2024-02-08 14:20:01 +00:00

96 lines
2.4 KiB
Python

load("@com_github_ash2k_bazel_tools//multirun:def.bzl", "multirun")
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
load("@rules_oci//oci:defs.bzl", "oci_image", "oci_push")
load("@rules_pkg//:pkg.bzl", "pkg_tar")
load("//bazel/oci:containers.bzl", "container_reponame")
load("//bazel/sh:def.bzl", "sh_template")
go_library(
name = "malicious-join_lib",
srcs = ["malicious-join.go"],
importpath = "github.com/edgelesssys/constellation/v2/e2e/malicious-join",
visibility = ["//visibility:public"],
deps = [
"//internal/attestation/variant",
"//internal/cloud/cloudprovider",
"//internal/grpc/dialer",
"//internal/logger",
"//joinservice/joinproto",
],
)
go_binary(
name = "malicious-join_bin",
embed = [":malicious-join_lib"],
pure = "on",
race = "off",
visibility = ["//visibility:public"],
)
pkg_tar(
name = "layer",
srcs = [
":malicious-join_bin",
],
mode = "0755",
remap_paths = {"/malicious-join_bin": "/malicious-join_bin"},
)
oci_image(
name = "malicious-join_image",
base = "@distroless_static_linux_amd64",
entrypoint = ["/malicious-join_bin"],
tars = [
":layer",
],
visibility = ["//visibility:public"],
)
container_reponame(
name = "container_name",
container_name = "malicious-join-test",
)
genrule(
name = "malicious-join-test_repotag",
srcs = [
":container_name",
"//bazel/settings:tag",
],
outs = ["repotag.txt"],
cmd = "cat $(location :container_name) <(echo -n :) $(location //bazel/settings:tag) > $@",
visibility = ["//visibility:public"],
)
oci_push(
name = "malicious-join_push",
image = ":malicious-join_image",
remote_tags = "//bazel/settings:tag",
repository_file = ":container_name",
)
sh_template(
name = "template_job",
data = [
"job.yaml",
":repotag.txt",
"@yq_toolchains//:resolved_toolchain",
],
substitutions = {
"@@REPO_TAG@@": "$(rootpath :repotag.txt)",
"@@TEMPLATE@@": "$(rootpath :job.yaml)",
"@@YQ_BIN@@": "$(rootpath @yq_toolchains//:resolved_toolchain)",
},
template = "job_template.sh.in",
visibility = ["//visibility:public"],
)
multirun(
name = "stamp_and_push",
commands = [
":template_job",
":malicious-join_push",
],
visibility = ["//visibility:public"],
)