Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor: MEGA refactor #89

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# ignoring e2e MODULE.bazel.lock for the time being
# see https://github.com/bazelbuild/bazel/issues/20369
e2e/smoke/MODULE.bazel.lock
bazel-*
.bazelrc.user
.idea/
Expand Down
13 changes: 11 additions & 2 deletions WORKSPACE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,20 @@ load("@bullseye//:packages.bzl", "bullseye_packages")

bullseye_packages()

# bazel run @apt_security//:lock
deb_index(
name = "bullseye_nolock",
manifest = "//examples/debian_snapshot:bullseye_nolock.yaml",
nolock = True,
)

load("@bullseye_nolock//:packages.bzl", "bullseye_nolock_packages")

bullseye_nolock_packages()

deb_index(
name = "apt_security",
# lock = "//examples/debian_snapshot_security:security.lock.json",
manifest = "//examples/debian_snapshot_security:security.yaml",
nolock = True,
)

load("@apt_security//:packages.bzl", "apt_security_packages")
Expand Down
1 change: 1 addition & 0 deletions apt/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ bzl_library(
"//apt/private:deb_import",
"//apt/private:index",
"//apt/private:lockfile",
"//apt/private:manifest",
"//apt/private:resolve",
],
)
42 changes: 23 additions & 19 deletions apt/extensions.bzl
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
"apt extensions"

load("//apt/private:deb_import.bzl", "deb_import")
load("//apt/private:deb_import.bzl", "deb_import", "make_deb_import_key")
load("//apt/private:index.bzl", "deb_package_index")
load("//apt/private:lockfile.bzl", "lockfile")
load("//apt/private:resolve.bzl", "deb_resolve", "internal_resolve")
load("//apt/private:manifest.bzl", "manifest")
load("//apt/private:resolve.bzl", "deb_resolve")

def _distroless_extension(module_ctx):
root_direct_deps = []
Expand All @@ -13,30 +14,29 @@ def _distroless_extension(module_ctx):
for install in mod.tags.install:
lockf = None
if not install.lock:
lockf = internal_resolve(
lockf = manifest.lock(
module_ctx,
"yq",
install.manifest,
install.resolve_transitive,
)

# buildifier: disable=print
print("\nNo lockfile was given, please run `bazel run @%s//:lock` to create the lockfile." % install.name)
if not install.nolock:
print(
"\nNo lockfile was given. To create one please run " +
"`bazel run @{}//:lock`".format(install.name),
)
else:
lockf = lockfile.from_json(module_ctx, module_ctx.read(install.lock))

for (package) in lockf.packages():
package_key = lockfile.make_package_key(
package["name"],
package["version"],
package["arch"],
)
for architectures in lockf.packages.values():
for package in architectures.values():
deb_import_key = make_deb_import_key(install.name, package)

deb_import(
name = "%s_%s" % (install.name, package_key),
urls = [package["url"]],
sha256 = package["sha256"],
)
deb_import(
name = deb_import_key,
url = package.url,
sha256 = package.sha256,
)

deb_resolve(
name = install.name + "_resolve",
Expand All @@ -48,7 +48,7 @@ def _distroless_extension(module_ctx):
name = install.name,
lock = install.lock,
lock_content = lockf.as_json(),
package_template = install.package_template,
package_arch_build_template = install.package_arch_build_template,
)

if mod.is_root:
Expand All @@ -65,12 +65,16 @@ def _distroless_extension(module_ctx):
install = tag_class(attrs = {
"name": attr.string(doc = "Name of the generated repository"),
"lock": attr.label(doc = """The lock file to use for the index."""),
"nolock": attr.bool(
doc = """If you explicitly want to run without a lock, set it to True to avoid the DEBUG messages.""",
default = False,
),
"manifest": attr.label(doc = """The file used to generate the lock file"""),
"resolve_transitive": attr.bool(
doc = """Whether dependencies of dependencies should be resolved and added to the lockfile.""",
default = True,
),
"package_template": attr.label(doc = "(EXPERIMENTAL!) a template file for generated BUILD files."),
"package_arch_build_template": attr.label(doc = "(EXPERIMENTAL!) a template file for the generated package BUILD files per architecture."),
})

apt = module_extension(
Expand Down
26 changes: 18 additions & 8 deletions apt/index.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,8 @@ def deb_index(
name,
manifest,
lock = None,
package_template = None,
nolock = False,
package_arch_build_template = None,
resolve_transitive = True):
"""A convience repository macro for apt rules.

Expand All @@ -20,9 +21,13 @@ def deb_index(

deb_index(
name = "bullseye",
# For the initial setup, the lockfile attribute can be omitted and generated by running
# For the initial setup, the lockfile attribute can be omitted and
# generated by running
# bazel run @bullseye//:lock
# This will generate the lock.json file next to the manifest file by replacing `.yaml` with `.lock.json`
# This will generate the lock.json file next to the manifest file by
# replacing `.yaml` with `.lock.json`.
# If you explicitly want to run without a lock, set nolock to True to
# avoid the DEBUG messages
lock = "//examples/apt:bullseye.lock.json",
manifest = "//examples/apt:bullseye.yaml",
)
Expand Down Expand Up @@ -57,6 +62,8 @@ def deb_index(

While we strongly encourage users to check in the generated lockfile, it's not always possible because Debian repositories are rolling by default. Therefore, a lockfile generated today might not work later if the upstream repository removes or publishes a new version of a package.

If you explicitly want to run without a lock, set the `nolock` attribute to True to avoid the DEBUG messages.

