Bazel CI Release Process should build and publish Bazel docker containers

[philwo]

The current Bazel Docker containers are being built by the RBE toolchains team, but they asked us to take this on.

We should setup some tooling and a pipeline (?) to regularly automatically build current Bazel containers for all released versions.

[kevingessner]

@philwo Hello, any news here? This is still blocking us on smoothly upgrading Bazel past 3.5.

[philwo]

@kevingessner Not yet, sorry :( But this is really important to me and I'll get to it as soon as I can, promised!

[EdSchouten]

Any updates on this?

[chasain]

I'm all for automating this, but for now can we get a manually built image pushed

[johanbrandhorst]

Friendly bump, blocking upgrade from 3.5.0

[EdSchouten]

This is still an issue.

[prawadhwani]

Meanwhile, updating the readme with instructions to build it manually would also help!

[lbhdc]

I came across this issue while searching for a docker image that supported bazel 4. I didn't find any, so I made my own and thought I would share.

# Dockerfile
FROM registry.fedoraproject.org/fedora:34

RUN dnf install -y dnf-plugins-core git patch python3 && \
    dnf copr enable -y vbatts/bazel                   && \
    dnf install -y bazel4                             && \
    dnf clean all                                     && \
    rm -rf /var/cache/yum

RUN ln -s /usr/bin/python3 /usr/bin/python

WORKDIR /home/builder

ENTRYPOINT ["bazel"]

$ docker build .
...
Successfully built <container-id>
$ docker run <container-id> --version
bazel 4.2.1

[QuantamHD]

@philwo This is actually more critical than ever. The base image used to build the latest container is using ubuntu 16.04 which as of April 30th is now EOL. This is a security issue now.

I've also experienced CA failures due to the wildly out of date base image.

[dayfine]

It has been almost a year. Seems a bit long for a P1? Should it be now bumped to P0 to help prioritization?

I came here after updating rules_python to 0.5.0. It mentions Bazel 4 is now the LTS version. I suppose P0 might make sense?

[ScarletFlash]

Any updates here?

[QuantamHD]

@ScarletFlash I'm not on or affiliated with the Bazel team, but I reached out to one of my contacts inside Google to help get this prioritized.

[philwo]

I talked with @alexeagle about this last week who wanted to help me out (thanks!!). Alex, do you already have a Dockerfile that I could try?

[f0rmiga]

@philwo Alex asked if I could come up with a Dockerfile for this. How about #1290?

[davidvandebunte]

According to this thread the current bazel image is based on the GoogleCloudPlatform/container-definitions repository. Can someone double confirm that is the case? Perhaps this is related to @philwo's initial comment on this thread about the RBE toolchains team giving up control. I'm simply trying to find the code that was used to build the current image.

[iangudger]

Maybe this could be manually updated for Bazel 5.0?

[abhillman]

Potential workaround is to use the cockroach db bazel images https://hub.docker.com/r/cockroachdb/bazel/tags

[dlorenc]

Hey - we have bazel images published by Chainguard here at cgr.dev/chainguard/bazel! Feel free to try them out.

[meteorcloudy]

I'm closing this one since bazel docker images are already published to gcr.io/bazel-public/bazel for every new Bazel version

[yogurtearl]

I'm closing this one since bazel docker images are already published to gcr.io/bazel-public/bazel for every new Bazel version

@meteorcloudy could/should that info be added to the bazel docs? it is not very discoverable.

[meteorcloudy]

@yogurtearl SGTM, sent bazelbuild/bazel#17113

We also have documentation in our release process: https://github.com/bazelbuild/continuous-integration/blob/master/docs/release-playbook.md#push-new-docker-image