mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-09-19 15:56:03 +00:00
bazel: allow custom container_prefix (#1693)
* build: allow custom container registry * build: fix .bazeloverwriterc import
This commit is contained in:
parent
12216ea997
commit
1bdf410b52
5
.bazelrc
5
.bazelrc
@ -26,6 +26,9 @@ build --define=gotags=netgo
|
|||||||
# enable tpm simulator for tests
|
# enable tpm simulator for tests
|
||||||
test --//bazel/settings:tpm_simulator
|
test --//bazel/settings:tpm_simulator
|
||||||
|
|
||||||
|
# set registry flag alias
|
||||||
|
build --flag_alias=container_prefix=//bazel/settings:container_prefix
|
||||||
|
|
||||||
# disable test caching (rerun all test cases even if they passed before)
|
# disable test caching (rerun all test cases even if they passed before)
|
||||||
test --cache_test_results=no
|
test --cache_test_results=no
|
||||||
|
|
||||||
@ -52,4 +55,4 @@ build:remote_cache --experimental_remote_cache_compression
|
|||||||
build:remote_cache --nolegacy_important_outputs
|
build:remote_cache --nolegacy_important_outputs
|
||||||
build:remote_cache_readonly --noremote_upload_local_results # Uploads logs & artifacts without writing to cache
|
build:remote_cache_readonly --noremote_upload_local_results # Uploads logs & artifacts without writing to cache
|
||||||
|
|
||||||
try-import .bazeloverwriterc
|
try-import %workspace%/.bazeloverwriterc
|
||||||
|
@ -23,12 +23,7 @@ alias(
|
|||||||
|
|
||||||
alias(
|
alias(
|
||||||
name = "devbuild",
|
name = "devbuild",
|
||||||
actual = "//bazel/devbuild:devbuild",
|
actual = "//bazel/release:build_and_push",
|
||||||
)
|
|
||||||
|
|
||||||
alias(
|
|
||||||
name = "push",
|
|
||||||
actual = "//bazel/release:push",
|
|
||||||
)
|
)
|
||||||
|
|
||||||
# These magic Gazelle commands need to be in the top-level BUILD file.
|
# These magic Gazelle commands need to be in the top-level BUILD file.
|
||||||
|
@ -2,11 +2,8 @@
|
|||||||
This module holds the definitions of the containers that are built.
|
This module holds the definitions of the containers that are built.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
load("@rules_oci//oci:defs.bzl", _oci_push = "oci_push", _oci_tarball = "oci_tarball")
|
load("@bazel_skylib//lib:paths.bzl", "paths")
|
||||||
load("//bazel/oci:pin.bzl", "oci_sum")
|
load("@bazel_skylib//rules:common_settings.bzl", "BuildSettingInfo")
|
||||||
|
|
||||||
_default_registry = "ghcr.io"
|
|
||||||
_default_prefix = "edgelesssys/constellation"
|
|
||||||
|
|
||||||
def containers():
|
def containers():
|
||||||
return [
|
return [
|
||||||
@ -15,9 +12,7 @@ def containers():
|
|||||||
"image_name": "join-service",
|
"image_name": "join-service",
|
||||||
"name": "joinservice",
|
"name": "joinservice",
|
||||||
"oci": "//joinservice/cmd:joinservice",
|
"oci": "//joinservice/cmd:joinservice",
|
||||||
"prefix": _default_prefix,
|
"repotag_file": "//bazel/release:joinservice_tag.txt",
|
||||||
"registry": _default_registry,
|
|
||||||
"tag_file": "//bazel/settings:tag",
|
|
||||||
"used_by": ["helm"],
|
"used_by": ["helm"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -25,9 +20,7 @@ def containers():
|
|||||||
"image_name": "key-service",
|
"image_name": "key-service",
|
||||||
"name": "keyservice",
|
"name": "keyservice",
|
||||||
"oci": "//keyservice/cmd:keyservice",
|
"oci": "//keyservice/cmd:keyservice",
|
||||||
"prefix": _default_prefix,
|
"repotag_file": "//bazel/release:keyservice_tag.txt",
|
||||||
"registry": _default_registry,
|
|
||||||
"tag_file": "//bazel/settings:tag",
|
|
||||||
"used_by": ["helm"],
|
"used_by": ["helm"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -35,9 +28,7 @@ def containers():
|
|||||||
"image_name": "verification-service",
|
"image_name": "verification-service",
|
||||||
"name": "verificationservice",
|
"name": "verificationservice",
|
||||||
"oci": "//verify/cmd:verificationservice",
|
"oci": "//verify/cmd:verificationservice",
|
||||||
"prefix": _default_prefix,
|
"repotag_file": "//bazel/release:verificationservice_tag.txt",
|
||||||
"registry": _default_registry,
|
|
||||||
"tag_file": "//bazel/settings:tag",
|
|
||||||
"used_by": ["helm"],
|
"used_by": ["helm"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -45,9 +36,7 @@ def containers():
|
|||||||
"image_name": "node-operator",
|
"image_name": "node-operator",
|
||||||
"name": "nodeoperator",
|
"name": "nodeoperator",
|
||||||
"oci": "//operators/constellation-node-operator:node_operator",
|
"oci": "//operators/constellation-node-operator:node_operator",
|
||||||
"prefix": _default_prefix,
|
"repotag_file": "//bazel/release:nodeoperator_tag.txt",
|
||||||
"registry": _default_registry,
|
|
||||||
"tag_file": "//bazel/settings:tag",
|
|
||||||
"used_by": ["helm"],
|
"used_by": ["helm"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -55,9 +44,7 @@ def containers():
|
|||||||
"image_name": "qemu-metadata-api",
|
"image_name": "qemu-metadata-api",
|
||||||
"name": "qemumetadata",
|
"name": "qemumetadata",
|
||||||
"oci": "//hack/qemu-metadata-api:qemumetadata",
|
"oci": "//hack/qemu-metadata-api:qemumetadata",
|
||||||
"prefix": _default_prefix,
|
"repotag_file": "//bazel/release:qemumetadata_tag.txt",
|
||||||
"registry": _default_registry,
|
|
||||||
"tag_file": "//bazel/settings:tag",
|
|
||||||
"used_by": ["config"],
|
"used_by": ["config"],
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -65,9 +52,7 @@ def containers():
|
|||||||
"image_name": "libvirt",
|
"image_name": "libvirt",
|
||||||
"name": "libvirt",
|
"name": "libvirt",
|
||||||
"oci": "//cli/internal/libvirt:constellation_libvirt",
|
"oci": "//cli/internal/libvirt:constellation_libvirt",
|
||||||
"prefix": _default_prefix,
|
"repotag_file": "//bazel/release:libvirt_tag.txt",
|
||||||
"registry": _default_registry,
|
|
||||||
"tag_file": "//bazel/settings:tag",
|
|
||||||
"used_by": ["config"],
|
"used_by": ["config"],
|
||||||
},
|
},
|
||||||
]
|
]
|
||||||
@ -78,58 +63,21 @@ def helm_containers():
|
|||||||
def config_containers():
|
def config_containers():
|
||||||
return [container for container in containers() if "config" in container["used_by"]]
|
return [container for container in containers() if "config" in container["used_by"]]
|
||||||
|
|
||||||
def container_sum(name, oci, registry, prefix, image_name, **kwargs):
|
def _container_reponame_impl(ctx):
|
||||||
tag = kwargs.get("tag", None)
|
container_prefix = ctx.attr._prefix[BuildSettingInfo].value
|
||||||
tag_file = kwargs.get("tag_file", None)
|
if container_prefix == None:
|
||||||
oci_sum(
|
fail("container_prefix is not set")
|
||||||
name = name + "_sum",
|
|
||||||
oci = oci,
|
full_container_tag = paths.join(container_prefix, ctx.attr.container_name)
|
||||||
registry = registry,
|
|
||||||
prefix = prefix,
|
output = ctx.actions.declare_file(ctx.attr.container_name + "_container_repotag")
|
||||||
image_name = image_name,
|
ctx.actions.write(output = output, content = full_container_tag)
|
||||||
tag = tag,
|
return [DefaultInfo(files = depset([output]))]
|
||||||
tag_file = tag_file,
|
|
||||||
visibility = ["//visibility:public"],
|
container_reponame = rule(
|
||||||
)
|
implementation = _container_reponame_impl,
|
||||||
|
attrs = {
|
||||||
def oci_push(name, image, registry, image_name, **kwargs):
|
"container_name": attr.string(),
|
||||||
"""oci_push pushes an OCI image to a registry.
|
"_prefix": attr.label(default = Label("//bazel/settings:container_prefix")),
|
||||||
|
},
|
||||||
Args:
|
|
||||||
name: The name of the target.
|
|
||||||
image: The OCI image to push.
|
|
||||||
registry: The registry to push to.
|
|
||||||
image_name: The name of the image.
|
|
||||||
**kwargs: Additional arguments to pass to oci_push.
|
|
||||||
"""
|
|
||||||
prefix = kwargs.pop("prefix", None)
|
|
||||||
tag = kwargs.pop("tag", None)
|
|
||||||
tag_file = kwargs.pop("tag_file", None)
|
|
||||||
if prefix == None:
|
|
||||||
repository = registry + "/" + image_name
|
|
||||||
else:
|
|
||||||
repository = registry + "/" + prefix + "/" + image_name
|
|
||||||
_oci_push(
|
|
||||||
name = name,
|
|
||||||
image = image,
|
|
||||||
repository = repository,
|
|
||||||
tag = tag,
|
|
||||||
tag_file = tag_file,
|
|
||||||
visibility = ["//visibility:public"],
|
|
||||||
**kwargs
|
|
||||||
)
|
|
||||||
|
|
||||||
# TODO(malt3): allow repotags (registry + tag) to be read from a file.
|
|
||||||
def oci_tarball(name, image):
|
|
||||||
"""oci_tarball creates a tarball of an OCI image.
|
|
||||||
|
|
||||||
Args:
|
|
||||||
name: The name of the target.
|
|
||||||
image: The OCI image to create a tarball of.
