Initial commit to ipxe-build repo
- compile iPXE with HTTPS support
Change-Id: I8ddf1d91ea34d00941108d6c4647a4ff94a75700
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e781b44
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+ipxe
+out/*
diff --git a/.gitreview b/.gitreview
new file mode 100644
index 0000000..f742c18
--- /dev/null
+++ b/.gitreview
@@ -0,0 +1,8 @@
+# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+[gerrit]
+host=gerrit.opencord.org
+port=29418
+project=ipxe-build.git
+defaultremote=origin
diff --git a/.reuse/dep5 b/.reuse/dep5
new file mode 100644
index 0000000..1bd17d1
--- /dev/null
+++ b/.reuse/dep5
@@ -0,0 +1,5 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+
+Files: VERSION .gitreview chain.ipxe patches/*
+Copyright: 2020 Open Networking Foundation
+License: Apache-2.0
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..7bd7f6d
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,24 @@
+# iPXE build Dockerfile
+
+# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+FROM debian:10.6
+
+# Install Build packages
+RUN apt-get -y update \
+ && apt-get -y install build-essential genisoimage git isolinux liblzma-dev mtools syslinux \
+ && apt-get autoremove \
+ && apt-get clean \
+ && rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* \
+ && mkdir /build
+
+# Copy ipxe source and chainloader into container
+COPY ipxe /ipxe
+
+# Perform a basic build
+WORKDIR /ipxe/src
+RUN make -j4 bin/undionly.kpxe
+
+# Sleep for 10m, should be enough to perform build.
+CMD ["sleep", "600"]
diff --git a/LICENSES/Apache-2.0.txt b/LICENSES/Apache-2.0.txt
new file mode 100644
index 0000000..4ed90b9
--- /dev/null
+++ b/LICENSES/Apache-2.0.txt
@@ -0,0 +1,208 @@
+Apache License
+
+Version 2.0, January 2004
+
+http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION,
+AND DISTRIBUTION
+
+ 1. Definitions.
+
+
+
+"License" shall mean the terms and conditions for use, reproduction, and distribution
+as defined by Sections 1 through 9 of this document.
+
+
+
+"Licensor" shall mean the copyright owner or entity authorized by the copyright
+owner that is granting the License.
+
+
+
+"Legal Entity" shall mean the union of the acting entity and all other entities
+that control, are controlled by, or are under common control with that entity.
+For the purposes of this definition, "control" means (i) the power, direct
+or indirect, to cause the direction or management of such entity, whether
+by contract or otherwise, or (ii) ownership of fifty percent (50%) or more
+of the outstanding shares, or (iii) beneficial ownership of such entity.
+
+
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising permissions
+granted by this License.
+
+
+
+"Source" form shall mean the preferred form for making modifications, including
+but not limited to software source code, documentation source, and configuration
+files.
+
+
+
+"Object" form shall mean any form resulting from mechanical transformation
+or translation of a Source form, including but not limited to compiled object
+code, generated documentation, and conversions to other media types.
+
+
+
+"Work" shall mean the work of authorship, whether in Source or Object form,
+made available under the License, as indicated by a copyright notice that
+is included in or attached to the work (an example is provided in the Appendix
+below).
+
+
+
+"Derivative Works" shall mean any work, whether in Source or Object form,
+that is based on (or derived from) the Work and for which the editorial revisions,
+annotations, elaborations, or other modifications represent, as a whole, an
+original work of authorship. For the purposes of this License, Derivative
+Works shall not include works that remain separable from, or merely link (or
+bind by name) to the interfaces of, the Work and Derivative Works thereof.
+
+
+
+"Contribution" shall mean any work of authorship, including the original version
+of the Work and any modifications or additions to that Work or Derivative
+Works thereof, that is intentionally submitted to Licensor for inclusion in
+the Work by the copyright owner or by an individual or Legal Entity authorized
+to submit on behalf of the copyright owner. For the purposes of this definition,
+"submitted" means any form of electronic, verbal, or written communication
+sent to the Licensor or its representatives, including but not limited to
+communication on electronic mailing lists, source code control systems, and
+issue tracking systems that are managed by, or on behalf of, the Licensor
+for the purpose of discussing and improving the Work, but excluding communication
+that is conspicuously marked or otherwise designated in writing by the copyright
+owner as "Not a Contribution."
