Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 35cd44be9b5f43d19e05f48f6be2ab6cd65b9c22 / . / build / bazel / third_party.MODULE.bazel
blob: 713c2716ccffa8bc57ac369eccaeaf69eb73eb4d [file] [log] [blame]
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]1# third_party external repositories
2
3git_repository = use_repo_rule("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository")
Tim Windelschmidt6b1b79a2024-08-27 00:04:18 +0200[diff] [blame]4
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]5http_archive = use_repo_rule("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
Tim Windelschmidt6b1b79a2024-08-27 00:04:18 +0200[diff] [blame]6
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]7http_file = use_repo_rule("@bazel_tools//tools/build_defs/repo:http.bzl", "http_file")
8
9# Used by tests in cloud/takeover
10http_file(
11 name = "debian_11_cloudimage",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]12 integrity = "sha256-FMruxoujEpoRWptXOW0I3AlzzJ9WnOBJIy19FddorUE=",
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]13 urls = [
14 "https://cloud.debian.org/images/cloud/bullseye/20230124-1270/debian-11-genericcloud-amd64-20230124-1270.qcow2",
15 ],
16)
17
18# Used to include staticcheck as nogo analyzer
19http_archive(
20 name = "com_github_sluongng_nogo_analyzer",
Tim Windelschmidt677de972024-09-25 05:30:04 +0200[diff] [blame]21 integrity = "sha256-Dca16GCU0IHgW80MPkH8J1ojmMZOVFN2FmE5QSGB8VA=",
22 strip_prefix = "nogo-analyzer-0.0.3",
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]23 urls = [
Tim Windelschmidt677de972024-09-25 05:30:04 +0200[diff] [blame]24 "https://github.com/sluongng/nogo-analyzer/archive/refs/tags/v0.0.3.tar.gz",
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]25 ],
26)
27
Tim Windelschmidt492434a2024-10-22 14:29:55 +0200[diff] [blame]28# Used in swtpm
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]29git_repository(
30 name = "boringssl",
31 commit = "d7278cebad5b8eda0901246f2215344cffece4f4",
32 remote = "https://boringssl.googlesource.com/boringssl",
33)
34
35# CockroachDB binary used for tests.
36#
37# WARNING: Not distributed under an OSI certified license. Must only be used in
38# tests, not be redistributed!
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]39COCKROACH_VERSION = "22.1.6"
40
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]41http_archive(
42 name = "cockroach",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]43 build_file = "//third_party/cockroach:BUILD.repo",
44 integrity = "sha256-CCHP9XcEAPuUyLbCqzONlvQRT78rMga8im3PYvnA9Oo=",
45 strip_prefix = "cockroach-v%s.linux-amd64" % COCKROACH_VERSION,
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]46 urls = [
47 # TODO: select() to pick other host architectures.
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]48 "https://binaries.cockroachdb.com/cockroach-v%s.linux-amd64.tgz" % COCKROACH_VERSION,
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]49 ],
50)
51
52# CockroachDB repository used for linter passes.
53http_archive(
54 name = "com_github_cockroachdb_cockroach",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]55 integrity = "sha256-bDVo7yRM5rh0aU7u7Lg+1PXV3/bPA3yVLs3naCimxQI=",
56 strip_prefix = "cockroach-" + COCKROACH_VERSION,
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]57 urls = [
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]58 "https://github.com/cockroachdb/cockroach/archive/v%s.tar.gz" % COCKROACH_VERSION,
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]59 ],
60)
61
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]62# Derived from Mozilla NSS, currently needed for containerd to be able to pull images
63http_file(
64 name = "cacerts",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]65 integrity = "sha256-G/RYQSVo4TSkUU9eFwoyjREJHgcccRCVXJiE7YeXKsk=",
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]66 urls = ["https://curl.se/ca/cacert-2024-07-02.pem"],
67)
68
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]69# ini.h, a tiny ini parser library
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]70INIH_VERSION = "r53"
71
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]72http_archive(
73 name = "inih",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]74 build_file = "//third_party/inih:inih.bzl",
75 integrity = "sha256-AbA2b9/fY2PvwHDC+Fbxr6M+emVGVIutpUVq2UpRYkE=",
76 strip_prefix = "inih-" + INIH_VERSION,
77 urls = ["https://github.com/benhoyt/inih/archive/%s.tar.gz" % INIH_VERSION],
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]78)
79
Tim Windelschmidt4a3e05f2024-07-30 18:19:21 +0200[diff] [blame]80git_repository(
81 name = "gperf",
82 commit = "de9373c2d48a3edf29862eb8be44764a7f7d24c6",
83 remote = "https://github.com/monogon-dev/gperf.git",
