treewide: enable pure Go by default
Pure can be safely enabled by default. For those targets which need cgo,
we can set `pure = "off"` on the go_binary or go_test.
This simplifies transitions, and makes the files/files_cc distinction
obsolete.
Change-Id: Ic1a985e7d347a7222f55735c1ee2016e8a7e1c65
Reviewed-on: https://review.monogon.dev/c/monogon/+/4158
Tested-by: Jenkins CI
Reviewed-by: Tim Windelschmidt <tim@monogon.tech>
diff --git a/.bazelrc b/.bazelrc
index ed4fe2e..bcee473 100644
--- a/.bazelrc
+++ b/.bazelrc
@@ -26,6 +26,7 @@
# Run race config with race detector
build:race --@io_bazel_rules_go//go/config:race
+build:race --no@io_bazel_rules_go//go/config:pure
# Only download the final result, the intermediate files can stay on the
# server side.
@@ -35,6 +36,10 @@
# Set the execution platform which adds constraints for the scheduler.
build:remote --extra_execution_platforms=//build/platforms:remote_amd64
+# Enable pure by default. Specific go_binary targets which need cgo should set
+# `pure = "off"`.
+build --@io_bazel_rules_go//go/config:pure
+
# Force netgo and osusergo
build --@io_bazel_rules_go//go/config:tags=osusergo,netgo
diff --git a/build/sqlc/BUILD.bazel b/build/sqlc/BUILD.bazel
index 22fbb6a..60c24b3 100644
--- a/build/sqlc/BUILD.bazel
+++ b/build/sqlc/BUILD.bazel
@@ -9,4 +9,5 @@
"netgo",
"nowasm",
],
+ pure = "off",
)
diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index a7e9f9a..3bd70e9 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel
@@ -45,11 +45,13 @@
"netgo",
"seccomp",
],
+ pure = "off",
)
erofs_image(
name = "rootfs",
files = {
+ "/init": "//metropolis/node/core/minit",
"/core": "//metropolis/node/core",
# CA Certificate bundle & os-release & resolv.conf & hosts
@@ -71,7 +73,8 @@
"/containerd/bin/runsc": "@dev_gvisor_gvisor//runsc",
"/containerd/bin/containerd-shim-runsc-v1": "@dev_gvisor_gvisor//shim",
- # runc (runtime in files_cc because of cgo)
+ # runc
+ "/containerd/bin/runc": ":runc",
"/containerd/bin/containerd-shim-runc-v2": "@com_github_containerd_containerd_v2//cmd/containerd-shim-runc-v2",
# Containerd
@@ -93,12 +96,11 @@
# Delve
"/dlv": "@com_github_go_delve_delve//cmd/dlv:dlv",
- },
- files_cc = {
- "/init": "//metropolis/node/core/minit",
- # runc runtime, with cgo
- "/containerd/bin/runc": ":runc",
+
+ # file system tools
"/bin/mkfs.xfs": "@xfsprogs//:mkfs",
+
+ # time
"/time/chrony": "@chrony//:chrony",
},
fsspecs = [
diff --git a/osbase/bootparam/BUILD.bazel b/osbase/bootparam/BUILD.bazel
index 5a5704e..b688845 100644
--- a/osbase/bootparam/BUILD.bazel
+++ b/osbase/bootparam/BUILD.bazel
@@ -18,6 +18,7 @@
],
embed = [":bootparam"],
gc_goopts = ["-d=libfuzzer"],
+ pure = "off",
deps = [
"//osbase/bootparam/ref",
"@com_github_google_go_cmp//cmp",
diff --git a/osbase/build/def.bzl b/osbase/build/def.bzl
index f3ef7a9..66644b4 100644
--- a/osbase/build/def.bzl
+++ b/osbase/build/def.bzl
@@ -1,31 +1,6 @@
-def _build_pure_transition_impl(settings, _attr):
- """
- Transition that enables pure, static build of Go binaries.
- """
- race = settings["@io_bazel_rules_go//go/config:race"]
- pure = not race
-
- return {
- "@io_bazel_rules_go//go/config:pure": pure,
- "@io_bazel_rules_go//go/config:static": True,
- "//command_line_option:platforms": "//build/platforms:linux_amd64_static",
- }
-
-build_pure_transition = transition(
- implementation = _build_pure_transition_impl,
- inputs = [
- "@io_bazel_rules_go//go/config:race",
- ],
- outputs = [
- "@io_bazel_rules_go//go/config:pure",
- "@io_bazel_rules_go//go/config:static",
- "//command_line_option:platforms",
- ],
-)
-
def _build_static_transition_impl(_settings, _attr):
"""
- Transition that enables static builds with CGo and musl for Go binaries.
