fix build iso edk, copy OVMF to virt-launcher

Signed-off-by: Nikita Korolev <[email protected]>

images/virt-firmware-artifact/build.sh

@@ -14,13 +14,15 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-set -e
+# set -e
 
 versionEdk2=stable202411
 gitRepoName=edk2
+EDK2_DIR="/${gitRepoName}-${versionEdk2}"
 FIRMWARE=/FIRMWARE
 
-cd /${gitRepoName}-${versionEdk2}
+cp -f Logo.bmp $EDK2_DIR/MdeModulePkg/Logo/
+cd $EDK2_DIR
 
 mkdir -p ${FIRMWARE}
 
@@ -67,8 +69,8 @@ build_iso() {
   ISO_IMAGE=${dir}/UefiShell.iso
 
   UEFI_SHELL_BINARY_BNAME=$(basename -- "$UEFI_SHELL_BINARY")
-  UEFI_SHELL_SIZE=$(stat --format=%%s -- "$UEFI_SHELL_BINARY")
-  ENROLLER_SIZE=$(stat --format=%%s -- "$ENROLLER_BINARY")
+  UEFI_SHELL_SIZE=$(stat --format=%s -- "$UEFI_SHELL_BINARY")
+  ENROLLER_SIZE=$(stat --format=%s -- "$ENROLLER_BINARY")
 
   # add 1MB then 10 percent for metadata
   UEFI_SHELL_IMAGE_KB=$((
@@ -95,20 +97,23 @@ build_iso() {
 
 # Build with neither SB nor SMM; include UEFI shell.
 # mkdir -p OVMF
-
 build ${OVMF_2M_FLAGS} -a X64 -p OvmfPkg/OvmfPkgX64.dsc
 cp -p Build/OvmfX64/*/FV/OVMF_CODE.fd $FIRMWARE/OVMF_CODE.fd
 cp -p Build/OvmfX64/*/FV/OVMF_VARS.fd $FIRMWARE/OVMF_VARS.fd
+
 # Build 4MB with neither SB nor SMM; include UEFI shell.
 build ${OVMF_4M_FLAGS} -a X64 -p OvmfPkg/OvmfPkgX64.dsc
 cp -p Build/OvmfX64/*/FV/OVMF_CODE.fd $FIRMWARE/OVMF_CODE_4M.fd
 cp -p Build/OvmfX64/*/FV/OVMF_VARS.fd $FIRMWARE/OVMF_VARS_4M.fd
+
 # Build with SB and SMM; exclude UEFI shell.
 build ${OVMF_2M_FLAGS} ${OVMF_SB_FLAGS} -a X64 -p OvmfPkg/OvmfPkgX64.dsc
 cp -p Build/OvmfX64/*/FV/OVMF_CODE.fd $FIRMWARE/OVMF_CODE.secboot.fd
+
 # Build 4MB with SB and SMM; exclude UEFI shell.
 build ${OVMF_4M_FLAGS} ${OVMF_SB_FLAGS} -a X64 -p OvmfPkg/OvmfPkgX64.dsc
 cp -p Build/OvmfX64/*/FV/OVMF_CODE.fd $FIRMWARE/OVMF_CODE_4M.secboot.fd
+
 # Build AmdSev and IntelTdx variants
 touch OvmfPkg/AmdSev/Grub/grub.efi   # dummy
 build ${OVMF_2M_FLAGS} -a X64 -p OvmfPkg/AmdSev/AmdSevX64.dsc

images/virt-firmware-artifact/werf.inc.yaml

@@ -11,9 +11,11 @@ git:
   to: /
   includePaths:
   - build.sh
+  - Logo.bmp
   stageDependencies:
     setup:
       - build.sh
+      - Logo.bmp
 shell:
   beforeInstall:
   - | 
@@ -27,7 +29,7 @@ shell:
     python3 python3-dev \
     python3-tools python3-module-setuptools \
     python3-module-pip \
-    nasm acpica libssl-devel libdwarf-devel libuuid-devel bison flex wget \
+    nasm acpica libssl-devel libdwarf-devel libuuid-devel bison flex \
     dosfstools mtools genisoimage binutils-devel \
     qemu-kvm-core \
     iasl \
@@ -66,71 +68,3 @@ shell:
     /build.sh
 
     ls -lah /FIRMWARE
-{{/*
-
-    # #==========
-    # # Create a clean Build directory
-    # rm -rf Build/*
-
-    # # Build OVMF_CODE.fd and OVMF_VARS.fd (Standard OVMF)
-    # build -a X64 -t GCC5 -p OvmfPkg/OvmfPkgX64.dsc -b RELEASE
-    # cp Build/OvmfX64/RELEASE_GCC5/FV/OVMF_CODE.fd /FIRMWARE/OVMF_CODE.fd
-    # cp Build/OvmfX64/RELEASE_GCC5/FV/OVMF_VARS.fd /FIRMWARE/OVMF_VARS.fd
-
-    # # Clean Build directory
-    # rm -rf Build/*
-
-    # # Build OVMF_CODE.secboot.fd and OVMF_VARS.secboot.fd (Secure Boot enabled)
-    # build -a X64 -t GCC5 -p OvmfPkg/OvmfPkgX64.dsc -b RELEASE -D SECURE_BOOT_ENABLE
-    # cp Build/OvmfX64/RELEASE_GCC5/FV/OVMF_CODE.fd /FIRMWARE/OVMF_CODE.secboot.fd
-    # cp Build/OvmfX64/RELEASE_GCC5/FV/OVMF_VARS.fd /FIRMWARE/OVMF_VARS.secboot.fd
-
-    # # Clean Build directory
-    # rm -rf Build/*
-
-    # # Build OVMF_CODE.cc.fd (Confidential Computing)
-    # build -a X64 -t GCC5 -p OvmfPkg/OvmfQemuCc.dsc -b RELEASE
-    # cp Build/OvmfQemuCc/RELEASE_GCC5/FV/OVMF_CODE.fd /FIRMWARE/OVMF_CODE.cc.fd
-
-    # # Clean Build directory
-    # rm -rf Build/*
-
-    # # Build OVMF.amdsev.fd (AMD SEV)
-    # build -a X64 -t GCC5 -p OvmfPkg/OvmfPkgX64.dsc -b RELEASE -D AMD_SEV=TRUE
-    # cp Build/OvmfX64/RELEASE_GCC5/FV/OVMF.fd /FIRMWARE/OVMF.amdsev.fd
-
-    # # Clean Build directory
-    # rm -rf Build/*
-
-    # # Build OVMF.inteltdx.fd (Intel TDX)
-    # build -a X64 -t GCC5 -p OvmfPkg/OvmfQemuTdx.dsc -b RELEASE
-    # cp Build/OvmfQemuTdx/RELEASE_GCC5/FV/OVMF.fd /FIRMWARE/OVMF.inteltdx.fd
-
-    # # Clean Build directory
-    # rm -rf Build/*
-
-    # # Build OVMF.inteltdx.secboot.fd (Intel TDX with Secure Boot)
-    # build -a X64 -t GCC5 -p OvmfPkg/OvmfQemuTdx.dsc -b RELEASE -D SECURE_BOOT_ENABLE
-    # cp Build/OvmfQemuTdx/RELEASE_GCC5/FV/OVMF.fd /FIRMWARE/OVMF.inteltdx.secboot.fd
-    # #==========
-
-    # # source edksetup.sh
-
-    # # Build the firmware
-    # echo "Building the firmware..."
-    # build --cmd-len=65536 -p OvmfPkg/OvmfPkgX64.dsc -a X64 -b RELEASE -t GCC5
-
-    # # Create the FIRMWARE directory if it doesn't exist
-    # mkdir -p /FIRMWARE
-
-    # # Copy the built firmware to the FIRMWARE directory
-    # echo "Copying firmware to FIRMWARE directory..."
-    # cp -v Build/OvmfX64/RELEASE_GCC5/FV/OVMF.fd /FIRMWARE/
-
-    # echo "Build completed successfully. Firmware is located in the FIRMWARE directory."
-  # setup:
-  # - |
-  #   /build.sh
-
-  #   ls -lah /FIRMWARE
-*/}}

images/virt-launcher/werf.inc.yaml

@@ -5,32 +5,38 @@ image: {{ $.ImageName }}
 fromImage: base-alt-p11
 import:
 # Before install stage.
-#   Add edk2-ovmf package
-- image: {{ $.ImageName }}-edk2-builder
-  add: /home/builder/RPM/RPMS/noarch
-  to: /
-  before: install
-  includePaths:
-  - edk2-ovmf-20231115-alt1.noarch.rpm
-  - edk2-ovmf-20240811-alt2.noarch.rpm
-
 {{/*
+# #   Add edk2-ovmf package
+# - image: {{ $.ImageName }}-edk2-builder
+#   add: /home/builder/RPM/RPMS/noarch
+#   to: /
+#   before: install
+#   includePaths:
+#   - edk2-ovmf-20231115-alt1.noarch.rpm
+#   - edk2-ovmf-20240811-alt2.noarch.rpm
+
 */}}
 
 # Add bins from libvirt and qemu artifacts.
 - image: tmp-merged
   add: /VBINS
   to: /BINS
   before: install
+- image: virt-firmware-artifact
+  add: /FIRMWARE/
+  to: /usr/share/OVMF
+  before: install
 
 # After install stage.
-#  Add libxcrypto library.
-- image: {{ $.ImageName }}-libxcrypt-builder
-  add: /usr/local/lib/
-  to: /lib64
-  after: install
-  includePaths:
-  - libcrypt.so.2.0.0
+{{/* 
+# #  Add libxcrypto library.
+# - image: {{ $.ImageName }}-libxcrypt-builder
+#   add: /usr/local/lib/
+#   to: /lib64
+#   after: install
+#   includePaths:
+#   - libcrypt.so.2.0.0
+*/}}
 
