← Back to Skills Marketplace
rustiqly

sonic-build

by rustiqly · GitHub ↗ · v1.1.0
cross-platform ✓ Security Clean
729
Downloads
0
Stars
2
Active Installs
2
Versions
Install in OpenClaw
/install sonic-build
Description
Build SONiC (Software for Open Networking in the Cloud) switch images from sonic-buildimage. Use when building VS/ASIC images, configuring build parallelism/...
README (SKILL.md)

SONiC Image Build

Quick Start

cd sonic-buildimage
make init
make configure PLATFORM=vs   # or broadcom, mellanox, etc.
make SONIC_BUILD_JOBS=4 target/sonic-vs.img.gz

For dev builds (skip tests): add BUILD_SKIP_TEST=y.

Build Architecture

Two-phase build via GNU Make → slave.mk → sonic-slave Docker container:

  1. Bookworm phase — compile all packages (debs, python wheels, Docker images) into target/debs/bookworm/
  2. Trixie phase — assemble final image from phase 1 packages into target/debs/trixie/

Makefile invokes Makefile.work with different BLDENV per phase. The configure target creates per-distro directories.

Configuration

All knobs in rules/config. Override in rules/config.user (gitignored, persists across rebases).

Key Knobs

Knob Default Recommended Effect
SONIC_CONFIG_BUILD_JOBS 1 4 Parallel top-level package builds
SONIC_CONFIG_MAKE_JOBS $(nproc) default Compiler threads per package
BUILD_SKIP_TEST n y (dev) Skip unit tests
SONIC_BUILD_MEMORY unset 24g Docker --memory — contains OOM in container
SONIC_DPKG_CACHE_METHOD none rwcache Cache .deb packages for incremental builds
DEFAULT_BUILD_LOG_TIMESTAMP none simple Timestamps in build logs
SONIC_CONFIG_USE_NATIVE_DOCKERD_FOR_BUILD unset y Host Docker daemon instead of DinD

Recommended rules/config.user

SONIC_CONFIG_BUILD_JOBS = 4
BUILD_SKIP_TEST = y
SONIC_BUILD_MEMORY = 24g
DEFAULT_BUILD_LOG_TIMESTAMP = simple

Parallelism

Rule of thumb: JOBS × 6GB ≤ available RAM.

  • JOBS=1: ~3h VS build, ~10GB RAM
  • JOBS=4: significant speedup, ~20GB RAM
  • JOBS=8: OOM risk on \x3C48GB RAM

Why JOBS=1 is slow: 64/194 packages depend on libswsscommon (critical path bottleneck). JOBS=1 leaves most cores idle.

Memory Protection

Without limits, parallel builds can trigger the kernel OOM killer on any host process.

# Container-scoped OOM (host stays healthy):
SONIC_BUILD_MEMORY = 24g
# Or via CLI:
make SONIC_BUILDER_EXTRA_CMDLINE="--memory=24g" ...

Caching

DPKG cache (package-level)

SONIC_DPKG_CACHE_METHOD = rwcache
SONIC_DPKG_CACHE_SOURCE = /var/cache/sonic/artifacts

Version cache (downloads)

SONIC_VERSION_CACHE_METHOD = cache

Rebuilding a Single Package

make target/debs/bookworm/sonic-utilities_1.2-1_all.deb
make target/docker-syncd-vs.gz
ls target/debs/bookworm/ | grep \x3Cname>

Clean Builds

When to clean: after branch switch, rebase, or unexplained failures.

rm -rf target/*   # always full clean, not selective
make configure PLATFORM=vs
make SONIC_BUILD_JOBS=4 target/sonic-vs.img.gz

Stale artifacts (.bin, squashfs) confuse make into skipping phases.

Submodules

make init                                          # after clone or pull
git submodule update --init --force src/\x3Cmodule>    # fix corrupted submodule

SSH clone is more reliable than HTTPS (HTTPS can give HTTP 500).

Common Pitfalls

For detailed troubleshooting, see references/troubleshooting.md.

