Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / c7359679c41a68cf2a33c717c60c8cb433fb4239 / . / core / BUILD
blob: edd669a4881296eb3ed4ef4a5b9ba939a1c536c3 [file] [log] [blame]
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]1load("//core/build:def.bzl", "smalltown_initramfs")
2
Lorenz Brun70f65b22020-07-08 17:02:47 +0200[diff] [blame]3# debug_build checks if we're building in debug mode and enables various debug features for the image. Currently this
4# is only used for attaching a Delve debugger to init when it's enabled.
5config_setting(
6 name = "debug_build",
7 values = {
8 "compilation_mode": "dbg",
9 },
10)
11
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]12smalltown_initramfs(
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]13 name = "initramfs",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]14 extra_dirs = [
15 "/kubernetes/conf/flexvolume-plugins",
16 "/containerd/run",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]17 ],
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]18 files = {
19 "//core/cmd/init": "/init",
20 "//third_party/xfsprogs:mkfs.xfs": "/bin/mkfs.xfs",
21
22 # CA Certificate bundle & os-release
23 "@cacerts//file": "/etc/ssl/cert.pem",
24 ":os-release-info": "/etc/os-release",
25
26 # Hyperkube
27 "//core/cmd/kube": "/kubernetes/bin/kube",
28
Lorenz Brun339582b2020-07-29 18:13:35 +0200[diff] [blame]29 # CoreDNS
30 "@com_github_coredns_coredns//:coredns": "/kubernetes/bin/coredns",
31
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]32 # runsc/gVisor
33 "@com_github_google_gvisor//runsc": "/containerd/bin/runsc",
34 "@com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1": "/containerd/bin/containerd-shim-runsc-v1",
35
Lorenz Brun5e4fc2d2020-09-22 18:35:15 +0200[diff] [blame]36 # runc (runtime in files_cc because of cgo)
37 "@com_github_containerd_containerd//cmd/containerd-shim-runc-v2": "/containerd/bin/containerd-shim-runc-v2",
38
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]39 # Containerd
40 "@com_github_containerd_containerd//cmd/containerd": "/containerd/bin/containerd",
41
42 # Containerd config files
43 "//core/internal/containerd:runsc.toml": "/containerd/conf/runsc.toml",
44 "//core/internal/containerd:config.toml": "/containerd/conf/config.toml",
Lorenz Brunf042e6f2020-06-24 16:46:09 +0200[diff] [blame]45 "//core/internal/containerd:cnispec.gojson": "/containerd/conf/cnispec.gojson",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]46
Lorenz Brun8b0431a2020-07-13 16:56:36 +0200[diff] [blame]47 # Containerd preseed bundles
48 "//core/tests/e2e/preseedtest:preseedtest.tar": "/containerd/preseed/k8s.io/preseedtest.tar",
Lorenz Bruned0503c2020-07-28 17:21:25 +0200[diff] [blame]49 "//core/tests/e2e/k8s_cts:k8s_cts_image.tar": "/containerd/preseed/k8s.io/k8s_cts.tar",
Lorenz Brun8b0431a2020-07-13 16:56:36 +0200[diff] [blame]50
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]51 # CNI Plugins
52 "@com_github_containernetworking_plugins//plugins/main/loopback": "/containerd/bin/cni/loopback",
53 "@com_github_containernetworking_plugins//plugins/main/ptp": "/containerd/bin/cni/ptp",
54 "@com_github_containernetworking_plugins//plugins/ipam/host-local": "/containerd/bin/cni/host-local",
Serge Bazanskic3ae7582020-06-08 17:15:26 +0200[diff] [blame]55
Lorenz Brun70f65b22020-07-08 17:02:47 +0200[diff] [blame]56 # Delve
57 "@com_github_go_delve_delve//cmd/dlv:dlv": "/dlv",
Serge Bazanski140bddc2020-06-05 21:01:19 +0200[diff] [blame]58 },
Lorenz Brun5e4fc2d2020-09-22 18:35:15 +0200[diff] [blame]59 files_cc = {
60 # runc runtime, with cgo
61 "@com_github_opencontainers_runc//:runc": "/containerd/bin/runc",
62 },
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]63)
64
65genrule(
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]66 name = "image",
67 srcs = [
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]68 "//third_party/linux:bzImage",
69 ":initramfs",
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]70 ],
71 outs = [
72 "smalltown.img",
73 ],
74 cmd = """
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]75 $(location //core/cmd/mkimage) \
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]76 -efi $(location //third_party/linux:bzImage) \
77 -initramfs $(location :initramfs) \
Leopold Schabel65493072019-11-06 13:40:44 +0000[diff] [blame]78 -out $@
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]79 """,
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]80 tools = [
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]81 "//core/cmd/mkimage",
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]82 ],
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]83 visibility = ["//visibility:public"],
84)
85
86genrule(
87 name = "swtpm_data",
88 outs = [
89 "tpm/tpm2-00.permall",
90 "tpm/signkey.pem",
91 "tpm/issuercert.pem",
92 ],
93 cmd = """
94 mkdir -p tpm/ca
95
96 cat <<EOF > tpm/swtpm.conf
97create_certs_tool= /usr/share/swtpm/swtpm-localca
98create_certs_tool_config = tpm/swtpm-localca.conf
99create_certs_tool_options = /etc/swtpm-localca.options
100EOF
101
102 cat <<EOF > tpm/swtpm-localca.conf
103statedir = tpm/ca
104signingkey = tpm/ca/signkey.pem
105issuercert = tpm/ca/issuercert.pem
106certserial = tpm/ca/certserial
107EOF
108
109 swtpm_setup \
110 --tpmstate tpm \
111 --create-ek-cert \
112 --create-platform-cert \
113 --allow-signing \
114 --tpm2 \
115 --display \
116 --pcr-banks sha1,sha256,sha384,sha512 \
117 --config tpm/swtpm.conf
118
119 cp tpm/tpm2-00.permall $(location tpm/tpm2-00.permall)
120 cp tpm/ca/issuercert.pem $(location tpm/issuercert.pem)
121 cp tpm/ca/signkey.pem $(location tpm/signkey.pem)
122 """,
123 visibility = ["//visibility:public"],
124)
Lorenz Brun878f5f92020-05-12 16:15:39 +0200[diff] [blame]125
126load("//core/build/genosrelease:defs.bzl", "os_release")
127
128os_release(
129 name = "os-release-info",
130 os_id = "smalltown",
131 os_name = "Smalltown",
132 stamp_var = "STABLE_SIGNOS_version",
133)