 #   Add liboverride library.
 - image: {{ $.ImageName }}-liboverride-builder
@@ -107,12 +113,9 @@ shell:
     acl \
     pcre \
     procps \
-    seavgabios seabios \
     ethtool \
     nftables \
-    xorriso \
     passt \
-    ipxe-roms-qemu \
     libffi8 \
     swtpm-tools \
     libcrypt libcrypto3 \
@@ -129,47 +132,54 @@ shell:
     libpulseaudio pipewire-libs libaio liburing \
     libblkio libglusterfs11-api libnfs librbd1 librados2 
 
-    # libspice-server pipewire-jack-libs
-    # seavgabios \
-    # seabios \
+    # xorriso \
+    # pipewire-jack-libs \
+    # ipxe-roms-qemu \
+    # seavgabios seabios \
     # libvirt-client==10.2.0-alt1 \
     # libvirt-daemon-driver-qemu==10.2.0-alt1 \
     # qemu-kvm-core==9.0.2-alt2
   - apt-get clean
   - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin
   install:
+{{/*
   # Upgrade edk2-ovmf package to custom build and remove its package.
-  - |
-    # Temp disable
-    ls -la
-    rpm -Uv /edk2-ovmf-20231115-alt1.noarch.rpm
-    rm /edk2-ovmf-20231115-alt1.noarch.rpm
-    # =======
-    # rpm -Uv /edk2-ovmf-20240811-alt2.noarch.rpm
-    # rm /edk2-ovmf-20240811-alt2.noarch.rpm
+  # - |
+  #   # Temp disable
+  #   ls -la
+  #   rpm -Uv /edk2-ovmf-20231115-alt1.noarch.rpm
+  #   rm /edk2-ovmf-20231115-alt1.noarch.rpm
+  #   # =======
+  #   # rpm -Uv /edk2-ovmf-20240811-alt2.noarch.rpm
+  #   # rm /edk2-ovmf-20240811-alt2.noarch.rpm
 
   # Restructure firware files in /usr/share/OVMF to mimic structure
   # in edk2-ovmf package from the original kubevirt.
+*/}}
   - |
-    cd /usr/share/OVMF
-    rm MICROVM.fd
-    rm OVMF.inteltdx.secboot.fd
-    rm OVMF_CODE.fd
-    rm OVMF_CODE.secboot.fd
-    mv OVMF_CODE_4M.fd OVMF_CODE.cc.fd
-    rm OVMF_CODE_4M.qcow2
-    mv OVMF_CODE_4M.secboot.fd OVMF_CODE.secboot.fd
-    rm OVMF_CODE_4M.secboot.qcow2
-    rm OVMF_VARS.fd
-    rm OVMF_VARS.ms.fd
-    rm OVMF_VARS.secboot.fd
-    mv OVMF_VARS_4M.fd OVMF_VARS.fd
-    rm OVMF_VARS_4M.ms.fd
-    rm OVMF_VARS_4M.ms.qcow2 || true
-    rm OVMF_VARS_4M.qcow2 || true
-    mv OVMF_VARS_4M.secboot.fd OVMF_VARS.secboot.fd
-    rm OVMF_VARS_4M.secboot.qcow2 || true
-    ls -la
+    # Link to dir OVMF
+    ln -s /usr/share/OVMF /usr/share/edk2/ovmf
+    ln -s /usr/share/OVMF/OVMF_CODE.fd /usr/share/OVMF/OVMF_CODE.cc.fd
+
+    # cd /usr/share/OVMF
+    # rm MICROVM.fd
+    # rm OVMF.inteltdx.secboot.fd
+    # rm OVMF_CODE.fd
+    # rm OVMF_CODE.secboot.fd
+    # mv OVMF_CODE_4M.fd OVMF_CODE.cc.fd
+    # rm OVMF_CODE_4M.qcow2
+    # mv OVMF_CODE_4M.secboot.fd OVMF_CODE.secboot.fd
+    # rm OVMF_CODE_4M.secboot.qcow2
+    # rm OVMF_VARS.fd
+    # rm OVMF_VARS.ms.fd
+    # rm OVMF_VARS.secboot.fd
+    # mv OVMF_VARS_4M.fd OVMF_VARS.fd
+    # rm OVMF_VARS_4M.ms.fd
+    # rm OVMF_VARS_4M.ms.qcow2 || true
+    # rm OVMF_VARS_4M.qcow2 || true
+    # mv OVMF_VARS_4M.secboot.fd OVMF_VARS.secboot.fd
+    # rm OVMF_VARS_4M.secboot.qcow2 || true
+    # ls -la
 
   # Installation libvirt and qemu 
   - |
@@ -220,7 +230,7 @@ shell:
   # Create qemu group and user.
   - groupadd --gid 107 qemu && useradd qemu --uid 107 --gid 107 --shell /bin/bash --create-home
   # Create links to required for virt-launcher libs.
-  - ln -s /lib64/libcrypt.so.2.0.0 /lib64/libcrypt.so.2
+  # - ln -s /lib64/libcrypt.so.2.0.0 /lib64/libcrypt.so.2
   # - ln -s /lib64/libpcre.so.1.2.13 /lib64/libpcre.so.1
   - |
     [[ ! -e /usr/bin/cp ]] && ln -s /bin/cp /usr/bin/cp