rules/config

###############################################################################
## Configuration parameters for SONiC build system
###############################################################################

# SONIC_CONFIG_PRINT_DEPENDENCIES - show dependencies for each invoked target.
# Before executing rule for each target its dependencies are printed to console.
# Uncomment next line to enable:
# SONIC_CONFIG_PRINT_DEPENDENCIES = y

# SONIC_CONFIG_BUILD_JOBS - set number of jobs for parallel build.
# Corresponding -j argument will be passed to make command inside docker
# container.
SONIC_CONFIG_BUILD_JOBS = 1

# SONIC_CONFIG_MAKE_JOBS - set number of parallel make jobs per package.
# Corresponding -j argument will be passed to make/dpkg commands that build separate packages
SONIC_CONFIG_MAKE_JOBS = $(shell nproc)

# DEFAULT_BUILD_LOG_TIMESTAMP - add timestamp in build log
# Supported format: simple, none
DEFAULT_BUILD_LOG_TIMESTAMP = none

# SONIC_USE_DOCKER_BUILDKIT - use docker buildkit for build.
# If set to y SONiC build system will set environment variable DOCKER_BUILDKIT=1
# to enable docker buildkit.
# This options will speed up docker image build time.
# NOTE: SONIC_USE_DOCKER_BUILDKIT will produce larger installable SONiC image
# because of a docker bug (more details: https://github.com/moby/moby/issues/38903)
# SONIC_USE_DOCKER_BUILDKIT = y

# SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD - use native dockerd for build.
# If set to y SONiC build container will use native dockerd instead of dind for faster build.
# Special handling of the docker image file names is needed to avoid conflicts with
# other SONiC build jobs on the same server. This requires changes to the Dockerfile.j2 FROM statement
# in the dockers/ and platform/ subdirs to use a variable reference instead of an explicit image name.
# SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD = y

# SONIC_CONFIG_ENABLE_COLORS - enable colored output in build system.
# Comment next line to disable:
# SONIC_CONFIG_ENABLE_COLORS = y

# CHANGE_DEFAULT_PASSWORD - enforce default user/users to change password on 1st login
CHANGE_DEFAULT_PASSWORD ?= n

# Default value for SMARTSWITCH
SMARTSWITCH ?= 0

# DEFAULT_USERNAME - default username for installer build
DEFAULT_USERNAME = admin

# DEFAULT_PASSWORD - default password for installer build
DEFAULT_PASSWORD = YourPaSsWoRd

# ENABLE_ZTP - installs Zero Touch Provisioning support.
# ENABLE_ZTP = y

# INCLUDE_PDE - Enable platform development enviroment
# INCLUDE_PDE = y
# SHUTDOWN_BGP_ON_START - if set to y all bgp sessions will be in admin down state when
# bgp service starts.
# SHUTDOWN_BGP_ON_START = y

# ENABLE_PFCWD_ON_START - if set to y PFC Watchdog (PFCWD) will be enabled all server-facing ports
# by default for TOR switch
# ENABLE_PFCWD_ON_START = y

# INSTALL_DEBUG_TOOLS - installs debugging tools in baseline docker
# Uncomment next line to enable:
# INSTALL_DEBUG_TOOLS = y

# SONIC_USE_PDDF_FRAMEWORK - Use PDDF generic drivers and plugins
# Uncomment next line to enable:
SONIC_USE_PDDF_FRAMEWORK = y

# SONIC_ROUTING_STACK - specify the routing-stack being elected to drive SONiC's control-plane.
# Supported routing stacks on SONiC are:
# routing-stacks: frr.
SONIC_ROUTING_STACK = frr

# ENABLE_SYNCD_RPC - build docker-syncd with rpc packages for testing purposes.
# Uncomment to enable:
# ENABLE_SYNCD_RPC = y

# Enable Origanization Extensions - Specific to the deployment scenarios of the Organization
ENABLE_ORGANIZATION_EXTENSIONS = y

# Debugging option allows sonic debian packages to get built including symbols
# information. Profiling option, disables compiler optimizations (-O0) as well
# as includes symbols information. Given that 'profiling' option is a superset
# of 'debugging' one, user should only enable either one option or the other --
# if both options are enabled, the 'profiling' one will prevail.
#SONIC_DEBUGGING_ON = y
#SONIC_PROFILING_ON = y

