mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
use toolchains from nixpkgs (with fallback)
This commit is contained in:
parent
90967d5bc2
commit
78300ee5b0
5
.bazelrc
5
.bazelrc
@ -39,6 +39,11 @@ common:linux_arm64 --platforms @zig_sdk//libc_aware/platform:linux_arm64_gnu.2.2
|
|||||||
common:linux_amd64_static --platforms @zig_sdk//libc_aware/platform:linux_amd64_musl
|
common:linux_amd64_static --platforms @zig_sdk//libc_aware/platform:linux_amd64_musl
|
||||||
common:linux_arm64_static --platforms @zig_sdk//libc_aware/platform:linux_arm64_musl
|
common:linux_arm64_static --platforms @zig_sdk//libc_aware/platform:linux_arm64_musl
|
||||||
|
|
||||||
|
# bazel configs to explicitly target NixOS
|
||||||
|
common:nix --host_platform=@io_tweag_rules_nixpkgs//nixpkgs/platforms:host
|
||||||
|
common:nix --crosstool_top=@local_config_cc//:toolchain
|
||||||
|
common:nix --action_env=BAZEL_NIX_HOST_PLATFORM=1
|
||||||
|
|
||||||
# bazel config to explicitly disable stamping (hide version information at build time)
|
# bazel config to explicitly disable stamping (hide version information at build time)
|
||||||
common:nostamp --nostamp --workspace_status_command=
|
common:nostamp --nostamp --workspace_status_command=
|
||||||
|
|
||||||
|
@ -1,5 +1,9 @@
|
|||||||
workspace(name = "constellation")
|
workspace(name = "constellation")
|
||||||
|
|
||||||
|
load("//bazel/toolchains:skylib_deps.bzl", "skylib_deps")
|
||||||
|
|
||||||
|
skylib_deps()
|
||||||
|
|
||||||
# nixpkgs deps
|
# nixpkgs deps
|
||||||
load("//bazel/toolchains:nixpkgs_deps.bzl", "nixpkgs_deps")
|
load("//bazel/toolchains:nixpkgs_deps.bzl", "nixpkgs_deps")
|
||||||
|
|
||||||
@ -9,7 +13,13 @@ load("@io_tweag_rules_nixpkgs//nixpkgs:repositories.bzl", "rules_nixpkgs_depende
|
|||||||
|
|
||||||
rules_nixpkgs_dependencies()
|
rules_nixpkgs_dependencies()
|
||||||
|
|
||||||
load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_flake_package")
|
load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_flake_package", "nixpkgs_git_repository", "nixpkgs_package", "nixpkgs_python_configure")
|
||||||
|
|
||||||
|
nixpkgs_git_repository(
|
||||||
|
name = "nixpkgs",
|
||||||
|
revision = "27c6a38e0aa2e57ab914ad8b500582085549c236",
|
||||||
|
sha256 = "875c2e171ab9663ff6ad2b5c75d974776682b3b4075143fc98d73c39a3b8c132",
|
||||||
|
)
|
||||||
|
|
||||||
nixpkgs_flake_package(
|
nixpkgs_flake_package(
|
||||||
name = "mkosi",
|
name = "mkosi",
|
||||||
@ -18,9 +28,19 @@ nixpkgs_flake_package(
|
|||||||
package = "mkosi",
|
package = "mkosi",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
nixpkgs_package(
|
||||||
|
name = "diffutils",
|
||||||
|
repository = "@nixpkgs",
|
||||||
|
)
|
||||||
|
|
||||||
|
nixpkgs_package(
|
||||||
|
name = "systemd",
|
||||||
|
repository = "@nixpkgs",
|
||||||
|
)
|
||||||
|
|
||||||
load("//bazel/mkosi:mkosi_configure.bzl", "find_system_mkosi")
|
load("//bazel/mkosi:mkosi_configure.bzl", "find_system_mkosi")
|
||||||
|
|
||||||
find_system_mkosi(name="constellation_mkosi")
|
find_system_mkosi(name = "constellation_mkosi")
|
||||||
|
|
||||||
# Python toolchain
|
# Python toolchain
|
||||||
load("//bazel/toolchains:python_deps.bzl", "python_deps")
|
load("//bazel/toolchains:python_deps.bzl", "python_deps")
|
||||||
@ -31,6 +51,14 @@ load("@rules_python//python:repositories.bzl", "py_repositories", "python_regist
|
|||||||
|
|
||||||
py_repositories()
|
py_repositories()
