Skip to content

Commit

Permalink
[bazel] Switch from rules_docker to rules_oci
Browse files Browse the repository at this point in the history
  • Loading branch information
@shs96c
shs96c committed Jun 19, 2023
1 parent 55720d8 commit 09ca2c4
Show file tree
Hide file tree
Showing 5 changed files with 240 additions and 121 deletions.
51 changes: 24 additions & 27 deletions WORKSPACE
View file
Expand Up @@ -241,51 +241,48 @@ load("@rules_pkg//:deps.bzl", "rules_pkg_dependencies")
rules_pkg_dependencies()

http_archive(
name = "io_bazel_rules_docker",
sha256 = "b1e80761a8a8243d03ebca8845e9cc1ba6c82ce7c5179ce2b295cd36f7e394bf",
urls = ["https://github.com/bazelbuild/rules_docker/releases/download/v0.25.0/rules_docker-v0.25.0.tar.gz"],
name = "rules_oci",
sha256 = "db57efd706f01eb3ce771468366baa1614b5b25f4cce99757e2b8d942155b8ec",
strip_prefix = "rules_oci-1.0.0",
url = "https://github.com/bazel-contrib/rules_oci/releases/download/v1.0.0/rules_oci-v1.0.0.tar.gz",
)

load(
"@io_bazel_rules_docker//repositories:repositories.bzl",
container_repositories = "repositories",
)

container_repositories()
load("@rules_oci//oci:dependencies.bzl", "rules_oci_dependencies")

load("@io_bazel_rules_docker//repositories:deps.bzl", container_deps = "deps")
rules_oci_dependencies()

container_deps()
load("@rules_oci//oci:repositories.bzl", "LATEST_CRANE_VERSION", "LATEST_ZOT_VERSION", "oci_register_toolchains")

load(
"@io_bazel_rules_docker//container:container.bzl",
"container_pull",
oci_register_toolchains(
name = "oci",
crane_version = LATEST_CRANE_VERSION,
# Uncommenting the zot toolchain will cause it to be used instead of crane for some tasks.
# Note that it does not support docker-format images.
# zot_version = LATEST_ZOT_VERSION,
)

load("@rules_oci//oci:pull.bzl", "oci_pull")

# Examine https://console.cloud.google.com/gcr/images/distroless/GLOBAL/java?gcrImageListsize=30 to find
# the latest version when updating
container_pull(
oci_pull(
name = "java_image_base",
# This pulls the java 11 version of the java base image
digest = "sha256:97c7eae86c65819664fcb7f36e8dee54bbbbc09c2cb6b448cbee06e1b42df81b",
registry = "gcr.io",
repository = "distroless/java",
digest = "sha256:161a1d97d592b3f1919801578c3a47c8e932071168a96267698f4b669c24c76d",
image = "gcr.io/distroless/java17",
)

container_pull(
oci_pull(
name = "firefox_standalone",
# selenium/standalone-firefox-debug:3.141.59
digest = "sha256:ecc9861eafb3c2f999126fa4cc0434e9fbe6658ba1241998457bb088c99dd0d0",
digest = "sha256:b6d8279268b3183d0d33e667e82fec1824298902f77718764076de763673124f",
registry = "index.docker.io",
repository = "selenium/standalone-firefox-debug",
repository = "selenium/standalone-firefox",
)

container_pull(
oci_pull(
name = "chrome_standalone",
# selenium/standalone-chrome-debug:3.141.59
digest = "sha256:c3a2174ac31b3918ae9d93c43ed8165fc2346b8c9e16d38ebac691fbb242667f",
digest = "sha256:1b809a961a0a77787a7cccac74ddc5570b7e89747f925b8469ddb9a6624d4ece",
registry = "index.docker.io",
repository = "selenium/standalone-chrome-debug",
repository = "selenium/standalone-chrome",
)

load("//common:repositories.bzl", "pin_browsers")
Expand Down
156 changes: 156 additions & 0 deletions common/private/passwd.bzl
View file
@@ -0,0 +1,156 @@
# Copyright 2017 The Bazel Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Rules for creating password files and entries."""

load("@bazel_skylib//lib:paths.bzl", "paths")