+ Transition that enables static build of Go and C binaries.
"""
return {
"@io_bazel_rules_go//go/config:static": True,
diff --git a/osbase/build/fsspec/def.bzl b/osbase/build/fsspec/def.bzl
index 0165208..bcbf451 100644
--- a/osbase/build/fsspec/def.bzl
+++ b/osbase/build/fsspec/def.bzl
@@ -9,7 +9,7 @@
def fsspec_core_impl(ctx, tool, output_file, extra_files = [], extra_fsspecs = []):
"""
fsspec_core_impl implements the core of an fsspec-based rule. It takes
- input from the `files`,`files_cc`, `symlinks` and `fsspecs` attributes
+ input from the `files`, `symlinks` and `fsspecs` attributes
and calls `tool` with the `-out` parameter pointing to `output_file`
and paths to all fsspecs as positional arguments.
"""
@@ -18,7 +18,7 @@
fs_files = []
inputs = []
- for p, label in ctx.attr.files.items() + ctx.attr.files_cc.items() + extra_files:
+ for p, label in ctx.attr.files.items() + extra_files:
if not p.startswith("/"):
fail("file {} invalid: must begin with /".format(p))
diff --git a/osbase/build/mkcpio/def.bzl b/osbase/build/mkcpio/def.bzl
index 3f93804..2db2793 100644
--- a/osbase/build/mkcpio/def.bzl
+++ b/osbase/build/mkcpio/def.bzl
@@ -1,4 +1,4 @@
-load("//osbase/build:def.bzl", "build_pure_transition", "build_static_transition")
+load("//osbase/build:def.bzl", "build_static_transition")
load("//osbase/build/fsspec:def.bzl", "FSSpecInfo", "fsspec_core_impl")
def _node_initramfs_impl(ctx):
@@ -11,6 +11,8 @@
return [DefaultInfo(runfiles = ctx.runfiles(files = [initramfs]), files = depset([initramfs]))]
node_initramfs = rule(
+ # Attach static transition to ensure all binaries added to the initramfs are static binaries.
+ cfg = build_static_transition,
implementation = _node_initramfs_impl,
doc = """
Build a node initramfs. The initramfs will contain a basic /dev directory and all the files specified by the
@@ -25,24 +27,13 @@
Dictionary of Labels to String, placing a given Label's output file in the initramfs at the location
specified by the String value. The specified labels must only have a single output.
""",
- # Attach pure transition to ensure all binaries added to the initramfs are pure/static binaries.
- cfg = build_pure_transition,
- ),
- "files_cc": attr.string_keyed_label_dict(
- allow_files = True,
- doc = """
- Special case of 'files' for compilation targets that need to be built with the musl toolchain like
- go_binary targets which need cgo or cc_binary targets.
- """,
- # Attach static transition to all files_cc inputs to ensure they are built with musl and static.
- cfg = build_static_transition,
),
"symlinks": attr.string_dict(
default = {},
doc = """
- Symbolic links to create. Similar format as in files and files_cc, so the key is the location of the
+ Symbolic links to create. Similar format as in `files`, so the key is the location of the
symlink itself and the value of it is target of the symlink. Only raw strings are allowed as targets,
- labels are not permitted. Include the file using files or files_cc, then symlink to its location.
+ labels are not permitted. Include the file using `files`, then symlink to its location.
""",
),
"fsspecs": attr.label_list(
diff --git a/osbase/build/mkerofs/def.bzl b/osbase/build/mkerofs/def.bzl
index ff4e137..0be0568 100644
--- a/osbase/build/mkerofs/def.bzl
+++ b/osbase/build/mkerofs/def.bzl
@@ -1,4 +1,4 @@
-load("//osbase/build:def.bzl", "build_pure_transition", "build_static_transition")
+load("//osbase/build:def.bzl", "build_static_transition")
load("//osbase/build/fsspec:def.bzl", "FSSpecInfo", "fsspec_core_impl")
def _erofs_image_impl(ctx):
@@ -10,9 +10,11 @@
return [DefaultInfo(files = depset([fs_out]))]
erofs_image = rule(
+ # Attach static transition to ensure all binaries added to the EROFS are static binaries.
