treewide: remove FHSEnv
To remove the FHSenv, we have to patch rules_python to use
/usr/bin/env to resolve the path to bash instead of hardcoding it.
Additionally, we now bring a Nix-compatible Bazel 8.
Change-Id: Id51e7748eea6dd77185f43a52fe45b5110ba4a2b
Reviewed-on: https://review.monogon.dev/c/monogon/+/4427
Tested-by: Jenkins CI
Reviewed-by: Jan Schär <jan@monogon.tech>
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Reviewed-by: Leopold Schabel <leo@monogon.tech>
diff --git a/build/bazel/go.MODULE.bazel b/build/bazel/go.MODULE.bazel
index f1e10f5..dfa5b91 100644
--- a/build/bazel/go.MODULE.bazel
+++ b/build/bazel/go.MODULE.bazel
@@ -184,6 +184,10 @@
],
},
"github.com/bytecodealliance/wasmtime-go/v14": {
+ # wasmtime brings its own BUILD files and for some reason,
+ # Bazel regenerates them in the nixos/nix container but not on
+ # NixOS. We disable replacing the existing directives to fix this.
+ "build_file_generation": "off",
"directives": [
"gazelle:go_naming_convention go_default_library",
],
diff --git a/build/bazel/toolchain.MODULE.bazel b/build/bazel/toolchain.MODULE.bazel
index f0434f5..f691078 100644
--- a/build/bazel/toolchain.MODULE.bazel
+++ b/build/bazel/toolchain.MODULE.bazel
@@ -3,17 +3,17 @@
http_archive(
name = "toolchain-bundle-x86_64-unknown-linux-musl",
build_file = "//build/toolchain/toolchain-bundle:toolchain-bundle.bzl",
- integrity = "sha256-tpbvNL5S4t2WLkcj027sghf8tEzVJFL1e5leyx8JkCI=",
+ integrity = "sha256-7wceZhsWdZLXT2KW05NmmbUCYKA+DmudjPqTO3qX29I=",
urls = [
- "https://storage.googleapis.com/monogon-infra-public/toolchain/toolchain-bundle-x86_64-unknown-linux-musl-release-25.05.ffdcefdde9a4e540d1c875767da0e382e1ccf460.tar.zst",
+ "https://storage.googleapis.com/monogon-infra-public/toolchain/9iv889bzlsg1dglkmqdnabak5ffbp2km-toolchain/toolchain-bundle-x86_64-unknown-linux-musl.tar.zst",
],
)
http_archive(
name = "toolchain-bundle-aarch64-unknown-linux-musl",
build_file = "//build/toolchain/toolchain-bundle:toolchain-bundle.bzl",
- integrity = "sha256-6caDQ8S+DGXHy2xSAhfRu5EXFLZ7NNqbtkY6o1i33F4=",
+ integrity = "sha256-7ckBNZ5186xDDsDlsUVMNIciY9nECfH70KoB/FUZKRc=",
urls = [
- "https://storage.googleapis.com/monogon-infra-public/toolchain/toolchain-bundle-aarch64-unknown-linux-musl-release-25.05.ffdcefdde9a4e540d1c875767da0e382e1ccf460.tar.zst",
+ "https://storage.googleapis.com/monogon-infra-public/toolchain/9iv889bzlsg1dglkmqdnabak5ffbp2km-toolchain/toolchain-bundle-aarch64-unknown-linux-musl.tar.zst",
],
)
diff --git a/build/toolchain/toolchain-bundle/BUILD.bazel b/build/toolchain/toolchain-bundle/BUILD.bazel
index 82437da..66de9f5 100644
--- a/build/toolchain/toolchain-bundle/BUILD.bazel
+++ b/build/toolchain/toolchain-bundle/BUILD.bazel
@@ -1,4 +1,7 @@
load("@rules_perl//perl:toolchain.bzl", "perl_toolchain")
+load("@rules_python//python:py_exec_tools_toolchain.bzl", "py_exec_tools_toolchain")
+load("@rules_python//python:py_runtime.bzl", "py_runtime")
+load("@rules_python//python:py_runtime_pair.bzl", "py_runtime_pair")
load(":toolchain.bzl", "SUPPORTED_TARGETS", "TOOLCHAINS", "toolchain_for")
package(default_visibility = ["//visibility:public"])
@@ -11,6 +14,42 @@
for name, config in TOOLCHAINS.items()
]
+[
+ [
+ py_runtime(
+ name = "rules_python_%s_python3_12_runtime" % target.tuple,
+ interpreter = "@toolchain-bundle-%s//:python3.12" % target.triple,
+ interpreter_version_info = {
+ "major": str(3),
+ "minor": str(12),
+ "micro": str(0),
+ },
+ python_version = "PY3",
+ ),
+ py_runtime_pair(
+ name = "rules_python_%s_python3_12_runtime_pair" % target.tuple,
+ py3_runtime = ":rules_python_%s_python3_12_runtime" % target.tuple,
+ ),
+ py_exec_tools_toolchain(
+ name = "rules_python_%s_python3_12_exec_tools_toolchain_impl" % target.tuple,
+ exec_interpreter = ":rules_python_%s_python3_12_runtime_pair" % target.tuple,
+ ),
+ toolchain(
+ name = "rules_python_%s_python3_12_runtime_toolchain" % target.tuple,
+ exec_compatible_with = target.constrain,
+ toolchain = ":rules_python_%s_python3_12_runtime_pair" % target.tuple,
+ toolchain_type = "@rules_python//python:toolchain_type",
+ ),
+ toolchain(
+ name = "rules_python_%s_python3_12_exec_tools_toolchain" % target.tuple,
+ exec_compatible_with = target.constrain,
+ toolchain = ":rules_python_%s_python3_12_exec_tools_toolchain_impl" % target.tuple,
+ toolchain_type = "@rules_python//python:exec_tools_toolchain_type",
+ ),
+ ]
+ for target in SUPPORTED_TARGETS
+]
+
# rules_perl wiring
[
diff --git a/build/toolchain/toolchain-bundle/toolchain-bundle.bzl b/build/toolchain/toolchain-bundle/toolchain-bundle.bzl
index 6ac17fb..c2de9d1 100644
--- a/build/toolchain/toolchain-bundle/toolchain-bundle.bzl
+++ b/build/toolchain/toolchain-bundle/toolchain-bundle.bzl
@@ -4,6 +4,32 @@
"**/*",
]))
+filegroup(
+ name = "python3.12",
+ srcs = [
+ ":bin/python3.12",
+ ],
+ data = glob([
+ "lib/python3.12/**",
+ ]),
+)
+
+filegroup(
+ name = "python3.12_headers",
+ srcs = glob([
+ "include/python3.12/**",
+ ]),
+)
+
+filegroup(
+ name = "python3.12_libs",
+ srcs = glob([
+ "lib/python3.12/**",
+ ]) + [
+ ":lib/libpython3.12.a",
+ ],
+)
+
# rules_perl expects all files as src entry, this does prevent us using
# $(execpath) which is why we have another filegroup that uses this as
# data dep.