WORKSPACE: bump rules_go go 0.29 and Go to 1.17.1
The changes to nogo are from rules_go being able to use go_library
targets as part toolchain definitions. gVisor needed to be bumped
to be compatible with Go 1.17. It also needs a fix for us not having
the systemd cgroup controller.
Change-Id: I058b5c68d97809a286fbe36df00e49e55874dfd5
Reviewed-on: https://review.monogon.dev/c/monogon/+/438
Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>
diff --git a/third_party/go/patches/gvisor-cgroup-fix.patch b/third_party/go/patches/gvisor-cgroup-fix.patch
new file mode 100644
index 0000000..aba0b4a
--- /dev/null
+++ b/third_party/go/patches/gvisor-cgroup-fix.patch
@@ -0,0 +1,27 @@
+From fcd48e672489f41c9977e092937ff806a7e772bd Mon Sep 17 00:00:00 2001
+From: Lorenz Brun <lorenz@monogon.tech>
+Date: Thu, 11 Nov 2021 13:58:50 +0100
+Subject: [PATCH] Make systemd cgroup optional
+
+This breaks gVisor on systems that use custom inits/cgroup setups which
+don't have this cgroup and don't need it.
+---
+ runsc/cgroup/cgroup.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/runsc/cgroup/cgroup.go b/runsc/cgroup/cgroup.go
+index 0eb5821a9..2116bddca 100644
+--- a/runsc/cgroup/cgroup.go
++++ b/runsc/cgroup/cgroup.go
+@@ -58,7 +58,7 @@ var controllers = map[string]controller{
+ "freezer": &noop{},
+ "perf_event": &noop{},
+ "rdma": &noop{isOptional: true},
+- "systemd": &noop{},
++ "systemd": &noop{isOptional: true},
+ }
+
+ // IsOnlyV2 checks whether cgroups V2 is enabled and V1 is not.
+--
+2.25.1
+