Skip to content

Commit

Permalink
fix: propagate transitive inputs (#646)
Browse files Browse the repository at this point in the history
  • Loading branch information
thesayyn authored Jul 3, 2024
1 parent 9a32fc2 commit 4b843d6
Show file tree
Hide file tree
Showing 7 changed files with 61 additions and 5 deletions.
1 change: 1 addition & 0 deletions cosign/private/attest.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ def _cosign_attest_impl(ctx):
)

runfiles = ctx.runfiles(files = [ctx.file.image, ctx.file.predicate])
runfiles = runfiles.merge(ctx.attr.image[DefaultInfo].default_runfiles)
runfiles = runfiles.merge(jq.default.default_runfiles)
runfiles = runfiles.merge(cosign.default.default_runfiles)

Expand Down
1 change: 1 addition & 0 deletions cosign/private/sign.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ def _cosign_sign_impl(ctx):
)

runfiles = ctx.runfiles(files = [ctx.file.image])
runfiles = runfiles.merge(ctx.attr.image[DefaultInfo].default_runfiles)
runfiles = runfiles.merge(jq.default.default_runfiles)
runfiles = runfiles.merge(cosign.default.default_runfiles)

Expand Down
37 changes: 37 additions & 0 deletions examples/assertion/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,43 @@ sh_test(
data = [":case11_tarball"],
)

# Case 12: oci_push an image that has transitive deps
tar(
name = "case12_empty_dir",
mtree = [
"./empty type=dir",
],
)

oci_image(
name = "case12_base",
architecture = "arm64",
os = "linux",
tars = [":case12_empty_dir"],
)

tar(
name = "case12_empty_dir2",
mtree = [
"./empty2 type=dir",
],
)

oci_image(
name = "case12",
base = ":case12_base",
tars = [":case12_empty_dir2"],
)

sh_test(
name = "case12_test",
srcs = ["assert_push_transitive_deps.sh"],
args = [
"$(location :case12)",
],
data = [":case12"],
)

# build them as test.
build_test(
name = "test",
Expand Down
13 changes: 13 additions & 0 deletions examples/assertion/assert_push_transitive_deps.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/usr/bin/env bash

IMAGE_DIR="$1"

for blob in "$IMAGE_DIR/blobs/sha256"/*; do
blob_real_path=$(realpath "$blob")
blob_real_path_relative="${blob_real_path##*bin/}"
echo "$blob -> $blob_real_path_relative"
if [[ ! -e "$blob_real_path_relative" ]]; then
echo "$blob is not present in the sandbox."
exit 1
fi
done
10 changes: 6 additions & 4 deletions oci/private/image.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -171,14 +171,16 @@ def _oci_image_impl(ctx):
args.add(ctx.file.base.path, format = "--from=%s")
inputs.append(ctx.file.base)
if use_symlinks:
transitive_inputs.append(ctx.file.base)
base_default_info = ctx.attr.base[DefaultInfo]
transitive_inputs.append(base_default_info.default_runfiles.files)
transitive_inputs.append(base_default_info.files)
else:
# create a scratch base image with given os/arch[/variant]
args.add(_platform_str(ctx.attr.os, ctx.attr.architecture, ctx.attr.variant), format = "--scratch=%s")

# If tree artifact symlinks are supported also add tars into runfiles.
if use_symlinks:
transitive_inputs = transitive_inputs + ctx.files.tars
transitive_inputs.append(depset(ctx.files.tars))

# add layers
for (i, layer) in enumerate(ctx.files.tars):
Expand Down Expand Up @@ -234,7 +236,7 @@ def _oci_image_impl(ctx):
action_env["MSYS_NO_PATHCONV"] = "1"

ctx.actions.run(
inputs = inputs,
inputs = depset(inputs, transitive = transitive_inputs),
arguments = [args],
outputs = [output],
env = action_env,
Expand All @@ -252,7 +254,7 @@ def _oci_image_impl(ctx):
return [
DefaultInfo(
files = depset([output]),
runfiles = ctx.runfiles(transitive_inputs),
runfiles = ctx.runfiles(transitive_files = depset(transitive = transitive_inputs)),
),
]

Expand Down
1 change: 1 addition & 0 deletions oci/private/load.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,7 @@ def _load_impl(ctx):
if ctx.file.loader:
runtime_deps.append(ctx.file.loader)
runfiles = ctx.runfiles(runtime_deps, transitive_files = tar_inputs)
runfiles = runfiles.merge(ctx.attr.image[DefaultInfo].default_runfiles)
runfiles = runfiles.merge(ctx.attr._runfiles.default_runfiles)

ctx.actions.expand_template(
Expand Down
3 changes: 2 additions & 1 deletion oci/private/push.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ oci_push(

# Helper rule for ensuring that the crane and yq toolchains are actually
# resolved for the architecture we are targeting.
def _transition_to_target_impl(settings, attr):
def _transition_to_target_impl(settings, _attr):
return {
# String conversion is needed to prevent a crash with Bazel 6.x.
"//command_line_option:extra_execution_platforms": [
Expand Down Expand Up @@ -205,6 +205,7 @@ def _impl(ctx):
)
runfiles = ctx.runfiles(files = files)
runfiles = runfiles.merge(jq.default.default_runfiles)
runfiles = runfiles.merge(ctx.attr.image[DefaultInfo].default_runfiles)
runfiles = runfiles.merge(crane.default.default_runfiles)

return DefaultInfo(executable = util.maybe_wrap_launcher_for_windows(ctx, executable), runfiles = runfiles)
Expand Down

0 comments on commit 4b843d6

Please sign in to comment.