Prerequisites

See references/prerequisites.md for host setup (Docker, Python, jinjanator).

VS Platform Notes

See references/vs-platform.md for VS-specific details (TAP devices, port mapping, sai.profile, oper speed).

PR Submission

  • Single commit per PR (squash before push)
  • git commit -s for DCO sign-off
  • Rebase to latest master before force-push
  • Add tests — run BUILD_SKIP_TEST=n at least once
  • Monitor CI after push
Usage Guidance
This skill appears to be what it claims: a SONiC build guide plus a host setup script. Before running the prerequisites script, be aware it will: (1) require sudo and will install apt packages and pip packages, (2) add your user to the docker group (this grants broad container privileges on the host), and (3) clone the upstream sonic-buildimage repo from GitHub and fetch Docker GPG keys from download.docker.com. If you have concerns, run the script inside an isolated VM or disposable machine, review the script line-by-line, ensure you are comfortable with adding docker group membership, and provide SSH credentials yourself if you prefer SSH-based repo fetches for submodules. Also note the docs include an example VM password and other convenience guidance — treat defaults as examples, not secure settings.
Capability Analysis
Type: OpenClaw Skill Name: sonic-build Version: 1.1.0 The OpenClaw skill bundle is classified as benign. All files, including the `SKILL.md` instructions and the `scripts/prerequisites.sh` script, align with the stated purpose of building SONiC images. The `prerequisites.sh` script performs necessary system-level installations (Python tools, Git, Docker) and clones the official SONiC repository from legitimate sources (download.docker.com, github.com/sonic-net). There is no evidence of prompt injection attempts against the agent, data exfiltration, malicious execution, persistence mechanisms, or obfuscation. All commands and instructions are transparent and directly related to setting up and managing a SONiC build environment.
Capability Assessment
Purpose & Capability
Name/description match the provided files: SKILL.md, platform notes, troubleshooting, and a prerequisites installer for sonic-buildimage. All requested actions (Docker, pip, git, cloning the sonic-buildimage repo, setting build knobs) are expected for this purpose.
Instruction Scope
SKILL.md stays on-topic (build steps, config knobs, caching, cleaning, submodules). It instructs users to run the bundled prerequisites script which performs system-level package installs and repo cloning — expected for preparing a build host but requires elevated privileges and network access. No instructions attempt to read unrelated host files or exfiltrate data.
Install Mechanism
There is no automatic install spec; the skill is instruction-only plus a small included script. The script uses standard, well-known endpoints (download.docker.com, github.com) and standard package tools (apt, pip). No obfuscated downloads or unknown third-party URLs are used.
Credentials
The skill declares no required credentials or config paths. The included script does require sudo to install packages and will add the user to the docker group — a legitimate requirement for running Docker-centric builds but one that elevates the user's ability to control containers on the host.
Persistence & Privilege
always is false and the skill does not request persistent agent privileges or modify other skills. The only host-level change is adding the user to the docker group (performed by the prerequisites script), which is standard for Docker workflows but should be considered a privilege grant on the host.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install sonic-build
  3. After installation, invoke the skill by name or use /sonic-build
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Bundle prerequisites script locally instead of curl-piping from GitHub
v1.0.0
Initial release: build best practices, prerequisites, troubleshooting, VS platform notes. Covers parallelism, memory, caching, clean builds, submodules, and PR workflow.
Metadata
Slug sonic-build
Version 1.1.0
License
All-time Installs 2
Active Installs 2
Total Versions 2
Frequently Asked Questions

What is sonic-build?

Build SONiC (Software for Open Networking in the Cloud) switch images from sonic-buildimage. Use when building VS/ASIC images, configuring build parallelism/... It is an AI Agent Skill for Claude Code / OpenClaw, with 729 downloads so far.

How do I install sonic-build?

Run "/install sonic-build" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is sonic-build free?

Yes, sonic-build is completely free (open-source). You can download, install and use it at no cost.

Which platforms does sonic-build support?

sonic-build is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created sonic-build?

It is built and maintained by rustiqly (@rustiqly); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments