Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 5178dd76472906d541fe08c643633499708c67de^! / . / build / bazel
commit5178dd76472906d541fe08c643633499708c67de[log] [tgz]
authorTim Windelschmidt <tim@monogon.tech>Wed Dec 04 04:38:45 2024 +0100
committerTim Windelschmidt <tim@monogon.tech>Tue Jan 07 15:59:01 2025 +0000
treec8ca42dc5fe77d78cca49cb002eeed67de06e743
parentf724ed2be1d3f86159ea83ca41f5f6b0886a69a5 [diff]
workspace: introduce bazel downloader config and replace bazeldnf mirror

This rather small change does rework the way we cache our dependencies
by instructing bazel to fetch everything through a custom proxy. See
//build/mirror_proxy:README.me for more infos.

Closes monogon-dev/monogon#178

Change-Id: Ic671fc8233a1cbf37427bbc96339ea8108310e21
Reviewed-on: https://review.monogon.dev/c/monogon/+/3686
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

diff --git a/build/bazel/bazel_downloader.cfg b/build/bazel/bazel_downloader.cfg
new file mode 100644
index 0000000..bdbad08
--- /dev/null
+++ b/build/bazel/bazel_downloader.cfg

@@ -0,0 +1,13 @@
+# Allow request to go.dev for finding the current go sdk versions.
+allow go.dev
+
+# Allow requests to the bazel registry for ensuring we can update our
+# bzlmod deps.
+allow bcr.bazel.build
+
+# Allow requests to our mirror and rewrite all urls to use said mirror.
+allow mirror.monogon.dev
+rewrite ^((?!go\.dev|bcr\.bazel\.build).*) mirror.monogon.dev/$1
+
+# Block all other URLs. You can comment out this one to allow a fallback.
+block *

diff --git a/build/bazel/go.MODULE.bazel b/build/bazel/go.MODULE.bazel
index 19b2bfb..de8ad0d 100644
--- a/build/bazel/go.MODULE.bazel
+++ b/build/bazel/go.MODULE.bazel

@@ -88,7 +88,7 @@
     "io_k8s_kubernetes",
     "io_k8s_pod_security_admission",
     "io_k8s_utils",
-    "net_starlark_go",
+    "org_golang_google_api",
     "org_golang_google_genproto_googleapis_api",
     "org_golang_google_grpc",
     "org_golang_google_protobuf",