Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / b15abadcd33cc25c220a2e8987f11bd967af5765 / . / core / BUILD
blob: ef4b86aa6ab6e9d1f81ae75d209f3b7f20e5e1c8 [file] [log] [blame]
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]1genrule(
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]2 name = "initramfs",
3 srcs = [
4 "//core/cmd/init",
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]5 "//core/cmd/kube",
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]6 "//third_party/xfsprogs:mkfs.xfs",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]7 "@io_k8s_kubernetes//cmd/kubelet:_kubelet-pure",
8 "@com_github_containerd_containerd//cmd/containerd",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]9 "@com_github_containerd_containerd//cmd/containerd-shim-runc-v2",
10 "@com_github_containernetworking_plugins//plugins/main/loopback",
11 "@com_github_containernetworking_plugins//plugins/main/ptp",
12 "@com_github_containernetworking_plugins//plugins/ipam/host-local",
13 "@com_github_opencontainers_runc//:runc",
14 "@com_github_google_gvisor//runsc",
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]15 "@com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1",
16 "//core/internal/containerd:ptp.json",
17 "//core/internal/containerd:loopback.json",
18 "//core/internal/containerd:config.toml",
19 "//core/internal/containerd:runsc.toml",
20 "@cacerts//file",
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]21 ":os-release-info",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]22 ],
23 outs = [
24 "initramfs.cpio.lz4",
25 ],
26 cmd = """
27 $(location @linux//:gen_init_cpio) - <<- 'EOF' | lz4 -l > \"$@\"
28dir /dev 0755 0 0
29nod /dev/console 0600 0 0 c 5 1
30nod /dev/null 0644 0 0 c 1 3
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]31nod /dev/kmsg 0644 0 0 c 1 11
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]32nod /dev/ptmx 0644 0 0 c 5 2
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]33file /init $(location //core/cmd/init) 0755 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]34dir /etc 0755 0 0
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]35file /etc/os-release $(location :os-release-info) 0644 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]36dir /etc/ssl 0755 0 0
37file /etc/ssl/cert.pem $(location @cacerts//file) 0444 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]38dir /bin 0755 0 0
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]39file /bin/mkfs.xfs $(location //third_party/xfsprogs:mkfs.xfs) 0755 0 0
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]40dir /kubernetes 0755 0 0
41dir /kubernetes/bin 0755 0 0
42file /kubernetes/bin/kube $(location //core/cmd/kube) 0755 0 0
43dir /kubernetes/conf 0755 0 0
44dir /kubernetes/conf/flexvolume-plugins 0755 0 0
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]45dir /containerd 0755 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]46dir /containerd/bin 0755 0 0
47file /containerd/bin/containerd $(location @com_github_containerd_containerd//cmd/containerd) 0755 0 0
48file /containerd/bin/containerd-shim-runsc-v1 $(location @com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1) 0755 0 0
49file /containerd/bin/runsc $(location @com_github_google_gvisor//runsc) 0755 0 0
50dir /containerd/bin/cni 0755 0 0
51file /containerd/bin/cni/loopback $(location @com_github_containernetworking_plugins//plugins/main/loopback) 0755 0 0
52file /containerd/bin/cni/ptp $(location @com_github_containernetworking_plugins//plugins/main/ptp) 0755 0 0
53file /containerd/bin/cni/host-local $(location @com_github_containernetworking_plugins//plugins/ipam/host-local) 0755 0 0
54dir /containerd/run 0755 0 0
55dir /containerd/conf 0755 0 0
56dir /containerd/conf/cni 0755 0 0
57file /containerd/conf/cni/10-ptp.conf $(location //core/internal/containerd:ptp.json) 0444 0 0
58file /containerd/conf/cni/99-loopback.conf $(location //core/internal/containerd:loopback.json) 0444 0 0
59file /containerd/conf/config.toml $(location //core/internal/containerd:config.toml) 0444 0 0
60file /containerd/conf/runsc.toml $(location //core/internal/containerd:runsc.toml) 0444 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]61EOF
62 """,
63 tools = [
64 "@linux//:gen_init_cpio",
65 ],
66)
67
68genrule(
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]69 name = "image",
70 srcs = [
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]71 "//third_party/linux:bzImage",
72 ":initramfs",
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]73 ],
74 outs = [
75 "smalltown.img",
76 ],
77 cmd = """
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]78 $(location //core/cmd/mkimage) \
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]79 -efi $(location //third_party/linux:bzImage) \
80 -initramfs $(location :initramfs) \
Leopold Schabel65493072019-11-06 13:40:44 +0000[diff] [blame]81 -out $@
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]82 """,
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]83 tools = [
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]84 "//core/cmd/mkimage",
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]85 ],
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]86 visibility = ["//visibility:public"],
87)
88
89genrule(
90 name = "swtpm_data",
91 outs = [
92 "tpm/tpm2-00.permall",
93 "tpm/signkey.pem",
94 "tpm/issuercert.pem",
95 ],
96 cmd = """
97 mkdir -p tpm/ca
98
99 cat <<EOF > tpm/swtpm.conf
100create_certs_tool= /usr/share/swtpm/swtpm-localca
101create_certs_tool_config = tpm/swtpm-localca.conf
102create_certs_tool_options = /etc/swtpm-localca.options
103EOF
104
105 cat <<EOF > tpm/swtpm-localca.conf
106statedir = tpm/ca
107signingkey = tpm/ca/signkey.pem
108issuercert = tpm/ca/issuercert.pem
109certserial = tpm/ca/certserial
110EOF
111
112 swtpm_setup \
113 --tpmstate tpm \
114 --create-ek-cert \
115 --create-platform-cert \
116 --allow-signing \
117 --tpm2 \
118 --display \
119 --pcr-banks sha1,sha256,sha384,sha512 \
120 --config tpm/swtpm.conf
121
122 cp tpm/tpm2-00.permall $(location tpm/tpm2-00.permall)
123 cp tpm/ca/issuercert.pem $(location tpm/issuercert.pem)
124 cp tpm/ca/signkey.pem $(location tpm/signkey.pem)
125 """,
126 visibility = ["//visibility:public"],
127)
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]128
129load("//core/build/genosrelease:defs.bzl", "os_release")
130
131os_release(
132 name = "os-release-info",
133 os_id = "smalltown",
134 os_name = "Smalltown",
135 stamp_var = "STABLE_SIGNOS_version",
136)