84 shallow_since = "1615306886 +0100",
85)
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]86
Lorenz Brun8448d702024-09-11 16:31:12 +0000[diff] [blame]87LINUX_VERSION = "6.6.50"
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]88
89http_archive(
90 name = "linux",
91 build_file = "//third_party/linux/external:BUILD.repo",
Lorenz Brun8448d702024-09-11 16:31:12 +0000[diff] [blame]92 integrity = "sha256-wGXjba8oIQBgyRo37z6SrFgUeE5jRXfgTkBil+rS6G4=",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]93 patch_args = ["-p1"],
94 patches = [
95 "//third_party/linux/external:0001-block-partition-expose-PARTUUID-through-uevent.patch",
96 "//third_party/linux/external:disable-static-ifs.patch",
97 "//third_party/linux/external:enable-pmsg.patch",
98 "//third_party/linux/external:lacp_fix.patch",
Lorenz Brunc7a332b2024-09-12 17:58:42 +0200[diff] [blame]99 "//third_party/linux/external:fb-devs-knob.patch",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]100 ],
101 strip_prefix = "linux-" + LINUX_VERSION,
102 urls = ["https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-%s.tar.xz" % LINUX_VERSION],
103)
104
Lorenz Brun25458952024-09-11 16:35:28 +0000[diff] [blame]105LINUX_FIRMWARE_VERSION = "20240909"
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]106
107http_archive(
108 name = "linux-firmware",
109 build_file = "//third_party/linux-firmware:BUILD.repo",
Lorenz Brun25458952024-09-11 16:35:28 +0000[diff] [blame]110 integrity = "sha256-k+m2riJAZhY5yHT1/Dj2d9GK/jZbF6E/7mtPxPukLBA=",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]111 strip_prefix = "linux-firmware-" + LINUX_FIRMWARE_VERSION,
112 urls = ["https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/snapshot/linux-firmware-%s.tar.gz" % LINUX_FIRMWARE_VERSION],
113)
114
Lorenz Brunc752ec62024-09-11 16:36:43 +0000[diff] [blame]115INTEL_UCODE_VERSION = "20240910"
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]116
117http_archive(
118 name = "intel_ucode",
119 build_file = "//third_party/intel_ucode:BUILD.repo",
Lorenz Brunc752ec62024-09-11 16:36:43 +0000[diff] [blame]120 integrity = "sha256-i3WC6sfpppE1bhizvcvHstsJSU4EDsmApKX7bQ2iYb8=",
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]121 strip_prefix = "Intel-Linux-Processor-Microcode-Data-Files-microcode-" + INTEL_UCODE_VERSION,
122 urls = ["https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/refs/tags/microcode-%s.tar.gz" % INTEL_UCODE_VERSION],
123)
124
125git_repository(
126 name = "edk2",
127 build_file = "//third_party/edk2/external:BUILD.repo",
128 commit = "b24306f15daa2ff8510b06702114724b33895d3c", # stable202202
129 patch_args = ["-p1"],
130 patches = [
131 "//third_party/edk2/patches:disable-werror.patch",
132 "//third_party/edk2/patches:remove-brotli-build.patch",
133 ],
134 recursive_init_submodules = True,
135 remote = "https://github.com/tianocore/edk2",
136 shallow_since = "1645456780 +0000",
137)
138
139MUSL_VERSION = "1.1.24"
140
141http_archive(
142 name = "musl",
143 build_file = "//third_party/musl:BUILD.repo",
144 integrity = "sha256-E3DJqBKyzyp9koAlEMygBYzDfmanvt1wBR8KNAFQIqM=",
145 strip_prefix = "musl-" + MUSL_VERSION,
146 urls = ["https://www.musl-libc.org/releases/musl-%s.tar.gz" % MUSL_VERSION],
147)
148
149UTIL_LINUX_VERSION = "2.36.2"
150
151http_archive(
152 name = "util_linux",
153 build_file = "//third_party/util-linux:util-linux.bzl",
154 integrity = "sha256-CEvG+b1Hm/146JJOY/hbsXlTaBvx2tJA5NhgGiEpTQs=",
155 patch_args = ["-p1"],
156 patches = ["//third_party/util-linux/patches:bazel_cc_fix.patch"],
157 strip_prefix = "util-linux-" + UTIL_LINUX_VERSION,
158 urls = ["https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/snapshot/util-linux-%s.tar.gz" % UTIL_LINUX_VERSION],
159)
160
161URCU_VERSION = "0.14.0"
162
163http_archive(
164 name = "urcu",
165 build_file = "//third_party/urcu:urcu.bzl",
166 integrity = "sha256-QvtRKaP//lpLeQ3+HqOnNMae4JX++/ZJMmJpu6lMJi0=",
167 patch_args = ["-p1"],
168 patches = ["//third_party/urcu/patches:generated-files.patch"],
169 strip_prefix = "userspace-rcu-" + URCU_VERSION,
170 urls = ["https://github.com/urcu/userspace-rcu/archive/refs/tags/v%s.tar.gz" % URCU_VERSION],
171)
172
173XFSPROGS_VERSION = "6.9.0"
174
175http_archive(
176 name = "xfsprogs",
177 build_file = "//third_party/xfsprogs:xfsprogs.bzl",
178 integrity = "sha256-/nIGlou9gXd1S6cy9jn4Ubacj3CsX5a7DhgtiGZBQL8=",
179 patch_args = ["-p1"],
180 patches = ["//third_party/xfsprogs/patches:bazel_cc_fix.patch"],
181 strip_prefix = "xfsprogs-dev-" + XFSPROGS_VERSION,
182 urls = ["https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/snapshot/xfsprogs-dev-%s.tar.gz" % XFSPROGS_VERSION],
183)
184
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]185# NOTE: Remember to update seccomp.bzl's seccomp.h template rule
186# with the correct version.
