Deps: Update TPM, deps, and set CC_FORCE_DISABLE for OpenHCL builds#3760
Open
smalis-msft wants to merge 4 commits into
Open
Deps: Update TPM, deps, and set CC_FORCE_DISABLE for OpenHCL builds#3760smalis-msft wants to merge 4 commits into
smalis-msft wants to merge 4 commits into
Conversation
jstarks
reviewed
Jun 17, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Updates OpenHCL build plumbing and dependency pins to ensure any C components are consumed strictly as prebuilt artifacts from openvmm-deps, by enabling CC_FORCE_DISABLE in the relevant Flowey-driven builds and bumping the deps/TPM sources accordingly.
Changes:
- Bump
openvmm-depsto0.3.0-101(Nix + Flowey version config) and update associated hashes/URLs. - Set
CC_FORCE_DISABLE=1foropenvmm_hcl,openhcl_boot, andsidecarFlowey cargo builds to preventcc-based compilation during OpenHCL builds. - Update the pinned
ms-tpm-20-refgit revision and refreshCargo.lockaccordingly; regenerate CI pipeline YAMLs to match the updated Flowey graph.
Reviewed changes
Copilot reviewed 10 out of 11 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| nix/openvmm_deps.nix | Bumps openvmm-deps tarball version/URL and updates Nix fetch hashes. |
| flowey/flowey_lib_hvlite/src/build_sidecar.rs | Enforces CC_FORCE_DISABLE for sidecar cargo builds. |
| flowey/flowey_lib_hvlite/src/build_openvmm_hcl.rs | Enforces CC_FORCE_DISABLE for openvmm_hcl cargo builds (now passed through run_cargo_build). |
| flowey/flowey_lib_hvlite/src/build_openhcl_boot.rs | Enforces CC_FORCE_DISABLE for openhcl_boot cargo builds. |
| flowey/flowey_lib_hvlite/src/_jobs/cfg_versions.rs | Updates the centralized OPENVMM_DEPS version constant to 0.3.0-101. |
| ci-flowey/openvmm-pr.yaml | Regenerates ADO pipeline steps/indices to match updated Flowey execution graph. |
| Cargo.toml | Updates the pinned ms-tpm-20-ref git revision in workspace dependencies. |
| Cargo.lock | Lockfile refresh reflecting the TPM rev bump and resulting dependency resolution changes. |
| .github/workflows/openvmm-pr.yaml | Regenerates GitHub Actions PR workflow steps/indices to match updated Flowey graph. |
| .github/workflows/openvmm-pr-release.yaml | Regenerates PR-release workflow steps/indices to match updated Flowey graph. |
| .github/workflows/openvmm-ci.yaml | Regenerates CI workflow steps/indices to match updated Flowey graph. |
jstarks
approved these changes
Jun 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Setting CC_FORCE_DISABLE allows us to be certain that any C dependencies are prebuilt and coming in through openvmm-deps, instead of being built on demand. Update the TPM and the deps packages to get the last piece that makes this possible.