|
|
||||||
"""
|
|
||||||
_oci_tarball(
|
|
||||||
name = name,
|
|
||||||
image = image,
|
|
||||||
repotags = [],
|
|
||||||
visibility = ["//visibility:public"],
|
|
||||||
)
|
)
|
||||||
|
@ -24,17 +24,11 @@ def stamp_tags(name, repotags, **kwargs):
|
|||||||
def _oci_go_source_impl(ctx):
|
def _oci_go_source_impl(ctx):
|
||||||
oci = ctx.file.oci
|
oci = ctx.file.oci
|
||||||
inputs = [oci]
|
inputs = [oci]
|
||||||
if ctx.attr.tag_file:
|
if ctx.attr.repotag_file:
|
||||||
inputs.append(ctx.file.tag_file)
|
inputs.append(ctx.file.repotag_file)
|
||||||
output = ctx.actions.declare_file(ctx.label.name + ".go")
|
output = ctx.actions.declare_file(ctx.label.name + ".go")
|
||||||
args = [
|
args = [
|
||||||
"codegen",
|
"codegen",
|
||||||
"--image-registry",
|
|
||||||
ctx.attr.registry,
|
|
||||||
"--image-prefix",
|
|
||||||
ctx.attr.prefix,
|
|
||||||
"--image-name",
|
|
||||||
ctx.attr.image_name,
|
|
||||||
"--oci-path",
|
"--oci-path",
|
||||||
oci.path,
|
oci.path,
|
||||||
"--package",
|
"--package",
|
||||||
@ -47,9 +41,9 @@ def _oci_go_source_impl(ctx):
|
|||||||
if ctx.attr.tag:
|
if ctx.attr.tag:
|
||||||
args.append("--image-tag")
|
args.append("--image-tag")
|
||||||
args.append(ctx.attr.tag)
|
args.append(ctx.attr.tag)
|
||||||
if ctx.attr.tag_file:
|
if ctx.attr.repotag_file:
|
||||||
args.append("--image-tag-file")
|
args.append("--repoimage-tag-file")
|
||||||
args.append(ctx.file.tag_file.path)
|
args.append(ctx.file.repotag_file.path)
|
||||||
|
|
||||||
ctx.actions.run(
|
ctx.actions.run(
|
||||||
inputs = inputs,
|
inputs = inputs,
|
||||||
@ -82,20 +76,13 @@ _go_source_attrs = {
|
|||||||
mandatory = True,
|
mandatory = True,
|
||||||
doc = "Package to use for the generated Go source.",
|
doc = "Package to use for the generated Go source.",
|
||||||
),
|
),
|
||||||
"prefix": attr.string(
|
"repotag_file": attr.label(
|
||||||
doc = "Prefix to use for the generated Go source.",
|
allow_single_file = True,
|
||||||
),
|
doc = "OCI image tag file to use for the generated Go source.",
|
||||||
"registry": attr.string(
|
|
||||||
mandatory = True,
|
|
||||||
doc = "Registry to use for the generated Go source.",
|
|
||||||
),
|
),
|
||||||
"tag": attr.string(
|
"tag": attr.string(
|
||||||
doc = "OCI image tag to use for the generated Go source.",
|
doc = "OCI image tag to use for the generated Go source.",
|
||||||
),
|
),
|
||||||
"tag_file": attr.label(
|
|
||||||
allow_single_file = True,
|
|
||||||
doc = "OCI image tag file to use for the generated Go source.",
|
|
||||||
),
|
|
||||||
"_oci_pin": attr.label(
|
"_oci_pin": attr.label(
|
||||||
allow_single_file = True,
|
allow_single_file = True,
|
||||||
executable = True,
|
executable = True,
|
||||||
@ -112,29 +99,19 @@ oci_go_source = rule(
|
|||||||
def _oci_sum_impl(ctx):
|
def _oci_sum_impl(ctx):
|
||||||
oci = ctx.file.oci
|
oci = ctx.file.oci
|
||||||
inputs = [oci]
|
inputs = [oci]
|
||||||
if ctx.attr.tag_file:
|
if ctx.attr.repotag_file:
|
||||||
inputs.append(ctx.file.tag_file)
|
inputs.append(ctx.file.repotag_file)
|
||||||
output = ctx.actions.declare_file(ctx.label.name + ".sha256")
|
output = ctx.actions.declare_file(ctx.label.name + ".sha256")
|
||||||
args = [
|
args = [
|
||||||
"sum",
|
"sum",
|
||||||
"--image-name",
|
|
||||||
ctx.attr.image_name,
|
|
||||||
"--oci-path",
|
"--oci-path",
|
||||||
oci.path,
|
oci.path,
|
||||||
"--output",
|
"--output",
|
||||||
output.path,
|
output.path,
|
||||||
"--registry",
|
|
||||||
ctx.attr.registry,
|
|
||||||
]
|
]
|
||||||
if ctx.attr.prefix:
|
if ctx.attr.repotag_file:
|
||||||
args.append("--prefix")
|
args.append("--repoimage-tag-file")
|
||||||
args.append(ctx.attr.prefix)
|
args.append(ctx.file.repotag_file.path)
|
||||||
if ctx.attr.tag:
|
|
||||||
args.append("--image-tag")
|
|
||||||
args.append(ctx.attr.tag)
|
|
||||||
if ctx.attr.tag_file:
|
|
||||||
args.append("--image-tag-file")
|
|
||||||
args.append(ctx.file.tag_file.path)
|
|
||||||
|
|
||||||
ctx.actions.run(
|
ctx.actions.run(
|
||||||
inputs = inputs,
|
inputs = inputs,
|
||||||
@ -159,17 +136,7 @@ _sum_attrs = {
|
|||||||
allow_single_file = True,
|
allow_single_file = True,
|
||||||
doc = "OCI image to extract the digest from.",
|
doc = "OCI image to extract the digest from.",
|
||||||
),
|
),
|
||||||
"prefix": attr.string(
|
"repotag_file": attr.label(
|
||||||
doc = "Prefix to use for the sum entry.",
|
|
||||||
),
|
|
||||||
"registry": attr.string(
|
|
||||||
mandatory = True,
|
|
||||||
doc = "Registry to use for the sum entry.",
|
|
||||||
),
|
|
||||||
"tag": attr.string(
|
|
||||||
doc = "OCI image tag to use for the sum entry.",
|
|
||||||
),
|
|
||||||
"tag_file": attr.label(
|
|
||||||
allow_single_file = True,
|
allow_single_file = True,
|
||||||
doc = "OCI image tag file to use for the sum entry.",
|
doc = "OCI image tag file to use for the sum entry.",
|
||||||
),
|
),
|
||||||
|
@ -3,25 +3,48 @@ This folder contains labels used to collect release artifacts.
