From 1206d6e63f02e14542132b0163ac194e72d09d78 Mon Sep 17 00:00:00 2001
From: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Date: Tue, 29 Oct 2024 15:25:34 +0000
Subject: [PATCH] variants: add vmware-1.31-fips variant

Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
---
 Cargo.lock                                 |  9 ++++
 Cargo.toml                                 |  1 +
 variants/vmware-k8s-1.31-fips/Cargo.toml   | 51 ++++++++++++++++++++++
 variants/vmware-k8s-1.31-fips/template.ovf |  1 +
 4 files changed, 62 insertions(+)
 create mode 100644 variants/vmware-k8s-1.31-fips/Cargo.toml
 create mode 120000 variants/vmware-k8s-1.31-fips/template.ovf

diff --git a/Cargo.lock b/Cargo.lock
index 284043ced59..ee27333164a 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -346,3 +346,12 @@ dependencies = [
  "settings-migrations",
  "settings-plugins",
 ]
+
+[[package]]
+name = "vmware-k8s-1_31-fips"
+version = "0.1.0"
+dependencies = [
+ "settings-defaults",
+ "settings-migrations",
+ "settings-plugins",
+]
diff --git a/Cargo.toml b/Cargo.toml
index 270f50c7905..3261b1b305c 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -41,6 +41,7 @@ members = [
     "variants/vmware-k8s-1.30",
     "variants/vmware-k8s-1.30-fips",
     "variants/vmware-k8s-1.31",
+    "variants/vmware-k8s-1.31-fips",
 ]
 
 [profile.dev]
diff --git a/variants/vmware-k8s-1.31-fips/Cargo.toml b/variants/vmware-k8s-1.31-fips/Cargo.toml
new file mode 100644
index 00000000000..fd54f0a03f9
--- /dev/null
+++ b/variants/vmware-k8s-1.31-fips/Cargo.toml
@@ -0,0 +1,51 @@
+[package]
+# This is the vmware-k8s-1.31-fips variant. "." is not allowed in crate names, but
+# we don't use this crate name anywhere.
+name = "vmware-k8s-1_31-fips"
+version = "0.1.0"
+edition = "2021"
+publish = false
+build = "../build.rs"
+# Don't rebuild crate just because of changes to README.
+exclude = ["README.md"]
+
+[package.metadata.build-variant.image-layout]
+partition-plan = "unified"
+
+[package.metadata.build-variant.image-features]
+grub-set-private-var = true
+uefi-secure-boot = true
+xfs-data-partition = true
+systemd-networkd = true
+fips = true
+
+[package.metadata.build-variant]
+image-format = "vmdk"
+supported-arches = ["x86_64"]
+kernel-parameters = [
+    "console=tty1",
+    # Only reserve if there are at least 2GB
+    "crashkernel=2G-:256M",
+    "net.ifnames=0",
+    "netdog.default-interface=eth0:dhcp4,dhcp6?",
+    "quiet",
+]
+included-packages = [
+    # core
+    "release",
+    "kernel-6.1",
+    # k8s
+    "cni",
+    "cni-plugins",
+    "kubelet-1.31",
+    # vmware
+    "open-vm-tools",
+]
+
+[lib]
+path = "../variants.rs"
+
+[build-dependencies]
+settings-defaults = { path = "../../packages/settings-defaults" }
+settings-plugins = { path = "../../packages/settings-plugins" }
+settings-migrations = { path = "../../packages/settings-migrations" }
diff --git a/variants/vmware-k8s-1.31-fips/template.ovf b/variants/vmware-k8s-1.31-fips/template.ovf
new file mode 120000
index 00000000000..db70bac6f1b
--- /dev/null
+++ b/variants/vmware-k8s-1.31-fips/template.ovf
@@ -0,0 +1 @@
+../shared/template-unified-secboot.ovf
\ No newline at end of file