|
||||||
|
|
||||||
|
# if nix is installed, use nixpkgs python toolchain...
|
||||||
|
nixpkgs_python_configure(
|
||||||
|
fail_not_supported = False,
|
||||||
|
python3_attribute_path = "python311.withPackages(ps: with ps; [ numpy ])",
|
||||||
|
repository = "@nixpkgs",
|
||||||
|
)
|
||||||
|
|
||||||
|
# ... otherwise, fall back to rules_python toolchain
|
||||||
python_register_toolchains(
|
python_register_toolchains(
|
||||||
name = "python3_11",
|
name = "python3_11",
|
||||||
python_version = "3.11",
|
python_version = "3.11",
|
||||||
@ -41,16 +69,29 @@ load("//bazel/toolchains:go_rules_deps.bzl", "go_deps")
|
|||||||
|
|
||||||
go_deps()
|
go_deps()
|
||||||
|
|
||||||
load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")
|
|
||||||
load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies")
|
|
||||||
load("//bazel/toolchains:go_module_deps.bzl", "go_dependencies")
|
load("//bazel/toolchains:go_module_deps.bzl", "go_dependencies")
|
||||||
|
|
||||||
# gazelle:repository_macro bazel/toolchains/go_module_deps.bzl%go_dependencies
|
# gazelle:repository_macro bazel/toolchains/go_module_deps.bzl%go_dependencies
|
||||||
go_dependencies()
|
go_dependencies()
|
||||||
|
|
||||||
|
load("@io_bazel_rules_go//go:deps.bzl", "go_rules_dependencies")
|
||||||
|
|
||||||
go_rules_dependencies()
|
go_rules_dependencies()
|
||||||
|
|
||||||
go_register_toolchains(version = "1.20.8")
|
local_repository(
|
||||||
|
name = "nixos-support",
|
||||||
|
path = "bazel/nixos-support",
|
||||||
|
)
|
||||||
|
|
||||||
|
load("@nixos-support//:nixos-support.bzl", "gen_imports")
|
||||||
|
|
||||||
|
gen_imports()
|
||||||
|
|
||||||
|
load("@nixos_support//:imports.bzl", "cc_toolchain", "go_toolchain")
|
||||||
|
|
||||||
|
go_toolchain()
|
||||||
|
|
||||||
|
load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")
|
||||||
|
|
||||||
gazelle_dependencies(go_repository_default_config = "//:WORKSPACE.bazel")
|
gazelle_dependencies(go_repository_default_config = "//:WORKSPACE.bazel")
|
||||||
|
|
||||||
@ -111,19 +152,7 @@ load("@hermetic_cc_toolchain//toolchain:defs.bzl", zig_toolchains = "toolchains"
|
|||||||
|
|
||||||
zig_toolchains()
|
zig_toolchains()
|
||||||
|
|
||||||
register_toolchains(
|
cc_toolchain()
|
||||||
"@zig_sdk//libc_aware/toolchain:linux_amd64_gnu.2.23",
|
|
||||||
"@zig_sdk//libc_aware/toolchain:linux_arm64_gnu.2.23",
|
|
||||||
"@zig_sdk//libc_aware/toolchain:linux_amd64_musl",
|
|
||||||
"@zig_sdk//libc_aware/toolchain:linux_arm64_musl",
|
|
||||||
"@zig_sdk//toolchain:linux_amd64_gnu.2.23",
|
|
||||||
"@zig_sdk//toolchain:linux_arm64_gnu.2.23",
|
|
||||||
"@zig_sdk//toolchain:linux_amd64_musl",
|
|
||||||
"@zig_sdk//toolchain:linux_arm64_musl",
|
|
||||||
"@zig_sdk//toolchain:darwin_amd64",
|
|
||||||
"@zig_sdk//toolchain:darwin_arm64",
|
|
||||||
"@zig_sdk//toolchain:windows_amd64",
|
|
||||||
)
|
|
||||||
|
|
||||||
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
||||||
|
|
||||||
|
@ -398,7 +398,18 @@ repo_command(
|
|||||||
|
|
||||||
sh_template(
|
sh_template(
|
||||||
name = "proto_targets_check",
|
name = "proto_targets_check",
|
||||||
data = [],
|
data = select({
|
||||||
|
"@rules_nixpkgs_core//constraints:support_nix": [
|
||||||
|
"@diffutils//:bin/diff",
|
||||||
|
],
|
||||||
|
"//conditions:default": [],
|
||||||
|
}),
|
||||||
|
env = select({
|
||||||
|
"@rules_nixpkgs_core//constraints:support_nix": {
|
||||||
|
"DIFF": "$(rootpath @diffutils//:bin/diff)",
|
||||||
|
},
|
||||||
|
