diff --git a/.github/workflows/build-bazel-container.yml b/.github/workflows/build-bazel-container.yml deleted file mode 100644 index ea0ceda55..000000000 --- a/.github/workflows/build-bazel-container.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Build bazel dev container - -on: - push: - branches: - - "main" - paths: - - "bazel/container/**" - - ".github/workflows/build-bazel-container.yml" - workflow_dispatch: - -jobs: - build-container: - runs-on: ubuntu-22.04 - permissions: - contents: read - packages: write - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Determine version - id: version - working-directory: ./bazel/container - run: | - version=$(grep "ARG BAZEL_VERSION" Containerfile | cut -d= -f2) - echo "version=v${version}" | tee -a "$GITHUB_OUTPUT" - - - name: Docker meta - id: meta - uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 - with: - images: | - ghcr.io/edgelesssys/bazel-container - flavor: | - latest=false - tags: | - type=raw,value=${{ steps.version.outputs.version }},enable=${{ github.ref_name == 'main' }} - type=raw,value=${{ github.ref_name }},enable=${{ github.ref_name != 'main' }} - type=sha,value=${{ github.sha }} - type=raw,value=latest,enable=${{ github.ref_name == 'main' }} - - - name: Log in to the Container registry - uses: ./.github/actions/container_registry_login - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push container image - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 - with: - context: ./bazel/container - file: ./bazel/container/Containerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/CODEOWNERS b/CODEOWNERS index 26f868212..69c1ac3e1 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -3,7 +3,6 @@ /3rdparty/gcp-guest-agent @malt3 /bazel @malt3 /bazel/ci @katexochen -/bazel/container @katexochen /bazel/sh @katexochen /bootstrapper @3u13r /cli/internal/cloudcmd @daniel-weisse diff --git a/bazel/ci/BUILD.bazel b/bazel/ci/BUILD.bazel index 0e60af698..44e1c89c2 100644 --- a/bazel/ci/BUILD.bazel +++ b/bazel/ci/BUILD.bazel @@ -492,13 +492,6 @@ repo_command( command = ":com_github_katexochen_ghh", ) -sh_template( - name = "bazel_container", - data = [], - substitutions = {}, - template = "bazel_container.sh.in", -) - sh_template( name = "unused_gh_actions", data = [], @@ -531,7 +524,6 @@ multirun( ":terraform_fmt", ":buf_fmt", ":deps_mirror_fix", - ":bazel_container", ":keep_sorted", ], jobs = 1, # execute sequentially diff --git a/bazel/ci/bazel_container.sh.in b/bazel/ci/bazel_container.sh.in deleted file mode 100755 index b3539e64f..000000000 --- a/bazel/ci/bazel_container.sh.in +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/env bash - -###### script header ###### - -lib=$(realpath @@BASE_LIB@@) || exit 1 -stat "${lib}" >> /dev/null || exit 1 - -# shellcheck source=../sh/lib.bash -if ! source "${lib}"; then - echo "Error: could not find import" - exit 1 -fi - -cd "${BUILD_WORKSPACE_DIRECTORY}" - -###### script body ###### - -bazelVer=$(cat .bazelversion) # has no v prefix - -bazelVerContainerfileRegex='(ARG BAZEL_VERSION=)([0-9]+\.[0-9]+\.[0-9]+)' -if [[ ! "$(cat bazel/container/Containerfile)" =~ ${bazelVerContainerfileRegex} ]]; then - echo "Error: no match found in Containerfile" - exit 1 -fi - -bazelVerContainerfile="${BASH_REMATCH[2]}" - -if [[ ${bazelVer} != "${bazelVerContainerfile}" ]]; then - sed -r -i "s/${bazelVerContainerfileRegex}/\\1${bazelVer}/" bazel/container/Containerfile - echo "Containerfile updated, was previously at ${bazelVerContainerfile}" -fi - -bazelVerScriptRegex='(containerImage="ghcr.io/edgelesssys/bazel-container:v)([0-9]+\.[0-9]+\.[0-9]+)' -if [[ ! "$(cat bazel/container/container.sh)" =~ ${bazelVerScriptRegex} ]]; then - echo "Error: no match found in container.sh" - exit 1 -fi - -bazelVerScript="${BASH_REMATCH[2]}" - -if [[ ${bazelVer} != "${bazelVerScript}" ]]; then - # bazelVerScriptRegex contains slashes, so use % as delimiter - sed -r -i "s%${bazelVerScriptRegex}%\\1${bazelVer}%" bazel/container/container.sh - echo "container.sh updated, was previously at ${bazelVerScript}" -fi diff --git a/bazel/container/Containerfile b/bazel/container/Containerfile deleted file mode 100644 index 040555e17..000000000 --- a/bazel/container/Containerfile +++ /dev/null @@ -1,36 +0,0 @@ -# syntax=docker/dockerfile:1.5-labs -FROM fedora:38 - -ARG TARGETOS -ARG TARGETARCH -ARG BAZEL_VERSION=6.4.0 -ARG BAZELISK_VERSION=v1.16.0 -ARG