Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 4cc664da40ef91422fb90039b2a1e90a3f997078 / . / core / BUILD
blob: 03a5153b934f35baf33722d05dd407a6c33fdebf [file] [log] [blame]
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]1genrule(
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]2 name = "initramfs",
3 srcs = [
4 "//core/cmd/init",
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]5 "//core/cmd/kube",
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]6 "//third_party/xfsprogs:mkfs.xfs",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]7 "@io_k8s_kubernetes//cmd/kubelet:_kubelet-pure",
8 "@com_github_containerd_containerd//cmd/containerd",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]9 "@com_github_containerd_containerd//cmd/containerd-shim-runc-v2",
10 "@com_github_containernetworking_plugins//plugins/main/loopback",
11 "@com_github_containernetworking_plugins//plugins/main/ptp",
12 "@com_github_containernetworking_plugins//plugins/ipam/host-local",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]13 "@com_github_google_gvisor//runsc",
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]14 "@com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1",
15 "//core/internal/containerd:ptp.json",
16 "//core/internal/containerd:loopback.json",
17 "//core/internal/containerd:config.toml",
18 "//core/internal/containerd:runsc.toml",
19 "@cacerts//file",
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]20 ":os-release-info",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]21 ],
22 outs = [
23 "initramfs.cpio.lz4",
24 ],
25 cmd = """
26 $(location @linux//:gen_init_cpio) - <<- 'EOF' | lz4 -l > \"$@\"
27dir /dev 0755 0 0
28nod /dev/console 0600 0 0 c 5 1
29nod /dev/null 0644 0 0 c 1 3
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]30nod /dev/kmsg 0644 0 0 c 1 11
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]31nod /dev/ptmx 0644 0 0 c 5 2
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]32file /init $(location //core/cmd/init) 0755 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]33dir /etc 0755 0 0
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]34file /etc/os-release $(location :os-release-info) 0644 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]35dir /etc/ssl 0755 0 0
36file /etc/ssl/cert.pem $(location @cacerts//file) 0444 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]37dir /bin 0755 0 0
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]38file /bin/mkfs.xfs $(location //third_party/xfsprogs:mkfs.xfs) 0755 0 0
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]39dir /kubernetes 0755 0 0
40dir /kubernetes/bin 0755 0 0
41file /kubernetes/bin/kube $(location //core/cmd/kube) 0755 0 0
42dir /kubernetes/conf 0755 0 0
43dir /kubernetes/conf/flexvolume-plugins 0755 0 0
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]44dir /containerd 0755 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]45dir /containerd/bin 0755 0 0
46file /containerd/bin/containerd $(location @com_github_containerd_containerd//cmd/containerd) 0755 0 0
47file /containerd/bin/containerd-shim-runsc-v1 $(location @com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1) 0755 0 0
48file /containerd/bin/runsc $(location @com_github_google_gvisor//runsc) 0755 0 0
49dir /containerd/bin/cni 0755 0 0
50file /containerd/bin/cni/loopback $(location @com_github_containernetworking_plugins//plugins/main/loopback) 0755 0 0
51file /containerd/bin/cni/ptp $(location @com_github_containernetworking_plugins//plugins/main/ptp) 0755 0 0
52file /containerd/bin/cni/host-local $(location @com_github_containernetworking_plugins//plugins/ipam/host-local) 0755 0 0
53dir /containerd/run 0755 0 0
54dir /containerd/conf 0755 0 0
55dir /containerd/conf/cni 0755 0 0
56file /containerd/conf/cni/10-ptp.conf $(location //core/internal/containerd:ptp.json) 0444 0 0
57file /containerd/conf/cni/99-loopback.conf $(location //core/internal/containerd:loopback.json) 0444 0 0
58file /containerd/conf/config.toml $(location //core/internal/containerd:config.toml) 0444 0 0
59file /containerd/conf/runsc.toml $(location //core/internal/containerd:runsc.toml) 0444 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]60EOF
61 """,
62 tools = [
63 "@linux//:gen_init_cpio",
64 ],
65)
66
67genrule(
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]68 name = "image",
69 srcs = [
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]70 "//third_party/linux:bzImage",
71 ":initramfs",
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]72 ],
73 outs = [
74 "smalltown.img",
75 ],
76 cmd = """
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]77 $(location //core/cmd/mkimage) \
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]78 -efi $(location //third_party/linux:bzImage) \
79 -initramfs $(location :initramfs) \
Leopold Schabel65493072019-11-06 13:40:44 +0000[diff] [blame]80 -out $@
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]81 """,
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]82 tools = [
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]83 "//core/cmd/mkimage",
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]84 ],
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]85 visibility = ["//visibility:public"],
86)
87
88genrule(
89 name = "swtpm_data",
90 outs = [
91 "tpm/tpm2-00.permall",
92 "tpm/signkey.pem",
93 "tpm/issuercert.pem",
94 ],
95 cmd = """
96 mkdir -p tpm/ca
97
98 cat <<EOF > tpm/swtpm.conf
99create_certs_tool= /usr/share/swtpm/swtpm-localca
100create_certs_tool_config = tpm/swtpm-localca.conf
101create_certs_tool_options = /etc/swtpm-localca.options
102EOF
103
104 cat <<EOF > tpm/swtpm-localca.conf
105statedir = tpm/ca
106signingkey = tpm/ca/signkey.pem
107issuercert = tpm/ca/issuercert.pem
108certserial = tpm/ca/certserial
109EOF
110
111 swtpm_setup \
112 --tpmstate tpm \
113 --create-ek-cert \
114 --create-platform-cert \
115 --allow-signing \
116 --tpm2 \
117 --display \
118 --pcr-banks sha1,sha256,sha384,sha512 \
119 --config tpm/swtpm.conf
120
121 cp tpm/tpm2-00.permall $(location tpm/tpm2-00.permall)
122 cp tpm/ca/issuercert.pem $(location tpm/issuercert.pem)
123 cp tpm/ca/signkey.pem $(location tpm/signkey.pem)
124 """,
125 visibility = ["//visibility:public"],
126)
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]127
128load("//core/build/genosrelease:defs.bzl", "os_release")
129
130os_release(
131 name = "os-release-info",
132 os_id = "smalltown",
133 os_name = "Smalltown",
134 stamp_var = "STABLE_SIGNOS_version",
135)