"//conditions:default": {},
|
||||||
|
}),
|
||||||
substitutions = {
|
substitutions = {
|
||||||
"@@PROTO_TARGETS@@": " ".join(proto_targets()),
|
"@@PROTO_TARGETS@@": " ".join(proto_targets()),
|
||||||
},
|
},
|
||||||
|
@ -5,6 +5,13 @@
|
|||||||
lib=$(realpath @@BASE_LIB@@) || exit 1
|
lib=$(realpath @@BASE_LIB@@) || exit 1
|
||||||
stat "${lib}" >> /dev/null || exit 1
|
stat "${lib}" >> /dev/null || exit 1
|
||||||
|
|
||||||
|
if [[ -n ${DIFF+x} ]]; then
|
||||||
|
diff=$(realpath "${DIFF}") || exit 1
|
||||||
|
else
|
||||||
|
diff=$(command -v diff) || exit 1
|
||||||
|
fi
|
||||||
|
stat "${diff}" >> /dev/null || exit 1
|
||||||
|
|
||||||
# shellcheck source=../sh/lib.bash
|
# shellcheck source=../sh/lib.bash
|
||||||
if ! source "${lib}"; then
|
if ! source "${lib}"; then
|
||||||
echo "Error: could not find import"
|
echo "Error: could not find import"
|
||||||
@ -47,7 +54,7 @@ done
|
|||||||
protoFilePathsSorted=$(printf '%s\n' "${protoFilePaths[@]}" | sort)
|
protoFilePathsSorted=$(printf '%s\n' "${protoFilePaths[@]}" | sort)
|
||||||
writeGoProtoPathsSorted=$(printf '%s\n' "${writeGoProtoPaths[@]}" | sort)
|
writeGoProtoPathsSorted=$(printf '%s\n' "${writeGoProtoPaths[@]}" | sort)
|
||||||
|
|
||||||
diff=$(diff <(echo "${protoFilePathsSorted}") <(echo "${writeGoProtoPathsSorted}") || true) # don't let diff fail
|
diff=$($diff <(echo "${protoFilePathsSorted}") <(echo "${writeGoProtoPathsSorted}") || true) # don't let diff fail
|
||||||
|
|
||||||
if [[ -n ${diff} ]]; then
|
if [[ -n ${diff} ]]; then
|
||||||
echo "Mismatch between proto files and 'write_go_proto_srcs' calls:"
|
echo "Mismatch between proto files and 'write_go_proto_srcs' calls:"
|
||||||
|
0
bazel/nixos-support/BUILD.bazel
Normal file
0
bazel/nixos-support/BUILD.bazel
Normal file
0
bazel/nixos-support/WORKSPACE.bazel
Normal file
0
bazel/nixos-support/WORKSPACE.bazel
Normal file
66
bazel/nixos-support/nixos-support.bzl
Normal file
66
bazel/nixos-support/nixos-support.bzl
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
""" A repository rule use either nixpkgs or download a go toolchain / SDK """
|
||||||
|
|
||||||
|
def _has_nix(ctx):
|
||||||
|
return ctx.os.environ.get("BAZEL_NIX_HOST_PLATFORM", "0") == "1"
|
||||||
|
|
||||||
|
def _gen_imports_impl(ctx):
|
||||||
|
ctx.file("BUILD", "")
|
||||||
|
|
||||||
|
imports_for_nix = """
|
||||||
|
load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_cc_configure")
|
||||||
|
load("@io_tweag_rules_nixpkgs//nixpkgs:toolchains/go.bzl", "nixpkgs_go_configure")
|
||||||
|
|
||||||
|
def go_toolchain():
|
||||||
|
nixpkgs_go_configure(repository = "@nixpkgs")
|
||||||
|
|
||||||
|
def cc_toolchain():
|
||||||
|
nixpkgs_cc_configure(repository = "@nixpkgs")
|
||||||
|
native.register_toolchains(
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_amd64_gnu.2.23",
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_arm64_gnu.2.23",
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_amd64_musl",
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_arm64_musl",
|
||||||
|
"@zig_sdk//toolchain:linux_amd64_gnu.2.23",
|
||||||
|
"@zig_sdk//toolchain:linux_arm64_gnu.2.23",
|
||||||
|
"@zig_sdk//toolchain:linux_amd64_musl",
|
||||||
|
"@zig_sdk//toolchain:linux_arm64_musl",
|
||||||
|
"@zig_sdk//toolchain:darwin_amd64",
|
||||||
|
"@zig_sdk//toolchain:darwin_arm64",
|
||||||
|
"@zig_sdk//toolchain:windows_amd64",
|
||||||
|
)
|
||||||
|
"""
|
||||||
|
imports_for_non_nix = """
|
||||||
|
