| Tim Windelschmidt | 6c851e2 | 2024-01-11 15:23:48 +0100 | [diff] [blame] | 1 | # Import Aspect bazelrc presets |
| 2 | import %workspace%/third_party/bazelrc/aspect/bazel7.bazelrc |
| 3 | import %workspace%/third_party/bazelrc/aspect/convenience.bazelrc |
| 4 | import %workspace%/third_party/bazelrc/aspect/correctness.bazelrc |
| 5 | import %workspace%/third_party/bazelrc/aspect/performance.bazelrc |
| 6 | |
| Tim Windelschmidt | d7f5993 | 2024-07-24 23:37:03 +0200 | [diff] [blame] | 7 | # Actually make the lock file a lock file by not updating it without any |
| 8 | # request to do so. |
| 9 | common --lockfile_mode=error |
| 10 | |
| Tim Windelschmidt | 6c851e2 | 2024-01-11 15:23:48 +0100 | [diff] [blame] | 11 | # Allow empty globs as there are a lot until we replace our rust toolchain and |
| 12 | # qemu BUILD files. |
| 13 | common --noincompatible_disallow_empty_glob |
| 14 | |
| 15 | # Don't warn about too high test timeout as these can vary a lot. |
| 16 | test --notest_verbose_timeout_warnings |
| 17 | |
| Leopold Schabel | 8661db3 | 2024-07-24 16:28:27 +0000 | [diff] [blame] | 18 | # Set compilation mode (-c) to debug when running with --config dbg. |
| Lorenz Brun | 6570219 | 2023-08-31 16:27:38 +0200 | [diff] [blame] | 19 | build:dbg --compilation_mode=dbg |
| 20 | |
| Leopold | bc93c2b | 2023-01-14 13:12:23 +0100 | [diff] [blame] | 21 | # Run all spawns in our own hermetic sandbox sysroot. |
| Leopold Schabel | 9508b12 | 2023-07-14 17:54:17 +0200 | [diff] [blame] | 22 | build --experimental_use_hermetic_linux_sandbox |
| Tim Windelschmidt | 6c851e2 | 2024-01-11 15:23:48 +0100 | [diff] [blame] | 23 | build --sandbox_fake_hostname |
| 24 | build --sandbox_fake_username |
| Leopold | 7fbf104 | 2023-01-06 19:57:37 +0100 | [diff] [blame] | 25 | build --action_env=MONOGON_SANDBOX_DIGEST |
| 26 | import %workspace%/.bazelrc.sandbox |
| 27 | |
| Tim Windelschmidt | 6c851e2 | 2024-01-11 15:23:48 +0100 | [diff] [blame] | 28 | # Enable revised output directory hash suffix computation |
| 29 | build --experimental_output_directory_naming_scheme=diff_against_dynamic_baseline |
| 30 | build --experimental_exec_configuration_distinguisher=off |
| 31 | |
| Leopold Schabel | 9508b12 | 2023-07-14 17:54:17 +0200 | [diff] [blame] | 32 | # Hardwire all action envs to just use /usr/bin from the above sandbox. This is |
| 33 | # necessary on NixOS Bazel builds, as they really like to inject /nix/store/* |
| 34 | # paths otherwise. We also explicitly set it to /usr/bin only (no /bin) as |
| 35 | # otherwise calling gcc from /bin/gcc breaks its own resolution of subordinate |
| 36 | # commands (like cc1, as, etc.). |
| 37 | build --action_env=PATH=/usr/bin |
| 38 | build --host_action_env=PATH=/usr/bin |
| 39 | |
| 40 | # Make all shell run actions use /bin/bash instead of whatever the host might |
| 41 | # have set. Again, looking at you, Bazel-on-NixOS. |
| 42 | build --shell_executable=/bin/bash |
| 43 | |
| Leopold | bc93c2b | 2023-01-14 13:12:23 +0100 | [diff] [blame] | 44 | # No local CPP toolchain resolution. In our sandbox root, it doesn't make sense - |
| 45 | # anything auto-detected during analysis stage is on the host instead of the sandbox. |
| 46 | # Sysroot rebuild is pure Go and doesn't need it either. |
| 47 | # The flag ensures we fail early if we somehow depend on the host toolchain, |
| 48 | # and do not spend unnecessary time on autodiscovery. |
| 49 | build --action_env=BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 |
| 50 | |
| 51 | # Use new-style C++ toolchain resolution. |
| 52 | build --incompatible_enable_cc_toolchain_resolution |
| 53 | |
