diff --git a/WORKSPACE b/WORKSPACE index b523b201cf2..a3ff305a06f 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -106,9 +106,9 @@ http_archive( # Container rules http_archive( name = "rules_oci", - sha256 = "647f4c6fd092dc7a86a7f79892d4b1b7f1de288bdb4829ca38f74fd430fcd2fe", - strip_prefix = "rules_oci-1.7.6", - url = "https://github.com/bazel-contrib/rules_oci/releases/download/v1.7.6/rules_oci-v1.7.6.tar.gz", + sha256 = "f70f07f9d0d6c275d7ec7d3c7f236d9b552ba3205e8f37df9c1125031cf967cc", + strip_prefix = "rules_oci-2.0.0-beta1", + url = "https://github.com/bazel-contrib/rules_oci/releases/download/v2.0.0-beta1/rules_oci-v2.0.0-beta1.tar.gz", ) http_archive( @@ -407,15 +407,9 @@ load("@rules_oci//oci:dependencies.bzl", "rules_oci_dependencies") rules_oci_dependencies() -load("@rules_oci//oci:repositories.bzl", "LATEST_CRANE_VERSION", "oci_register_toolchains") +load("@rules_oci//oci:repositories.bzl", "oci_register_toolchains") -oci_register_toolchains( - name = "oci", - crane_version = LATEST_CRANE_VERSION, - # Uncommenting the zot toolchain will cause it to be used instead of crane for some tasks. - # Note that it does not support docker-format images. - # zot_version = LATEST_ZOT_VERSION, -) +oci_register_toolchains(name = "oci") # Optional, for oci_tarball rule load("@rules_pkg//:deps.bzl", "rules_pkg_dependencies") diff --git a/dev/oci_defs.bzl b/dev/oci_defs.bzl index 60be494d835..3e782469de5 100644 --- a/dev/oci_defs.bzl +++ b/dev/oci_defs.bzl @@ -1,6 +1,6 @@ """OCI bazel defs""" -load("@rules_oci//oci:defs.bzl", _oci_image = "oci_image", _oci_push = "oci_push", _oci_tarball = "oci_tarball") +load("@rules_oci//oci:defs.bzl", _oci_image = "oci_image", _oci_load = "oci_load", _oci_push = "oci_push") REGISTRY_REPOSITORY_PREFIX = "europe-west1-docker.pkg.dev/sourcegraph-security-logging/rules-oci-test/{}" # REGISTRY_REPOSITORY_PREFIX = "us.gcr.io/sourcegraph-dev/{}" @@ -12,7 +12,7 @@ def image_repository(image): return REGISTRY_REPOSITORY_PREFIX.format(image) def oci_tarball(name, **kwargs): - _oci_tarball( + _oci_load( name = name, # Don't build this by default with bazel build //... since most oci_tarball # targets do not need to be built on CI. This prevents the remote cache from diff --git a/doc/dev/background-information/bazel/containers.md b/doc/dev/background-information/bazel/containers.md index c74d4580168..262d7bd6e3d 100644 --- a/doc/dev/background-information/bazel/containers.md +++ b/doc/dev/background-information/bazel/containers.md @@ -154,11 +154,8 @@ We can now build this image _locally_ and run those tests as well. Example: ``` -# Create a tarball that can be loaded in Docker of the worker service: -bazel build //cmd/worker:image_tarball - -# Load the image in Docker: -docker load --input $(bazel cquery //cmd/worker:image_tarball --output=files) +# Create and load a tarball that can be loaded in Docker of the worker service: +bazel run //cmd/worker:image_tarball # Run the container structure tests bazel test //cmd/worker:image_test diff --git a/doc/dev/background-information/bazel/faq.md b/doc/dev/background-information/bazel/faq.md index bb94a1aafa0..75fe7450631 100644 --- a/doc/dev/background-information/bazel/faq.md +++ b/doc/dev/background-information/bazel/faq.md @@ -55,11 +55,8 @@ Our containers are only built for `linux/amd64`, therefore we need to cross-comp Example: ``` -# Create a tarball that can be loaded in Docker of the worker service: -bazel build //cmd/worker:image_tarball - -# Load the image in Docker: -docker load --input $(bazel cquery //cmd/worker:image_tarball --output=files) +# Create and load a tarball that can be loaded in Docker of the worker service: +bazel run //cmd/worker:image_tarball ``` You can also use the same configuration flag to run the container tests on MacOS: diff --git a/doc/dev/background-information/sg/index.md b/doc/dev/background-information/sg/index.md