treewide: remove FHSEnv
To remove the FHSenv, we have to patch rules_python to use
/usr/bin/env to resolve the path to bash instead of hardcoding it.
Additionally, we now bring a Nix-compatible Bazel 8.
Change-Id: Id51e7748eea6dd77185f43a52fe45b5110ba4a2b
Reviewed-on: https://review.monogon.dev/c/monogon/+/4427
Tested-by: Jenkins CI
Reviewed-by: Jan Schär <jan@monogon.tech>
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Reviewed-by: Leopold Schabel <leo@monogon.tech>
diff --git a/third_party/rules_python/BUILD.bazel b/third_party/rules_python/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/rules_python/BUILD.bazel
diff --git a/third_party/rules_python/use-usr-bin-env-bash.patch b/third_party/rules_python/use-usr-bin-env-bash.patch
new file mode 100644
index 0000000..71a39cf
--- /dev/null
+++ b/third_party/rules_python/use-usr-bin-env-bash.patch
@@ -0,0 +1,12 @@
+The build environment is not guaranteed to have /bin/bash, especially on NixOS
+or in our CI runner. Use /usr/bin/env to resolve it from PATH.
+diff --git a/python/private/stage1_bootstrap_template.sh b/python/private/stage1_bootstrap_template.sh
+--- a/python/private/stage1_bootstrap_template.sh
++++ b/python/private/stage1_bootstrap_template.sh
+@@ -1,5 +1,5 @@
+-#!/bin/bash
++#!/usr/bin/env bash
+
+ set -e
+
+ if [[ -n "${RULES_PYTHON_BOOTSTRAP_VERBOSE:-}" ]]; then