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
load("@com_github_ash2k_bazel_tools//multirun:def.bzl", "multirun")
|
load("@com_github_ash2k_bazel_tools//multirun:def.bzl", "multirun")
|
||||||
load("//bazel/oci:containers.bzl", "container_sum", "containers", "oci_push", "oci_tarball")
|
load("@rules_oci//oci:defs.bzl", "oci_push")
|
||||||
load("//bazel/oci:pin.bzl", "oci_sum_merge")
|
load("//bazel/oci:containers.bzl", "container_reponame", "containers")
|
||||||
|
load("//bazel/oci:pin.bzl", "oci_sum", "oci_sum_merge")
|
||||||
|
|
||||||
[
|
[
|
||||||
oci_tarball(
|
container_reponame(
|
||||||
name = container["name"] + "_tar",
|
name = container["name"] + "_reponame",
|
||||||
image = container["oci"],
|
container_name = container["image_name"],
|
||||||
)
|
)
|
||||||
for container in containers()
|
for container in containers()
|
||||||
]
|
]
|
||||||
|
|
||||||
[
|
[
|
||||||
container_sum(
|
genrule(
|
||||||
name = container["name"],
|
name = container["name"] + "_repotag",
|
||||||
|
srcs = [
|
||||||
|
"//bazel/release:" + container["name"] + "_reponame",
|
||||||
|
"//bazel/settings:tag",
|
||||||
|
],
|
||||||
|
outs = [container["repotag_file"]],
|
||||||
|
cmd = "echo -n ':' | cat $(location //bazel/release:" + container["name"] + "_reponame) - $(location //bazel/settings:tag) > $@",
|
||||||
|
visibility = ["//visibility:public"],
|
||||||
|
)
|
||||||
|
for container in containers()
|
||||||
|
]
|
||||||
|
|
||||||
|
# TODO(3u13r): re-enable target once https://github.com/bazel-contrib/rules_oci/issues/184 is fixed
|
||||||
|
# [
|
||||||
|
# oci_tarball(
|
||||||
|
# name = container["name"] + "_tar",
|
||||||
|
# image = container["oci"],
|
||||||
|
# repotag_file = container["repotag_file"],
|
||||||
|
# )
|
||||||
|
# for container in containers()
|
||||||
|
# ]
|
||||||
|
|
||||||
|
[
|
||||||
|
oci_sum(
|
||||||
|
name = container["name"] + "_sum",
|
||||||
image_name = container["image_name"],
|
image_name = container["image_name"],
|
||||||
oci = container["oci"],
|
oci = container["oci"],
|
||||||
prefix = container["prefix"],
|
repotag_file = container["repotag_file"],
|
||||||
registry = container["registry"],
|
|
||||||
tag_file = container["tag_file"],
|
|
||||||
)
|
)
|
||||||
for container in containers()
|
for container in containers()
|
||||||
]
|
]
|
||||||
@ -35,16 +58,11 @@ oci_sum_merge(
|
|||||||
visibility = ["//visibility:public"],
|
visibility = ["//visibility:public"],
|
||||||
)
|
)
|
||||||
|
|
||||||
# TODO(malt3): use config setting to allow devs the use of custom registries
|
|
||||||
# https://www.grahambrooks.com/software-development/2021/08/30/user-defined-bazel-arguments.html
|
|
||||||
[
|
[
|
||||||
oci_push(
|
oci_push(
|
||||||
name = container["name"] + "_push",
|
name = container["name"] + "_push",
|
||||||
image = container["oci"],
|
image = container["oci"],
|
||||||
image_name = container["image_name"],
|
repotags = container["repotag_file"],
|
||||||
prefix = container["prefix"],
|
|
||||||
registry = container["registry"],
|
|
||||||
repotags = container["tag_file"],
|
|
||||||
)
|
)
|
||||||
for container in containers()
|
for container in containers()
|
||||||
]
|
]
|
||||||
@ -58,3 +76,12 @@ multirun(
|
|||||||
jobs = 0, # execute in parallel
