From 24d105995dbd0cb8a67213f5edc8132fdad136cb Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Sat, 7 Dec 2019 16:37:45 +0000 Subject: [PATCH] Fix broken SELinux detection The upgrade of dependencies in #78187 introduced a regression in detecting if SELinux is enabled or not. As the library requires the golang build tag `selinux` to be enabled after that version update. Fixes bug report #83679 --- build/root/.bazelrc | 3 +++ build/root/BUILD.root | 3 +++ .../opencontainers/selinux/go-selinux/BUILD | 14 +++++++++++++- .../opencontainers/selinux/go-selinux/label/BUILD | 14 +++++++++++++- 4 files changed, 32 insertions(+), 2 deletions(-) diff --git a/build/root/.bazelrc b/build/root/.bazelrc index 123d0ed92500..fcd7256f01b5 100644 --- a/build/root/.bazelrc +++ b/build/root/.bazelrc @@ -16,6 +16,9 @@ build --workspace_status_command hack/print-workspace-status.sh # Make /tmp hermetic build --sandbox_tmpfs_path=/tmp +# This tag is required to build github.com/opencontainers/selinux correctly +build --define gotags=selinux + # Ensure that Bazel never runs as root, which can cause unit tests to fail. # This flag requires Bazel 0.5.0+ build --sandbox_fake_username diff --git a/build/root/BUILD.root b/build/root/BUILD.root index 15dbdd893fb2..a605dc94b6fc 100644 --- a/build/root/BUILD.root +++ b/build/root/BUILD.root @@ -5,6 +5,9 @@ # gazelle:exclude _output # gazelle:exclude _tmp +# This tag is required to build github.com/opencontainers/selinux correctly +# gazelle:build_tags selinux + # gazelle:prefix k8s.io/kubernetes # Disable proto rules, since the Go sources are currently generated by diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/BUILD b/vendor/github.com/opencontainers/selinux/go-selinux/BUILD index f2b322d9d495..36f6aa137173 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/BUILD +++ b/vendor/github.com/opencontainers/selinux/go-selinux/BUILD @@ -2,10 +2,22 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["selinux_stub.go"], + srcs = [ + "selinux_linux.go", + "xattrs.go", + ], importmap = "k8s.io/kubernetes/vendor/github.com/opencontainers/selinux/go-selinux", importpath = "github.com/opencontainers/selinux/go-selinux", visibility = ["//visibility:public"], + deps = select({ + "@io_bazel_rules_go//go/platform:android": [ + "//vendor/golang.org/x/sys/unix:go_default_library", + ], + "@io_bazel_rules_go//go/platform:linux": [ + "//vendor/golang.org/x/sys/unix:go_default_library", + ], + "//conditions:default": [], + }), ) filegroup( diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/label/BUILD b/vendor/github.com/opencontainers/selinux/go-selinux/label/BUILD index 0bafc1a8ac7d..917f5934f87b 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/label/BUILD +++ b/vendor/github.com/opencontainers/selinux/go-selinux/label/BUILD @@ -2,10 +2,22 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["label.go"], + srcs = [ + "label.go", + "label_selinux.go", + ], importmap = "k8s.io/kubernetes/vendor/github.com/opencontainers/selinux/go-selinux/label", importpath = "github.com/opencontainers/selinux/go-selinux/label", visibility = ["//visibility:public"], + deps = select({ + "@io_bazel_rules_go//go/platform:android": [ + "//vendor/github.com/opencontainers/selinux/go-selinux:go_default_library", + ], + "@io_bazel_rules_go//go/platform:linux": [ + "//vendor/github.com/opencontainers/selinux/go-selinux:go_default_library", + ], + "//conditions:default": [], + }), ) filegroup(