+
+
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on behalf
+of whom a Contribution has been received by Licensor and subsequently incorporated
+within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of this
+License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable copyright license to reproduce, prepare
+Derivative Works of, publicly display, publicly perform, sublicense, and distribute
+the Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of this License,
+each Contributor hereby grants to You a perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable (except as stated in this section) patent
+license to make, have made, use, offer to sell, sell, import, and otherwise
+transfer the Work, where such license applies only to those patent claims
+licensable by such Contributor that are necessarily infringed by their Contribution(s)
+alone or by combination of their Contribution(s) with the Work to which such
+Contribution(s) was submitted. If You institute patent litigation against
+any entity (including a cross-claim or counterclaim in a lawsuit) alleging
+that the Work or a Contribution incorporated within the Work constitutes direct
+or contributory patent infringement, then any patent licenses granted to You
+under this License for that Work shall terminate as of the date such litigation
+is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the Work or
+Derivative Works thereof in any medium, with or without modifications, and
+in Source or Object form, provided that You meet the following conditions:
+
+(a) You must give any other recipients of the Work or Derivative Works a copy
+of this License; and
+
+(b) You must cause any modified files to carry prominent notices stating that
+You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works that You distribute,
+all copyright, patent, trademark, and attribution notices from the Source
+form of the Work, excluding those notices that do not pertain to any part
+of the Derivative Works; and
+
+(d) If the Work includes a "NOTICE" text file as part of its distribution,
+then any Derivative Works that You distribute must include a readable copy
+of the attribution notices contained within such NOTICE file, excluding those
+notices that do not pertain to any part of the Derivative Works, in at least
+one of the following places: within a NOTICE text file distributed as part
+of the Derivative Works; within the Source form or documentation, if provided
+along with the Derivative Works; or, within a display generated by the Derivative
+Works, if and wherever such third-party notices normally appear. The contents
+of the NOTICE file are for informational purposes only and do not modify the
+License. You may add Your own attribution notices within Derivative Works
+that You distribute, alongside or as an addendum to the NOTICE text from the
+Work, provided that such additional attribution notices cannot be construed
+as modifying the License.
+
+You may add Your own copyright statement to Your modifications and may provide
+additional or different license terms and conditions for use, reproduction,
+or distribution of Your modifications, or for any such Derivative Works as
+a whole, provided Your use, reproduction, and distribution of the Work otherwise
+complies with the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise, any
+Contribution intentionally submitted for inclusion in the Work by You to the
+Licensor shall be under the terms and conditions of this License, without
+any additional terms or conditions. Notwithstanding the above, nothing herein
+shall supersede or modify the terms of any separate license agreement you
+may have executed with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade names,
+trademarks, service marks, or product names of the Licensor, except as required
+for reasonable and customary use in describing the origin of the Work and
+reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or agreed to
+in writing, Licensor provides the Work (and each Contributor provides its
+Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied, including, without limitation, any warranties
+or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR
+A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness
+of using or redistributing the Work and assume any risks associated with Your
+exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory, whether
+in tort (including negligence), contract, or otherwise, unless required by
+applicable law (such as deliberate and grossly negligent acts) or agreed to
+in writing, shall any Contributor be liable to You for damages, including
+any direct, indirect, special, incidental, or consequential damages of any
+character arising as a result of this License or out of the use or inability
+to use the Work (including but not limited to damages for loss of goodwill,
+work stoppage, computer failure or malfunction, or any and all other commercial
+damages or losses), even if such Contributor has been advised of the possibility
+of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing the Work
+or Derivative Works thereof, You may choose to offer, and charge a fee for,
+acceptance of support, warranty, indemnity, or other liability obligations
+and/or rights consistent with this License. However, in accepting such obligations,
+You may act only on Your own behalf and on Your sole responsibility, not on
+behalf of any other Contributor, and only if You agree to indemnify, defend,
+and hold each Contributor harmless for any liability incurred by, or claims
+asserted against, such Contributor by reason of your accepting any such warranty
+or additional liability. END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+To apply the Apache License to your work, attach the following boilerplate
+notice, with the fields enclosed by brackets "[]" replaced with your own identifying
+information. (Don't include the brackets!) The text should be enclosed in
+the appropriate comment syntax for the file format. We also recommend that
+a file or class name and description of purpose be included on the same "printed
+page" as the copyright notice for easier identification within third-party
+archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+
+you may not use this file except in compliance with the License.
+
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+
+distributed under the License is distributed on an "AS IS" BASIS,
+
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+
+See the License for the specific language governing permissions and
+
+limitations under the License.
