Compare commits
2 Commits
master
...
ryansquare
| Author | SHA1 | Date |
|---|---|---|
 Ryan Heywood
|
1b2d649a17
|
|
|
Ryan Heywood
|
fb45ef4b2f
|
105
Containerfile
105
Containerfile
|
|
@ -1,71 +1,58 @@
|
||||||
FROM stagex/binutils:sx2024.09.0@sha256:30a1bd110273894fe91c3a4a2103894f53eaac43cf12a035008a6982cb0e6908 AS binutils
|
# stagex release: 2025.07.0
|
||||||
FROM stagex/ca-certificates:sx2024.09.0@sha256:33787f1feb634be4232a6dfe77578c1a9b890ad82a2cf18c11dd44507b358803 AS ca-certificates
|
|
||||||
FROM stagex/gcc:sx2024.09.0@sha256:439bf36289ef036a934129d69dd6b4c196427e4f8e28bc1a3de5b9aab6e062f0 AS gcc
|
FROM stagex/core-binutils@sha256:f989b48a168f38563b74718b0568118f6a4107916b22bd2457c974ca5bf4c7f4 AS core-binutils
|
||||||
FROM stagex/zlib:sx2024.09.0@sha256:96b4100550760026065dac57148d99e20a03d17e5ee20d6b32cbacd61125dbb6 AS zlib
|
FROM stagex/core-ca-certificates@sha256:92400d9ed9ee1cf3c7568b3bdaa6c2c1aac3cabff4060dab99d1a8359e782e5a AS core-ca-certificates
|
||||||
FROM stagex/llvm:sx2024.09.0@sha256:30517a41af648305afe6398af5b8c527d25545037df9d977018c657ba1b1708f AS llvm
|
FROM stagex/core-gcc@sha256:ea69941739b0aa5bfb6b1dff8bb4bd7f5117f9cc26e3d9d1f830f35b2fc04c5c AS core-gcc
|
||||||
FROM stagex/openssl:sx2024.09.0@sha256:2c1a9d8fcc6f52cb11a206f380b17d74c1079f04cbb08071a4176648b4df52c1 AS openssl
|
FROM stagex/core-zlib@sha256:a143ed84d0aef7012d556df95904017e442c221117a07e5affc395440a2dae88 AS core-zlib
|
||||||
FROM stagex/eif_build:sx2024.09.0@sha256:291653f1ca528af48fd05858749c443300f6b24d2ffefa7f5a3a06c27c774566 AS eif_build
|
FROM stagex/core-llvm@sha256:c74f00501fa8dcb2bd319f493fcac3364d7ccbc29051516d653d019eac116151 AS core-llvm
|
||||||
FROM stagex/gen_initramfs:sx2024.09.0@sha256:f5b9271cca6003e952cbbb9ef041ffa92ba328894f563d1d77942e6b5cdeac1a AS gen_initramfs
|
FROM stagex/core-openssl@sha256:65bf9dc8676437ebc279f516c8d696936d620f3f53c81c2a35bd05e1360c6d99 AS core-openssl
|
||||||
FROM stagex/libunwind:sx2024.09.0@sha256:97ee6068a8e8c9f1c74409f80681069c8051abb31f9559dedf0d0d562d3bfc82 AS libunwind
|
FROM stagex/user-eif_build@sha256:0eabf3d09ccf0421bc09fe9e90b656ecc1140155d5358f35de63e2cfd814f4f9 AS user-eif_build
|
||||||
FROM stagex/rust:sx2024.09.0@sha256:b7c834268a81bfcc473246995c55b47fe18414cc553e3293b6294fde4e579163 AS rust
|
FROM stagex/user-gen_initramfs@sha256:aff0791ee9ccdeed1304b5bb4edb7fc5b7f485e11bccf5e61668001243ada815 AS user-gen_initramfs
|
||||||
FROM stagex/musl:sx2024.09.0@sha256:ad351b875f26294562d21740a3ee51c23609f15e6f9f0310e0994179c4231e1d AS musl
|
FROM stagex/core-libunwind@sha256:cd88506914270f72ec82398390cb8e4c9cfb8173afbc4ad570bf319ee870400b AS core-libunwind
|
||||||
