packaging: Build TDX specific guest image

The specific TDX image relies on having EAA KBC, instead of using the default `offline_fs_kbc`. This image is, with this commit, built and distributed, but not yet used by TDX specific configurations, which will be done in a follow-up commit. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2025-08-20 00:48:04 +00:00 · 2022-11-01 13:53:02 +01:00 · 2022-11-01 13:53:02 +01:00 · c72fdaf916
commit c72fdaf916
parent 05db886e27
4 changed files with 18 additions and 2 deletions
--- a/.github/workflows/cc-payload-after-push.yaml
+++ b/.github/workflows/cc-payload-after-push.yaml
@ -20,6 +20,7 @@ jobs:
          - cc-sev-ovmf
          - cc-sev-rootfs-initrd
          - cc-tdx-kernel
+          - cc-tdx-rootfs-image
          - cc-tdx-qemu
          - cc-tdx-td-shim
          - cc-tdx-tdvf
--- a/.github/workflows/cc-payload.yaml
+++ b/.github/workflows/cc-payload.yaml
@ -20,6 +20,7 @@ jobs:
          - cc-sev-ovmf
          - cc-sev-rootfs-initrd
          - cc-tdx-kernel
+          - cc-tdx-rootfs-image
          - cc-tdx-qemu
          - cc-tdx-td-shim
          - cc-tdx-tdvf
--- a/tools/packaging/kata-deploy/local-build/Makefile
+++ b/tools/packaging/kata-deploy/local-build/Makefile
@ -91,7 +91,8 @@ cc: cc-cloud-hypervisor-tarball \
 	cc-tdx-td-shim-tarball \
 	cc-tdx-tdvf-tarball \
 	cc-sev-ovmf-tarball \
-	cc-sev-rootfs-initrd-tarball
+	cc-sev-rootfs-initrd-tarball \
+	cc-tdx-rootfs-tarball

 cc-cloud-hypervisor-tarball:
 	${MAKE} $@-build
@ -108,6 +109,9 @@ cc-rootfs-image-tarball:
 cc-sev-rootfs-initrd-tarball: cc-sev-kernel-tarball
 	${MAKE} $@-build

+cc-tdx-rootfs-image-tarball:
+	${MAKE} $@-build
+
 cc-shim-v2-tarball:
 	${MAKE} $@-build

--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@ -118,10 +118,11 @@ install_cc_clh() {
 install_cc_image() {
 	export AA_KBC="${1:-offline_fs_kbc}"
 	image_type="${2:-image}"
+	image_initrd_suffix="${3:-""}"
 	export KATA_BUILD_CC=yes

 	info "Create CC image configured with AA_KBC=${AA_KBC}"
-	"${rootfs_builder}" --imagetype="${image_type}" --prefix="${cc_prefix}" --destdir="${destdir}"
+	"${rootfs_builder}" --imagetype="${image_type}" --prefix="${cc_prefix}" --destdir="${destdir}" --image_initrd_suffix="${image_initrd_suffix}"
 }

 install_cc_sev_image() {
@ -130,6 +131,13 @@ install_cc_sev_image() {
 	install_cc_image "${AA_KBC}" "${image_type}"
 }

+install_cc_tdx_image() {
+	AA_KBC="eaa_kbc"
+	image_type="image"
+	image_suffix="tdx"
+	install_cc_image "${AA_KBC}" "${image_type}" "${image_suffix}"
+}
+
 #Install CC kernel asset
 install_cc_kernel() {
 	export KATA_BUILD_CC=yes
@ -359,6 +367,8 @@ handle_build() {

 	cc-sev-rootfs-initrd) install_cc_sev_image ;;

+	cc-tdx-rootfs-image) install_cc_tdx_image ;;
+
 	cc-shim-v2) install_cc_shimv2 ;;

 	cc-virtiofsd) install_cc_virtiofsd ;;