187SECCOMP_VERSION = "2.5.1"
188
189http_archive(
190 name = "seccomp",
191 build_file = "//third_party/seccomp:seccomp.bzl",
192 integrity = "sha256-dq1U4x0UOzmpkINWQEUhKpZeAmoQEKdC7deT0m1pmCk=",
193 patch_args = ["-p1"],
194 patches = [
195 "//third_party/seccomp/patches:bazel_cc_fix.patch",
196 "//third_party/seccomp/patches:fix_generated_includes.patch",
197 ],
198 strip_prefix = "libseccomp-" + SECCOMP_VERSION,
199 # We cannot use the actual release tarball as it contains files generated incorrectly for our environment
200 urls = ["https://github.com/seccomp/libseccomp/archive/v%s.tar.gz" % SECCOMP_VERSION],
201)
202
203GLIB_VERSION = "2.67.5"
204
205http_archive(
206 name = "glib",
207 integrity = "sha256-QQlm23EmONx0kFTAo8MIdUXVEGZDE5wlgGOZpRqNSrE=",
208 patch_args = [
209 "-p1",
210 "-u",
211 ],
212 patches = [
213 "//third_party/glib/patches:bazel_cc_fix.patch",
214 "//third_party/glib/patches:bazel_support.patch",
215 ],
216 strip_prefix = "glib-" + GLIB_VERSION,
217 # We cannot use the actual release tarball as it contains files generated incorrectly for our environment
218 urls = ["https://gitlab.gnome.org/GNOME/glib/-/archive/%s/glib-%s.tar.gz" % (GLIB_VERSION, GLIB_VERSION)],
219)
220
Tim Windelschmidte1420ab2024-08-27 01:53:16 +0200[diff] [blame]221# ONCHANGE(//third_party/chrony:chrony.bzl): version needs to be kept in sync
222CHRONY_VERSION = "4.1"
223
224http_archive(
225 name = "chrony",
226 build_file = "//third_party/chrony:chrony.bzl",
227 integrity = "sha256-7Xby0/k0esYiGpGtS9VT3QVlrBiM10kNCAHQj3FxFkw=",
228 patch_args = ["-p1"],
229 patches = [
230 "//third_party/chrony/patches:disable_defaults.patch",
231 "//third_party/chrony/patches:support_fixed_uids.patch",
232 ],
233 strip_prefix = "chrony-" + CHRONY_VERSION,
234 urls = ["https://download.tuxfamily.org/chrony/chrony-%s.tar.gz" % CHRONY_VERSION],
235)
236
237CAP_VERSION = "1.2.55"
238
239http_archive(
240 name = "cap",
241 build_file = "//third_party/cap:cap.bzl",
242 integrity = "sha256-4pMiAy6pTpBpauLRdTDtyRTHF2UjLuj9T944umOcslY=",
243 patch_args = ["-p1"],
244 patches = [
245 "//third_party/cap/patches:add_go_codegen.patch",
246 ],
247 strip_prefix = "libcap-cap/v%s/libcap" % CAP_VERSION,
248 urls = ["https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/libcap-cap/v%s.tar.gz" % CAP_VERSION],
249)
250
251GNUEFI_VERSION = "3.0.14"
252
253http_archive(
254 name = "gnuefi",
255 build_file = "//third_party/gnuefi:gnuefi.bzl",
256 integrity = "sha256-V4XneCX+xeZm5MINeqqa9M2VI1GywJWTlydE/oQ2+Vc=",
257 strip_prefix = "gnu-efi-%s" % GNUEFI_VERSION,
258 urls = ["https://github.com/ncroxon/gnu-efi/archive/refs/tags/%s.tar.gz" % GNUEFI_VERSION],
259)
260
261# Developed in the systemd monorepo, pinned to master as there have been a bunch of critical fixes for the
262# EFI stub since 249.
263EFISTUB_VERSION = "3542da2442d8b29661b47c42ad7e5fa9bc8562ec"
264
265http_archive(
266 name = "efistub",
267 build_file = "//third_party/efistub:efistub.bzl",
268 integrity = "sha256-AhwTW+45ynNG0fCZI758BEo9NYZv9BGnyWJnAv9MlSM=",
269 patch_args = ["-p1"],
270 patches = [
271 "//third_party/efistub/patches:use-sysv-for-kernel.patch",
272 "//third_party/efistub/patches:remove-wrong-cmdline-assertion.patch",
273 "//third_party/efistub/patches:ab-slot-handling.patch",
274 ],
275 strip_prefix = "systemd-%s" % EFISTUB_VERSION,
276 urls = ["https://github.com/systemd/systemd/archive/%s.zip" % EFISTUB_VERSION],
277)
278
279LIBPG_QUERY_VERSION = "15-4.2.3"
280
281http_archive(
282 name = "libpg_query",
283 build_file = "//third_party/libpg_query/external:BUILD.repo",
284 integrity = "sha256-i4INY0QrFnfOTw3yqVs/r9vFIKgpAd74EhdVnsTfnms=",
285 strip_prefix = "libpg_query-" + LIBPG_QUERY_VERSION,
286 urls = ["https://github.com/pganalyze/libpg_query/archive/refs/tags/%s.tar.gz" % LIBPG_QUERY_VERSION],
287)
288
289DOSFSTOOLS_VERSION = "c888797b1d84ffbb949f147e3116e8bfb2e145a7"
290
291http_archive(
292 name = "com_github_dosfstools_dosfstools",
293 build_file = "//third_party/dosfstools:dosfstools.bzl",
294 integrity = "sha256-SkC0iMDCWcEftUeD/G8B5e6RJYK7SdM9DRGxH4WkLo0=",
295 strip_prefix = "dosfstools-" + DOSFSTOOLS_VERSION,
296 urls = ["https://github.com/dosfstools/dosfstools/archive/%s.zip" % DOSFSTOOLS_VERSION],
297)
298
299# master at 2024/01/09 (0.10.0 prerelease).
300LIBTPMS_VERSION = "93a827aeccd3ab2178281571b1545dcfffa2991b"
301
302http_archive(
303 name = "libtpms",
304 integrity = "sha256-5QnguhCfd9pRe15YqfCTvrBAUl5r5R3gbRFTyCeMcNE=",
305 patch_args = ["-p1"],
306 patches = [
307 "//third_party/libtpms/patches:0001-boringssl-compat-new-SHA-types.patch",
308 "//third_party/libtpms/patches:0002-boringssl-compat-removed-const_DES_cblock.patch",
309 "//third_party/libtpms/patches:0003-boringssl-compat-removed-EC_POINTs_mul.patch",
310 "//third_party/libtpms/patches:0004-boringssl-compat-removed-camellia-support.patch",
311 "//third_party/libtpms/patches:0005-boringssl-compat-remove-constant-time-flags-UNSAFE.patch",
312 "//third_party/libtpms/patches:0006-bazel-support-implement.patch",
313 ],
314 strip_prefix = "libtpms-" + LIBTPMS_VERSION,
315 urls = ["https://github.com/stefanberger/libtpms/archive/%s.tar.gz" % LIBTPMS_VERSION],
316)
317
318# master at 2024/06/04
319SWTPM_VERSION = "0c9a6c4a12a63b86ab472e69e95bd75853d4fa96"
320
321http_archive(
322 name = "swtpm",
323 integrity = "sha256-Fp3bE5WX+oCOES1FJFdEXHntUhuzT5mQZtIN6SFAVs4=",
324 patch_args = ["-p1"],
325 patches = [
326 "//third_party/swtpm/patches:0001-bazel-compat-glib.h-glib-glib.h.patch",
327 "//third_party/swtpm/patches:0002-swtpm_localca-replace-gmp-mpz-dependency-with-boring.patch",
328 "//third_party/swtpm/patches:0003-swtpm_setup-replace-dep-on-JSON-GLib-with-sheredom-j.patch",
329 "//third_party/swtpm/patches:0004-bazel-support-implement.patch",
330 ],
331 strip_prefix = "swtpm-" + SWTPM_VERSION,
332 urls = ["https://github.com/stefanberger/swtpm/archive/%s.tar.gz" % SWTPM_VERSION],
333)