mirror of
https://github.com/vyos/vyos-build.git
synced 2025-10-01 20:28:40 +02:00
fd737172f1
This adds support for UEFI Secure Boot. It adds the missing pieces to the Linux Kernel and enforces module signing. This results in an additional security layer where untrusted (unsigned) Kernel modules can no longer be loaded into the live system. NOTE: This commit will not work unless signing keys are present. Arbitrary keys can be generated using instructions found in: data/live-build-config/includes.chroot/var/lib/shim-signed/mok/README.md
85 lines
2.0 KiB
Makefile
85 lines
2.0 KiB
Makefile
SHELL := /bin/bash
|
|
|
|
build_dir := build
|
|
|
|
.PHONY: all
|
|
all:
|
|
@echo "Make what specifically?"
|
|
@echo "The most common target is 'generic'"
|
|
|
|
%:
|
|
./build-vyos-image $*
|
|
|
|
.PHONY: checkiso
|
|
.ONESHELL:
|
|
checkiso:
|
|
if [ ! -f build/live-image-amd64.hybrid.iso ]; then
|
|
echo "Could not find build/live-image-amd64.hybrid.iso"
|
|
exit 1
|
|
fi
|
|
|
|
.PHONY: test
|
|
.ONESHELL:
|
|
test: checkiso
|
|
scripts/check-qemu-install --debug --configd --match="$(MATCH)" --smoketest --uefi build/live-image-amd64.hybrid.iso $(filter-out $@,$(MAKECMDGOALS))
|
|
|
|
.PHONY: test-no-interfaces
|
|
.ONESHELL:
|
|
test-no-interfaces: checkiso
|
|
scripts/check-qemu-install --debug --configd --match="$(MATCH)" --smoketest --uefi --no-interfaces build/live-image-amd64.hybrid.iso
|
|
|
|
.PHONY: testc
|
|
.ONESHELL:
|
|
testc: checkiso
|
|
scripts/check-qemu-install --debug --configd --configtest build/live-image-amd64.hybrid.iso $(filter-out $@,$(MAKECMDGOALS))
|
|
|
|
.PHONY: testraid
|
|
.ONESHELL:
|
|
testraid: checkiso
|
|
scripts/check-qemu-install --debug --configd --raid build/live-image-amd64.hybrid.iso $(filter-out $@,$(MAKECMDGOALS))
|
|
|
|
.PHONY: testsb
|
|
.ONESHELL:
|
|
testsb: checkiso
|
|
scripts/check-qemu-install --debug --uefi --sbtest build/live-image-amd64.hybrid.iso $(filter-out $@,$(MAKECMDGOALS))
|
|
|
|
.PHONY: testtpm
|
|
.ONESHELL:
|
|
testtpm: checkiso
|
|
scripts/check-qemu-install --debug --tpmtest build/live-image-amd64.hybrid.iso $(filter-out $@,$(MAKECMDGOALS))
|
|
|
|
.PHONY: qemu-live
|
|
.ONESHELL:
|
|
qemu-live: checkiso
|
|
scripts/check-qemu-install --qemu-cmd --uefi build/live-image-amd64.hybrid.iso $(filter-out $@,$(MAKECMDGOALS))
|
|
|
|
.PHONY: oci
|
|
.ONESHELL:
|
|
oci: checkiso
|
|
scripts/iso-to-oci build/live-image-amd64.hybrid.iso
|
|
|
|
.PHONY: clean
|
|
.ONESHELL:
|
|
clean:
|
|
@set -e
|
|
mkdir -p $(build_dir)
|
|
cd $(build_dir)
|
|
lb clean
|
|
|
|
rm -f config/binary config/bootstrap config/chroot config/common config/source
|
|
rm -f build.log
|
|
rm -f vyos-*.iso
|
|
rm -f *.img
|
|
rm -f *.xz
|
|
rm -f *.vhd
|
|
rm -f *.raw
|
|
rm -f *.tar.gz
|
|
rm -f *.qcow2
|
|
rm -f *.mf
|
|
rm -f *.ovf
|
|
rm -f *.ova
|
|
|
|
.PHONY: purge
|
|
purge:
|
|
rm -rf build packer_build packer_cache testinstall-*.img
|