commit 7c38e7845bad04db14031741e879e887e2f571b5
author Jan Schär <jan@monogon.tech> Tue Apr 29 09:23:37 2025 +0000
committer Jan Schär <jan@monogon.tech> Tue Apr 29 13:11:33 2025 +0000
tree 8481308f7280a6153de818497d11f0c9614baeeb
parent dc97912eb162144d7bd92509ad8f064a8cf98ecb

treewide: replace go_binary_with_tag

Instead of using go_binary_with_tag, we can write a go_binary rule which
embeds the library. Then we can easily change all the Go configs, not
just tags.

By default, Gazelle generates the libraries for a go_binary with private
visibility, so we need to override it to pulic. The go_binary_with_tag
rule had the additional feature of combining the specified tags with the
incoming ones (osusergo, netgo); instead I added those manually.

Change-Id: I23965176f87e3a0bbd18ba5a72f190e4f9047363
Reviewed-on: https://review.monogon.dev/c/monogon/+/4157
Tested-by: Jenkins CI
Reviewed-by: Tim Windelschmidt <tim@monogon.tech>

metropolis/node/BUILD.bazel

diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index 231456a..a7e9f9a 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel
@@ -1,6 +1,5 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
 load("@rules_pkg//:pkg.bzl", "pkg_zip")
-load("//build/go:def.bzl", "go_binary_with_tag")
 load("//osbase/build/genosrelease:defs.bzl", "os_release")
 load("//osbase/build/mkerofs:def.bzl", "erofs_image")
 load("//osbase/build/mkimage:def.bzl", "node_image")
@@ -38,10 +37,14 @@
     "passwd",
 ])
 
-go_binary_with_tag(
+go_binary(
     name = "runc",
-    binary = "@com_github_opencontainers_runc//:runc",
-    gotags = ["seccomp"],
+    embed = ["@com_github_opencontainers_runc//:runc_lib"],
+    gotags = [
+        "osusergo",
+        "netgo",
+        "seccomp",
+    ],
 )
 
 erofs_image(