BAZELISK_SHA256=168851e70cf5f95c0e215e7f3aaca5132ffc3c8dd8f585a4157b0be2b53cfe32 - -ADD --checksum=sha256:${BAZELISK_SHA256} \ - https://github.com/bazelbuild/bazelisk/releases/download/${BAZELISK_VERSION}/bazelisk-${TARGETOS}-${TARGETARCH} \ - /usr/local/bin/bazelisk - -RUN chmod +x /usr/local/bin/bazelisk && \ - ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel && \ - dnf install -y \ - git \ - diffutils \ - libxcrypt-compat \ - python3 \ - && \ - dnf clean all && \ - groupadd --gid 1000 builder && \ - useradd -rm -d /home/builder -s /bin/bash -g root -u 1000 --gid builder builder && \ - mkdir -p /home/builder/.cache && \ - mkdir -p /workspace && \ - chown -R builder:builder /home/builder/.cache /workspace && \ - git config --global --add safe.directory /workspace - -USER builder -WORKDIR /workspace - -RUN git config --global --add safe.directory /workspace && \ - USE_BAZEL_VERSION=${BAZEL_VERSION} bazel version - -ENTRYPOINT [ "/usr/local/bin/bazel" ] diff --git a/bazel/container/README.md b/bazel/container/README.md deleted file mode 100644 index b3c5079ca..000000000 --- a/bazel/container/README.md +++ /dev/null @@ -1,23 +0,0 @@ -# Bazel build container - -This container enables running Bazel inside a container, with the host cache mounted. - -To use the container, run - -```shell -source container.sh -startBazelServer -``` - -You can then execute Bazel commands like you normally would do, as the sourced `bazel` -function shadows binaries you might have in your path: - -```shell -bazel query //... -``` - -To terminate the container, which is running as daemon in the background, execute - -```shell -stopBazelServer -``` diff --git a/bazel/container/container.sh b/bazel/container/container.sh deleted file mode 100644 index 9065e8792..000000000 --- a/bazel/container/container.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env bash - -function setup { - (stopBazelServer && sleep 1) || true - - # Ensure that the cache directories exist, so they are not created by docker with root permissions. - mkdir -p "${HOME}/.cache/bazel" - mkdir -p "${HOME}/.cache/shared_bazel_repository_cache" - mkdir -p "${HOME}/.cache/shared_bazel_action_cache" - - if [[ ! -f "${HOME}/.docker/config.json" ]]; then - echo "ERROR: ${HOME}/.docker/config.json does not exist." - echo "Please login into your container registry to create it." - echo "echo | docker login ghcr.io -u --password-stdin" - exit 1 - fi -} - -function startBazelServer { - local containerImage="ghcr.io/edgelesssys/bazel-container:v6.4.0" - local containerName="bazeld" - - setup - - # In-container .bazelrc overwrite. - mkdir -p "/tmp/bazel-container" - cat << EOF > "/tmp/bazel-container/.bazelrc" -startup --output_user_root=/home/${USER}/.cache/bazel/_bazel_${USER} -EOF - - local hostWorkspaceDir - hostWorkspaceDir="$(git rev-parse --show-toplevel)" - if [[ $? -ne 0 ]]; then - echo Could not find git repository root. Are you in a git repository? - return 1 - fi - - echo Starting bazel container as daemon... - echo You can stop this command using: - echo docker kill "${containerName}" - - docker run \ - --rm \ - --detach \ - --name "${containerName}" \ - -v "${hostWorkspaceDir}":/workspace \ - -v "${HOME}/.cache/bazel":"${HOME}/.cache/bazel" \ - -v "${HOME}/.cache/shared_bazel_repository_cache":"${HOME}/.cache/shared_bazel_repository_cache" \ - -v "${HOME}/.cache/shared_bazel_action_cache":"${HOME}/.cache/shared_bazel_action_cache" \ - -v "${HOME}/.docker/config.json":"/home/builder/.docker/config.json" \ - -v "${HOME}/.aws":"/home/builder/.aws" \ - -v "/tmp/bazel-container/.bazelrc":"/etc/bazel.bazelrc" \ - --entrypoint=/bin/sleep \ - "${containerImage}" \ - infinity || return $? -} - -function stopBazelServer { - local containerName="bazeld" - - echo Stopping bazel container... - - docker kill "${containerName}" || return $? -} - -function bazel { - local containerName="bazeld" - - local hostWorkspaceDir - hostWorkspaceDir="$(git rev-parse --show-toplevel)" - if [[ $? -ne 0 ]]; then - echo Could not find git repository root. Are you in a git repository? - return 1 - fi - - local containerWorkDir - containerWorkDir=$(realpath -m "/workspace/$(realpath --relative-base="${hostWorkspaceDir}" .)") - if [[ $? -ne 0 ]]; then - echo Could not determine container work directory. - return 1 - fi - - docker exec \ - -it \ - --workdir "${containerWorkDir}" \ - --env "HOST_CACHE=${HOME}/.cache" \ - "${containerName}" \ - bazel "$@" || return $? -}