deploy: Add busybox target

For a minimal initrd/image build we may want to leverage busybox.
This is part number two of the NVIDIA initrd/image build

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>

tools/packaging/static-build/busybox/Dockerfile

@@ -0,0 +1,8 @@
+# Copyright (c) 2024 NVIDIA Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+FROM alpine:3.20.0
+
+RUN apk update && apk --no-cache add gpg gpg-agent coreutils bash curl make \
+ 	gcc g++ pkgconf libselinux-dev gpg-agent

tools/packaging/static-build/busybox/build-static-busybox.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2024 NVIDIA Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+set -x
+
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# shellcheck source=/dev/null
+source "${script_dir}/../../scripts/lib.sh"
+
+build_busybox_from_source()
+{
+	echo "build busybox from source"
+
+	URL_TARBZ2="${BUSYBOX_URL:?}/busybox-${BUSYBOX_VERSION:?}.tar.bz2"
+	URL_SHA="${BUSYBOX_URL:?}/busybox-${BUSYBOX_VERSION:?}.tar.bz2.sha256"
+	URL_SIG="${BUSYBOX_URL:?}/busybox-${BUSYBOX_VERSION:?}.tar.bz2.sig"
+
+	curl -O "${URL_TARBZ2}"
+	curl -O "${URL_SHA}"
+	curl -O "${URL_SIG}"
+
+	echo "Verifying SHA256 checksum..."
+	sha256_file="$(basename "${URL_SHA}")"
+	sha256sum -c "${sha256_file}"
+
+	gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys C9E9416F76E610DBD09D040F47B70C55ACC9965B
+
+	echo "Verifying GPG signature..."
+	tarbz_file="$(basename "${URL_TARBZ2}")"
+	sig_file="$(basename "${URL_SIG}")"
+
+	gpg --verify "${sig_file}" "${tarbz_file}"
+
+	tar xvf busybox-"${BUSYBOX_VERSION:?}".tar.bz2
+
+	cd busybox-"${BUSYBOX_VERSION:?}"
+
+	cp "${BUSYBOX_CONF_DIR:?}/${BUSYBOX_CONF_FILE:?}" .config
+
+	# we do not want to install to CONFIG_PREFIX="./_install"
+	# we want CONFIG_PREFIX="${DESTDIR}"
+	sed -i "s|CONFIG_PREFIX=\"./_install\"|CONFIG_PREFIX=\"${DESTDIR}\"|g" .config
+
+	make
+	make install
+
+}
+
+
+build_busybox_from_source "$@"

tools/packaging/static-build/busybox/build.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2024 NVIDIA Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+set -x
+
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck source=/dev/null
+source "${script_dir}/../../scripts/lib.sh"
+
+
+readonly busybox_builder="${script_dir}/build-static-busybox.sh"
+
+busybox_version="$(get_from_kata_deps ".externals.busybox.version")"
+readonly BUSYBOX_VERSION=${busybox_version}
+
+busybox_url="$(get_from_kata_deps ".externals.busybox.url")"
+readonly BUSYBOX_URL="${busybox_url}"
+
+
+container_image="${BUSYBOX_CONTAINER_BUILDER:-$(get_busybox_image_name)}"
+[ "${CROSS_BUILD}" == "true" ] && container_image="${container_image}-cross-build"
+
+docker pull "${container_image}" || \
+	(docker $BUILDX build $PLATFORM \
+		-t "${container_image}" "${script_dir}" \
+	 # No-op unless PUSH_TO_REGISTRY is exported as "yes"
+	 push_to_registry "${container_image}")
+
+docker run --rm -i -v "${repo_root_dir:?}:${repo_root_dir}" \
+	--env DESTDIR="${DESTDIR:?}" \
+	--env BUSYBOX_VERSION="${BUSYBOX_VERSION:?}" \
+	--env BUSYBOX_URL="${BUSYBOX_URL:?}" \
+	--env BUSYBOX_CONF_FILE="${BUSYBOX_CONF_FILE:?}" \
+	--env BUSYBOX_CONF_DIR="${script_dir:?}" \
+	--env HOME="/tmp" \
+	--user "$(id -u):$(id -g)" \
+	-w "${repo_root_dir}/build/busybox/builddir" \
+	"${container_image}" \
+	sh -c "${busybox_builder}"