Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 731d00ae802712305d2a01ea4a7bbc74227b2f0d / . / core / BUILD
blob: bd497533bb2e41457c0da629162e481eb22d11a0 [file] [log] [blame]
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]1genrule(
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame^]2 name = "initramfs",
3 srcs = [
4 "//core/cmd/init",
5 "//core/build/utils:mkfs.xfs",
6 "//core/cmd/kube-controlplane",
7 ],
8 outs = [
9 "initramfs.cpio.lz4",
10 ],
11 cmd = """
12 $(location @linux//:gen_init_cpio) - <<- 'EOF' | lz4 -l > \"$@\"
13dir /dev 0755 0 0
14nod /dev/console 0600 0 0 c 5 1
15nod /dev/null 0644 0 0 c 1 3
16file /init $(location //core/cmd/init) 0755 0 0
17dir /bin 0755 0 0
18file /bin/mkfs.xfs $(location //core/build/utils:mkfs.xfs) 0755 0 0
19file /bin/kube-controlplane $(location //core/cmd/kube-controlplane) 0755 0 0
20EOF
21 """,
22 tools = [
23 "@linux//:gen_init_cpio",
24 ],
25)
26
27genrule(
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]28 name = "image",
29 srcs = [
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame^]30 "//third_party/linux:bzImage",
31 ":initramfs",
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]32 ],
33 outs = [
34 "smalltown.img",
35 ],
36 cmd = """
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]37 $(location //core/cmd/mkimage) \
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame^]38 -efi $(location //third_party/linux:bzImage) \
39 -initramfs $(location :initramfs) \
Leopold Schabel65493072019-11-06 13:40:44 +0000[diff] [blame]40 -out $@
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]41 """,
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]42 tools = [
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]43 "//core/cmd/mkimage",
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]44 ],
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]45 visibility = ["//visibility:public"],
46)
47
48genrule(
49 name = "swtpm_data",
50 outs = [
51 "tpm/tpm2-00.permall",
52 "tpm/signkey.pem",
53 "tpm/issuercert.pem",
54 ],
55 cmd = """
56 mkdir -p tpm/ca
57
58 cat <<EOF > tpm/swtpm.conf
59create_certs_tool= /usr/share/swtpm/swtpm-localca
60create_certs_tool_config = tpm/swtpm-localca.conf
61create_certs_tool_options = /etc/swtpm-localca.options
62EOF
63
64 cat <<EOF > tpm/swtpm-localca.conf
65statedir = tpm/ca
66signingkey = tpm/ca/signkey.pem
67issuercert = tpm/ca/issuercert.pem
68certserial = tpm/ca/certserial
69EOF
70
71 swtpm_setup \
72 --tpmstate tpm \
73 --create-ek-cert \
74 --create-platform-cert \
75 --allow-signing \
76 --tpm2 \
77 --display \
78 --pcr-banks sha1,sha256,sha384,sha512 \
79 --config tpm/swtpm.conf
80
81 cp tpm/tpm2-00.permall $(location tpm/tpm2-00.permall)
82 cp tpm/ca/issuercert.pem $(location tpm/issuercert.pem)
83 cp tpm/ca/signkey.pem $(location tpm/signkey.pem)
84 """,
85 visibility = ["//visibility:public"],
86)