FROM stagex/git:sx2024.09.0@sha256:29a02c423a4b55fa72cf2fce89f3bbabd1defea86d251bb2aea84c056340ab22 AS git
|
FROM stagex/core-rust@sha256:16024267454141decbe82569731aa6e2a9be64411659e828c0988243ababf914 AS core-rust
|
||||||
FROM stagex/pkgconf:sx2024.09.0@sha256:ba7fce4108b721e8bf1a0d993a5f9be9b65eceda8ba073fe7e8ebca2a31b1494 AS pkgconf
|
FROM stagex/core-musl@sha256:79400dfed7fd30ff939bbd5b1fb2cb114910865891d1bd75e2067a394c3fb4f1 AS core-musl
|
||||||
FROM stagex/busybox:sx2024.09.0@sha256:d34bfa56566aa72d605d6cbdc154de8330cf426cfea1bc4ba8013abcac594395 AS busybox
|
FROM stagex/core-git@sha256:7ab36d6183162f0397eba3d5603beceb455982a1f2c122740484af0eb2497444 AS core-git
|
||||||
FROM stagex/linux-nitro:sx2024.03.0@sha256:073c4603686e3bdc0ed6755fee3203f6f6f1512e0ded09eaea8866b002b04264 AS linux-nitro
|
FROM stagex/core-pkgconf@sha256:608b378949cedc86df6350e5ec428b0e114bb7bc46bc33330b51215cc8ac4a68 AS core-pkgconf
|
||||||
|
FROM stagex/core-busybox@sha256:17e496211470fbd77057692619295e32c841e90312e48bce56a171fdb041b0c9 AS core-busybox
|
||||||
|
FROM stagex/user-linux-nitro@sha256:655924404a008c6c70c3411e7b32d6558ac388bcc3a5a02431029e63c93d1985 AS user-linux-nitro
|
||||||
|
FROM stagex/user-cpio@sha256:05701450a186fa1cb5a8287f7fa4d216e610a15d22c2e3e86d70ac3550d9cd3c AS user-cpio
|
||||||
|
|
||||||
FROM scratch as base
|
FROM scratch as base
|
||||||
ENV TARGET=x86_64-unknown-linux-musl
|
|
||||||
ENV RUSTFLAGS="-C target-feature=+crt-static"
|
|
||||||
ENV CARGOFLAGS="--locked --no-default-features --release --target ${TARGET}"
|
|
||||||
ENV OPENSSL_STATIC=true
|
|
||||||
|
|
||||||
COPY --from=busybox . /
|
COPY --from=core-busybox . /
|
||||||
COPY --from=musl . /
|
COPY --from=core-musl . /
|
||||||
COPY --from=libunwind . /
|
COPY --from=core-libunwind . /
|
||||||
COPY --from=openssl . /
|
COPY --from=core-openssl . /
|
||||||
COPY --from=zlib . /
|
COPY --from=core-zlib . /
|
||||||
COPY --from=ca-certificates . /
|
COPY --from=core-ca-certificates . /
|
||||||
COPY --from=binutils . /
|
COPY --from=core-binutils . /
|
||||||
COPY --from=pkgconf . /
|
COPY --from=core-pkgconf . /
|
||||||
COPY --from=git . /
|
COPY --from=core-git . /
|
||||||
COPY --from=rust . /
|
COPY --from=core-rust . /
|
||||||
COPY --from=gen_initramfs . /
|
COPY --from=user-gen_initramfs . /
|
||||||
COPY --from=eif_build . /
|
COPY --from=user-eif_build . /
|
||||||
COPY --from=llvm . /
|
COPY --from=core-llvm . /
|
||||||
COPY --from=gcc . /
|
COPY --from=core-gcc . /
|
||||||
COPY --from=linux-nitro /bzImage .
|
COPY --from=user-linux-nitro /bzImage .
|
||||||
COPY --from=linux-nitro /nsm.ko .
|
COPY --from=user-linux-nitro /linux.config .
|
||||||
COPY --from=linux-nitro /linux.config .