# DEFAULT_KERNEL_PROCURE_METHOD - default method for obtaining kernel
#   build:    build kernel from source
#   download: download pre-built kernel from Azure storage.
DEFAULT_KERNEL_PROCURE_METHOD = build

# FRR user and group id values. These only take effect when SONIC_ROUTING_STACK is frr.
# Note: these values match the admin uid/gid of the host's admin account. If these values
# change and user doesn't want the frr uid/gid to potentially match a random user on the
# host, then either the appropriate account and group will need to be created on the host
# manually or changes need to be made when the image is built to create the account and
# group during installation.
FRR_USER_UID = 300
FRR_USER_GID = 300

# DPKG cache allows the .deb files to be stored in the cache path. This allows the submodules
# package to be cached and restored back if its commit hash is not modified and its dependencies are not modified.
# SONIC_DPKG_CACHE_METHOD - Default method of deb package caching
#	none    :  no caching
#	rwcache :  Use cache if exists else build the source and update the cache
#	wcache  :  Dont use the cache and just build the source and update the cache
#	rcache  :  Use cache if exists, but dont update the cache
#	cache   :  Same as rwcache
# SONIC_DPKG_CACHE_SOURCE - Stores the cache location details
SONIC_DPKG_CACHE_METHOD ?= none
SONIC_DPKG_CACHE_SOURCE ?= /var/cache/sonic/artifacts

# Default VS build memory preparation
DEFAULT_VS_PREPARE_MEM = yes

# INCLUDE_SYSTEM_GNMI - build docker-sonic-gnmi for system gnmi support
INCLUDE_SYSTEM_GNMI = y

# INCLUDE_SYSTEM_BMP - build docker-sonic-bmp for system bmp support
INCLUDE_SYSTEM_BMP = y

# INCLUDE_SYSTEM_EVENTD - build docker-eventd for system eventd support
INCLUDE_SYSTEM_EVENTD = y

# INCLUDE_SYSTEM_TELEMETRY - build docker-sonic-telemetry for system telemetry support
INCLUDE_SYSTEM_TELEMETRY = n

# INCLUDE_ICCPD - build docker-iccpd for mclag support
INCLUDE_ICCPD = n

# INCLUDE_SFLOW - build docker-sflow for sFlow support
INCLUDE_SFLOW = y

# INCLUDE_MGMT_FRAMEWORK - build docker-sonic-mgmt-framework for CLI and REST server support
INCLUDE_MGMT_FRAMEWORK = y

# ENABLE_HOST_SERVICE_ON_START - enable sonic-host-server for mgmt-framework and/or
# gnmi containers to access host functionality by default
ENABLE_HOST_SERVICE_ON_START = y

# INCLUDE_RESTAPI - build docker-sonic-restapi for configuring the switch using REST APIs
INCLUDE_RESTAPI ?= n

# INCLUDE_NAT - build docker-nat for nat support
INCLUDE_NAT = y

# INCLUDE_DHCP_RELAY - build and install dhcp-relay package
INCLUDE_DHCP_RELAY = y

# INCLUDE_DHCP_SERVER - build and install dhcp-server package
INCLUDE_DHCP_SERVER ?= n

# Conditionally enable DHCP_SERVER when SMARTSWITCH is set to 1
ifeq ($(SMARTSWITCH), 1)
    INCLUDE_DHCP_SERVER = y
endif

# INCLUDE_P4RT - build docker-p4rt for P4RT support
INCLUDE_P4RT = n

# ENABLE_AUTO_TECH_SUPPORT - Enable the configuration for event-driven techsupport & coredump mgmt feature
ENABLE_AUTO_TECH_SUPPORT = y

# ENABLE_TRANSLIB_WRITE - Enable translib write/config operations via the gNMI interface.
# Uncomment to enable:
# ENABLE_TRANSLIB_WRITE = y

# ENABLE_NATIVE_WRITE - Enable native write/config operations via the gNMI interface.
ENABLE_NATIVE_WRITE = y

# INCLUDE_MACSEC - build docker-macsec for macsec support
INCLUDE_MACSEC = y

# INCLUDE_GBSYNCD - build docker-gbsyncd-* for gearbox support
INCLUDE_GBSYNCD ?= y

# INCLUDE_TEAMD - build docker-teamd for LAG protocol support
INCLUDE_TEAMD ?= y

# INCLUDE_ROUTER_ADVERTISER - build docker-router-advertiser for router advertisements support
INCLUDE_ROUTER_ADVERTISER ?= y

# INCLUDE_KUBERNETES - if set to y kubernetes packages are installed to be able to
# run as worker node in kubernetes cluster.
INCLUDE_KUBERNETES ?= n

KUBE_DOCKER_PROXY = http://172.16.1.1:3128/

# KUBERNETES_VERSION - Set to the required version.
# K8s_GCR_IO_PAUSE_VERSION - Version of k8s universal pause container image
# These are Used *only* when INCLUDE_KUBERNETES=y
# NOTE: As a worker node it has to run version compatible to kubernetes master.
#
KUBERNETES_VERSION = 1.22.2-00
KUBERNETES_CNI_VERSION = 0.8.7-00
KUBERNETES_CRI_TOOLS_VERSION = 1.26.0-00
K8s_GCR_IO_PAUSE_VERSION = 3.5

# INCLUDE_KUBERNETES_MASTER - if set to y kubernetes packages are installed o be able 
# to run as master node in kubernetes cluster
INCLUDE_KUBERNETES_MASTER ?= n

# MASTER_KUBERNETES_VERSION - version of k8s components
# MASTER_PAUSE_VERSION - version of pause container image
# MASTER_COREDNS_VERSION - version of coredns container image
# MASTER_ETCD_VERSION = version of etcd container image
# MASTER_CRI_DOCKERD = version of cri-dockerd container image
# MASTER_UI_METRIC_VERSION = version of k8s metrics server container image
# MASTER_UI_DASH_VERSION = version of k8s dashboard container image
# MASTER_MDM_VERSION = version of mdm container image
# MASTER_MDS_VERSION = version of mds container image
# MASTER_FLUENTD_VERSION = version of fluentd container image
MASTER_KUBERNETES_VERSION = 1.22.2-00
MASTER_KUBERNETES_CONTAINER_IMAGE_VERSION = v1.22.2
MASTER_PAUSE_VERSION = 3.5
MASTER_COREDNS_VERSION = v1.8.4
MASTER_ETCD_VERSION = 3.5.0-0
MASTER_CRI_DOCKERD = 0.3.10
MASTER_UI_METRIC_VERSION = v1.0.8
MASTER_UI_DASH_VERSION = v2.7.0
MASTER_MDM_VERSION = 2.2023.505.1124-45da18-20230505t1700
MASTER_MDS_VERSION = mariner_20230517.1
MASTER_FLUENTD_VERSION = mariner_20230517.1

# SONIC_ENABLE_IMAGE_SIGNATURE - enable image signature
# To not use the auto-generated self-signed certificate, the required files to sign the image as below:
#     SIGNING_KEY =
#     SIGNING_CERT =
#     CA_CERT =
# The relative path is build root folder.
SONIC_ENABLE_IMAGE_SIGNATURE ?= n

# Full Secure Boot feature flags.
# SECURE_UPGRADE_DEV_SIGNING_KEY - path to development signing key, used for image signing during build
# SECURE_UPGRADE_SIGNING_CERT - path to development signing certificate, used for image signing during build
# SECURE_UPGRADE_MODE - enum value for secure upgrade mode, valid options are "dev", "prod" and "no_sign"
# SECURE_UPGRADE_PROD_SIGNING_TOOL - path to a vendor signing tool for production flow.
# SECURE_UPGRADE_PROD_TOOL_ARGS - Extra arguments options for vendor to use to run his specific prod signing script
SECURE_UPGRADE_DEV_SIGNING_KEY ?= 
SECURE_UPGRADE_SIGNING_CERT ?= 
SECURE_UPGRADE_MODE = "no_sign"
SECURE_UPGRADE_PROD_SIGNING_TOOL ?=
SECURE_UPGRADE_PROD_TOOL_ARGS ?=
# PACKAGE_URL_PREFIX - the package url prefix
PACKAGE_URL_PREFIX ?= https://packages.trafficmanager.net/public/packages

