Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-04-20 23:36:29 -04:00
Code Issues Packages Projects Releases Wiki Activity

Build 5.19 + Fedora 36

Browse Source
This commit is contained in:
Otto Bittner 2022-12-21 10:56:25 +01:00
parent 0742523f78
commit 9ca50efbcf
5 changed files with 27 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
image/Makefile
View File

@ -10,7 +10,7 @@ IMAGE_VERSION ?= v0.0.0
csps := aws qemu gcp azure
certs := $(PKI)/PK.cer $(PKI)/KEK.cer $(PKI)/db.cer
GCP_FIXED_KERNEL_RPMS := kernel-5.19.17-300.fc37.x86_64.rpm kernel-core-5.19.17-300.fc37.x86_64.rpm kernel-modules-5.19.17-300.fc37.x86_64.rpm
GCP_FIXED_KERNEL_RPMS := kernel-5.19.17-200.fc36.x86_64.rpm kernel-core-5.19.17-200.fc36.x86_64.rpm kernel-modules-5.19.17-200.fc36.x86_64.rpm
PREBUILT_RPMS_GCP := $(addprefix prebuilt/rpms/,$(GCP_FIXED_KERNEL_RPMS))
@ -18,15 +18,14 @@ PREBUILT_RPMS_GCP := $(addprefix prebuilt/rpms/,$(GCP_FIXED_KERNEL_RPMS))
all: $(csps)
$(csps): %: mkosi.output.%/fedora~37/image.raw
$(csps): %: mkosi.output.%/fedora~36/image.raw
prebuilt/rpms/%.rpm:
@echo "Downloading $*"
@mkdir -p $(@D)
@curl -sL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/5.19.17/300.fc37/x86_64/$*.rpm
@curl -sL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/5.19.17/200.fc36/x86_64/$*.rpm
mkosi.output.%/fedora~37/image.raw: mkosi.files/mkosi.%.conf inject-bins inject-certs
mkosi.output.%/fedora~36/image.raw: mkosi.files/mkosi.%.conf inject-bins inject-certs
mkosi --config mkosi.files/mkosi.$*.conf --image-version=$(IMAGE_VERSION) build
secure-boot/signed-shim.sh $@
@if [ -n $(SUDO_UID) ] && [ -n $(SUDO_GID) ]; then \