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..d8acfdb
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,56 @@
+# iPXE Build automation
+
+# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+SHELL = bash -eu -o pipefail
+
+# iPXE configuration
+IPXE_VERSION ?= v1.20.1
+TARGETS ?= bin/undionly.kpxe bin/ipxe.usb
+OPTIONS ?= EMBED=chain.ipxe
+COPY_FILES ?= chain.ipxe
+
+# Build configuration
+OUTDIR ?= $(shell pwd)/out
+BUILDER := ipxebuilder-$(shell date +"%Y%m%d%H%M%S")# timestamp for each run
+
+# phony (doesn't make files) targets
+.PHONY: base image clean clean-all license help
+
+ipxe: ## download and patch iPXE
+ git clone git://git.ipxe.org/ipxe.git \
+ && cd ipxe \
+ && git checkout $(IPXE_VERSION) \
+ && git apply ../patches/*
+
+out:
+ mkdir -p out
+
+base: | ipxe ## create bas iPXE build container using Docker
+ docker build . -t ipxe-builder:$(IPXE_VERSION)
+
+image: | out base ## create iPXE binary artifacts using Docker
+ docker run -v $(OUTDIR):/tmp/out --name $(BUILDER) -d ipxe-builder:$(IPXE_VERSION)
+ docker cp $(COPY_FILES) $(BUILDER):/ipxe/src/
+ docker exec -w /ipxe/src $(BUILDER) \
+ bash -c "make -j4 $(TARGETS) $(OPTIONS); cp $(TARGETS) /tmp/out"
+ docker rm --force $(BUILDER)
+
+test: image ## test (currently only runs an image build)
+
+clean: ## remove output artifacts
+ rm -rf out/*
+
+clean-all: clean ## full clean (delete iPXE git repo)
+ rm -rf ipxe
+
+license: ## check licenses
+ reuse --version ;\
+ reuse --root . lint
+
+help: ## Print help for each target
+ @echo infra-playbooks make targets
+ @echo
+ @grep '^[[:alnum:]_-]*:.* ##' $(MAKEFILE_LIST) \
+ | sort | awk 'BEGIN {FS=":.* ## "}; {printf "%-25s %s\n", $$1, $$2};'
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6946ec7
--- /dev/null
+++ b/README.md
@@ -0,0 +1,38 @@
+<!--
+SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+SPDX-License-Identifier: Apache-2.0
+--!>
+# iPXE Build
+
+This repo will builds an [iPXE](https://ipxe.org/) payload that can be used for
+network booting of systems.
+
+It uses Docker to build iPXE, wrapping [all build
+dependencies](https://ipxe.org/download#source_code) in the Dockerfile, An
+[embedded script](https://ipxe.org/embed) (`chain.ipxe`) is added which will
+chainload a complicated iPXE script with menus and other configurations.
+
+iPXE is patched to give it [HTTPS
+Support](https://ipxe.org/buildcfg/download_proto_https).
+
+# Requirements
+
+- git
+- make
+- Docker
+
+# Usage
+
+Run `make image`, artifacts will be created in `out`. By default it will build:
+
+- `undionly.kxpe` - Can be served by a DHCP server and chainloads with the
+ NIC's built in PXE implementation
+- `ipxe.usb` - write to a USB stick with `dd if=bin/ipxe.usb of=/dev/<rawdevice>`
+
+See also [build targets](https://ipxe.org/appnote/buildtargets).
+
+## TODO
+
+- Add a [TLS Server and Client cert](https://ipxe.org/crypto) into the image,
+ to allow trust to be established between systems.
+
diff --git a/chain.ipxe b/chain.ipxe
new file mode 100644
index 0000000..fa49bb3
--- /dev/null
+++ b/chain.ipxe
@@ -0,0 +1,9 @@
+#!ipxe
+# SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
+# SPDX-License-Identifier: Apache-2.0
+
+# autoconfigure self via DHCP
+dhcp
+
+# chainload netboot.ipxe, or drop to shell if it doesn't exist
+chain http://boot.tucson.onlab.us/boot.ipxe || shell
diff --git a/patches/https.patch b/patches/https.patch
new file mode 100644
index 0000000..f339c9a
--- /dev/null
+++ b/patches/https.patch
@@ -0,0 +1,13 @@
+diff --git a/src/config/general.h b/src/config/general.h
+index 3c14a2cd..8867f152 100644
+--- a/src/config/general.h
++++ b/src/config/general.h
+@@ -54,7 +54,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+ #define DOWNLOAD_PROTO_TFTP /* Trivial File Transfer Protocol */
+ #define DOWNLOAD_PROTO_HTTP /* Hypertext Transfer Protocol */
+-#undef DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */
++#define DOWNLOAD_PROTO_HTTPS /* Secure Hypertext Transfer Protocol */
+ #undef DOWNLOAD_PROTO_FTP /* File Transfer Protocol */
+ #undef DOWNLOAD_PROTO_SLAM /* Scalable Local Area Multicast */
+ #undef DOWNLOAD_PROTO_NFS /* Network File System Protocol */