From a5e3f497429d18298dc3c10708e779270131e4d6 Mon Sep 17 00:00:00 2001 From: Aleksey Pesternikov Date: Mon, 22 Apr 2024 17:07:26 -0700 Subject: [PATCH 1/5] wip --- MODULE.bazel.lock | 2 +- gitops/provider.bzl | 7 +++++++ skylib/kustomize/kustomize.bzl | 14 ++++---------- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index b93eec91..135f4e80 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -1337,7 +1337,7 @@ "moduleExtensions": { "//gitops:extensions.bzl%toolchains": { "general": { - "bzlTransitiveDigest": "5Wg3kxup7pYafCf0D82azWWCB3UgJlGHWwJmdsdcV8w=", + "bzlTransitiveDigest": "w0udGZ06pjvfPfwBEH3vYbxVT3GDtEeATpwctPJcC9o=", "accumulatedFileDigests": {}, "envVariables": {}, "generatedRepoSpecs": { diff --git a/gitops/provider.bzl b/gitops/provider.bzl index e7bc194a..45e2907e 100644 --- a/gitops/provider.bzl +++ b/gitops/provider.bzl @@ -18,3 +18,10 @@ GitopsArtifactsInfo = provider( "deployment_branch": "Branch to merge manifests into and create a PR from.", }, ) + +AliasInfo = provider( + "Alias for an image to be used in a manifest", + fields = { + "alias": "Alias for a target", + }, +) diff --git a/skylib/kustomize/kustomize.bzl b/skylib/kustomize/kustomize.bzl index 8358d047..d2310d89 100644 --- a/skylib/kustomize/kustomize.bzl +++ b/skylib/kustomize/kustomize.bzl @@ -8,7 +8,7 @@ # OF ANY KIND, either express or implied. See the License for the specific language # governing permissions and limitations under the License. -load("//gitops:provider.bzl", "GitopsArtifactsInfo", "GitopsPushInfo") +load("//gitops:provider.bzl", "AliasInfo", "GitopsArtifactsInfo", "GitopsPushInfo") load("//skylib:runfile.bzl", "get_runfile_path") load("//skylib:stamp.bzl", "stamp") @@ -71,15 +71,6 @@ set -euo pipefail {kustomize} build --load-restrictor LoadRestrictionsNone --reorder legacy {kustomize_dir} {template_part} {resolver_part} >{out} """ -def _no_at_str(label): - """Strips any leading '@'s for labels in the main repo.""" - s = str(label) - if s.startswith("@@//"): - return s[2:] - if s.startswith("@//"): - return s[1:] - return s - def _kustomize_impl(ctx): kustomize_bin = ctx.toolchains["@rules_gitops//gitops:kustomize_toolchain_type"].kustomizeinfo.bin kustomization_yaml_file = ctx.actions.declare_file(ctx.attr.name + "/kustomization.yaml") @@ -206,6 +197,9 @@ def _kustomize_impl(ctx): resolver_part += " --image {}={}@$(cat {})".format(label_str, regrepo, kpi.digestfile.path) tmpfiles.append(kpi.digestfile) transitive_runfiles.append(img[DefaultInfo].default_runfiles) + if AliasInfo in img: + alias = img[AliasInfo].alias + resolver_part += " --image {}={}@$(cat {})".format(alias, regrepo, kpi.digestfile.path) template_part = "" if ctx.attr.substitutions or ctx.attr.deps: From 1b46ad0b628844827c2c2fd05c39821897f50c41 Mon Sep 17 00:00:00 2001 From: Aleksey Pesternikov Date: Mon, 22 Apr 2024 19:51:11 -0700 Subject: [PATCH 2/5] update tests --- MODULE.bazel.lock | 2 +- gitops/testing/legacy_alias_expected.yaml | 2 +- gitops/testing/legacy_label_expected.yaml | 2 +- gitops/testing/legacy_renamed_alias_expected.yaml | 2 +- push_oci/tests/BUILD.bazel | 4 ++-- skylib/kustomize/tests/BUILD | 4 ++-- skylib/kustomize/tests/expected_image_resolved_test.yaml | 2 +- skylib/kustomize/tests/expected_patch_test.yaml | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index 135f4e80..eb9be275 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -1337,7 +1337,7 @@ "moduleExtensions": { "//gitops:extensions.bzl%toolchains": { "general": { - "bzlTransitiveDigest": "w0udGZ06pjvfPfwBEH3vYbxVT3GDtEeATpwctPJcC9o=", + "bzlTransitiveDigest": "s29xWb2UpPurky6o814An1h9fK171yCKFOhVlz299LA=", "accumulatedFileDigests": {}, "envVariables": {}, "generatedRepoSpecs": { diff --git a/gitops/testing/legacy_alias_expected.yaml b/gitops/testing/legacy_alias_expected.yaml index 5325a370..1aa4e49e 100644 --- a/gitops/testing/legacy_alias_expected.yaml +++ b/gitops/testing/legacy_alias_expected.yaml @@ -13,5 +13,5 @@ spec: app: myapp spec: containers: - - image: docker.io/skylib/kustomize/tests/image@sha256:1fa852d8eaf0f0a491713fb8c62c13ab8d25e2d6b32f024e49513f12a2e57b7a + - image: docker.io/skylib/kustomize/tests/image@sha256:1abae145a9069d0f4fdf9a0527ff5aec503ec02c3df783e25172895745dd2172 name: myapp diff --git a/gitops/testing/legacy_label_expected.yaml b/gitops/testing/legacy_label_expected.yaml index 5325a370..1aa4e49e 100644 --- a/gitops/testing/legacy_label_expected.yaml +++ b/gitops/testing/legacy_label_expected.yaml @@ -13,5 +13,5 @@ spec: app: myapp spec: containers: - - image: docker.io/skylib/kustomize/tests/image@sha256:1fa852d8eaf0f0a491713fb8c62c13ab8d25e2d6b32f024e49513f12a2e57b7a + - image: docker.io/skylib/kustomize/tests/image@sha256:1abae145a9069d0f4fdf9a0527ff5aec503ec02c3df783e25172895745dd2172 name: myapp diff --git a/gitops/testing/legacy_renamed_alias_expected.yaml b/gitops/testing/legacy_renamed_alias_expected.yaml index d8e88582..4175450b 100644 --- a/gitops/testing/legacy_renamed_alias_expected.yaml +++ b/gitops/testing/legacy_renamed_alias_expected.yaml @@ -13,5 +13,5 @@ spec: app: myapp spec: containers: - - image: gcr.io/repo/imagethere@sha256:1fa852d8eaf0f0a491713fb8c62c13ab8d25e2d6b32f024e49513f12a2e57b7a + - image: gcr.io/repo/imagethere@sha256:1abae145a9069d0f4fdf9a0527ff5aec503ec02c3df783e25172895745dd2172 name: myapp diff --git a/push_oci/tests/BUILD.bazel b/push_oci/tests/BUILD.bazel index d125cc6a..4e7ce47f 100644 --- a/push_oci/tests/BUILD.bazel +++ b/push_oci/tests/BUILD.bazel @@ -1,8 +1,8 @@ load("@rules_oci//oci:defs.bzl", "oci_image") -load("@rules_pkg//:pkg.bzl", "pkg_tar") +load("@aspect_bazel_lib//lib:tar.bzl", "tar") load("//push_oci:push_oci.bzl", "push_oci") -pkg_tar( +tar( name = "image_tar", srcs = [":container_content.txt"], ) diff --git a/skylib/kustomize/tests/BUILD b/skylib/kustomize/tests/BUILD index 77af4547..4bff6f93 100644 --- a/skylib/kustomize/tests/BUILD +++ b/skylib/kustomize/tests/BUILD @@ -10,10 +10,10 @@ load("@bazel_tools//tools/build_rules:test_rules.bzl", "file_test") load("@rules_oci//oci:defs.bzl", "oci_image") -load("@rules_pkg//:pkg.bzl", "pkg_tar") load("//push_oci:push_oci.bzl", "push_oci_rule") load("//skylib/kustomize:kustomize.bzl", "gitops", "kubectl", "kustomize", "push_all") load("@aspect_bazel_lib//lib:write_source_files.bzl", "write_source_files") +load("@aspect_bazel_lib//lib:tar.bzl", "tar") # to generate new test data if needed: # bazel run //skylib/kustomize:set_namespace newnamespace-1 test_expected.yaml @@ -73,7 +73,7 @@ kustomize( namespace = "", ) -pkg_tar( +tar( name = "image_tar", srcs = [":container_content.txt"], ) diff --git a/skylib/kustomize/tests/expected_image_resolved_test.yaml b/skylib/kustomize/tests/expected_image_resolved_test.yaml index 964a1d9c..725c88ef 100644 --- a/skylib/kustomize/tests/expected_image_resolved_test.yaml +++ b/skylib/kustomize/tests/expected_image_resolved_test.yaml @@ -35,5 +35,5 @@ spec: app: myapp spec: containers: - - image: gcr.io/bs-dev/test_image@sha256:1fa852d8eaf0f0a491713fb8c62c13ab8d25e2d6b32f024e49513f12a2e57b7a + - image: gcr.io/bs-dev/test_image@sha256:1abae145a9069d0f4fdf9a0527ff5aec503ec02c3df783e25172895745dd2172 name: myapp diff --git a/skylib/kustomize/tests/expected_patch_test.yaml