treewide: exclude flags from exec config
This enables the --experimental_exclude_starlark_flags_from_exec_config
flag, which disables propagation of config settings across exec
transitions. This way, only one copy of protoc is built, without needing
a custom toolchain which ignores the settings.
See https://github.com/bazelbuild/bazel/issues/22457 for discussion
about this flag. Apparently, Google has enabled the flag internally.
Change-Id: I750af589563ec40c59599a555bebe1a986d04d4a
Reviewed-on: https://review.monogon.dev/c/monogon/+/4171
Reviewed-by: Tim Windelschmidt <tim@monogon.tech>
Tested-by: Jenkins CI
diff --git a/.bazelrc b/.bazelrc
index cfeb312..d4e676e 100644
--- a/.bazelrc
+++ b/.bazelrc
@@ -57,6 +57,15 @@
# Enable resource set configuration via starlark for actions
build --experimental_action_resource_set
+# Stop propagation of settings to exec config by default.
+# See https://github.com/bazelbuild/bazel/issues/22457
+build --experimental_exclude_starlark_flags_from_exec_config
+# These flags need to be propagated for nogo to work. We currently need to
+# reference rules_go with the canonical repo name; this is no longer necessary
+# once the fix for https://github.com/bazelbuild/bazel/issues/25208 is released.
+build --experimental_propagate_custom_flag=@@rules_go+//go/private:request_nogo
+build --experimental_propagate_custom_flag=@@rules_go+//go/private:bootstrap_nogo
+
# Hardwire all action envs to just use /usr/bin from the above sandbox. This is
# necessary on NixOS Bazel builds, as they really like to inject /nix/store/*
# paths otherwise. We also explicitly set it to /usr/bin only (no /bin) as