| 54 | # In our monorepo, we mostly ignore the host platform since we bring our own |
| 55 | # execution environment. However, we still need to run a small number of tools |
| 56 | # such as gazelle. We can just use rules_go's pure-Go platform. Attempting to |
| 57 | # build CGO binaries for the host will fail (and does not make sense). |
| 58 | # The host is lava - it could be NixOS (or even potentially macOS/Windows). |
| 59 | build --host_platform=@io_bazel_rules_go//go/toolchain:linux_amd64 |
| 60 | |
| 61 | # Target platform for the monorepo is currently the same as the host platform, |
| 62 | # but we'll support cross-compilation at some point. Do not rely on it. |
| 63 | build --platforms=//build/platforms:linux_amd64 |
| 64 | # Make sure our platform is picked instead of the --host_platform. |
| 65 | build --extra_execution_platforms=//build/platforms:linux_amd64 |
| 66 | |
| Leopold | eb2fb7b | 2022-06-08 13:18:51 +0200 | [diff] [blame] | 67 | # Build resources |
| Leopold Schabel | 5c80aca | 2019-10-22 15:48:58 +0200 | [diff] [blame] | 68 | startup --batch_cpu_scheduling --io_nice_level 7 |
| Leopold | afb925b | 2023-01-08 16:57:28 +0100 | [diff] [blame] | 69 | test --test_output=errors |
| Lorenz Brun | 5d7d2a4 | 2020-04-06 14:11:02 +0200 | [diff] [blame] | 70 | |
| Leopold | 96b03c7 | 2022-06-08 12:59:58 +0200 | [diff] [blame] | 71 | # selinux: |
| 72 | # build with SELinux (containerd, kubelet) |
| 73 | # no_zfs,no_aufs,no_devicemapper: |
| 74 | # disable containerd features we don't need |
| 75 | # providerless,dockerless: |
| 76 | # build k8s without cloud provider and docker support |
| Serge Bazanski | 46e72ab | 2022-09-05 15:13:22 +0200 | [diff] [blame] | 77 | # nowasm: |
| 78 | # disable wasm plugin support in sqlc |
| Tim Windelschmidt | d8a3fa2 | 2023-11-24 23:14:09 +0100 | [diff] [blame] | 79 | # nobtrfs,nozfs,notapestats,norapl: |
| 80 | # disable node_exporter features we don't need |
| 81 | build --@io_bazel_rules_go//go/config:tags=selinux,seccomp,no_zfs,no_aufs,no_devicemapper,providerless,dockerless,nowasm,netgo,osusergo,nobtrfs,nozfs,notapestats,norapl |
| Serge Bazanski | bb7db92 | 2020-04-30 12:43:10 +0200 | [diff] [blame] | 82 | |
| Lorenz Brun | 6570219 | 2023-08-31 16:27:38 +0200 | [diff] [blame] | 83 | # kvm_debug: |
| 84 | # prevent stackoverflows for gvisor |
| Tim Windelschmidt | d8a3fa2 | 2023-11-24 23:14:09 +0100 | [diff] [blame] | 85 | build:dbg --@io_bazel_rules_go//go/config:tags=selinux,seccomp,no_zfs,no_aufs,no_devicemapper,providerless,dockerless,nowasm,netgo,osusergo,nobtrfs,nozfs,notapestats,norapl,kvm_debug |
| Lorenz Brun | 6570219 | 2023-08-31 16:27:38 +0200 | [diff] [blame] | 86 | |
| Serge Bazanski | bb7db92 | 2020-04-30 12:43:10 +0200 | [diff] [blame] | 87 | # Build with C++17. |
| 88 | build --cxxopt=-std=c++17 |
| 89 | |
| Lorenz Brun | f640211 | 2020-05-04 16:50:31 +0200 | [diff] [blame] | 90 | # Set workspace status file and stamp |
| Serge Bazanski | a6a0392 | 2023-11-13 19:57:48 +0100 | [diff] [blame] | 91 | build --stamp --workspace_status_command=./build/print-workspace-status.py |
| Serge Bazanski | 385c12f | 2020-06-17 12:12:42 +0200 | [diff] [blame] | 92 | |
| Serge Bazanski | 99b0214 | 2024-04-17 16:33:28 +0200 | [diff] [blame] | 93 | test --experimental_allow_tags_propagation |
| 94 | # Assume a 10k IOPS device (average NVMe) and 64GiB of RAM for test scheduling. |
| Tim Windelschmidt | 5be299e | 2024-07-13 02:59:52 +0200 | [diff] [blame] | 95 | test --local_resources=iops=10000 --local_resources=ram=64000 |
| Tim Windelschmidt | f1e0fa1 | 2024-07-17 21:28:23 +0200 | [diff] [blame] | 96 | |
| 97 | # Load custom per-user settings. |
| 98 | try-import %workspace%/.bazelrc.user |