Merge pull request #89 from jacobweinstock/ipxe-build-update

iPXE build scripts update

Makefile

@@ -11,6 +11,10 @@ help: ## show this help message
 
 include lint.mk
 
+# building iPXE on a Mac is troublesome and difficult to get working. It is recommended to build in Docker.
+in-docker: ## Run nix Docker container
+	docker run --rm -v $(shell pwd):/ipxedust -w /ipxedust -it nixos/nix nix-shell binary/script/shell.nix
+
 .PHONY: binary
 binary: $(BINARIES) ## build all upstream ipxe binaries
 
@@ -19,28 +23,25 @@ binary: $(BINARIES) ## build all upstream ipxe binaries
 ipxe_sha_or_tag := $(shell cat binary/script/ipxe.commit)
 ipxe_readme := upstream-$(ipxe_sha_or_tag)/README
 
-# building iPXE on a Mac is troublesome and difficult to get working. For that reason, on a Mac, we build the iPXE binary using Docker.
-ipxe_build_in_docker := $(shell if [ $(OSFLAG) = "darwin" ]; then echo true; else echo false; fi)
-
 .PHONY: extract-ipxe
 extract-ipxe: $(ipxe_readme) ## Fetch and extract ipxe source
 $(ipxe_readme): binary/script/ipxe.commit
 	${IPXE_FETCH_SCRIPT} "$(ipxe_sha_or_tag)" ${IPXE_ISO_BUILD_PATCH}
 	touch "$@"
 
 binary/ipxe.efi: $(ipxe_readme) ## build ipxe.efi
-	+${IPXE_BUILD_SCRIPT} bin-x86_64-efi/ipxe.efi "$(ipxe_sha_or_tag)" $(ipxe_build_in_docker) $@ "${IPXE_NIX_SHELL}"
+	+${IPXE_BUILD_SCRIPT} bin-x86_64-efi/ipxe.efi "$(ipxe_sha_or_tag)" $@
 
 binary/undionly.kpxe: $(ipxe_readme) ## build undionly.kpxe
-	+${IPXE_BUILD_SCRIPT} bin/undionly.kpxe "$(ipxe_sha_or_tag)" $(ipxe_build_in_docker) $@ "${IPXE_NIX_SHELL}"
+	+${IPXE_BUILD_SCRIPT} bin/undionly.kpxe "$(ipxe_sha_or_tag)" $@
 
 binary/snp.efi: $(ipxe_readme) ## build snp.efi
-	+${IPXE_BUILD_SCRIPT} bin-arm64-efi/snp.efi "$(ipxe_sha_or_tag)" $(ipxe_build_in_docker) $@  "${IPXE_NIX_SHELL}" "CROSS_COMPILE=aarch64-unknown-linux-gnu-"
+	+${IPXE_BUILD_SCRIPT} bin-arm64-efi/snp.efi "$(ipxe_sha_or_tag)" $@ "CROSS_COMPILE=aarch64-unknown-linux-gnu-"
 
 binary/ipxe.iso: $(ipxe_readme) ## build ipxe.iso
-	+${IPXE_BUILD_SCRIPT} bin-x86_64-efi/ipxe.iso "$(ipxe_sha_or_tag)" $(ipxe_build_in_docker) $@  "${IPXE_NIX_SHELL}"
+	+${IPXE_BUILD_SCRIPT} bin-x86_64-efi/ipxe.iso "$(ipxe_sha_or_tag)" $@
 
-binary/ipxe-efi.img: binary/ipxe.efi
+binary/ipxe-efi.img: binary/ipxe.efi ## build ipxe-efi.img
 	qemu-img create -f raw $@.t 1440K
 	mkfs.vfat --mbr=y -F 12 -n IPXE $@.t
 	mmd -i $@.t ::/EFI

binary/binary.go

@@ -9,18 +9,22 @@ import (
 )
 
 // IpxeEFI is the UEFI iPXE binary for x86 architectures.
+//
 //go:embed ipxe.efi
 var IpxeEFI []byte
 
 // Undionly is the BIOS iPXE binary for x86 architectures.
+//
 //go:embed undionly.kpxe
 var Undionly []byte
 
 // SNP is the UEFI iPXE binary for ARM architectures.
+//
 //go:embed snp.efi
 var SNP []byte
 
 // IpxeISO is the iPXE ISO image.
+//
 //go:embed ipxe.iso
 var IpxeISO []byte
 
@@ -68,4 +72,4 @@ func Patch(content, patch []byte) ([]byte, error) {
 	copy(dup[i:], patch)
 
 	return dup, nil
-}
+}

binary/binary_test.go

@@ -30,9 +30,9 @@ func TestPatch(t *testing.T) {
 	}{
 		{
 			name:    "no patch",
-			content: []byte("foo\n"+string(magicString)),
+			content: []byte("foo\n" + string(magicString)),
 			patch:   []byte(""),
-			want:    []byte("foo\n"+string(magicString)),
+			want:    []byte("foo\n" + string(magicString)),
 		},
 		{
 			name:    "nil patch",
@@ -48,15 +48,15 @@ func TestPatch(t *testing.T) {
 		},
 		{
 			name:    "patch too long",
-			content: []byte("foo\n"+string(magicString)),
+			content: []byte("foo\n" + string(magicString)),
 			patch:   make([]byte, 1024),
 			wantErr: true,
 		},
 		{
 			name:    "patch",
-			content: []byte("foo\n"+string(magicString)),
+			content: []byte("foo\n" + string(magicString)),
 			patch:   []byte("baz"),
-			want:    []byte("foo\nbaz"+string(magicStringPadding[3:])),
+			want:    []byte("foo\nbaz" + string(magicStringPadding[3:])),
 		},
 	}
 	for _, tt := range tests {
@@ -71,4 +71,4 @@ func TestPatch(t *testing.T) {
 			}
 		})
 	}
-}
+}

binary/script/build_and_pr.sh

@@ -69,7 +69,8 @@ function clean_iPXE() {
 function build_iPXE() {
     # build iPXE
     echo "Building iPXE"
-    if ! (cd "$(git rev-parse --show-toplevel)"; make binary); then
+    top_level_dir="$(git rev-parse --show-toplevel)"
+    if ! (cd "${top_level_dir}"; nix-shell "${top_level_dir}/binary/script/shell.nix" --run 'make binary'); then
         echo "Failed to build iPXE" 1>&2
         exit 1
     fi

binary/script/build_ipxe.sh

@@ -9,19 +9,13 @@ set -eux
 function build_ipxe() {
     local ipxe_dir="$1"
     local ipxe_bin="$2"
-    local run_in_docker="$3"
-    local env_opts="$4"
-    local embed_path="$5"
-    local nix_shell="$6"
-
-    if [ "${run_in_docker}" = true ]; then
-        if [ ! -f "${ipxe_dir}/src/${ipxe_bin}" ]; then
-            echo "running in docker"
-            docker run -it --rm -v "${PWD}":/code -w /code nixos/nix nix-shell "${nix_shell}" --run "${env_opts} make -C ${ipxe_dir}/src EMBED=${embed_path} ${ipxe_bin}"
-        fi
+    local env_opts="$3"
+    local embed_path="$4"
+
+    if [ -z "${env_opts}" ]; then
+        make -C "${ipxe_dir}"/src EMBED="${embed_path}" "${ipxe_bin}"
     else
-        echo "running locally"
-        nix-shell "${nix_shell}" --run "${env_opts} make -C ${ipxe_dir}/src EMBED=${embed_path} ${ipxe_bin}"
+        make -C "${ipxe_dir}"/src "${env_opts}" EMBED="${embed_path}" "${ipxe_bin}"
     fi
 }
 
@@ -104,9 +98,9 @@ function hasType() {
     fi
 }
 
-function hasDocker() {
-    if [ -z "$(type docker)" ]; then
-        echo "docker command not found"
+function hasUname() {
+    if [ -z "$(type uname)" ]; then
+        echo "uname command not found"
         return 1
     fi
 }
@@ -118,13 +112,6 @@ function hasNixShell() {
     fi
 }
 
-function hasUname() {
-    if [ -z "$(type uname)" ]; then
-        echo "uname command not found"
-        return 1
-    fi
-}
-
 function setup_build_dir() {
     local src_dir=$1
     local build_dir=$2
@@ -137,21 +124,16 @@ function setup_build_dir() {
 function main() {
     local bin_path=${1}
     local ipxe_sha_or_tag=${2}
-    local ipxe_build_in_docker=${3}
-    local final_path=${4}
-    local nix_shell=${5}
-    local env_opts=${6}
-    local embed_path=${7}
+    local final_path=${3}
+    local env_opts=${4}
+    local embed_path=${5}
 
     # check for prerequisites
     hasType
-    hasNixShell
     hasUname
-    local OS_TEST
-    OS_TEST=$(uname | tr '[:upper:]' '[:lower:]')
-    if [[ "${OS_TEST}" != *"linux"* ]]; then
-        hasDocker
-    fi
+    # while nix-shell is not used in this script,
+    # we should be in nix-shell for the iPXE build.
+    hasNixShell
 
     local ipxe_src=upstream-${ipxe_sha_or_tag}
     local build_dir=${ipxe_src}-${final_path##*/}
@@ -160,8 +142,8 @@ function main() {
     mv_embed_into_build "${embed_path}" "${build_dir}"
     customize "${build_dir}" "${bin_path}"
 
-    build_ipxe "${build_dir}" "${bin_path}" "${ipxe_build_in_docker}" "${env_opts}" "embed.ipxe" "${nix_shell}"
+    build_ipxe "${build_dir}" "${bin_path}" "${env_opts}" "embed.ipxe"
     cp -a "${build_dir}/src/${bin_path}" "${final_path}"
 }
 
-main "$1" "$2" "$3" "$4" "$5" "${6:-}" "${7:-binary/script/embed.ipxe}"
+main "$1" "$2" "$3" "${4:-}" "${5:-binary/script/embed.ipxe}"

example/main.go

@@ -55,7 +55,7 @@ func listenAndServe(ctx context.Context, logger logr.Logger) error {
 }
 
 func serve(ctx context.Context, logger logr.Logger) error {
-	conn, err := net.Listen("tcp", "0.0.0.0:0") // nolint: gosec // this is just example code
+	conn, err := net.Listen("tcp", "0.0.0.0:0") //nolint: gosec // this is just example code
 	if err != nil {
 		return err
 	}

ihttp/ihttp_test.go

@@ -100,7 +100,7 @@ func TestListenAndServeHTTP(t *testing.T) {
 }
 
 func TestHandle(t *testing.T) {
-	patched_binary, _ := binary.Patch(binary.Files["snp.efi"], []byte("echo 'hello world'"))
+	patched, _ := binary.Patch(binary.Files["snp.efi"], []byte("echo 'hello world'"))
 
 	type req struct {
 		method string
@@ -154,16 +154,16 @@ func TestHandle(t *testing.T) {
 		},
 		{
 			name: "patch",
-			req: req{method: "GET", url: "/30:23:03:73:a5:a7/snp.efi-00-23b1e307bb35484f535a1f772c06910e-d887dc3912240434-01"},
+			req:  req{method: "GET", url: "/30:23:03:73:a5:a7/snp.efi-00-23b1e307bb35484f535a1f772c06910e-d887dc3912240434-01"},
 			want: &http.Response{
 				StatusCode: http.StatusOK,
-				Body:       ioutil.NopCloser(bytes.NewBuffer(patched_binary)),
+				Body:       ioutil.NopCloser(bytes.NewBuffer(patched)),
 			},
 			patch: []byte("echo 'hello world'"),
 		},
 		{
 			name: "bad patch",
-			req: req{method: "GET", url: "/30:23:03:73:a5:a7/snp.efi-00-23b1e307bb35484f535a1f772c06910e-d887dc3912240434-01"},
+			req:  req{method: "GET", url: "/30:23:03:73:a5:a7/snp.efi-00-23b1e307bb35484f535a1f772c06910e-d887dc3912240434-01"},
 			want: &http.Response{
 				StatusCode: http.StatusInternalServerError,
 			},

itftp/itftp.go

@@ -24,7 +24,7 @@ import (
 
 // Handler is the struct that implements the TFTP read and write function handlers.
 type Handler struct {
-	Log logr.Logger
+	Log   logr.Logger
 	Patch []byte
 }
 

lint.mk

@@ -37,7 +37,7 @@ shellcheck-fix: $(SHELLCHECK_BIN)
 	$(SHELLCHECK_BIN) $(shell find . -name "*.sh") -f diff | { read -t 1 line || exit 0; { echo "$$line" && cat; } | git apply -p2; }
 
 GOLANGCI_LINT_CONFIG := $(LINT_ROOT)/.golangci.yml
-GOLANGCI_LINT_VERSION ?= v1.43.0
+GOLANGCI_LINT_VERSION ?= v1.54.2
 GOLANGCI_LINT_BIN := out/linters/golangci-lint-$(GOLANGCI_LINT_VERSION)-$(LINT_ARCH)
 $(GOLANGCI_LINT_BIN):
 	mkdir -p out/linters