|
jobs = 0, # execute in parallel
|
||||||
visibility = ["//visibility:public"],
|
visibility = ["//visibility:public"],
|
||||||
)
|
)
|
||||||
|
|
||||||
|
multirun(
|
||||||
|
name = "build_and_push",
|
||||||
|
commands = [
|
||||||
|
"//bazel/devbuild:devbuild",
|
||||||
|
"//bazel/release:push",
|
||||||
|
],
|
||||||
|
visibility = ["//visibility:public"],
|
||||||
|
)
|
||||||
|
@ -35,6 +35,12 @@ string_flag(
|
|||||||
],
|
],
|
||||||
)
|
)
|
||||||
|
|
||||||
|
string_flag(
|
||||||
|
name = "container_prefix",
|
||||||
|
build_setting_default = "ghcr.io/edgelesssys/constellation",
|
||||||
|
visibility = ["//visibility:public"],
|
||||||
|
)
|
||||||
|
|
||||||
bool_flag(
|
bool_flag(
|
||||||
name = "select_never",
|
name = "select_never",
|
||||||
build_setting_default = False,
|
build_setting_default = False,
|
||||||
|
@ -5,11 +5,11 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
|||||||
def oci_deps():
|
def oci_deps():
|
||||||
http_archive(
|
http_archive(
|
||||||
name = "rules_oci",
|
name = "rules_oci",
|
||||||
sha256 = "4a738bdbeacb0e1df070209dddfa7b55fed9bbc553b905cf3d2dd25115e0b598",
|
strip_prefix = "rules_oci-0.4.0",
|
||||||
strip_prefix = "rules_oci-0.3.8",
|
|
||||||
type = "tar.gz",
|
type = "tar.gz",
|
||||||
urls = [
|
urls = [
|
||||||
"https://cdn.confidential.cloud/constellation/cas/sha256/4a738bdbeacb0e1df070209dddfa7b55fed9bbc553b905cf3d2dd25115e0b598",
|
"https://cdn.confidential.cloud/constellation/cas/sha256/d7b0760ba28554b71941ea0bbfd0a9f089bf250fd4448f9c116e1cb7a63b3933",
|
||||||
"https://github.com/bazel-contrib/rules_oci/releases/download/v0.3.8/rules_oci-v0.3.8.tar.gz",
|
"https://github.com/bazel-contrib/rules_oci/releases/download/v0.4.0/rules_oci-v0.4.0.tar.gz",
|
||||||
],
|
],
|
||||||
|
sha256 = "d7b0760ba28554b71941ea0bbfd0a9f089bf250fd4448f9c116e1cb7a63b3933",
|
||||||
)
|
)
|
||||||
|
@ -24,9 +24,7 @@ go_library(
|
|||||||
image_name = container["image_name"],
|
image_name = container["image_name"],
|
||||||
oci = container["oci"],
|
oci = container["oci"],
|
||||||
package = "imageversion",
|
package = "imageversion",
|
||||||
prefix = container["prefix"],
|
repotag_file = container["repotag_file"],
|
||||||
registry = container["registry"],
|
|
||||||
tag_file = container["tag_file"],
|
|
||||||
visibility = ["//cli:__subpackages__"],
|
visibility = ["//cli:__subpackages__"],
|
||||||
)
|
)
|
||||||
for container in helm_containers()
|
for container in helm_containers()
|
||||||
|
@ -28,7 +28,9 @@ mkdir build
|
|||||||
cd build
|
cd build
|
||||||
# build required binaries for a dev build
|
# build required binaries for a dev build
|
||||||
# and symlink them into the current directory
|
# and symlink them into the current directory
|
||||||
bazel run //:devbuild
|
# also push the built container images
|
||||||
|
# After the first run, set the pushed imaged to public.
|
||||||
|
bazel run //:devbuild --container_prefix=ghcr.io/USERNAME/constellation
|
||||||
./constellation ...
|
./constellation ...
|
||||||
# modify code
|
# modify code
|
||||||
# rerun to ensure that all binaries are up to date
|
# rerun to ensure that all binaries are up to date
|
||||||
@ -36,6 +38,12 @@ bazel run //:devbuild
|
|||||||
./constellation ...
|
./constellation ...
