refactor: adds GCP support, refactors machine, kernel and image configuration #42
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds support for creating GCP VM images.
The previous setup defined 2 machines (
tdxandsev-snp) plus one image (cvm-image-azure)Over time a lot of things have been added, such that a lot of features had been added without feature flag, even though they're not needed, or added behind the wrong feature flag.
This refactor aims to resolve most of these issues by creating a clear machine, kernel and image configuration.
Machines created:
[ "tdx", "tdx-gcp", "tdx-qemu", "tdx-azure", "sev-snp-azure" ]The machine configurations are simple and heavily lend from common include files, i.e. tdx-guest.inc
The cvm-image-azure was removed and replaced by .bbappending the default "core-image-minimal" and "core-image-tiny-initramfs"
Most of the kernel configuration was moved into the specific machine or distro configuration, creating a lean kernel config.
Debug tweaks are now again enabled by adding "debug-tweaks" to the EXTRA_IMAGE_FEATURES env var. this will automatically pick up the dropbear dependency.
This refactor will break stuff in other layers depending on this layer. As a next step, the goal is to refactor these layers as well and make them more conformant with yocto design principles as well.
What I haven't achieved is hide recipe based kernel configuration behind recipes, i.e. disk-encryption.scc should only be added to the kernel if disk-encryption is added as part of the image.