# TRUSTED_GPG_URLS - the trusted gpgs, separated by comma
TRUSTED_GPG_URLS = https://packages.trafficmanager.net/debian/public_key.gpg,https://packages.microsoft.com/keys/microsoft.asc

# SONIC_VERSION_CONTROL_COMPONENTS - Valid values: none|all|components..., the components consist of one or multiple: deb,py2,py3,web,git,docker, seperated by comma
#   none  : disable the version control
#   all   : enable the version control for all components
#   deb   : debian packages
#   py2   : python2 packages
#   py3   : python3 pakcages
#   web   : web packages, downloaded by wget, curl
#   git   : git repositories, donloaded by git clone
#   docker: docker base images
SONIC_VERSION_CONTROL_COMPONENTS ?= none

ifeq ($(SONIC_VERSION_CONTROL_COMPONENTS),all)
override MIRROR_SNAPSHOT = y
endif

ifneq (,$(findstring deb,$(SONIC_VERSION_CONTROL_COMPONENTS)))
override MIRROR_SNAPSHOT = y
endif

# MIRROR_SNAPSHOT - support mirror snapshot flag
MIRROR_SNAPSHOT ?= n

# SONIC_VERSION_CACHE allows the .deb,.py, wget, git, docker and go files to be stored in the cache path. This allows the submodules to
# cache standard installation package and restored back to avoid the package download every time.
# SONIC_VERSION_CACHE - Method of deb package caching
#	none    :  no caching
#	cache   :  Use cache if exists else build the source and update the cache
# SONIC_VERSION_CACHE_SOURCE - Defines the version cache location details
SONIC_VERSION_CACHE_METHOD ?= none
SONIC_VERSION_CACHE_SOURCE ?= $(SONIC_DPKG_CACHE_SOURCE)/vcache

# SONiC docker registry
#
# Set the env variable ENABLE_DOCKER_BASE_PULL = y to enable pulling sonic-slave docker from registry
REGISTRY_PORT ?= 443
REGISTRY_SERVER ?= sonicdev-microsoft.azurecr.io
REGISTRY_SERVER_PATH ?=

# BUILD_MULTIASIC_KVM - if set to y multi-asic KVM images will be generated.
BUILD_MULTIASIC_KVM = n

# INCLUDE_MUX - build docker-mux for dual ToR (Gemini)
INCLUDE_MUX = y

# ENABLE_ASAN - enable address sanitizer
ENABLE_ASAN ?= n

# reset default container registry from dockerhub to other
DEFAULT_CONTAINER_REGISTRY ?=

# INCLUDE_BOOTCHART - install systemd-bootchart
INCLUDE_BOOTCHART = y

# ENABLE_BOOTCHART - whether to enable systemd-bootchart on boot
ENABLE_BOOTCHART = n

# INCLUDE_FIPS - support FIPS feature, only for amd64 or arm64, armhf not supported yet
# ENABLE_FIPS - support FIPS flag, if enabled, no additional config requred for the image to support FIPS
INCLUDE_FIPS ?= y
ENABLE_FIPS ?= n

# SONIC_SLAVE_DOCKER_DRIVER - set the sonic slave docker storage driver
SONIC_SLAVE_DOCKER_DRIVER ?= overlay2

# SONIC_OS_VERSION - sonic os version
SONIC_OS_VERSION ?= 12

# PIP timeout for http connection
PIP_HTTP_TIMEOUT ?= 60

# BUILD_REDUCE_IMAGE_SIZE - reduce the image size as much as possbible
BUILD_REDUCE_IMAGE_SIZE = n

# SONIC_PTF_ENV_PY_VER - SONiC PTF test Python version. Set to 'mixed' to build the 
# image with both Python 2 and 3. Set to 'py3' to build a Python 3 only image
SONIC_PTF_ENV_PY_VER = mixed

# Add timeout on some process which may hangs
BUILD_PROCESS_TIMEOUT ?= 0