artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 17:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
sh/test
sourcegraph/dev/oci_defs.bzl
Noah S-C ce6a366647
bazel: transition oci_image to opt/release mode for Rust (#61740) 
Our rust binaries (e.g. scip-ctags/syntect_server) were being built in some mix of opt & fastbuild mode[1]. Unlike with Go where there is no release/debug mode flag, Rust requires opting into optimized release builds. We can do that automagically when building any oci_image target with the power of  transitions  

This has the side-effect of our Go binaries no longer being stripped & containing debug symbols, see https://github.com/bazelbuild/rules_go/issues/3917

Also to note, [in Cargo.toml we opt into debug symbols in release mode](https://sourcegraph.com/github.com/sourcegraph/sourcegraph@nsc/bazel-release-mode-rust/-/blob/docker-images/syntax-highlighter/Cargo.toml?L67%3A11-70%3A9). Is this preserved by this PR for bazel[2]? 

[1] `strings` on the binaries showed the 3rd-party crates having `k8-opt` filepath names e.g.
```
$ / # strings syntect_server | grep k8-
/tmp/bazel-working-directory/__main__/bazel-out/k8-opt-exec-ST-13d3ddad9198/bin/external/crate_index__onig_sys-69.8.1/onig_sys_build_script_.runfiles/crate_index__onig_sys-69.8.1
```
but the final binaries (and the 1st-party crates) themselves were being built in fastbuild mode. See https://github.com/sourcegraph/devx-support/issues/790 for original point of contact

[2] It seems like it may be preserved, but I dont know how reliable this is for Rust binaries
```
$ file bazel-bin/docker-images/syntax-highlighter/scip-ctags
bazel-bin/docker-images/syntax-highlighter/scip-ctags: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.0.0, with debug_info, not stripped
```

## Test plan

Tested for sourcegraph/scip-ctags image:
```
/ $ strings scip-ctags | grep "Could not parse file" 
/ $ echo $?
1
```
2024-04-15 17:19:17 +00:00

59 lines
2.2 KiB
Python
Raw Permalink Blame History

"""OCI bazel defs"""
load("@rules_oci//oci:defs.bzl", _oci_image = "oci_image", _oci_push = "oci_push", _oci_tarball = "oci_tarball")
REGISTRY_REPOSITORY_PREFIX = "europe-west1-docker.pkg.dev/sourcegraph-security-logging/rules-oci-test/{}"
# REGISTRY_REPOSITORY_PREFIX = "us.gcr.io/sourcegraph-dev/{}"
# Passthrough the @rules_oci oci_push, so users only have to import this file and not @rules_oci//oci:defs.bzl
oci_push = _oci_push
def image_repository(image):
return REGISTRY_REPOSITORY_PREFIX.format(image)
def oci_tarball(name, **kwargs):
_oci_tarball(
name = name,
# Don't build this by default with bazel build //... since most oci_tarball
# targets do not need to be built on CI. This prevents the remote cache from
# being overwhelmed in the event that oci_tarballs are cache busted en masse.
tags = kwargs.pop("tags", []) + ["manual"],
**kwargs
)
# Apply a transition on oci_image targets and their deps to apply a transition on platforms
# to build binaries for Linux when building on MacOS.
def oci_image(name, **kwargs):
_oci_image(
name = name + "_underlying",
**kwargs
)
oci_image_cross(
name = name,
image = ":" + name + "_underlying",
platform = select({
"@platforms//os:macos": Label("@zig_sdk//platform:linux_amd64"),
"//conditions:default": Label("@platforms//host"),
}),
visibility = kwargs.pop("visibility", ["//visibility:public"]),
)
# rule that allows transitioning in order to transition an oci_image target and its deps
oci_image_cross = rule(
implementation = lambda ctx: DefaultInfo(files = depset(ctx.files.image)),
attrs = {
"image": attr.label(cfg = transition(
implementation = lambda settings, attr: [
{"//command_line_option:platforms": str(attr.platform), "//command_line_option:compilation_mode": "opt"},
],
inputs = [],
outputs = ["//command_line_option:platforms", "//command_line_option:compilation_mode"],
)),
"platform": attr.label(),
"_allowlist_function_transition": attr.label(
default = "@bazel_tools//tools/allowlists/function_transition_allowlist",
),
},
)
Reference in New Issue View Git Blame Copy Permalink