diff --git a/tools/osbuilder/rootfs-builder/rootfs.sh b/tools/osbuilder/rootfs-builder/rootfs.sh index d50fd7980..3ff3ad854 100755 --- a/tools/osbuilder/rootfs-builder/rootfs.sh +++ b/tools/osbuilder/rootfs-builder/rootfs.sh @@ -32,6 +32,7 @@ AGENT_SOURCE_BIN=${AGENT_SOURCE_BIN:-""} AGENT_TARBALL=${AGENT_TARBALL:-""} COCO_GUEST_COMPONENTS_TARBALL=${COCO_GUEST_COMPONENTS_TARBALL:-""} CONFIDENTIAL_GUEST="${CONFIDENTIAL_GUEST:-no}" +PAUSE_IMAGE_TARBALL=${PAUSE_IMAGE_TARBALL:-""} lib_file="${script_dir}/../scripts/lib.sh" source "$lib_file" @@ -176,6 +177,12 @@ KERNEL_MODULES_DIR Path to a directory containing kernel modules to include in LIBC libc the agent is built against (gnu or musl). Default value: ${LIBC} (varies with architecture) +PAUSE_IMAGE_TARBALL Path to the kata-static-pause-image.tar.xz tarball to be unpacked inside the + rootfs. + If set, the tarball will be unpacked onto the rootfs. + Default value: + + ROOTFS_DIR Path to the directory that is populated with the rootfs. Default value: <${script_name} path>/rootfs- @@ -796,6 +803,11 @@ EOF [ -x "${init}" ] || [ -L "${init}" ] || die "/sbin/init is not installed in ${ROOTFS_DIR}" OK "init is installed" + if [ -n "${PAUSE_IMAGE_TARBALL}" ] ; then + info "Installing the pause image tarball" + tar xvJpf ${PAUSE_IMAGE_TARBALL} -C ${ROOTFS_DIR} + fi + if [ -n "${COCO_GUEST_COMPONENTS_TARBALL}" ] ; then info "Installing the Confidential Containers guest components tarball" tar xvJpf ${COCO_GUEST_COMPONENTS_TARBALL} -C ${ROOTFS_DIR} diff --git a/tools/packaging/guest-image/build_image.sh b/tools/packaging/guest-image/build_image.sh index 00c52b866..e0e02b9c0 100755 --- a/tools/packaging/guest-image/build_image.sh +++ b/tools/packaging/guest-image/build_image.sh @@ -45,7 +45,8 @@ build_initrd() { AGENT_TARBALL="${AGENT_TARBALL}" \ AGENT_INIT="yes" \ AGENT_POLICY="${AGENT_POLICY:-}" \ - COCO_GUEST_COMPONENTS_TARBALL="${COCO_GUEST_COMPONENTS_TARBALL:-}" + COCO_GUEST_COMPONENTS_TARBALL="${COCO_GUEST_COMPONENTS_TARBALL:-}" \ + PAUSE_IMAGE_TARBALL="${PAUSE_IMAGE_TARBALL:-}" mv "kata-containers-initrd.img" "${install_dir}/${artifact_name}" ( cd "${install_dir}" @@ -65,7 +66,8 @@ build_image() { ROOTFS_BUILD_DEST="${builddir}/rootfs-image" \ AGENT_TARBALL="${AGENT_TARBALL}" \ AGENT_POLICY="${AGENT_POLICY:-}" \ - COCO_GUEST_COMPONENTS_TARBALL="${COCO_GUEST_COMPONENTS_TARBALL:-}" + COCO_GUEST_COMPONENTS_TARBALL="${COCO_GUEST_COMPONENTS_TARBALL:-}" \ + PAUSE_IMAGE_TARBALL="${PAUSE_IMAGE_TARBALL:-}" mv -f "kata-containers.img" "${install_dir}/${artifact_name}" if [ -e "root_hash.txt" ]; then cp root_hash.txt "${install_dir}/"