From 54e989ec3a2d9c6928047ea09a3d6053cbf2441f Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Mon, 19 Oct 2020 16:26:42 -0700 Subject: Remove legacy bazel configurations. Using the newer bazel rules necessitates a transition from proto1 to proto2. In order to resolve the incompatibility between proto2 and gogoproto, the cri runtimeoptions proto must be vendored. Further, some of the semantics of bazel caching changed during the transition. It is now necessary to: - Ensure that :gopath depends only on pure library targets, as the propagation of go_binary build attributes (pure, static) will affected the generated files (though content remains the same, there are conflicts with respect to the gopath). - Update bazel.mk to include the possibility of binaries in the bazel-out directory, as it will now put runsc and others there. This required some refinements to the mechanism of extracting paths, since some the existing regex resulted in false positives. - Change nogo rules to prevent escape generation on binary targets. For some reason, the newer version of bazel attempted to run the nogo analysis on the binary targets, which fails due to the fact that objdump does not work on the final binary. This must be due to a change in the semantics of aspects in bazel3. PiperOrigin-RevId: 337958324 --- BUILD | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'BUILD') diff --git a/BUILD b/BUILD index 2639f8169..63dd05118 100644 --- a/BUILD +++ b/BUILD @@ -75,12 +75,19 @@ go_path( name = "gopath", mode = "link", deps = [ - # Main binary. - "//runsc", - "//shim/v1:gvisor-containerd-shim", - "//shim/v2:containerd-shim-runsc-v1", + # Main binaries. + # + # For reasons related to reproducibility of the generated + # files, in order to ensure that :gopath produces only a + # a single "pure" version of all files, we can only depend + # on go_library targets here, and not go_binary. Thus the + # binaries have been factored into a cli package, which is + # a good practice in any case. + "//runsc/cli", + "//shim/v1/cli", + "//shim/v2/cli", - # Packages that are not dependencies of //runsc. + # Packages that are not dependencies of the above. "//pkg/sentry/kernel/memevent", "//pkg/tcpip/adapters/gonet", "//pkg/tcpip/link/channel", -- cgit v1.2.3