Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / d3c59d22955d01ff4afcada9d4845cd935d820b7 / . / core / BUILD
blob: 4df97772b8ba2dacbe023e13a12b0666cb6c5188 [file] [log] [blame]
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]1genrule(
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]2 name = "initramfs",
3 srcs = [
4 "//core/cmd/init",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]5 "//core/cmd/kube-controlplane",
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]6 "//third_party/xfsprogs:mkfs.xfs",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]7 "@io_k8s_kubernetes//cmd/kubelet:_kubelet-pure",
8 "@com_github_containerd_containerd//cmd/containerd",
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]9 "@com_github_containerd_containerd//cmd/containerd-shim-runc-v2",
10 "@com_github_containernetworking_plugins//plugins/main/loopback",
11 "@com_github_containernetworking_plugins//plugins/main/ptp",
12 "@com_github_containernetworking_plugins//plugins/ipam/host-local",
13 "@com_github_opencontainers_runc//:runc",
14 "@com_github_google_gvisor//runsc",
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]15 "@com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1",
16 "//core/internal/containerd:ptp.json",
17 "//core/internal/containerd:loopback.json",
18 "//core/internal/containerd:config.toml",
19 "//core/internal/containerd:runsc.toml",
20 "@cacerts//file",
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]21 ],
22 outs = [
23 "initramfs.cpio.lz4",
24 ],
25 cmd = """
26 $(location @linux//:gen_init_cpio) - <<- 'EOF' | lz4 -l > \"$@\"
27dir /dev 0755 0 0
28nod /dev/console 0600 0 0 c 5 1
29nod /dev/null 0644 0 0 c 1 3
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]30nod /dev/ptmx 0644 0 0 c 5 2
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]31file /init $(location //core/cmd/init) 0755 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]32dir /etc 0755 0 0
33dir /etc/ssl 0755 0 0
34file /etc/ssl/cert.pem $(location @cacerts//file) 0444 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]35dir /bin 0755 0 0
Serge Bazanski2fb13a82020-02-11 12:41:37 +0100[diff] [blame]36file /bin/mkfs.xfs $(location //third_party/xfsprogs:mkfs.xfs) 0755 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]37file /bin/kube-controlplane $(location //core/cmd/kube-controlplane) 0755 0 0
Serge Bazanskibb7db922020-04-30 12:43:10 +0200[diff] [blame]38file /bin/kubelet $(location @io_k8s_kubernetes//cmd/kubelet:_kubelet-pure) 0755 0 0
39dir /containerd 0755 0 0
Lorenz Brunc88c82d2020-05-08 14:35:04 +0200[diff] [blame]40dir /containerd/bin 0755 0 0
41file /containerd/bin/containerd $(location @com_github_containerd_containerd//cmd/containerd) 0755 0 0
42file /containerd/bin/containerd-shim-runsc-v1 $(location @com_github_google_gvisor_containerd_shim//cmd/containerd-shim-runsc-v1) 0755 0 0
43file /containerd/bin/runsc $(location @com_github_google_gvisor//runsc) 0755 0 0
44dir /containerd/bin/cni 0755 0 0
45file /containerd/bin/cni/loopback $(location @com_github_containernetworking_plugins//plugins/main/loopback) 0755 0 0
46file /containerd/bin/cni/ptp $(location @com_github_containernetworking_plugins//plugins/main/ptp) 0755 0 0
47file /containerd/bin/cni/host-local $(location @com_github_containernetworking_plugins//plugins/ipam/host-local) 0755 0 0
48dir /containerd/run 0755 0 0
49dir /containerd/conf 0755 0 0
50dir /containerd/conf/cni 0755 0 0
51file /containerd/conf/cni/10-ptp.conf $(location //core/internal/containerd:ptp.json) 0444 0 0
52file /containerd/conf/cni/99-loopback.conf $(location //core/internal/containerd:loopback.json) 0444 0 0
53file /containerd/conf/config.toml $(location //core/internal/containerd:config.toml) 0444 0 0
54file /containerd/conf/runsc.toml $(location //core/internal/containerd:runsc.toml) 0444 0 0
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]55EOF
56 """,
57 tools = [
58 "@linux//:gen_init_cpio",
59 ],
60)
61
62genrule(
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]63 name = "image",
64 srcs = [
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]65 "//third_party/linux:bzImage",
66 ":initramfs",
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]67 ],
68 outs = [
69 "smalltown.img",
70 ],
71 cmd = """
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]72 $(location //core/cmd/mkimage) \
Serge Bazanski731d00a2020-02-03 19:08:07 +0100[diff] [blame]73 -efi $(location //third_party/linux:bzImage) \
74 -initramfs $(location :initramfs) \
Leopold Schabel65493072019-11-06 13:40:44 +0000[diff] [blame]75 -out $@
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]76 """,
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]77 tools = [
Serge Bazanskidcb3a562020-02-03 13:44:44 +0100[diff] [blame]78 "//core/cmd/mkimage",
Lorenz Brun0bcaaee2019-11-06 12:42:39 +0100[diff] [blame]79 ],
Hendrik Hofstadt0d7c91e2019-10-23 21:44:47 +0200[diff] [blame]80 visibility = ["//visibility:public"],
81)
82
83genrule(
84 name = "swtpm_data",
85 outs = [
86 "tpm/tpm2-00.permall",
87 "tpm/signkey.pem",
88 "tpm/issuercert.pem",
89 ],
90 cmd = """
91 mkdir -p tpm/ca
92
93 cat <<EOF > tpm/swtpm.conf
94create_certs_tool= /usr/share/swtpm/swtpm-localca
95create_certs_tool_config = tpm/swtpm-localca.conf
96create_certs_tool_options = /etc/swtpm-localca.options
97EOF
98
99 cat <<EOF > tpm/swtpm-localca.conf
100statedir = tpm/ca
101signingkey = tpm/ca/signkey.pem
102issuercert = tpm/ca/issuercert.pem
103certserial = tpm/ca/certserial
104EOF
105
106 swtpm_setup \
107 --tpmstate tpm \
108 --create-ek-cert \
109 --create-platform-cert \
110 --allow-signing \
111 --tpm2 \
112 --display \
113 --pcr-banks sha1,sha256,sha384,sha512 \
114 --config tpm/swtpm.conf
115
116 cp tpm/tpm2-00.permall $(location tpm/tpm2-00.permall)
117 cp tpm/ca/issuercert.pem $(location tpm/issuercert.pem)
118 cp tpm/ca/signkey.pem $(location tpm/signkey.pem)
119 """,
120 visibility = ["//visibility:public"],
121)