_join_path = paths.join

PasswdFileContentProviderInfo = provider(
fields = [
"username",
"uid",
"gid",
"info",
"home",
"create_home",
"shell",
"name",
],
)

def _passwd_entry_impl(ctx):
"""Creates a passwd_file_content_provider containing a single entry."""
return [PasswdFileContentProviderInfo(
username = ctx.attr.username,
uid = ctx.attr.uid,
gid = ctx.attr.gid,
info = ctx.attr.info,
home = ctx.attr.home,
create_home = ctx.attr.create_home,
shell = ctx.attr.shell,
name = ctx.attr.name,
)]

def _passwd_file_impl(ctx):
"""Core implementation of passwd_file."""
f = "".join(["%s:x:%s:%s:%s:%s:%s\n" % (
entry[PasswdFileContentProviderInfo].username,
entry[PasswdFileContentProviderInfo].uid,
entry[PasswdFileContentProviderInfo].gid,
entry[PasswdFileContentProviderInfo].info,
entry[PasswdFileContentProviderInfo].home,
entry[PasswdFileContentProviderInfo].shell,
) for entry in ctx.attr.entries])
passwd_file = ctx.actions.declare_file(ctx.label.name)
ctx.actions.write(output = passwd_file, content = f)
return DefaultInfo(files = depset([passwd_file]))

def _format_onwer(t):
return ("--owners=%s=%s" % (t[0], t[1]))

def _build_homedirs_tar(ctx, passwd_file):
homedirs = []
owners_map = {}
for entry in ctx.attr.entries:
if entry[PasswdFileContentProviderInfo].create_home:
homedir = entry[PasswdFileContentProviderInfo].home
owners_map[homedir] = "{uid}.{gid}".format(
uid = entry[PasswdFileContentProviderInfo].uid,
gid = entry[PasswdFileContentProviderInfo].gid,
)
homedirs.append(homedir)
dest_file = _join_path(
ctx.attr.passwd_file_pkg_dir,
ctx.label.name,
)
args = ctx.actions.args()
args.add(ctx.outputs.passwd_tar, format = "--output=%s")
args.add("--mode=0o700")
args.add(passwd_file, format = "--file=%s=" + dest_file)
args.add(dest_file, format = "--modes=%s=" + ctx.attr.passwd_file_mode)

args.add_all(homedirs, format_each = "--empty_dir=%s")
args.add_all(owners_map.items(), map_each = _format_onwer)
ctx.actions.run(
executable = ctx.executable.build_tar,
inputs = [passwd_file],
outputs = [ctx.outputs.passwd_tar],
mnemonic = "PasswdTar",
arguments = [args],
)

def _passwd_tar_impl(ctx):
"""Core implementation of passwd_tar."""
f = "".join(["%s:x:%s:%s:%s:%s:%s\n" % (
entry[PasswdFileContentProviderInfo].username,
entry[PasswdFileContentProviderInfo].uid,
entry[PasswdFileContentProviderInfo].gid,
entry[PasswdFileContentProviderInfo].info,
entry[PasswdFileContentProviderInfo].home,
entry[PasswdFileContentProviderInfo].shell,
) for entry in ctx.attr.entries])

passwd_file = ctx.actions.declare_file(ctx.label.name)
ctx.actions.write(output = passwd_file, content = f)

_build_homedirs_tar(ctx, passwd_file)

return DefaultInfo(files = depset([ctx.outputs.passwd_tar]))

passwd_entry = rule(
attrs = {
"create_home": attr.bool(default = True),
"gid": attr.int(default = 1000),
"home": attr.string(default = "/home"),
"info": attr.string(default = "user"),
"shell": attr.string(default = "/bin/bash"),
"uid": attr.int(default = 1000),
"username": attr.string(mandatory = True),
},
implementation = _passwd_entry_impl,
)

passwd_file = rule(
attrs = {
"entries": attr.label_list(
allow_empty = False,
providers = [PasswdFileContentProviderInfo],
),
},
executable = False,
implementation = _passwd_file_impl,
)

passwd_tar = rule(
attrs = {
"build_tar": attr.label(
default = Label("//container:build_tar"),
cfg = "exec",
executable = True,
allow_files = True,
),
"entries": attr.label_list(
allow_empty = False,
providers = [PasswdFileContentProviderInfo],
),
"passwd_file_mode": attr.string(default = "0o644"),
"passwd_file_pkg_dir": attr.string(mandatory = True),
},
executable = False,
outputs = {
"passwd_tar": "%{name}.tar",
},
implementation = _passwd_tar_impl,
)

0 comments on commit 09ca2c4

Please sign in to comment.