kata-containers-cc: generate configuration-clh-snp-debug.toml

Also remove the explicit DEFSHAREDFS_CLH_SNP_VIRTIOFS=none as that is the default.
microsoft · Jan 25, 2024 · 4a6c608 · 4a6c608
1 parent 7436e69
commit 4a6c608
Showing 1 changed file with 19 additions and 7 deletions.
diff --git a/SPECS/kata-containers-cc/kata-containers-cc.spec b/SPECS/kata-containers-cc/kata-containers-cc.spec
@@ -1,5 +1,4 @@
 %global runtime_make_vars       DEFMEMSZ=256 \\\
-                                DEFSHAREDFS_CLH_SNP_VIRTIOFS=none \\\
                                 DEFSTATICSANDBOXWORKLOADMEM=1792 \\\
                                 SKIP_GO_VERSION_CHECK=1
 
@@ -204,14 +203,27 @@ install -D -m 0755 kata-monitor %{buildroot}%{coco_bin}/kata-monitor
 install -D -m 0755 kata-runtime %{buildroot}%{coco_bin}/kata-runtime
 install -D -m 0755 data/kata-collect-data.sh %{buildroot}%{coco_bin}/kata-collect-data.sh
 
-# Note: we deploy two configurations - the additional one is for policy/snapshotter testing w/o SEV SNP or IGVM
-install -D -m 0644 config/configuration-clh.toml %{buildroot}/%{defaults_kata}/configuration-clh.toml
+# We deploy 3 configurations:
+# configuration-clh-snp: production Kata-CC - IGVM & image, confidential_guest=true, sev_snp_guest=true
+# configuration-clh-snp-debug: debug Kata-CC - kernel & image, confidential_guest=true, sev_snp_guest=false
+# configuration-clh (symlinked to by configuration.toml): vanilla Kata - kernel & initrd, confidential_guest=false, sev_snp_guest=false
 install -D -m 0644 config/configuration-clh-snp.toml %{buildroot}/%{defaults_kata}/configuration-clh-snp.toml
+install -D -m 0644 config/configuration-clh.toml %{buildroot}/%{defaults_kata}/configuration-clh-snp-debug.toml
+install -D -m 0644 config/configuration-clh.toml %{buildroot}/%{defaults_kata}/configuration-clh.toml
 
-# adapt upstream config files
-# change paths with locations specific to our distribution
-sed -i 's|/usr|/opt/confidential-containers|g' %{buildroot}/%{defaults_kata}/configuration-clh.toml
-sed -i 's|/usr|/opt/confidential-containers|g' %{buildroot}/%{defaults_kata}/configuration-clh-snp.toml
+# Adapt configuration files:
+# - Change paths with locations specific to our distribution.
+sed --follow-symlinks -i 's|/usr|/opt/confidential-containers|g' %{buildroot}/%{defaults_kata}/configuration-clh*.toml
+# - Set up configuration-clh-snp-debug. Note that kernel and image are already
+#   set through configuration-clh.toml.in.
+sed -i 's|-igvm.img|-igvm-debug.img|g' %{buildroot}/%{defaults_kata}/configuration-clh-snp-debug.toml
+sed -i '/^#confidential_guest =/s|^#||g' %{buildroot}/%{defaults_kata}/configuration-clh-snp-debug.toml
+sed -i '/^#enable_debug =/s|^#||g' %{buildroot}/%{defaults_kata}/configuration-clh-snp-debug.toml
+sed -i '/^#debug_console_enabled =/s|^#||g' %{buildroot}/%{defaults_kata}/configuration-clh-snp-debug.toml
+sed -i 's|shared_fs = "virtio-fs"|shared_fs = "none"|g' %{buildroot}/%{defaults_kata}/configuration-clh-snp-debug.toml
+# - Set up configuration-clh.
+sed -i '/^#initrd =/s|^#||g' %{buildroot}/%{defaults_kata}/configuration-clh.toml
+sed -i '/^image =/s|^|#|g' %{buildroot}/%{defaults_kata}/configuration-clh.toml
 popd
 
 # tardev-snapshotter