Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / c88c82db8b1a7f8a07782c970e1d0dfb453f9f66^! / . / WORKSPACE
commitc88c82db8b1a7f8a07782c970e1d0dfb453f9f66[log] [tgz]
authorLorenz Brun <lorenz@nexantic.com>Fri May 08 14:35:04 2020 +0200
committerLorenz Brun <lorenz@nexantic.com>Fri May 08 14:35:04 2020 +0200
tree22072c4f18e4aaa855577ff0b42a86ef77a9c4cb
parent60febd9db40970a31a2f49bdb969897a37c11cc6 [diff] [blame]
Add containerd & gVisor support

This adds containerd, CNI, gVisor and all the necessary shims
and supporting infrastructure. It also enables all relevant features in
the Linux kernel. containerd is designed as a simple supervisor.Runnable.
It is not being started yet, this will happen in D497.

Split out from feature/kubelet.

Test Plan:
Has been tested in conjunction with the rest of D497, will be
covered by a K8s E2E test there.

X-Origin-Diff: phab/D509
GitOrigin-RevId: 92523516b7e361a30da330eb187787e6045bfd17

diff --git a/WORKSPACE b/WORKSPACE
index fec87fb..552be65 100644
--- a/WORKSPACE
+++ b/WORKSPACE

@@ -1,6 +1,6 @@
 workspace(name = "nexantic")
 
-load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive", "http_file")
 load("@bazel_tools//tools/build_defs/repo:git.bzl", "new_git_repository")
 
 # Load skylib
@@ -32,22 +32,22 @@
     # Currently pinned to an unreleased commit for compatibility with pinned Gazelle below.
     # (we need //go/platforms:{aix,illumos,...} as generated by Gazelle)
     name = "io_bazel_rules_go",
+    sha256 = "a8045644f4790d8dc7f25d25ee56ed9b7668f609f2aa1c59eef48d2dd9755430",
+    strip_prefix = "rules_go-64f44314a710ce0e3ccc07891cec5f2047901ac8",
     urls = [
         "https://github.com/bazelbuild/rules_go/archive/64f44314a710ce0e3ccc07891cec5f2047901ac8.tar.gz",
     ],
-    strip_prefix = "rules_go-64f44314a710ce0e3ccc07891cec5f2047901ac8",
-    sha256 = "a8045644f4790d8dc7f25d25ee56ed9b7668f609f2aa1c59eef48d2dd9755430",
 )
 
 http_archive(
     # Currently pinned to an unreleased commit that fixes build tag usage in `update-repos`.
     # This can be unpinned once it makes it into 0.21.0.
     name = "bazel_gazelle",
+    sha256 = "509bb26e377a8ac28ebbd5fb999d15a428b092b0c533dc1e528d66d766ea273e",
+    strip_prefix = "bazel-gazelle-f6ed80dc6ff71e33233006db9584da4cd36a81e6",
     urls = [
         "https://github.com/bazelbuild/bazel-gazelle/archive/f6ed80dc6ff71e33233006db9584da4cd36a81e6.zip",
     ],
-    strip_prefix = "bazel-gazelle-f6ed80dc6ff71e33233006db9584da4cd36a81e6",
-    sha256 = "509bb26e377a8ac28ebbd5fb999d15a428b092b0c533dc1e528d66d766ea273e",
 )
 
 load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies")
@@ -71,10 +71,10 @@
     build_file_proto_mode = "disable_global",
     commit = "6c65a5562fc06764971b7c5d05c76c75e84bdbf7",
     importpath = "github.com/golang/protobuf",
+    patch_args = ["-p1"],
     patches = [
         "@io_bazel_rules_go//third_party:com_github_golang_protobuf-extras.patch",
     ],
-    patch_args = ["-p1"],
 )
 
 go_rules_dependencies()
@@ -172,3 +172,10 @@
     strip_prefix = "rules_docker-0.12.1",
     urls = ["https://github.com/bazelbuild/rules_docker/releases/download/v0.12.1/rules_docker-v0.12.1.tar.gz"],
 )
+
+# Derived from Mozilla NSS, currently needed for containerd to be able to pull images
+http_file(
+    name = "cacerts",
+    sha256 = "adf770dfd574a0d6026bfaa270cb6879b063957177a991d453ff1d302c02081f",
+    urls = ["https://curl.haxx.se/ca/cacert-2020-01-01.pem"],
+)