build: Build the shipped agent with policy enabled

Now that the OPA binary is not required anymore, let's start shipping the agent with the policy enabled by default. The agent *without* policy enabled has 30MB, while it's 34MB *with* the policy enabled. This 4MB (~10%) increase is, IMHO, worth it in order to reduce the amount of components we have to maintain and test, including the possibility to also reduce the amount of possible rootfs / initrd images. Whoever wants to use the agent without policy enabled can simply do that by building their own agent. :-) Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2025-06-24 14:32:33 +00:00 · 2024-04-26 20:40:25 +02:00 · 2024-04-26 20:40:25 +02:00 · b1710ee2c0
commit b1710ee2c0
parent 7b039eb1b9
1 changed files with 3 additions and 9 deletions
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@ -765,9 +765,7 @@ install_ovmf_sev() {
 	install_ovmf "sev" "edk2-sev.tar.gz"
 }

-install_agent_helper() {
-	agent_policy="${1:-no}"
-
+install_agent() {
 	latest_artefact="$(git log -1 --pretty=format:"%h" ${repo_root_dir}/src/agent)"
 	latest_builder_image="$(get_agent_image_name)"

@ -785,15 +783,11 @@ install_agent_helper() {
 	export GPERF_URL="$(get_from_kata_deps "externals.gperf.url")"

 	info "build static agent"
-	DESTDIR="${destdir}" AGENT_POLICY=${agent_policy} PULL_TYPE=${PULL_TYPE} "${agent_builder}"
-}
-
-install_agent() {
-	install_agent_helper
+	DESTDIR="${destdir}" AGENT_POLICY="yes" PULL_TYPE=${PULL_TYPE} "${agent_builder}"
 }

 install_agent_opa() {
-	install_agent_helper "yes"
+	install_agent
 }

 install_coco_guest_components() {