#### Snapshot repositories

##### Debian
Expand All @@ -73,7 +80,8 @@ def deb_index(
name: name of the repository
manifest: label to a `manifest.yaml`
lock: label to a `lock.json`
package_template: (EXPERIMENTAL!) a template file for generated BUILD files.
nolock: bool, set to True if you explicitly want to run without a lock and avoid the DEBUG messages.
package_arch_build_template: (EXPERIMENTAL!) a template file for the generated package BUILD files per architecture.
Available template replacement keys are: `{target_name}`, `{deps}`, `{urls}`, `{name}`, `{arch}`, `{sha256}`, `{repo_name}`
resolve_transitive: whether dependencies of dependencies should be resolved and added to the lockfile.
"""
Expand All @@ -83,12 +91,14 @@ def deb_index(
resolve_transitive = resolve_transitive,
)

if not lock:
# buildifier: disable=print
print("\nNo lockfile was given, please run `bazel run @%s//:lock` to create the lockfile." % name)
if not lock and not nolock:
print(
"\nNo lockfile was given. To create one please run " +
"`bazel run @{}//:lock`".format(name),
)

_deb_package_index(
name = name,
lock = lock if lock else "@" + name + "_resolve//:lock.json",
package_template = package_template,
package_arch_build_template = package_arch_build_template,
)
42 changes: 31 additions & 11 deletions apt/private/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ load("@bazel_skylib//:bzl_library.bzl", "bzl_library")
exports_files([
"dpkg_statusd.sh",
"dpkg_status.sh",
"package.BUILD.tmpl",
"copy.sh.tmpl",
"package_arch.BUILD.tmpl",
])

bzl_library(
Expand All @@ -25,29 +26,39 @@ bzl_library(
srcs = ["index.bzl"],
visibility = ["//apt:__subpackages__"],
deps = [
":deb_import",
":lockfile",
"@bazel_tools//tools/build_defs/repo:http.bzl",
"@bazel_tools//tools/build_defs/repo:utils.bzl",
],
)

bzl_library(
name = "lockfile",
srcs = ["lockfile.bzl"],
visibility = ["//apt:__subpackages__"],
deps = [":util"],
deps = [":pkg"],
)

bzl_library(
name = "package_index",
srcs = ["package_index.bzl"],
name = "pkg",
srcs = ["pkg.bzl"],
visibility = ["//apt:__subpackages__"],
deps = [":util"],
)

bzl_library(
name = "package_resolution",
srcs = ["package_resolution.bzl"],
name = "manifest",
srcs = ["manifest.bzl"],
visibility = ["//apt:__subpackages__"],
deps = [
":lockfile",
":package_index",
":util",
"@aspect_bazel_lib//lib:repo_utils",
],
)

bzl_library(
name = "package_index",
srcs = ["package_index.bzl"],
visibility = ["//apt:__subpackages__"],
deps = [":version"],
)
Expand All @@ -58,8 +69,8 @@ bzl_library(
visibility = ["//apt:__subpackages__"],
deps = [
":lockfile",
":manifest",
":package_index",
":package_resolution",
"@aspect_bazel_lib//lib:repo_utils",
],
)
Expand All @@ -75,7 +86,16 @@ bzl_library(
name = "deb_import",
srcs = ["deb_import.bzl"],
visibility = ["//apt:__subpackages__"],
deps = ["@bazel_tools//tools/build_defs/repo:http.bzl"],
deps = [
":util",
# NOTE: I had to add cache.bzl because bazel test //docs:update_1_test was failing with
# Stardoc documentation generation failed:
# File <SANDBOX>/bin/docs/apt_stardoc.runfiles/bazel_tools/tools/build_defs/repo/http.bzl imported ':cache.bzl',
# yet <SANDBOX>/bin/docs/apt_stardoc.runfiles/bazel_tools/tools/build_defs/repo/cache.bzl was not found.
"@bazel_tools//tools/build_defs/repo:cache.bzl",
"@bazel_tools//tools/build_defs/repo:http.bzl",
"@bazel_tools//tools/build_defs/repo:utils.bzl",
],
)

bzl_library(
Expand Down
51 changes: 51 additions & 0 deletions apt/private/copy.sh.tmpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
#!/usr/bin/env bash

set -o pipefail -o errexit -o nounset

lock=$(realpath "$1")
autofix=${{2:-}}

cd "$BUILD_WORKING_DIRECTORY"

echo
echo "Writing lockfile to {workspace_relative_path}"
cp "$lock" "{workspace_relative_path}"

# Detect which file we wish the user to edit
if [ -e "$BUILD_WORKSPACE_DIRECTORY/WORKSPACE" ]; then
wksp_file="WORKSPACE"
elif [ -e "$BUILD_WORKSPACE_DIRECTORY/WORKSPACE.bazel" ]; then
wksp_file="WORKSPACE.bazel"
elif [ -e "$BUILD_WORKSPACE_DIRECTORY/MODULE.bazel" ]; then
wksp_file="MODULE.bazel"
else
echo>&2 "Error: no MODULE.bazel or WORKSPACE file was found"
exit 1
fi

# Detect a vendored buildozer binary in canonical location (tools/buildozer)
if [ -e "$BUILD_WORKSPACE_DIRECTORY/tools/buildozer" ]; then
buildozer="tools/buildozer"
else
# Assume it's on the $PATH
buildozer="buildozer"
fi

echo

cmd="$buildozer 'set lock \"{lock_label}\"' $wksp_file:{repo_name}"

if [[ "$autofix" == "--autofix" ]]; then
eval "$cmd"
else
cat <<EOF
Run the following command to add the 'lock' attribute
to the "{repo_name}" repo in $wksp_file:

$cmd

or run the following command to do it automatically:

bazel run @{repo_name}//:lock -- --autofix
EOF
fi
Loading