Target Configuration
Path to image configuration file to build. Defines package dependencies and final image format.Example:
CONFIG_FILE=./imageconfigs/core-efi.jsonBase directory on the build machine to search for relative file paths in the image config file.
Explicit list of packages to build. Accepts both spec and package names.Example:
PACKAGE_BUILD_LIST="vim nano openssh"Always rebuild these packages even if up-to-date. Accepts both spec and package names.Example:
PACKAGE_REBUILD_LIST="kernel openssh"Pretend these packages were already built successfully.Example:
PACKAGE_IGNORE_LIST="ncurses"List of spec basenames to build into SRPMs. If empty, all specs under
SPECS_DIR are packed. Accepts only spec names.Example: SRPM_PACK_LIST="kernel golang openssh"Explicit list of packages to test. Accepts both spec and package names.Example:
TEST_RUN_LIST="libguestfs zlib"Always test these packages even if up-to-date. Accepts both spec and package names.Example:
TEST_RERUN_LIST="libguestfs zlib"Ignore testing these packages. Accepts both spec and package names.Example:
TEST_IGNORE_LIST="acl"Rebuild vs Download
Bootstrap toolchain packages locally or download them?
n- Download pre-built toolchain fromPACKAGE_URL_LISTor extract fromTOOLCHAIN_ARCHIVEy- Bootstrap toolchain from host environment in Docker container
Perform incremental toolchain build?
n- Full clean rebuild of final toolchain packagesy- Reuse existing toolchain RPMs as cache
Allow partial toolchain rehydration from upstream repos?
n- Don’t pull packages fromPACKAGE_URL_LISTduring incremental buildsy- Attempt to pull toolchain RPMs to avoid rebuilding
REBUILD_TOOLCHAIN=y and INCREMENTAL_TOOLCHAIN=yBuild packages locally or download them?
y- Parse local*.specfiles and build packages as neededn- Download all packages via tdnf from internet
Build Go tools locally or use pre-compiled binaries?
n- Use pre-compiled go binaries from SDKy- Build the go tools from source
Pack SRPMs from local SPECs or download published ones?
n- Pack SRPMs from local specs, retrieve sources fromSOURCE_URLy- Download official pre-packed SRPMs fromSRPM_URL_LIST
Rebuild worker chroot when manifest or packages change?
n- Don’t rebuild chroot even if modifiedy- Rebuild chroot when manifest, packages, or build script changes
Remote URLs and Repositories
URL to download source files when creating
*.src.rpm files. Only one URL supported.Space-separated list of URLs to download toolchain RPM packages from.Example:
PACKAGE_URL_LIST="https://custom-repo.com/rpms/x86_64"Space-separated list of URLs to download pre-packed SRPMs from.
Space-separated list of
.repo files pointing to RPM repositories. Repos are prioritized in order.Example: REPO_LIST="./custom1.repo ./custom2.repo"Pull packages from upstream preview repository?
n- Use only base repositoryy- Include preview repository (packages subject to change)
Use daily build sources for given date.
""- Disable daily build sourceslkg- Use last known good buildV-v-YYYYMMDD- Use specific date
DAILY_BUILD_ID=3-0-20240227Only pull packages from local repositories?
n- Pull from all repositories including externaly- Only use local repositories (doesn’t affect toolchain hydration)
Disable pulling packages from PMC repositories?
n- Pull from all repositories including PMCy- Only use local andREPO_LISTrepositories
Posix time to use as snapshot for remote repositories when fetching packages.Example:
REPO_SNAPSHOT_TIME="1724119509"Build Archives
Extract toolchain RPMs from this archive instead of downloading.Example:
TOOLCHAIN_ARCHIVE=./toolchain_rpms.tar.gzArchive containing raw toolchain container for hydration.
Archive to hydrate RPMs from with
make hydrate-rpms.Archive containing cached packages to pre-populate the build cache.
Build Behavior
Use hydrated RPMs to satisfy dependencies?
n- Normal build without using hydrated packagesy- Replace RUN nodes with PreBuilt nodes for hydrated RPMs
Enable fast delta builds?
n- Normal buildy- Pre-populate with published packages, only build new/changed packages
Download pre-built packages to avoid rebuilds?
n- Don’t download pre-built packagesy- Try to download matching pre-built packages
Pre-load cache from upstream sources?
n- Don’t pre-load cachey- Load cache with RPMs from upstream repos before building
Run package tests during build?
n- Skip %check sectiony- Run %check section to test packages
Enable ccache for C/C++ compilation?
n- Disable ccachey- Enable ccache to speed up recompilations
Build Performance
Number of packages to build in parallel. Set to 0 to use number of logical CPUs.Example:
CONCURRENT_PACKAGE_BUILDS=8Number of times to retry building a failed package.
Number of times to retry running package tests.
Clean up intermediate build artifacts?
n- Keep all intermediate filesy- Clean up after successful builds
Use package build cache?
n- Disable build cachey- Enable build cache for faster rebuilds
Reproducing Builds
Path to package build summary file for reproducing builds.Example:
PACKAGE_CACHE_SUMMARY=./graph_external_deps.jsonPath to image build summary file for reproducing builds.Example:
IMAGE_CACHE_SUMMARY=./image_deps.jsonPath to initrd build summary file for reproducing ISO builds.Example:
INITRD_CACHE_SUMMARY=./iso_initrd/image_deps.jsonAuthentication
Authentication mode for downloading source files for SRPM packing.
anonymous- No authenticationazurecli- Use Azure CLI login (requires prioraz login)
Path to root CA certificate for TLS authentication.
Path to TLS client certificate for authentication.
Path to TLS client key for authentication.
GPG Validation
Enable GPG validation of toolchain RPMs?
n- Disable GPG validationy- Validate againstTOOLCHAIN_GPG_VALIDATION_KEYS
Enable RPM GPG signature verification during image builds?
n- Disable verification (for local unsigned packages)y- Enforce package signatures (for production builds)
List of GPG key files for toolchain validation.
List of GPG key files for image package validation.
Logging and Debugging
Set logging level for toolkit.Options:
panic, fatal, error, warn, info, debug, traceSet logging color for terminal output.Options:
always, auto, neverStop build on warnings?
n- Continue on warningsy- Stop on warnings
Stop build on package failure?
n- Continue building other packagesy- Stop on first package failure
Stop build on package fetch failure?
n- Continue with available packagesy- Stop on fetch failure
Directory Customization
Directory containing package SPEC files.
Directory for intermediate build artifacts.
Directory for final build outputs.
Directory containing built RPM packages.
Directory containing source RPM packages.
Directory containing generated images.
Directory for ccache storage.
Version Information
Major release version of Azure Linux.
Build number for the current build. Defaults to git commit ID.
Distribution tag for the “dist” macro used by specs.
Abbreviation of the distribution name.
Optional tag to append to image filename.
Profiling and Tracing
Enable CPU profiling for Go tools?
Enable memory profiling for Go tools?
Enable execution tracing for Go tools?
Quick Rebuild Flags
Enable quick rebuild optimizations?
n- Don’t set quick rebuild flagsy- SetQUICK_REBUILD_TOOLCHAIN=yandQUICK_REBUILD_PACKAGES=y
Enable toolchain-specific quick rebuild optimizations?
n- Normal toolchain buildy- Set incremental toolchain flags for faster builds
Enable package-specific quick rebuild optimizations?
n- Normal package buildy- Set delta build flags for faster builds