feat: add iPXE build with embedded placeholder script

This builds iPXE with HTTPS enabled, and embedded placeholder script which is to be replaced with the real script during Sidero metal-controller-manager bootstrap. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
siderolabs · Apr 27, 2021 · f87c194 · f87c194
1 parent a8b9e71
commit f87c194
Show file tree

Hide file tree

Showing 5 changed files with 162 additions and 1 deletion.
diff --git a/Makefile b/Makefile
@@ -17,7 +17,7 @@ COMMON_ARGS += --platform=$(PLATFORM)
 empty :=
 space = $(empty) $(empty)
 
-TARGETS =  ca-certificates  cni  containerd cryptsetup dosfstools  eudev  fhs  grub ipmitool  iptables  kernel  kmod  libaio libjson-c libpopt libressl  libseccomp  linux-firmware lvm2  musl  open-iscsi  open-isns raspberrypi-firmware runc  socat  syslinux u-boot  util-linux  xfsprogs 
+TARGETS =  ca-certificates  cni  containerd cryptsetup dosfstools  eudev  fhs  grub ipmitool  iptables ipxe kernel  kmod  libaio libjson-c liblzma libpopt libressl  libseccomp  linux-firmware lvm2  musl  open-iscsi  open-isns raspberrypi-firmware runc  socat  syslinux u-boot  util-linux  xfsprogs
 
 all: $(TARGETS) ## Builds all known pkgs.
 

diff --git a/ipxe/files/ipxe.script b/ipxe/files/ipxe.script
@@ -0,0 +1,65 @@
+#!ipxe
+
+# *PLACEHOLDER START*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER*
+# *PLACEHOLDER END*
diff --git a/ipxe/patches/https.patch b/ipxe/patches/https.patch
@@ -0,0 +1,13 @@
+diff --git a/src/config/general.h b/src/config/general.h
+index 9b21f127..46e753ae 100644
+--- a/src/config/general.h
++++ b/src/config/general.h
+@@ -55,7 +55,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+ #define	DOWNLOAD_PROTO_TFTP	/* Trivial File Transfer Protocol */
+ #define	DOWNLOAD_PROTO_HTTP	/* Hypertext Transfer Protocol */
+-#undef	DOWNLOAD_PROTO_HTTPS	/* Secure Hypertext Transfer Protocol */
++#define	DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */
+ #undef	DOWNLOAD_PROTO_FTP	/* File Transfer Protocol */
+ #undef	DOWNLOAD_PROTO_SLAM	/* Scalable Local Area Multicast */
+ #undef	DOWNLOAD_PROTO_NFS	/* Network File System Protocol */
diff --git a/ipxe/pkg.yaml b/ipxe/pkg.yaml
@@ -0,0 +1,47 @@
+name: ipxe
+variant: scratch
+shell: /toolchain/bin/bash
+dependencies:
+  - stage: base
+  - stage: liblzma
+steps:
+  - sources:
+      - url: https://github.com/ipxe/ipxe/archive/refs/tags/v1.21.1.tar.gz
+        destination: ipxe.tar.gz
+        sha256: 16e8d51c48d8a120332cf0dc32b473acc5d179e3975ced208eb21caf3b6528dc
+        sha512: 47400975110ed4ab95835aa1b7c8d5a6917c19c5713c6ab88bc0741a3adcd62245a9c4251d1f46fffc45289c6b18bf893f86dbc3b67d3189c41b7f198367ecaa
+    prepare:
+      - |
+        tar -xzf ipxe.tar.gz --strip-components=1
+
+        patch -p 1 < /pkg/patches/https.patch
+    build:
+      - |
+        cd src/
+
+        {{ if eq .ARCH "aarch64" }}
+        ARCH= make -j $(nproc) bin-arm64-efi/ipxe.efi EMBED=/pkg/files/ipxe.script
+        {{ else }}
+        ARCH= make -j $(nproc) bin/undionly.kpxe bin-x86_64-efi/ipxe.efi EMBED=/pkg/files/ipxe.script
+        ARCH= make bin/undionly.kpxe.bin bin/undionly.kpxe.zinfo EMBED=/pkg/files/ipxe.script
+        {{ end }}
+    install:
+      - |
+        cd src/
+
+        mkdir -p /rootfs/{usr/libexec,usr/libexec/zbin}
+
+        {{ if eq .ARCH "aarch64" }}
+        cp -p bin-arm64-efi/ipxe.efi /rootfs/usr/libexec
+        {{ else }}
+        cp -p bin/undionly.kpxe bin-x86_64-efi/ipxe.efi /rootfs/usr/libexec
+        cp -p bin/undionly.kpxe.bin bin/undionly.kpxe.zinfo util/zbin /rootfs/usr/libexec/zbin
+        {{ end }}
+finalize:
+  - from: /rootfs
+    to: /
+# Generating .kpxe via zbin:
+#   [ZBIN] bin/undionly.kpxe.zbin
+#    ./util/zbin bin/undionly.kpxe.bin bin/undionly.kpxe.zinfo > bin/undionly.kpxe.zbin
+#  [FINISH] bin/undionly.kpxe
+#    cp bin/undionly.kpxe.zbin bin/undionly.kpxe
diff --git a/liblzma/pkg.yaml b/liblzma/pkg.yaml
@@ -0,0 +1,36 @@
+name: liblzma
+variant: scratch
+shell: /toolchain/bin/bash
+dependencies:
+  - stage: base
+steps:
+  - sources:
+      - url: http://deb.debian.org/debian/pool/main/x/xz-utils/xz-utils_5.2.4.orig.tar.xz
+        destination: xz.tar.xz
+        sha256: 9717ae363760dedf573dad241420c5fea86256b65bc21d2cf71b2b12f0544f4b
+        sha512: 00db7dd31a61541b1ce6946e0f21106f418dd1ac3f27cdb8682979cbc3bd777cd6dd1f04f9ba257a0a7e24041e15ca40d0dd5c130380dce62280af67a0beb97f
+    prepare:
+      - |
+        tar -xJf xz.tar.xz --strip-components=1
+
+        ./configure \
+          --prefix=/usr \
+          --disable-rpath \
+          --disable-werror \
+          --disable-doc \
+          --disable-xz \
+          --disable-xzdec \
+          --disable-lzmadec \
+          --disable-lzmainfo \
+          --disable-lzma-links \
+          --disable-scripts \
+          --disable-static
+    build:
+      - |
+        make -j $(nproc)
+    install:
+      - |
+        make install DESTDIR=/rootfs
+finalize:
+  - from: /rootfs
+    to: /