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Overwrite the default container_prefix in the `.bazeloverwriterc` in the root of the workspace:
|
||||||
|
```bazel
|
||||||
|
# cat .bazeloverwriterc
|
||||||
|
build --container_prefix=ghcr.io/USERNAME
|
||||||
|
```
|
||||||
|
|
||||||
Bazel build:
|
Bazel build:
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
|
@ -30,17 +30,11 @@ func newCodegenCmd() *cobra.Command {
|
|||||||
cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.")
|
cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.")
|
||||||
cmd.Flags().String("package", "", "Name of the Go package.")
|
cmd.Flags().String("package", "", "Name of the Go package.")
|
||||||
cmd.Flags().String("identifier", "", "Base name of the Go const identifiers.")
|
cmd.Flags().String("identifier", "", "Base name of the Go const identifiers.")
|
||||||
cmd.Flags().String("image-registry", "", "Registry where the image is stored.")
|
cmd.Flags().String("repoimage-tag-file", "", "Tag file of the OCI image to pin.")
|
||||||
cmd.Flags().String("image-prefix", "", "Prefix of the image name. Optional.")
|
|
||||||
cmd.Flags().String("image-name", "", "Short name of the OCI image to pin.")
|
|
||||||
cmd.Flags().String("image-tag", "", "Tag of the OCI image to pin. Optional.")
|
|
||||||
cmd.Flags().String("image-tag-file", "", "Tag file of the OCI image to pin. Optional.")
|
|
||||||
cmd.MarkFlagsMutuallyExclusive("image-tag", "image-tag-file")
|
|
||||||
must(cmd.MarkFlagRequired("oci-path"))
|
must(cmd.MarkFlagRequired("oci-path"))
|
||||||
must(cmd.MarkFlagRequired("package"))
|
must(cmd.MarkFlagRequired("package"))
|
||||||
must(cmd.MarkFlagRequired("identifier"))
|
must(cmd.MarkFlagRequired("identifier"))
|
||||||
must(cmd.MarkFlagRequired("image-registry"))
|
must(cmd.MarkFlagRequired("repoimage-tag-file"))
|
||||||
must(cmd.MarkFlagRequired("image-name"))
|
|
||||||
|
|
||||||
return cmd
|
return cmd
|
||||||
}
|
}
|
||||||
@ -53,7 +47,12 @@ func runCodegen(cmd *cobra.Command, _ []string) error {
|
|||||||
log := logger.New(logger.PlainLog, flags.logLevel)
|
log := logger.New(logger.PlainLog, flags.logLevel)
|
||||||
log.Debugf("Parsed flags: %+v", flags)
|
log.Debugf("Parsed flags: %+v", flags)
|
||||||
|
|
||||||
log.Debugf("Generating Go code for OCI image %s.", flags.imageName)
|
registry, prefix, name, tag, err := splitRepoTag(flags.imageRepoTag)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("splitting OCI image reference %q: %w", flags.imageRepoTag, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Debugf("Generating Go code for OCI image %s.", name)
|
||||||
|
|
||||||
ociIndexPath := filepath.Join(flags.ociPath, "index.json")
|
ociIndexPath := filepath.Join(flags.ociPath, "index.json")
|
||||||
index, err := os.Open(ociIndexPath)
|
index, err := os.Open(ociIndexPath)
|
||||||
@ -84,10 +83,10 @@ func runCodegen(cmd *cobra.Command, _ []string) error {
|
|||||||
if err := inject.Render(out, inject.PinningValues{
|
if err := inject.Render(out, inject.PinningValues{
|
||||||
Package: flags.pkg,
|
Package: flags.pkg,
|
||||||
Ident: flags.identifier,
|
Ident: flags.identifier,
|
||||||
Registry: flags.imageRegistry,
|
Registry: registry,
|
||||||
Prefix: flags.imagePrefix,
|
Prefix: prefix,
|
||||||
Name: flags.imageName,
|
Name: name,
|
||||||
Tag: flags.imageTag,
|
Tag: tag,
|
||||||
Digest: digest,
|
Digest: digest,
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
return fmt.Errorf("rendering Go code: %w", err)
|
return fmt.Errorf("rendering Go code: %w", err)
|
||||||
@ -102,10 +101,7 @@ type codegenFlags struct {
|
|||||||
output string
|
output string
|
||||||
pkg string
|
pkg string
|
||||||
identifier string
|
identifier string
|
||||||
imageRegistry string
|
imageRepoTag string
|
||||||
imagePrefix string
|
|
||||||
imageName string
|
|
||||||
imageTag string
|
|
||||||
logLevel zapcore.Level
|
logLevel zapcore.Level
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -126,33 +122,17 @@ func parseCodegenFlags(cmd *cobra.Command) (codegenFlags, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return codegenFlags{}, err
|
return codegenFlags{}, err
|
||||||
}
|
}
|
||||||
imageRegistry, err := cmd.Flags().GetString("image-registry")
|
|
||||||
|