index 5b5b23d3424..a6d39c88f3c 100644 --- a/doc/dev/background-information/sg/index.md +++ b/doc/dev/background-information/sg/index.md @@ -186,8 +186,7 @@ env: commands: gitserver: install: | - bazel build //cmd/gitserver:image_tarball && \ - docker load --input $(bazel cquery //cmd/gitserver:image_tarball --output=files) + bazel run //cmd/gitserver:image_tarball gitserver-0: cmd: | docker inspect gitserver-${GITSERVER_INDEX} >/dev/null 2>&1 && docker stop gitserver-${GITSERVER_INDEX} diff --git a/docker-images/syntax-highlighter/crates/scip-syntax/BUILD.bazel b/docker-images/syntax-highlighter/crates/scip-syntax/BUILD.bazel index e748055e721..5ac418fe4f2 100644 --- a/docker-images/syntax-highlighter/crates/scip-syntax/BUILD.bazel +++ b/docker-images/syntax-highlighter/crates/scip-syntax/BUILD.bazel @@ -112,22 +112,31 @@ oci_image( base = "@scip-java", ) +# TODO: this is expensive as whole has to be uploaded to the remote cache +# Instead call the executable script created by oci_tarball to load the image +# to daemon. oci_tarball( name = "scip_java_image_tarball", image = ":scip_java_image", repo_tags = ["scip-java:tmp"], ) +filegroup( + name = "scip_java_image_tarball_tar", + srcs = [":scip_java_image_tarball"], + output_group = "tarball", +) + genrule( name = "java_groundtruth_scip", srcs = [ "testdata/scip-index.sh", - ":scip_java_image_tarball", + ":scip_java_image_tarball_tar", ] + glob(["testdata/java/**"]), outs = ["index-java.scip"], cmd = """\ $(location testdata/scip-index.sh) \ - $(location :scip_java_image_tarball) \ + $(location :scip_java_image_tarball_tar) \ scip-java:tmp \ $(location testdata/java/build.gradle) \ 'scip-java index' \ diff --git a/sg.config.yaml b/sg.config.yaml index ae56fc08ecc..c32caff55d6 100644 --- a/sg.config.yaml +++ b/sg.config.yaml @@ -823,8 +823,7 @@ commands: # Nothing to run for this, we just want to re-run the install script every time. cmd: exit 0 install: | - bazel build //cmd/batcheshelper:image_tarball - docker load --input $(bazel cquery //cmd/batcheshelper:image_tarball --output=files) + bazel run //cmd/batcheshelper:image_tarball env: IMAGE: batcheshelper:candidate # TODO: This is required but should only be set on M1 Macs. @@ -921,8 +920,7 @@ commands: mkdir -p "${GRAFANA_DISK}" mkdir -p "$(dirname ${GRAFANA_LOG_FILE})" docker inspect $CONTAINER >/dev/null 2>&1 && docker rm -f $CONTAINER - bazel build //docker-images/grafana:image_tarball - docker load --input $(bazel cquery //docker-images/grafana:image_tarball --output=files) + bazel run //docker-images/grafana:image_tarball env: GRAFANA_DISK: $HOME/.sourcegraph-dev/data/grafana # Log file location: since we log outside of the Docker container, we should @@ -979,8 +977,7 @@ commands: cp ${PROM_TARGETS} "${CONFIG_DIR}"/prometheus_targets.yml - bazel build //docker-images/prometheus:image_tarball - docker load --input $(bazel cquery //docker-images/prometheus:image_tarball --output=files) + bazel run //docker-images/prometheus:image_tarball env: PROMETHEUS_DISK: $HOME/.sourcegraph-dev/data/prometheus # See comment above for `grafana` @@ -1036,8 +1033,7 @@ commands: "${IMAGE}" install: | docker inspect $CONTAINER >/dev/null 2>&1 && docker rm -f $CONTAINER - bazel build //docker-images/postgres_exporter:image_tarball - docker load --input $(bazel cquery //docker-images/postgres_exporter:image_tarball --output=files) + bazel run //docker-images/postgres_exporter:image_tarball env: IMAGE: postgres-exporter:candidate CONTAINER: postgres_exporter @@ -1051,8 +1047,7 @@ commands: otel-collector: install: | - bazel build //docker-images/opentelemetry-collector:image_tarball - docker load --input $(bazel cquery //docker-images/opentelemetry-collector:image_tarball --output=files) + bazel run //docker-images/opentelemetry-collector:image_tarball description: OpenTelemetry collector cmd: | JAEGER_HOST='host.docker.internal'