b/skylib/kustomize/tests/expected_patch_test.yaml index 8a2db51f..17689dad 100644 --- a/skylib/kustomize/tests/expected_patch_test.yaml +++ b/skylib/kustomize/tests/expected_patch_test.yaml @@ -12,7 +12,7 @@ spec: app: myapp spec: containers: - - image: gcr.io/bs-dev/test_image@sha256:1fa852d8eaf0f0a491713fb8c62c13ab8d25e2d6b32f024e49513f12a2e57b7a + - image: gcr.io/bs-dev/test_image@sha256:1abae145a9069d0f4fdf9a0527ff5aec503ec02c3df783e25172895745dd2172 name: myapp resources: limits: From 94ea6104c4f48aac1222d64b35a49d5d4930d204 Mon Sep 17 00:00:00 2001 From: Aleksey Pesternikov Date: Tue, 23 Apr 2024 05:41:36 -0700 Subject: [PATCH 3/5] wip --- skylib/push_alias.bzl | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 skylib/push_alias.bzl diff --git a/skylib/push_alias.bzl b/skylib/push_alias.bzl new file mode 100644 index 00000000..cac2b671 --- /dev/null +++ b/skylib/push_alias.bzl @@ -0,0 +1,25 @@ +""" +Implementation of the wrapper that would add an alias to a pushed image. +Provides a legacy interface for using short aliases for images instead of the full bazel target path. +Using aliases in new code is not recommended, as it creates a unnecessary level of indirection. +""" + +load("//gitops:provider.bzl", "GitopsPushInfo") + +def _push_alias_impl(ctx): + #write digest to a file + return [ + ctx.attr.pushed_image[DefaultInfo], + ctx.attr.pushed_image[GitopsPushInfo], + AliasInfo( + alias = ctx.attr.alias, + ), + ] + +pushed_iamge_alias = rule( + implementation = _push_alias_impl, + attrs = { + "pushed_image": attr.label(mandatory = True, providers = (GitopsPushInfo,), doc = "The pushed image like k8s_image_push"), + "alias": attr.string(mandatory = True, doc = "The alias to be added to the pushed image"), + }, +) From 9cb1c3d96a9dd083b5bda4b34ba51a31ecec960a Mon Sep 17 00:00:00 2001 From: Aleksey Pesternikov Date: Tue, 23 Apr 2024 06:59:36 -0700 Subject: [PATCH 4/5] reimplement image aliases --- gitops/testing/BUILD | 12 ++++---- gitops/testing/deployment_legacy.yaml | 2 +- skylib/k8s.bzl | 29 ++++++++++++++++--- skylib/kustomize/tests/BUILD | 19 ++++++++++++ .../tests/deployment_with_alias.yaml | 16 ++++++++++ .../kustomize/tests/expected_alias_test.yaml | 16 ++++++++++ skylib/push_alias.bzl | 28 +++++++++++++++--- 7 files changed, 107 insertions(+), 15 deletions(-) create mode 100644 skylib/kustomize/tests/deployment_with_alias.yaml create mode 100644 skylib/kustomize/tests/expected_alias_test.yaml diff --git a/gitops/testing/BUILD b/gitops/testing/BUILD index 3eaf92b1..8a5ce304 100644 --- a/gitops/testing/BUILD +++ b/gitops/testing/BUILD @@ -19,9 +19,9 @@ k8s_deploy( cluster = "testcluster", deployment_branch = "test1", gitops = 1, - images = [ - "//skylib/kustomize/tests:image", - ], + images = { + "testimage": "//skylib/kustomize/tests:image", + }, manifests = [ ":deployment_legacy.yaml", ], @@ -98,9 +98,9 @@ k8s_deploy( cluster = "testcluster", deployment_branch = "test1", gitops = 1, - images = [ - ":pushed_image", - ], + images = { + "testimage": ":pushed_image", + }, manifests = [ ":deployment_legacy.yaml", ], diff --git a/gitops/testing/deployment_legacy.yaml b/gitops/testing/deployment_legacy.yaml index 14aae2fb..09ddf23c 100644 --- a/gitops/testing/deployment_legacy.yaml +++ b/gitops/testing/deployment_legacy.yaml @@ -13,5 +13,5 @@ spec: spec: containers: - name: myapp - image: //skylib/kustomize/tests:image + image: testimage diff --git a/skylib/k8s.bzl b/skylib/k8s.bzl index 05775562..7a60a1c0 100644 --- a/skylib/k8s.bzl +++ b/skylib/k8s.bzl @@ -11,6 +11,7 @@ load("//gitops:provider.bzl", "GitopsArtifactsInfo") load("//push_oci:push_oci.bzl", "push_oci") load("//skylib:runfile.bzl", "get_runfile_path") +load("//skylib:push_alias.bzl", "pushed_image_alias") load( "//skylib/kustomize:kustomize.bzl", "imagePushStatements", @@ -67,7 +68,7 @@ show = rule( def _image_pushes(name_suffix, images, image_registry, image_repository, image_digest_tag): image_pushes = [] - def process_image(image_label): + def process_image(image_label, image_alias = None): rule_name_parts = [image_label, image_registry, image_repository] rule_name_parts = [p for p in rule_name_parts if p] rule_name = "_".join(rule_name_parts) @@ -80,9 +81,31 @@ def _image_pushes(name_suffix, images, image_registry, image_repository, image_d image_digest_tag = image_digest_tag, registry = image_registry, repository = image_repository, + visibility = ["//visibility:public"], ) - return rule_name + name_suffix + if not image_alias: + return rule_name + name_suffix + + # + if not native.existing_rule(rule_name + "_alias_" + name_suffix): + pushed_image_alias( + name = rule_name + "_alias_" + name_suffix, + alias = image_alias, + pushed_image = rule_name + name_suffix, + visibility = ["//visibility:public"], + ) + return rule_name + "_alias_" + name_suffix + if type(images) == "dict": + for image_alias in images: + image = images[image_alias] + push = process_image(image, image_alias) + image_pushes.append(push) + else: + for image in images: + push = process_image(image) + image_pushes.append(push) + return image_pushes for image in images: image_push = process_image(image) image_pushes.append(image_push) @@ -125,8 +148,6 @@ def k8s_deploy( """ k8s_deploy """ - if type(images) == "dict": - fail("image_pushes: dict type is deprecated. Use list instead.") if not manifests: manifests = native.glob(["*.yaml", "*.yaml.tpl"]) if prefix_suffix_app_labels: diff --git a/skylib/kustomize/tests/BUILD b/skylib/kustomize/tests/BUILD index 4bff6f93..02e60d4a 100644 --- a/skylib/kustomize/tests/BUILD +++ b/skylib/kustomize/tests/BUILD @@ -12,6 +12,7 @@ load("@bazel_tools//tools/build_rules:test_rules.bzl", "file_test") load("@rules_oci//oci:defs.bzl", "oci_image") load("//push_oci:push_oci.bzl", "push_oci_rule") load("//skylib/kustomize:kustomize.bzl", "gitops", "kubectl", "kustomize", "push_all") +load("//skylib:push_alias.bzl", "pushed_image_alias") load("@aspect_bazel_lib//lib:write_source_files.bzl", "write_source_files") load("@aspect_bazel_lib//lib:tar.bzl", "tar") @@ -93,6 +94,12 @@ push_oci_rule( visibility = ["//visibility:public"], ) +pushed_image_alias( + name = "image_alias", + alias = "testimage", + pushed_image = ":image_push", +) + kustomize( name = "image_test", images = [ @@ -106,6 +113,17 @@ kustomize( namespace = "", ) +kustomize( + name = "alias_test", + images = [ + ":image_alias", + ], + manifests = [ + "deployment_with_alias.yaml", + ], + namespace = "", +) + kustomize( name = "configmap_test", configmaps_srcs = glob(["configmaps/**/*"]), @@ -255,6 +273,7 @@ write_source_files( "expected_raw_test.yaml": ":raw_test", "expected_raw2_test.yaml": ":raw2_test", "expected_image_resolved_test.yaml": ":image_test", + "expected_alias_test.yaml": ":alias_test", "expected_configmap_test.yaml": ":configmap_test", "expected_secret_test.yaml": ":secret_test", "expected_patch_test.yaml": ":patch", diff --git a/skylib/kustomize/tests/deployment_with_alias.yaml b/skylib/kustomize/tests/deployment_with_alias.yaml new file mode 100644 index 00000000..becbd444 --- /dev/null +++ b/skylib/kustomize/tests/deployment_with_alias.yaml @@ -0,0 +1,16 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: myapp +spec: + selector: + matchLabels: + app: myapp + template: + metadata: + labels: + app: myapp + spec: + containers: + - name: myapp + image: //skylib/kustomize/tests:image diff --git a/skylib/kustomize/tests/expected_alias_test.yaml b/skylib/kustomize/tests/expected_alias_test.yaml new file mode 100644 index 00000000..af1c3242 --- /dev/null +++ b/skylib/kustomize/tests/expected_alias_test.yaml @@ -0,0 +1,16 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: myapp +spec: + selector: + matchLabels: + app: myapp + template: + metadata: + labels: + app: myapp + spec: + containers: + - image: gcr.io/bs-dev/test_image@sha256:1abae145a9069d0f4fdf9a0527ff5aec503ec02c3df783e25172895745dd2172 + name: myapp diff --git a/skylib/push_alias.bzl b/skylib/push_alias.bzl index cac2b671..1129b557 100644 --- a/skylib/push_alias.bzl +++ b/skylib/push_alias.bzl @@ -4,22 +4,42 @@ Provides a legacy interface for using short aliases for images instead of the fu Using aliases in new code is not recommended, as it creates a unnecessary level of indirection. """ -load("//gitops:provider.bzl", "GitopsPushInfo") +load("//gitops:provider.bzl", "AliasInfo", "GitopsPushInfo") def _push_alias_impl(ctx): - #write digest to a file + default_info = ctx.attr.pushed_image[DefaultInfo] + files = default_info.files + new_executable = None + original_executable = default_info.files_to_run.executable + runfiles = default_info.default_runfiles + + new_executable = ctx.outputs.executable + + ctx.actions.symlink( + output = new_executable, + target_file = original_executable, + is_executable = True, + ) + files = depset(direct = [new_executable], transitive = [files]) + runfiles = runfiles.merge(ctx.runfiles([new_executable])) + return [ - ctx.attr.pushed_image[DefaultInfo], + DefaultInfo( + files = files, + runfiles = runfiles, + executable = new_executable, + ), ctx.attr.pushed_image[GitopsPushInfo], AliasInfo( alias = ctx.attr.alias, ), ] -pushed_iamge_alias = rule( +pushed_image_alias = rule( implementation = _push_alias_impl, attrs = { "pushed_image": attr.label(mandatory = True, providers = (GitopsPushInfo,), doc = "The pushed image like k8s_image_push"), "alias": attr.string(mandatory = True, doc = "The alias to be added to the pushed image"), }, + executable = True, ) From d88e3fc8d4abd920c28cacf61624444b94621fed Mon Sep 17 00:00:00 2001 From: Aleksey Pesternikov Date: Tue, 23 Apr 2024 07:12:31 -0700 Subject: [PATCH 5/5] update aspect_bazel_lib --- MODULE.bazel | 2 +- gitops/deps.bzl | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/MODULE.bazel b/MODULE.bazel index 5df07815..84d4e37e 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -3,7 +3,7 @@ module( version = "0.50.0", ) -bazel_dep(name = "aspect_bazel_lib", version = "2.4.1") +bazel_dep(name = "aspect_bazel_lib", version = "2.7.1") bazel_dep(name = "bazel_skylib", version = "1.5.0") bazel_dep(name = "platforms", version = "0.0.8") bazel_dep(name = "rules_oci", version = "1.7.2") diff --git a/gitops/deps.bzl b/gitops/deps.bzl index f392177a..de6b90c7 100644 --- a/gitops/deps.bzl +++ b/gitops/deps.bzl @@ -47,9 +47,9 @@ def rules_gitops_dependencies(): maybe( http_archive, name = "aspect_bazel_lib", - sha256 = "979667bb7276ee8fcf2c114c9be9932b9a3052a64a647e0dcaacfb9c0016f0a3", - strip_prefix = "bazel-lib-2.4.1", - url = "https://github.com/aspect-build/bazel-lib/releases/download/v2.4.1/bazel-lib-v2.4.1.tar.gz", + sha256 = "b554eb7942a5ab44c90077df6a0c76fc67c5874c9446a007e9ba68be82bd4796", + strip_prefix = "bazel-lib-2.7.1", + url = "https://github.com/aspect-build/bazel-lib/releases/download/v2.4.1/bazel-lib-v2.7.1.tar.gz", ) maybe(