imageRepoTagFile, err := cmd.Flags().GetString("repoimage-tag-file")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return codegenFlags{}, err
|
return codegenFlags{}, err
|
||||||
}
|
}
|
||||||
imagePrefix, err := cmd.Flags().GetString("image-prefix")
|
repotag, err := os.ReadFile(imageRepoTagFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return codegenFlags{}, err
|
return codegenFlags{}, fmt.Errorf("reading image repotag file %q: %w", imageRepoTagFile, err)
|
||||||
}
|
|
||||||
imageName, err := cmd.Flags().GetString("image-name")
|
|
||||||
if err != nil {
|
|
||||||
return codegenFlags{}, err
|
|
||||||
}
|
|
||||||
imageTag, err := cmd.Flags().GetString("image-tag")
|
|
||||||
if err != nil {
|
|
||||||
return codegenFlags{}, err
|
|
||||||
}
|
|
||||||
imageTagFile, err := cmd.Flags().GetString("image-tag-file")
|
|
||||||
if err != nil {
|
|
||||||
return codegenFlags{}, err
|
|
||||||
}
|
|
||||||
if imageTagFile != "" {
|
|
||||||
tag, err := os.ReadFile(imageTagFile)
|
|
||||||
if err != nil {
|
|
||||||
return codegenFlags{}, fmt.Errorf("reading image tag file %q: %w", imageTagFile, err)
|
|
||||||
}
|
|
||||||
imageTag = strings.TrimSpace(string(tag))
|
|
||||||
}
|
}
|
||||||
|
imageRepoTag := strings.TrimSpace(string(repotag))
|
||||||
|
|
||||||
verbose, err := cmd.Flags().GetBool("verbose")
|
verbose, err := cmd.Flags().GetBool("verbose")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return codegenFlags{}, err
|
return codegenFlags{}, err
|
||||||
@ -167,10 +147,7 @@ func parseCodegenFlags(cmd *cobra.Command) (codegenFlags, error) {
|
|||||||
output: output,
|
output: output,
|
||||||
pkg: pkg,
|
pkg: pkg,
|
||||||
identifier: identifier,
|
identifier: identifier,
|
||||||
imageRegistry: imageRegistry,
|
imageRepoTag: imageRepoTag,
|
||||||
imagePrefix: imagePrefix,
|
|
||||||
imageName: imageName,
|
|
||||||
imageTag: imageTag,
|
|
||||||
logLevel: logLevel,
|
logLevel: logLevel,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
@ -11,6 +11,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
)
|
)
|
||||||
@ -83,3 +84,32 @@ func must(err error) {
|
|||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func splitRepoTag(ref string) (registry, prefix, name, tag string, err error) {
|
||||||
|
// last colon is separator between name and tag
|
||||||
|
tagSep := strings.LastIndexByte(ref, ':')
|
||||||
|
if tagSep == -1 {
|
||||||
|
return "", "", "", "", fmt.Errorf("invalid OCI image reference %q: missing tag", ref)
|
||||||
|
}
|
||||||
|
tag = ref[tagSep+1:]
|
||||||
|
base := ref[:tagSep]
|
||||||
|
|
||||||
|
// first slash is separator between registry and full name
|
||||||
|
registrySep := strings.IndexByte(base, '/')
|
||||||
|
if registrySep == -1 {
|
||||||
|
return "", "", "", "", fmt.Errorf("invalid OCI image reference %q: missing registry", ref)
|
||||||
|
}
|
||||||
|
|
||||||
|
registry = base[:registrySep]
|
||||||
|
fullName := base[registrySep+1:]
|
||||||
|
|
||||||
|
// last slash is separator between prefix and short name
|
||||||
|
nameSep := strings.LastIndexByte(fullName, '/')
|
||||||
|
if nameSep == -1 {
|
||||||
|
name = fullName
|
||||||
|
} else {
|
||||||
|
prefix = fullName[:nameSep]
|
||||||
|
name = fullName[nameSep+1:]
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
@ -28,15 +28,10 @@ func newSumCmd() *cobra.Command {
|
|||||||
|
|
||||||
cmd.Flags().String("oci-path", "", "Path to the OCI image to pin.")
|
cmd.Flags().String("oci-path", "", "Path to the OCI image to pin.")
|
||||||
cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.")
|
cmd.Flags().String("output", "-", "Output file. If not set, the output is written to stdout.")
|
||||||
cmd.Flags().String("registry", "", "OCI registry to use.")
|
|
||||||
cmd.Flags().String("prefix", "", "Prefix of the OCI image to pin.")
|
|
||||||
cmd.Flags().String("image-name", "", "Short name (suffix) of the OCI image to pin.")
|
cmd.Flags().String("image-name", "", "Short name (suffix) of the OCI image to pin.")
|
||||||
cmd.Flags().String("image-tag", "", "Tag of the OCI image to pin. Optional.")
|
cmd.Flags().String("repoimage-tag-file", "", "Tag file of the OCI image to pin.")
|
||||||
cmd.Flags().String("image-tag-file", "", "Tag file of the OCI image to pin. Optional.")