load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains")
|
||||||
|
|
||||||
|
def go_toolchain():
|
||||||
|
go_register_toolchains(version = "1.20.8")
|
||||||
|
|
||||||
|
def cc_toolchain():
|
||||||
|
native.register_toolchains(
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_amd64_gnu.2.23",
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_arm64_gnu.2.23",
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_amd64_musl",
|
||||||
|
"@zig_sdk//libc_aware/toolchain:linux_arm64_musl",
|
||||||
|
"@zig_sdk//toolchain:linux_amd64_gnu.2.23",
|
||||||
|
"@zig_sdk//toolchain:linux_arm64_gnu.2.23",
|
||||||
|
"@zig_sdk//toolchain:linux_amd64_musl",
|
||||||
|
"@zig_sdk//toolchain:linux_arm64_musl",
|
||||||
|
"@zig_sdk//toolchain:darwin_amd64",
|
||||||
|
"@zig_sdk//toolchain:darwin_arm64",
|
||||||
|
"@zig_sdk//toolchain:windows_amd64",
|
||||||
|
)
|
||||||
|
"""
|
||||||
|
|
||||||
|
if _has_nix(ctx):
|
||||||
|
ctx.file("imports.bzl", imports_for_nix)
|
||||||
|
else:
|
||||||
|
ctx.file("imports.bzl", imports_for_non_nix)
|
||||||
|
|
||||||
|
_gen_imports = repository_rule(
|
||||||
|
implementation = _gen_imports_impl,
|
||||||
|
)
|
||||||
|
|
||||||
|
def gen_imports():
|
||||||
|
_gen_imports(
|
||||||
|
name = "nixos_support",
|
||||||
|
)
|
@ -83,5 +83,6 @@ def write_go_proto_srcs(name, go_proto_library, src, visibility = None):
|
|||||||
files = {
|
files = {
|
||||||
src: generated_src,
|
src: generated_src,
|
||||||
},
|
},
|
||||||
|
diff_test = False,
|
||||||
visibility = visibility,
|
visibility = visibility,
|
||||||
)
|
)
|
||||||
|
@ -5,7 +5,9 @@ load("@bazel_skylib//lib:shell.bzl", "shell")
|
|||||||
def _sh_template_impl(ctx):
|
def _sh_template_impl(ctx):
|
||||||
out_file = ctx.actions.declare_file(ctx.label.name + ".bash")
|
out_file = ctx.actions.declare_file(ctx.label.name + ".bash")
|
||||||
|
|
||||||
substitutions = {}
|
substitutions = {
|
||||||
|
"@@BASE_LIB@@": ctx.file._base_lib.path,
|
||||||
|
}
|
||||||
for k, v in ctx.attr.substitutions.items():
|
for k, v in ctx.attr.substitutions.items():
|
||||||
sub = ctx.expand_location(v, ctx.attr.data)
|
sub = ctx.expand_location(v, ctx.attr.data)
|
||||||
sub = ctx.expand_make_variables("substitutions", sub, {})
|
sub = ctx.expand_make_variables("substitutions", sub, {})
|
||||||
@ -21,6 +23,7 @@ def _sh_template_impl(ctx):
|
|||||||
return [DefaultInfo(
|
return [DefaultInfo(
|
||||||
files = depset([out_file]),
|
files = depset([out_file]),
|
||||||
executable = out_file,
|
executable = out_file,
|
||||||
|
runfiles = ctx.runfiles(files = ctx.files.data + [ctx.file._base_lib]),
|
||||||
)]
|
)]
|
||||||
|
|
||||||
_sh_template = rule(
|
_sh_template = rule(
|
||||||
@ -33,6 +36,10 @@ _sh_template = rule(
|
|||||||
"template": attr.label(
|
"template": attr.label(
|
||||||
allow_single_file = True,
|
allow_single_file = True,
|
||||||
),
|
),
|
||||||
|
"_base_lib": attr.label(
|
||||||
|
default = Label("@constellation//bazel/sh:base_lib"),
|
||||||
|
allow_single_file = True,
|
||||||
|
),
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -46,10 +53,8 @@ def sh_template(name, **kwargs):
|
|||||||
script_name = name + "-script"
|
script_name = name + "-script"
|
||||||
|
|
||||||
tags = kwargs.get("tags", [])
|
tags = kwargs.get("tags", [])
|
||||||
data = kwargs.get("data", [])
|
data = kwargs.pop("data", [])
|
||||||
data.append("//bazel/sh:base_lib")
|
|
||||||
substitutions = kwargs.pop("substitutions", [])
|
substitutions = kwargs.pop("substitutions", [])
