Add all dependencies for Kubernetes worker
Adds Kubelet, CNI plugins, containerd, runc and gVisor using a
pre-baked list of dependencies generated using scripts/gazelle-deps/sh.
This moves all dependencies of gVisor, Kubernetes, runc, etc into the
same 'namespace' of Bazel external repositories, giving us ease of
accessing code as libraries, and benefits when it comes to version
auditing.
The gazelle-deps.sh script is a temporary solution that will be replaced
ASAP, see T725.
This unblocks T486.
This is an alternative to D389.
Test Plan: `bazel build //core:image` runs and picks up the new binaries
X-Origin-Diff: phab/D487
GitOrigin-RevId: a28a25071fa2ae76b272d237ce9af777485065ff
diff --git a/core/BUILD b/core/BUILD
index f413b5d..1628bd1 100644
--- a/core/BUILD
+++ b/core/BUILD
@@ -4,6 +4,16 @@
"//core/cmd/init",
"//core/cmd/kube-controlplane",
"//third_party/xfsprogs:mkfs.xfs",
+ "@io_k8s_kubernetes//cmd/kubelet:_kubelet-pure",
+ "@com_github_containerd_containerd//cmd/containerd",
+ "@com_github_containerd_containerd//cmd/containerd-shim",
+ "@com_github_containerd_containerd//cmd/containerd-shim-runc-v1",
+ "@com_github_containerd_containerd//cmd/containerd-shim-runc-v2",
+ "@com_github_containernetworking_plugins//plugins/main/loopback",
+ "@com_github_containernetworking_plugins//plugins/main/ptp",
+ "@com_github_containernetworking_plugins//plugins/ipam/host-local",
+ "@com_github_opencontainers_runc//:runc",
+ "@com_github_google_gvisor//runsc",
],
outs = [
"initramfs.cpio.lz4",
@@ -17,6 +27,18 @@
dir /bin 0755 0 0
file /bin/mkfs.xfs $(location //third_party/xfsprogs:mkfs.xfs) 0755 0 0
file /bin/kube-controlplane $(location //core/cmd/kube-controlplane) 0755 0 0
+file /bin/kubelet $(location @io_k8s_kubernetes//cmd/kubelet:_kubelet-pure) 0755 0 0
+dir /containerd 0755 0 0
+file /containerd/containerd $(location @com_github_containerd_containerd//cmd/containerd) 0755 0 0
+file /containerd/containerd-shim $(location @com_github_containerd_containerd//cmd/containerd-shim) 0755 0 0
+file /containerd/containerd-shim-runc-v1 $(location @com_github_containerd_containerd//cmd/containerd-shim-runc-v1) 0755 0 0
+file /containerd/containerd-shim-runc-v2 $(location @com_github_containerd_containerd//cmd/containerd-shim-runc-v2) 0755 0 0
+file /containerd/runsc $(location @com_github_google_gvisor//runsc) 0755 0 0
+file /containerd/runc $(location @com_github_opencontainers_runc//:runc) 0755 0 0
+dir /containerd/cni-plugins 0755 0 0
+file /containerd/cni-plugins/loopback $(location @com_github_containernetworking_plugins//plugins/main/loopback) 0755 0 0
+file /containerd/cni-plugins/ptp $(location @com_github_containernetworking_plugins//plugins/main/ptp) 0755 0 0
+file /containerd/cni-plugins/host-local $(location @com_github_containernetworking_plugins//plugins/ipam/host-local) 0755 0 0
EOF
""",
tools = [
diff --git a/core/api/api/BUILD.bazel b/core/api/api/BUILD.bazel
index 61e4fe7..70764cc 100644
--- a/core/api/api/BUILD.bazel
+++ b/core/api/api/BUILD.bazel
@@ -1,3 +1,4 @@
+load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
diff --git a/core/api/common/BUILD.bazel b/core/api/common/BUILD.bazel
index 30b3a27..6786431 100644
--- a/core/api/common/BUILD.bazel
+++ b/core/api/common/BUILD.bazel
@@ -1,3 +1,4 @@
+load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
diff --git a/core/cmd/kube-controlplane/BUILD b/core/cmd/kube-controlplane/BUILD
index cc0427a..c9049e4 100644
--- a/core/cmd/kube-controlplane/BUILD
+++ b/core/cmd/kube-controlplane/BUILD
@@ -24,15 +24,15 @@
importpath = "git.monogon.dev/source/nexantic.git/core/cmd/kubemaster",
visibility = ["//visibility:private"],
deps = [
- "@kubernetes//cmd/kube-apiserver/app:go_default_library",
- "@kubernetes//cmd/kube-controller-manager/app:go_default_library",
- "@kubernetes//cmd/kube-scheduler/app:go_default_library",
- "@kubernetes//staging/src/k8s.io/component-base/cli/flag:go_default_library",
- "@kubernetes//staging/src/k8s.io/component-base/logs:go_default_library",
- "@kubernetes//staging/src/k8s.io/component-base/metrics/prometheus/restclient:go_default_library",
- "@kubernetes//staging/src/k8s.io/component-base/metrics/prometheus/version:go_default_library",
- "@kubernetes//vendor/github.com/spf13/cobra:go_default_library",
- "@kubernetes//vendor/github.com/spf13/pflag:go_default_library",
+ "@io_k8s_kubernetes//cmd/kube-apiserver/app:go_default_library",
+ "@io_k8s_kubernetes//cmd/kube-controller-manager/app:go_default_library",
+ "@io_k8s_kubernetes//cmd/kube-scheduler/app:go_default_library",
+ "@io_k8s_component_base//cli/flag:go_default_library",
+ "@io_k8s_component_base//logs:go_default_library",
+ "@io_k8s_component_base//metrics/prometheus/restclient:go_default_library",
+ "@io_k8s_component_base//metrics/prometheus/version:go_default_library",
+ "@com_github_spf13_cobra//:go_default_library",
+ "@com_github_spf13_pflag//:go_default_library",
],
)
diff --git a/core/internal/kubernetes/BUILD.bazel b/core/internal/kubernetes/BUILD.bazel
index 0fa4dc4..e9b0573 100644
--- a/core/internal/kubernetes/BUILD.bazel
+++ b/core/internal/kubernetes/BUILD.bazel
@@ -16,8 +16,8 @@
"//core/internal/consensus:go_default_library",
"//core/pkg/fileargs:go_default_library",
"@io_etcd_go_etcd//clientv3:go_default_library",
- "@kubernetes//staging/src/k8s.io/client-go/tools/clientcmd:go_default_library",
- "@kubernetes//staging/src/k8s.io/client-go/tools/clientcmd/api:go_default_library",
+ "@io_k8s_client_go//tools/clientcmd:go_default_library",
+ "@io_k8s_client_go//tools/clientcmd/api:go_default_library",
"@org_uber_go_zap//:go_default_library",
],
)
diff --git a/core/scripts/BUILD b/core/scripts/BUILD
index 482b29c..87ba08b 100644
--- a/core/scripts/BUILD
+++ b/core/scripts/BUILD
@@ -17,7 +17,7 @@
name = "test_deps",
data = [
":launch",
- "//third_party/kubernetes:kubectl",
+ "@io_k8s_kubernetes//cmd/kubectl",
],
)
diff --git a/core/scripts/launch.sh b/core/scripts/launch.sh
index 3f4e9b9..d4ab0bb 100755
--- a/core/scripts/launch.sh
+++ b/core/scripts/launch.sh
@@ -9,7 +9,7 @@
swtpm socket --tpmstate dir=${TMP} --ctrl type=unixio,path=tpm-socket --tpm2 &
qemu-system-x86_64 \
- -cpu host -smp sockets=1,cpus=1,cores=2,threads=2,maxcpus=4 -m 1024 -machine q35 -enable-kvm -nographic -nodefaults \
+ -cpu host -smp sockets=1,cpus=1,cores=2,threads=2,maxcpus=4 -m 2048 -machine q35 -enable-kvm -nographic -nodefaults \
-drive if=pflash,format=raw,readonly,file=external/edk2/OVMF_CODE.fd \
-drive if=pflash,format=raw,snapshot=on,file=external/edk2/OVMF_VARS.fd \
-drive if=virtio,format=raw,snapshot=on,cache=unsafe,file=core/smalltown.img \
diff --git a/core/scripts/test_boot.sh b/core/scripts/test_boot.sh
index e927c94..4a5dead 100755
--- a/core/scripts/test_boot.sh
+++ b/core/scripts/test_boot.sh
@@ -7,7 +7,7 @@
# have to worry about cross-compilation or varying build environments.
#
# (see https://github.com/bazelbuild/bazel/blob/master/tools/bash/runfiles/runfiles.bash)
-set kubectl_path "external/kubernetes/cmd/kubectl/linux_amd64_pure_stripped/kubectl"
+set kubectl_path "external/io_k8s_kubernetes/cmd/kubectl/linux_amd64_pure_stripped/kubectl"
set timeout 120