|
must(cmd.MarkFlagRequired("repoimage-tag-file"))
|
||||||
cmd.MarkFlagsMutuallyExclusive("image-tag", "image-tag-file")
|
|
||||||
must(cmd.MarkFlagRequired("registry"))
|
|
||||||
must(cmd.MarkFlagRequired("oci-path"))
|
must(cmd.MarkFlagRequired("oci-path"))
|
||||||
must(cmd.MarkFlagRequired("image-name"))
|
|
||||||
|
|
||||||
return cmd
|
return cmd
|
||||||
}
|
}
|
||||||
@ -49,7 +44,12 @@ func runSum(cmd *cobra.Command, _ []string) error {
|
|||||||
log := logger.New(logger.PlainLog, flags.logLevel)
|
log := logger.New(logger.PlainLog, flags.logLevel)
|
||||||
log.Debugf("Parsed flags: %+v", flags)
|
log.Debugf("Parsed flags: %+v", flags)
|
||||||
|
|
||||||
log.Debugf("Generating sum file for OCI image %s.", flags.imageName)
|
registry, prefix, name, tag, err := splitRepoTag(flags.imageRepoTag)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("splitting repo tag: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Debugf("Generating sum file for OCI image %s.", name)
|
||||||
|
|
||||||
ociIndexPath := filepath.Join(flags.ociPath, "index.json")
|
ociIndexPath := filepath.Join(flags.ociPath, "index.json")
|
||||||
index, err := os.Open(ociIndexPath)
|
index, err := os.Open(ociIndexPath)
|
||||||
@ -79,10 +79,10 @@ func runSum(cmd *cobra.Command, _ []string) error {
|
|||||||
|
|
||||||
refs := []sums.PinnedImageReference{
|
refs := []sums.PinnedImageReference{
|
||||||
{
|
{
|
||||||
Registry: flags.registry,
|
Registry: registry,
|
||||||
Prefix: flags.prefix,
|
Prefix: prefix,
|
||||||
Name: flags.imageName,
|
Name: name,
|
||||||
Tag: flags.imageTag,
|
Tag: tag,
|
||||||
Digest: digest,
|
Digest: digest,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@ -98,10 +98,7 @@ func runSum(cmd *cobra.Command, _ []string) error {
|
|||||||
type sumFlags struct {
|
type sumFlags struct {
|
||||||
ociPath string
|
ociPath string
|
||||||
output string
|
output string
|
||||||
registry string
|
imageRepoTag string
|
||||||
prefix string
|
|
||||||
imageName string
|
|
||||||
imageTag string
|
|
||||||
logLevel zapcore.Level
|
logLevel zapcore.Level
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -114,33 +111,17 @@ func parseSumFlags(cmd *cobra.Command) (sumFlags, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return sumFlags{}, err
|
return sumFlags{}, err
|
||||||
}
|
}
|
||||||
registry, err := cmd.Flags().GetString("registry")
|
|
||||||
|
imageTagFile, err := cmd.Flags().GetString("repoimage-tag-file")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return sumFlags{}, err
|
return sumFlags{}, err
|
||||||
}
|
}
|
||||||
prefix, err := cmd.Flags().GetString("prefix")
|
|
||||||
if err != nil {
|
|
||||||
return sumFlags{}, err
|
|
||||||
}
|
|
||||||
imageName, err := cmd.Flags().GetString("image-name")
|
|
||||||
if err != nil {
|
|
||||||
return sumFlags{}, err
|
|
||||||
}
|
|
||||||
imageTag, err := cmd.Flags().GetString("image-tag")
|
|
||||||
if err != nil {
|
|
||||||
return sumFlags{}, err
|
|
||||||
}
|
|
||||||
imageTagFile, err := cmd.Flags().GetString("image-tag-file")
|
|
||||||
if err != nil {
|
|
||||||
return sumFlags{}, err
|
|
||||||
}
|
|
||||||
if imageTagFile != "" {
|
|
||||||
tag, err := os.ReadFile(imageTagFile)
|
tag, err := os.ReadFile(imageTagFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return sumFlags{}, fmt.Errorf("reading image tag file %q: %w", imageTagFile, err)
|
return sumFlags{}, fmt.Errorf("reading image repotag file %q: %w", imageTagFile, err)
|
||||||
}
|
|
||||||
imageTag = strings.TrimSpace(string(tag))
|
|
||||||
}
|
}
|
||||||
|
imageRepoTag := strings.TrimSpace(string(tag))
|
||||||
|
|
||||||
verbose, err := cmd.Flags().GetBool("verbose")
|
verbose, err := cmd.Flags().GetBool("verbose")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return sumFlags{}, err
|
return sumFlags{}, err
|
||||||
@ -153,10 +134,7 @@ func parseSumFlags(cmd *cobra.Command) (sumFlags, error) {
|
|||||||
return sumFlags{
|
return sumFlags{
|
||||||
ociPath: ociPath,
|
ociPath: ociPath,
|
||||||
output: output,
|
output: output,
|
||||||
registry: registry,
|
imageRepoTag: imageRepoTag,
|
||||||
prefix: prefix,
|
|
||||||
imageName: imageName,
|
|
||||||
imageTag: imageTag,
|
|
||||||
logLevel: logLevel,
|
logLevel: logLevel,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
@ -24,9 +24,7 @@ go_library(
|
|||||||
image_name = container["image_name"],
|
image_name = container["image_name"],
|
||||||
oci = container["oci"],
|
oci = container["oci"],
|
||||||
package = "imageversion",
|
package = "imageversion",
|
||||||
prefix = container["prefix"],
|
repotag_file = container["repotag_file"],
|
||||||
registry = container["registry"],
|
|
||||||
tag_file = container["tag_file"],
|
|
||||||
visibility = ["//:__subpackages__"],
|
visibility = ["//:__subpackages__"],
|
||||||
)
|
)
|
||||||
for container in config_containers()
|
for container in config_containers()
|
||||||
|
Loading…
Reference in New Issue
Block a user