|
COPY --from=user-cpio . /
|
||||||
ADD . /src
|
ADD . /src
|
||||||
|
|
||||||
FROM base as build
|
FROM base as build
|
||||||
WORKDIR /src/init
|
|
||||||
RUN cargo build ${CARGOFLAGS}
|
|
||||||
WORKDIR /build_cpio
|
WORKDIR /build_cpio
|
||||||
RUN cp /src/init/target/${TARGET}/release/init init
|
COPY --from=local/nit /usr/bin/init /build_cpio/rootfs/init
|
||||||
ENV KBUILD_BUILD_TIMESTAMP=1
|
ENV KBUILD_BUILD_TIMESTAMP=1
|
||||||
COPY <<-EOF initramfs.list
|
|
||||||
file /init init 0755 0 0
|
|
||||||
file /nsm.ko /nsm.ko 0755 0 0
|
|
||||||
dir /run 0755 0 0
|
|
||||||
dir /tmp 0755 0 0
|
|
||||||
dir /etc 0755 0 0
|
|
||||||
dir /bin 0755 0 0
|
|
||||||
dir /sbin 0755 0 0
|
|
||||||
dir /proc 0755 0 0
|
|
||||||
dir /sys 0755 0 0
|
|
||||||
dir /usr 0755 0 0
|
|
||||||
dir /usr/bin 0755 0 0
|
|
||||||
dir /usr/sbin 0755 0 0
|
|
||||||
dir /dev 0755 0 0
|
|
||||||
dir /dev/shm 0755 0 0
|
|
||||||
dir /dev/pts 0755 0 0
|
|
||||||
nod /dev/console 0600 0 0 c 5 1
|
|
||||||
EOF
|
|
||||||
RUN <<-EOF
|
RUN <<-EOF
|
||||||
find . -exec touch -hcd "@0" "{}" +
|
# NOTE: Relative directory is important!
|
||||||
gen_init_cpio -t 1 initramfs.list > rootfs.cpio
|
( \
|
||||||
|
cd /build_cpio/rootfs; \
|
||||||
|
find . -exec touch -hcd "@0" "{}" + -print0 \
|
||||||
|
| sort -z \
|
||||||
|
| cpio --null --create --verbose --reproducible --format=newc \
|
||||||
|
| gzip --best \
|
||||||
|
> ../rootfs.cpio \
|
||||||
|
)
|
||||||
|
# gen_init_cpio -t 1 initramfs.list > rootfs.cpio
|
||||||
touch -hcd "@0" rootfs.cpio
|
touch -hcd "@0" rootfs.cpio
|
||||||
EOF
|
EOF
|
||||||
WORKDIR /build_eif
|
WORKDIR /build_eif
|
||||||
|
|
|
||||||
5
Makefile
5
Makefile
|
|
@ -1,12 +1,12 @@
|
||||||
REGISTRY := local
|
REGISTRY := local
|
||||||
.DEFAULT_GOAL :=
|
.DEFAULT_GOAL :=
|
||||||
.PHONY: default
|
.PHONY: default
|
||||||
default: out/enclaveos.tar
|
default: out/nitro.eif
|
||||||
|
|
||||||
out:
|
out:
|
||||||
mkdir out
|
mkdir out
|
||||||
|
|
||||||
out/enclaveos.tar: out \
|
out/nitro.eif: out \
|
||||||
$(shell git ls-files \
|
$(shell git ls-files \
|
||||||
src/init \
|
src/init \
|
||||||
src/aws \
|
src/aws \
|
||||||
|
|
@ -14,6 +14,7 @@ out/enclaveos.tar: out \
|
||||||
docker build \
|
docker build \
|
||||||
--tag $(REGISTRY)/enclaveos \
|
--tag $(REGISTRY)/enclaveos \
|
||||||
--progress=plain \
|
--progress=plain \
|
||||||
|
--no-cache \
|
||||||
--output type=local,rewrite-timestamp=true,dest=out\
|
--output type=local,rewrite-timestamp=true,dest=out\
|
||||||
-f Containerfile \
|
-f Containerfile \
|
||||||
src/
|
src/
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue