Skip to content

Commit

Permalink
bazel: always use nix
Browse files Browse the repository at this point in the history
  • Loading branch information
malt3 committed Oct 12, 2023
1 parent d046ba0 commit d22f53d
Show file tree
Hide file tree
Showing 13 changed files with 49 additions and 195 deletions.
5 changes: 2 additions & 3 deletions .bazelrc
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,8 @@ common:linux_amd64_static --platforms @zig_sdk//libc_aware/platform:linux_amd64_
common:linux_arm64_static --platforms @zig_sdk//libc_aware/platform:linux_arm64_musl

# bazel configs to explicitly target NixOS
common:nix --host_platform=@io_tweag_rules_nixpkgs//nixpkgs/platforms:host
common:nix --crosstool_top=@local_config_cc//:toolchain
common:nix --action_env=BAZEL_NIX_HOST_PLATFORM=1
common --host_platform=@io_tweag_rules_nixpkgs//nixpkgs/platforms:host
common --crosstool_top=@local_config_cc//:toolchain

# bazel config to explicitly disable stamping (hide version information at build time)
common:nostamp --nostamp --workspace_status_command=
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/build-os-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -172,9 +172,9 @@ jobs:
TARGET: //image/system:${{ matrix.csp }}_${{ matrix.attestation_variant }}_${{ needs.build-settings.outputs.stream }}
run: |
echo "::group::Build"
bazel build --host_platform=@rules_nixpkgs_core//platforms:host "${TARGET}"
bazel build "${TARGET}"
{
echo "image-dir=$(bazel cquery --host_platform=@rules_nixpkgs_core//platforms:host --output=files "$TARGET")"
echo "image-dir=$(bazel cquery --output=files "$TARGET")"
} | tee -a "$GITHUB_OUTPUT"
echo "::endgroup::"
Expand Down
51 changes: 27 additions & 24 deletions WORKSPACE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ load("@io_tweag_rules_nixpkgs//nixpkgs:repositories.bzl", "rules_nixpkgs_depende

rules_nixpkgs_dependencies()

load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_flake_package", "nixpkgs_git_repository", "nixpkgs_package", "nixpkgs_python_configure")
load("@io_tweag_rules_nixpkgs//nixpkgs:nixpkgs.bzl", "nixpkgs_cc_configure", "nixpkgs_flake_package", "nixpkgs_git_repository", "nixpkgs_package", "nixpkgs_python_configure")

nixpkgs_git_repository(
name = "nixpkgs",
Expand All @@ -38,32 +38,27 @@ nixpkgs_package(
repository = "@nixpkgs",
)

load("//bazel/mkosi:mkosi_configure.bzl", "find_system_mkosi")
load("//bazel/mkosi:mkosi_configure.bzl", "register_mkosi")

find_system_mkosi(name = "constellation_mkosi")
register_mkosi(
name = "mkosi_nix_toolchain",
)

# Python toolchain
load("//bazel/toolchains:python_deps.bzl", "python_deps")

python_deps()

load("@rules_python//python:repositories.bzl", "py_repositories", "python_register_toolchains")
load("@rules_python//python:repositories.bzl", "py_repositories")

py_repositories()

# if nix is installed, use nixpkgs python toolchain...
nixpkgs_python_configure(
fail_not_supported = False,
python3_attribute_path = "python311.withPackages(ps: with ps; [ numpy ])",
python3_attribute_path = "python311",
repository = "@nixpkgs",
)

# ... otherwise, fall back to rules_python toolchain
python_register_toolchains(
name = "python3_11",
python_version = "3.11",
)

# Go toolchain
load("//bazel/toolchains:go_rules_deps.bzl", "go_deps")

Expand All @@ -78,18 +73,12 @@ load("@io_bazel_rules_go//go:deps.bzl", "go_rules_dependencies")

go_rules_dependencies()

local_repository(
name = "nixos-support",
path = "bazel/nixos-support",
)

load("@nixos-support//:nixos-support.bzl", "gen_imports")
load("@io_tweag_rules_nixpkgs//nixpkgs:toolchains/go.bzl", "nixpkgs_go_configure")

gen_imports()

load("@nixos_support//:imports.bzl", "cc_toolchain", "go_toolchain")

go_toolchain()
nixpkgs_go_configure(
attribute_path = "go_1_21",
repository = "@nixpkgs",
)

load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")

Expand Down Expand Up @@ -152,7 +141,21 @@ load("@hermetic_cc_toolchain//toolchain:defs.bzl", zig_toolchains = "toolchains"

zig_toolchains()

cc_toolchain()
nixpkgs_cc_configure(repository = "@nixpkgs")

register_toolchains(
"@zig_sdk//libc_aware/toolchain:linux_amd64_gnu.2.23",
"@zig_sdk//libc_aware/toolchain:linux_arm64_gnu.2.23",
"@zig_sdk//libc_aware/toolchain:linux_amd64_musl",
"@zig_sdk//libc_aware/toolchain:linux_arm64_musl",
"@zig_sdk//toolchain:linux_amd64_gnu.2.23",
"@zig_sdk//toolchain:linux_arm64_gnu.2.23",
"@zig_sdk//toolchain:linux_amd64_musl",
"@zig_sdk//toolchain:linux_arm64_musl",
"@zig_sdk//toolchain:darwin_amd64",
"@zig_sdk//toolchain:darwin_arm64",
"@zig_sdk//toolchain:windows_amd64",
)

load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

Expand Down
18 changes: 6 additions & 12 deletions bazel/ci/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -410,18 +410,12 @@ repo_command(

sh_template(
name = "proto_targets_check",
data = select({
"@rules_nixpkgs_core//constraints:support_nix": [
"@diffutils//:bin/diff",
],
"//conditions:default": [],
}),
env = select({
"@rules_nixpkgs_core//constraints:support_nix": {
"DIFF": "$(rootpath @diffutils//:bin/diff)",
},
"//conditions:default": {},
}),
data = [
"@diffutils//:bin/diff",
],
env = {
"DIFF": "$(rootpath @diffutils//:bin/diff)",
},
substitutions = {
"@@PROTO_TARGETS@@": " ".join(proto_targets()),
},
Expand Down
3 changes: 0 additions & 3 deletions bazel/mkosi/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,6 @@ Type: @constellation//bazel/mkosi:toolchain_type
Toolchains:
- mkosi_missing_toolchain: provides a fallback toolchain for exec platforms
where mkosi might not be available.
- mkosi_auto_toolchain: a toolchain that uses the installed mkosi. See
mkosi_configure.bzl%find_system_mkosi for usage.
"""

load(":toolchain.bzl", "is_mkosi_available", "mkosi_make_variables", "mkosi_toolchain")
Expand Down
13 changes: 0 additions & 13 deletions bazel/mkosi/BUILD.tpl

This file was deleted.

40 changes: 2 additions & 38 deletions bazel/mkosi/mkosi_configure.bzl
Original file line number Diff line number Diff line change
@@ -1,43 +1,7 @@
"""Repository rule to autoconfigure a toolchain using the system mkosi."""
"""Repository rule to configure a toolchain using nixpkgs mkosi."""

def _write_build(rctx, path):
if not path:
path = ""
rctx.template(
"BUILD",
Label("//bazel/mkosi:BUILD.tpl"),
substitutions = {
"{GENERATOR}": "@constellation//bazel/mkosi/mkosi_configure.bzl%find_system_mkosi",
"{MKOSI_PATH}": str(path),
},
executable = False,
)

def _find_system_mkosi_impl(rctx):
mkosi_path = rctx.which("mkosi")
if rctx.attr.verbose:
if mkosi_path:
print("Found mkosi at '%s'" % mkosi_path) # buildifier: disable=print
else:
print("No system mkosi found.") # buildifier: disable=print
_write_build(rctx = rctx, path = mkosi_path)

_find_system_mkosi = repository_rule(
implementation = _find_system_mkosi_impl,
doc = """Create a repository that defines an mkosi toolchain based on the system mkosi.""",
local = True,
environ = ["PATH"],
attrs = {
"verbose": attr.bool(
doc = "If true, print status messages.",
),
},
)

def find_system_mkosi(name, verbose = False):
_find_system_mkosi(name = name, verbose = verbose)
def register_mkosi(name):
native.register_toolchains(
"@constellation//bazel/mkosi:mkosi_nix_toolchain",
"@%s//:mkosi_auto_toolchain" % name,
"@constellation//bazel/mkosi:mkosi_missing_toolchain",
)
Empty file removed bazel/nixos-support/BUILD.bazel
Empty file.
Empty file.
69 changes: 0 additions & 69 deletions bazel/nixos-support/nixos-support.bzl

This file was deleted.

18 changes: 2 additions & 16 deletions dev-docs/workflows/build-develop-deploy.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,35 +7,21 @@ Prerequisites:
* 20GB (minimum), better 40 GB disk space (required if you want to cross compile for all platforms)
* [Latest version of Go](https://go.dev/doc/install).
* Unless you use Nix / NixOS: [Bazelisk installed as `bazel` in your path](https://github.com/bazelbuild/bazelisk/releases).
* We recommend Nix installed via [determinate systems installer](https://github.com/DeterminateSystems/nix-installer) (or NixOS as host system).
* We require Nix to be installed. It is recommended to install nix using the [determinate systems installer](https://github.com/DeterminateSystems/nix-installer) (or to use NixOS as host system).
* [Docker](https://docs.docker.com/engine/install/). Can be installed with these commands on Ubuntu 22.04: `sudo apt update && sudo apt install docker.io`. As the build spawns docker containers your user account either needs to be in the `docker` group (Add with `sudo usermod -a -G docker $USER`) or you have to run builds with `sudo`. When using `sudo` remember that your root user might (depending on your distro and local config) not have the go binary in it's PATH. The current PATH can be forwarded to the root env with `sudo env PATH=$PATH <cmd>`.

## Prequisites

### Linux

* Packages on NixOS or with Nix installed (use flake.nix in this repo):
* If you don't want to perform any setup, you can get a shell with Bazel and all required dependencies by running:

```sh
# add "common --config=nix" to your .bazeloverwriterc if you want to get nix compatible toolchains
echo "common --config=nix" >> .bazeloverwriterc
# better would be: nix develop -i
# but this doesn't play nice with bashrc, colored output and non-hermetic tools
nix develop
```

* Packages on Ubuntu:

```sh
sudo apt install build-essential cmake libssl-dev pkg-config libcryptsetup12 libcryptsetup-dev
```

* Packages on Fedora:

```sh
sudo dnf install @development-tools pkg-config cmake openssl-devel cryptsetup-libs cryptsetup-devel
```

### Mac

* To fix unsupported shell options used in some build script:
Expand Down
5 changes: 2 additions & 3 deletions image/README.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
## Setup

Ensure you have Nix installed. This is recommended in general but a requirement for the following steps.
Ensure you have Nix installed. This is a requirement for the following steps.
Consult the [developer docs](/dev-docs/workflows/build-develop-deploy.md) for more info.
At the very least, `nix` should be in your PATH and either `common --config=nix`
has to be set in the `.bazelrc` or you need to append `--config=nix` to each Bazel command.
At the very least, `nix` should be in your PATH.

## Build

Expand Down
18 changes: 6 additions & 12 deletions image/measured-boot/cmd/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -16,19 +16,13 @@ go_library(
go_binary(
name = "cmd",
# keep
data = select({
"@rules_nixpkgs_core//constraints:support_nix": [
"@systemd//:bin/systemd-dissect",
],
"//conditions:default": [],
}),
data = [
"@systemd//:bin/systemd-dissect",
],
embed = [":cmd_lib"],
# keep
env = select({
"@rules_nixpkgs_core//constraints:support_nix": {
"DISSECT_TOOLCHAIN": "$(rootpath @systemd//:bin/systemd-dissect)",
},
"//conditions:default": {},
}),
env = {
"DISSECT_TOOLCHAIN": "$(rootpath @systemd//:bin/systemd-dissect)",
},
visibility = ["//visibility:public"],
)

0 comments on commit d22f53d

Please sign in to comment.