Schär0fd36f42025-04-29 10:26:03 +0000[diff] [blame]85
86 # file system tools
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]87 "/bin/mkfs.xfs": "@xfsprogs//:mkfs",
Jan Schär0fd36f42025-04-29 10:26:03 +0000[diff] [blame]88
89 # time
Tim Windelschmidt24bf6fd2025-02-12 04:48:24 +0100[diff] [blame]90 "/time/chrony": "@chrony//:chrony",
Lorenz Brun5e4fc2d2020-09-22 18:35:15 +0200[diff] [blame]91 },
Serge Bazanskia3938142022-04-04 17:04:47 +0200[diff] [blame]92 fsspecs = [
93 ":erofs-layout.fsspec",
Tim Windelschmidtc2290c22024-08-15 19:56:00 +0200[diff] [blame]94 "//osbase/build:earlydev.fsspec",
Tim Windelschmidt65bf3112024-04-08 21:32:14 +0200[diff] [blame]95 "//third_party:firmware",
Serge Bazanskia3938142022-04-04 17:04:47 +0200[diff] [blame]96 ],
Lorenz Brun3a99c592021-01-26 19:57:21 +0100[diff] [blame]97 symlinks = {
Tim Windelschmidtad4d9542025-03-24 20:20:13 +0100[diff] [blame]98 "/etc/machine-id": "/ephemeral/machine-id",
Lorenz Brun3a99c592021-01-26 19:57:21 +0100[diff] [blame]99 },
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]100)
101
Mateusz Zalega8c2c7712022-01-25 19:42:21 +0100[diff] [blame]102verity_image(
103 name = "verity_rootfs",
Jan Schär2add1cb2025-07-14 09:26:18 +0000[diff] [blame]104 salt = ":product_info",
Mateusz Zalega8c2c7712022-01-25 19:42:21 +0100[diff] [blame]105 source = ":rootfs",
106)
107
Lorenz Brun2f9f3872021-09-29 19:48:08 +0200[diff] [blame]108efi_unified_kernel_image(
109 name = "kernel_efi",
Tim Windelschmidt4ebbc5f2025-07-16 16:04:35 +0200[diff] [blame]110 cmdline = "console=ttyS0,115200 console=ttyS1,115200 console=ttyAMA0 quiet rootfstype=erofs init=/init loadpin.exclude=kexec-image,kexec-initramfs kernel.unknown_nmi_panic=1",
Tim Windelschmidt65bf3112024-04-08 21:32:14 +0200[diff] [blame]111 initrd = ["//third_party:ucode"],
Lorenz Brun2f9f3872021-09-29 19:48:08 +0200[diff] [blame]112 kernel = "//third_party/linux",
Jan Schäre6c0c322025-05-12 16:14:25 +0000[diff] [blame]113 os_release = ":product_info_os_release",
Mateusz Zalega8c2c7712022-01-25 19:42:21 +0100[diff] [blame]114 verity = ":verity_rootfs",
Lorenz Brun2f9f3872021-09-29 19:48:08 +0200[diff] [blame]115)
116
Jan Schär5fdca562025-04-14 11:33:29 +0000[diff] [blame]117oci_os_image(
118 name = "oci_image",
119 srcs = {
120 "system": ":verity_rootfs",
121 "kernel.efi": ":kernel_efi",
122 },
Jan Schär07e69052025-05-12 16:34:15 +0000[diff] [blame]123 product_info = ":product_info",
Jan Schär5fdca562025-04-14 11:33:29 +0000[diff] [blame]124 visibility = ["//visibility:public"],
125)
126
Jan Schär3b0c8dd2025-06-23 10:32:07 +0000[diff] [blame]127oci_os_image(
128 name = "oci_image_uncompressed",
129 srcs = {
130 "system": ":verity_rootfs",
131 "kernel.efi": ":kernel_efi",
132 },
133 compression_level = 0,
134 product_info = ":product_info",
135 visibility = ["//metropolis/test/launch:__pkg__"],
136)
137
Jan Schärd4309bb2025-07-18 10:13:22 +0200[diff] [blame]138oci_index(
139 name = "oci_multiarch",
140 src = ":oci_image",
141 platforms = [
142 "//build/platforms:linux_x86_64",
143 "//build/platforms:linux_aarch64",
144 ],
145)
146
Jan Schäre6c0c322025-05-12 16:14:25 +0000[diff] [blame]147product_info(
148 name = "product_info",
149 components = [
150 "linux",
151 "kubernetes",
152 ],
Serge Bazanski662b5b32020-12-21 13:49:00 +0100[diff] [blame]153 os_id = "metropolis-node",
154 os_name = "Metropolis Node",
Jan Schäre6c0c322025-05-12 16:14:25 +0000[diff] [blame]155 out_os_release = ":product_info_os_release",
Jan Schärd4309bb2025-07-18 10:13:22 +0200[diff] [blame]156 platform_os = "uefi",
Serge Bazanski30494c12023-11-28 16:27:24 +0100[diff] [blame]157 stamp_var = "STABLE_MONOGON_metropolis_version",
Jan Schärb86917b2025-05-14 16:31:08 +0000[diff] [blame]158 visibility = [":__subpackages__"],
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]159)
Serge Bazanski1f789542024-05-22 14:01:50 +0200[diff] [blame]160
161go_test(
162 name = "node_test",
Jan Schär39f4f5c2024-10-29 09:41:50 +0100[diff] [blame]163 srcs = [
164 "labels_test.go",
165 "validation_test.go",
166 ],
Serge Bazanski1f789542024-05-22 14:01:50 +0200[diff] [blame]167 embed = [":node"],
Serge Bazanskidd2b80f2024-09-24 13:06:27 +0000[diff] [blame]168 deps = ["@io_k8s_apimachinery//pkg/util/validation"],
Serge Bazanski1f789542024-05-22 14:01:50 +0200[diff] [blame]169)