|
||||||
substitutions["@@BASE_LIB@@"] = "$(rootpath //bazel/sh:base_lib)"
|
|
||||||
template = kwargs.pop("template", [])
|
template = kwargs.pop("template", [])
|
||||||
toolchains = kwargs.pop("toolchains", [])
|
toolchains = kwargs.pop("toolchains", [])
|
||||||
|
|
||||||
@ -65,6 +70,7 @@ def sh_template(name, **kwargs):
|
|||||||
native.sh_binary(
|
native.sh_binary(
|
||||||
name = name,
|
name = name,
|
||||||
srcs = [script_name],
|
srcs = [script_name],
|
||||||
|
data = [script_name] + data,
|
||||||
**kwargs
|
**kwargs
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -78,10 +84,8 @@ def sh_test_template(name, **kwargs):
|
|||||||
script_name = name + "-script"
|
script_name = name + "-script"
|
||||||
|
|
||||||
tags = kwargs.get("tags", [])
|
tags = kwargs.get("tags", [])
|
||||||
data = kwargs.get("data", [])
|
data = kwargs.pop("data", [])
|
||||||
data.append("//bazel/sh:base_lib")
|
|
||||||
substitutions = kwargs.pop("substitutions", [])
|
substitutions = kwargs.pop("substitutions", [])
|
||||||
substitutions["@@BASE_LIB@@"] = "$(rootpath //bazel/sh:base_lib)"
|
|
||||||
template = kwargs.pop("template", [])
|
template = kwargs.pop("template", [])
|
||||||
|
|
||||||
_sh_template(
|
_sh_template(
|
||||||
@ -95,6 +99,7 @@ def sh_test_template(name, **kwargs):
|
|||||||
native.sh_test(
|
native.sh_test(
|
||||||
name = name,
|
name = name,
|
||||||
srcs = [script_name],
|
srcs = [script_name],
|
||||||
|
data = [script_name] + data,
|
||||||
**kwargs
|
**kwargs
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -5,17 +5,6 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
|||||||
def hermetic_cc_deps():
|
def hermetic_cc_deps():
|
||||||
"""Loads the dependencies for hermetic_cc_toolchain."""
|
"""Loads the dependencies for hermetic_cc_toolchain."""
|
||||||
|
|
||||||
http_archive(
|
|
||||||
name = "bazel_skylib",
|
|
||||||
sha256 = "66ffd9315665bfaafc96b52278f57c7e2dd09f5ede279ea6d39b2be471e7e3aa",
|
|
||||||
urls = [
|
|
||||||
"https://mirror.bazel.build/github.com/bazelbuild/bazel-skylib/releases/download/1.4.2/bazel-skylib-1.4.2.tar.gz",
|
|
||||||
"https://cdn.confidential.cloud/constellation/cas/sha256/66ffd9315665bfaafc96b52278f57c7e2dd09f5ede279ea6d39b2be471e7e3aa",
|
|
||||||
"https://github.com/bazelbuild/bazel-skylib/releases/download/1.4.2/bazel-skylib-1.4.2.tar.gz",
|
|
||||||
],
|
|
||||||
type = "tar.gz",
|
|
||||||
)
|
|
||||||
|
|
||||||
http_archive(
|
http_archive(
|
||||||
name = "hermetic_cc_toolchain",
|
name = "hermetic_cc_toolchain",
|
||||||
urls = [
|
urls = [
|
||||||
|
15
bazel/toolchains/skylib_deps.bzl
Normal file
15
bazel/toolchains/skylib_deps.bzl
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
"""bazel skylib"""
|
||||||
|
|
||||||
|
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
|
||||||
|
|
||||||
|
def skylib_deps():
|
||||||
|
http_archive(
|
||||||
|
name = "bazel_skylib",
|
||||||
|
sha256 = "66ffd9315665bfaafc96b52278f57c7e2dd09f5ede279ea6d39b2be471e7e3aa",
|
||||||
|
urls = [
|
||||||
|
"https://mirror.bazel.build/github.com/bazelbuild/bazel-skylib/releases/download/1.4.2/bazel-skylib-1.4.2.tar.gz",
|
||||||
|
"https://cdn.confidential.cloud/constellation/cas/sha256/66ffd9315665bfaafc96b52278f57c7e2dd09f5ede279ea6d39b2be471e7e3aa",
|
||||||
|
"https://github.com/bazelbuild/bazel-skylib/releases/download/1.4.2/bazel-skylib-1.4.2.tar.gz",
|
||||||
|
],
|
||||||
|
type = "tar.gz",
|
||||||
|
)
|
Loading…
Reference in New Issue
Block a user