32
image/README.md
View File

@ -75,7 +75,7 @@ After that, you can build the image with:
sudo make -j $(nproc)
```
Raw images will be placed in `mkosi.output.<CSP>/fedora~37/image.raw`.
Raw images will be placed in `mkosi.output.<CSP>/fedora~36/image.raw`.
## Prepare Secure Boot
@ -87,7 +87,7 @@ For QEMU and Azure, you can pre-generate the NVRAM variables for secure boot. Th
<summary><a id="qemu-secure-boot">libvirt / QEMU / KVM</a></summary>
```sh
secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~37/image.raw
secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~36/image.raw
```
</details>
@ -109,10 +109,10 @@ export AZURE_REGION=northeurope
export AZURE_REPLICATION_REGIONS=
export AZURE_DISK_NAME=constellation-$(date +%s)
export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME}
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.raw
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.vhd
export AZURE_VMGS_FILENAME=${AZURE_SECURITY_TYPE}.vmgs
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~37/image-upload.json
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~36/image-upload.json
export BLOBS_DIR=${PWD}/blobs
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
upload/upload_azure.sh --disk-name "${AZURE_DISK_NAME}-setup-secure-boot" ""
@ -156,10 +156,10 @@ export PKI=${PWD}/pki
export AWS_REGION=eu-central-1
export AWS_REPLICATION_REGIONS="us-east-2"
export AWS_BUCKET=constellation-images
export AWS_EFIVARS_PATH=${PWD}/mkosi.output.aws/fedora~37/efivars.bin
export AWS_IMAGE_PATH=${PWD}/mkosi.output.aws/fedora~37/image.raw
export AWS_EFIVARS_PATH=${PWD}/mkosi.output.aws/fedora~36/efivars.bin
export AWS_IMAGE_PATH=${PWD}/mkosi.output.aws/fedora~36/image.raw
export AWS_IMAGE_FILENAME=image-$(date +%s).raw
export AWS_JSON_OUTPUT=${PWD}/mkosi.output.aws/fedora~37/image-upload.json
export AWS_JSON_OUTPUT=${PWD}/mkosi.output.aws/fedora~36/image-upload.json
secure-boot/aws/create_uefivars.sh "${AWS_EFIVARS_PATH}"
upload/upload_aws.sh
```
@ -185,10 +185,10 @@ export PKI=${PWD}/pki
export GCP_PROJECT=constellation-images
export GCP_REGION=europe-west3
export GCP_BUCKET=constellation-images
export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.raw
export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~36/image.raw
export GCP_IMAGE_FILENAME=$(date +%s).tar.gz
export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.tar.gz
export GCP_JSON_OUTPUT=${PWD}/mkosi.output.gcp/fedora~37/image-upload.json
export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~36/image.tar.gz
export GCP_JSON_OUTPUT=${PWD}/mkosi.output.gcp/fedora~36/image-upload.json
upload/pack.sh gcp ${GCP_RAW_IMAGE_PATH} ${GCP_IMAGE_PATH}
upload/upload_gcp.sh
```
@ -228,9 +228,9 @@ export AZURE_IMAGE_OFFER=constellation
export AZURE_SKU=${AZURE_IMAGE_DEFINITION}
export AZURE_PUBLISHER=edgelesssys
export AZURE_DISK_NAME=constellation-$(date +%s)
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~37/image-upload.json
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.raw
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.vhd
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~36/image-upload.json
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
upload/upload_azure.sh -g --disk-name "${AZURE_DISK_NAME}" "${AZURE_VMGS_PATH}"
```
@ -250,8 +250,8 @@ export STREAM= # e.g. "nightly", "debug", "stable" (depends on the type of image
export IMAGE_VERSION= # e.g. v2.1.0" or output of pseudo-version tool
export QEMU_BUCKET=cdn-constellation-backend
export QEMU_BASE_URL="https://cdn.confidential.cloud"
export QEMU_IMAGE_PATH=${PWD}/mkosi.output.qemu/fedora~37/image.raw
export QEMU_JSON_OUTPUT=${PWD}/mkosi.output.qemu/fedora~37/image-upload.json
export QEMU_IMAGE_PATH=${PWD}/mkosi.output.qemu/fedora~36/image.raw
export QEMU_JSON_OUTPUT=${PWD}/mkosi.output.qemu/fedora~36/image-upload.json
upload/upload_qemu.sh
```

2
image/mkosi.conf.d/mkosi.conf
View File

@ -1,6 +1,6 @@
[Distribution]
Distribution=fedora
Release=37
Release=36
[Output]
Format=gpt_squashfs

6
image/mkosi.files/mkosi.azure.conf
View File

@ -8,6 +8,6 @@ BasePackages=conditional
Packages=systemd
util-linux
dracut
prebuilt/rpms/kernel-5.19.17-300.fc37.x86_64.rpm
prebuilt/rpms/kernel-core-5.19.17-300.fc37.x86_64.rpm
prebuilt/rpms/kernel-modules-5.19.17-300.fc37.x86_64.rpm
prebuilt/rpms/kernel-5.19.17-200.fc36.x86_64.rpm
prebuilt/rpms/kernel-core-5.19.17-200.fc36.x86_64.rpm
prebuilt/rpms/kernel-modules-5.19.17-200.fc36.x86_64.rpm

6
image/mkosi.files/mkosi.gcp.conf
View File

@ -8,6 +8,6 @@ BasePackages=conditional
Packages=systemd
util-linux
dracut
prebuilt/rpms/kernel-5.19.17-300.fc37.x86_64.rpm
prebuilt/rpms/kernel-core-5.19.17-300.fc37.x86_64.rpm
prebuilt/rpms/kernel-modules-5.19.17-300.fc37.x86_64.rpm
prebuilt/rpms/kernel-5.19.17-200.fc36.x86_64.rpm
prebuilt/rpms/kernel-core-5.19.17-200.fc36.x86_64.rpm
prebuilt/rpms/kernel-modules-5.19.17-200.fc36.x86_64.rpm