+ cfg = build_static_transition,
implementation = _erofs_image_impl,
doc = """
- Build an EROFS. All files specified in files, files_cc and all specified symlinks will be contained.
+ Build an EROFS. All files specified in files and all specified symlinks will be contained.
Executable files will have their permissions set to 0555, non-executable files will have
their permissions set to 0444. All parent directories will be created with 0555 permissions.
""",
@@ -24,24 +26,13 @@
Dictionary of Labels to String, placing a given Label's output file in the EROFS at the location
specified by the String value. The specified labels must only have a single output.
""",
- # Attach pure transition to ensure all binaries added to the initramfs are pure/static binaries.
- cfg = build_pure_transition,
- ),
- "files_cc": attr.string_keyed_label_dict(
- allow_files = True,
- doc = """
- Special case of 'files' for compilation targets that need to be built with the musl toolchain like
- go_binary targets which need cgo or cc_binary targets.
- """,
- # Attach static transition to all files_cc inputs to ensure they are built with musl and static.
- cfg = build_static_transition,
),
"symlinks": attr.string_dict(
default = {},
doc = """
- Symbolic links to create. Similar format as in files and files_cc, so the key is the location of the
+ Symbolic links to create. Similar format as in `files`, so the key is the location of the
symlink itself and the value of it is target of the symlink. Only raw strings are allowed as targets,
- labels are not permitted. Include the file using files or files_cc, then symlink to its location.
+ labels are not permitted. Include the file using `files`, then symlink to its location.
""",
),
"fsspecs": attr.label_list(
diff --git a/osbase/fsquota/BUILD.bazel b/osbase/fsquota/BUILD.bazel
index 0293e25..dba031f 100644
--- a/osbase/fsquota/BUILD.bazel
+++ b/osbase/fsquota/BUILD.bazel
@@ -26,7 +26,7 @@
k_test(
name = "ktest",
cmdline = "ramdisk_size=51200",
- files_cc = {
+ files = {
"/mkfs.xfs": "@xfsprogs//:mkfs",
},
tester = ":fsquota_test",
diff --git a/osbase/test/ktest/ktest.bzl b/osbase/test/ktest/ktest.bzl
index 2d8fd91..4a6942f 100644
--- a/osbase/test/ktest/ktest.bzl
+++ b/osbase/test/ktest/ktest.bzl
@@ -18,7 +18,7 @@
Ktest provides a macro to run tests under a normal Metropolis node kernel
"""
-load("//osbase/build:def.bzl", "build_pure_transition", "build_static_transition")
+load("//osbase/build:def.bzl", "build_static_transition")
load("//osbase/build/fsspec:def.bzl", "FSSpecInfo", "fsspec_core_impl")
_KTEST_SCRIPT = """
@@ -72,24 +72,15 @@
Dictionary of Labels to String, placing a given Label's output file in the initramfs at the location
specified by the String value. The specified labels must only have a single output.
""",
- # Attach pure transition to ensure all binaries added to the initramfs are pure/static binaries.
- cfg = build_pure_transition,
- ),
- "files_cc": attr.string_keyed_label_dict(
- allow_files = True,
- doc = """
- Special case of 'files' for compilation targets that need to be built with the musl toolchain like
- go_binary targets which need cgo or cc_binary targets.
- """,
- # Attach static transition to all files_cc inputs to ensure they are built with musl and static.
+ # Attach static transition to ensure all binaries added to the initramfs are static binaries.
cfg = build_static_transition,
),
"symlinks": attr.string_dict(
default = {},
doc = """
- Symbolic links to create. Similar format as in files and files_cc, so the key is the location of the
+ Symbolic links to create. Similar format as in `files`, so the key is the location of the
symlink itself and the value of it is target of the symlink. Only raw strings are allowed as targets,
- labels are not permitted. Include the file using files or files_cc, then symlink to its location.
+ labels are not permitted. Include the file using `files`, then symlink to its location.
""",
),
"fsspecs": attr.label_list(
@@ -100,6 +91,7 @@
""",
providers = [FSSpecInfo],
allow_files = True,
+ cfg = build_static_transition,
),
"kernel": attr.label(
default = Label("//osbase/test/ktest:linux-testing"),
@@ -117,7 +109,7 @@
),
"_ktest_init": attr.label(
default = Label("//osbase/test/ktest/init"),
- cfg = build_pure_transition,
+ cfg = build_static_transition,
executable = True,
allow_single_file = True,
),