Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 60febd9db40970a31a2f49bdb969897a37c11cc6 / . / core / BUILD
blob: 1628bd131d185950d4629c2d557b3324f5c8e315 [file] [log] [blame]
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]1genrule(
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]2 name = "initramfs",
3 srcs = [
4 "//core/cmd/init",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]5 "//core/cmd/kube-controlplane",
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]6 "//third_party/xfsprogs:mkfs.xfs",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]7 "@io_k8s_kubernetes//cmd/kubelet:_kubelet-pure",
8 "@com_github_containerd_containerd//cmd/containerd",
9 "@com_github_containerd_containerd//cmd/containerd-shim",
10 "@com_github_containerd_containerd//cmd/containerd-shim-runc-v1",
11 "@com_github_containerd_containerd//cmd/containerd-shim-runc-v2",
12 "@com_github_containernetworking_plugins//plugins/main/loopback",
13 "@com_github_containernetworking_plugins//plugins/main/ptp",
14 "@com_github_containernetworking_plugins//plugins/ipam/host-local",
15 "@com_github_opencontainers_runc//:runc",
16 "@com_github_google_gvisor//runsc",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]17 ],
18 outs = [
19 "initramfs.cpio.lz4",
20 ],
21 cmd = """
22 $(location @linux//:gen_init_cpio) - <<- 'EOF' | lz4 -l > \"$@\"
23dir /dev 0755 0 0
24nod /dev/console 0600 0 0 c 5 1
25nod /dev/null 0644 0 0 c 1 3
26file /init $(location //core/cmd/init) 0755 0 0
27dir /bin 0755 0 0
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]28file /bin/mkfs.xfs $(location //third_party/xfsprogs:mkfs.xfs) 0755 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]29file /bin/kube-controlplane $(location //core/cmd/kube-controlplane) 0755 0 0
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]30file /bin/kubelet $(location @io_k8s_kubernetes//cmd/kubelet:_kubelet-pure) 0755 0 0
31dir /containerd 0755 0 0
32file /containerd/containerd $(location @com_github_containerd_containerd//cmd/containerd) 0755 0 0
33file /containerd/containerd-shim $(location @com_github_containerd_containerd//cmd/containerd-shim) 0755 0 0
34file /containerd/containerd-shim-runc-v1 $(location @com_github_containerd_containerd//cmd/containerd-shim-runc-v1) 0755 0 0
35file /containerd/containerd-shim-runc-v2 $(location @com_github_containerd_containerd//cmd/containerd-shim-runc-v2) 0755 0 0
36file /containerd/runsc $(location @com_github_google_gvisor//runsc) 0755 0 0
37file /containerd/runc $(location @com_github_opencontainers_runc//:runc) 0755 0 0
38dir /containerd/cni-plugins 0755 0 0
39file /containerd/cni-plugins/loopback $(location @com_github_containernetworking_plugins//plugins/main/loopback) 0755 0 0
40file /containerd/cni-plugins/ptp $(location @com_github_containernetworking_plugins//plugins/main/ptp) 0755 0 0
41file /containerd/cni-plugins/host-local $(location @com_github_containernetworking_plugins//plugins/ipam/host-local) 0755 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]42EOF
43 """,
44 tools = [
45 "@linux//:gen_init_cpio",
46 ],
47)
48
49genrule(
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]50 name = "image",
51 srcs = [
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]52 "//third_party/linux:bzImage",
53 ":initramfs",
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]54 ],
55 outs = [
56 "smalltown.img",
57 ],
58 cmd = """
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]59 $(location //core/cmd/mkimage) \
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]60 -efi $(location //third_party/linux:bzImage) \
61 -initramfs $(location :initramfs) \
Leopold Schabel65493072019-11-06 13:40:44 +0000[diff] [blame]62 -out $@
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]63 """,
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]64 tools = [
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]65 "//core/cmd/mkimage",
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]66 ],
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]67 visibility = ["//visibility:public"],
68)
69
70genrule(
71 name = "swtpm_data",
72 outs = [
73 "tpm/tpm2-00.permall",
74 "tpm/signkey.pem",
75 "tpm/issuercert.pem",
76 ],
77 cmd = """
78 mkdir -p tpm/ca
79
80 cat <<EOF > tpm/swtpm.conf
81create_certs_tool= /usr/share/swtpm/swtpm-localca
82create_certs_tool_config = tpm/swtpm-localca.conf
83create_certs_tool_options = /etc/swtpm-localca.options
84EOF
85
86 cat <<EOF > tpm/swtpm-localca.conf
87statedir = tpm/ca
88signingkey = tpm/ca/signkey.pem
89issuercert = tpm/ca/issuercert.pem
90certserial = tpm/ca/certserial
91EOF
92
93 swtpm_setup \
94 --tpmstate tpm \
95 --create-ek-cert \
96 --create-platform-cert \
97 --allow-signing \
98 --tpm2 \
99 --display \
100 --pcr-banks sha1,sha256,sha384,sha512 \
101 --config tpm/swtpm.conf
102
103 cp tpm/tpm2-00.permall $(location tpm/tpm2-00.permall)
104 cp tpm/ca/issuercert.pem $(location tpm/issuercert.pem)
105 cp tpm/ca/signkey.pem $(location tpm/signkey.pem)
106 """,
107 visibility = ["//visibility:public"],
108)