0f5783f80a
Bazel 4 is going to be a long term support release. Latest version in NixPkgs so far was 3.3.1 There's a need for more recent version https://github.com/NixOS/nixpkgs/issues/97497 All versions from 3.5.0 to 3.7.1 had some reproducibility issues as noted in issue above, but there also seems to be a working PR for 3.7.1 now at https://github.com/NixOS/nixpkgs/pull/105439 Notable changes from bazel_3 setup: - put python to default bash path For autodetecting python toolchain with strict action_env on and without this change bazel would fail to autodetect host python. There are some repos that define hermetic python toolchains, but they aren't easy to use yet. Also telling python paths to bazel isn't a 1-liner it seems: - action_env=PATH would affect cache - declaring toolchain via BUILD&WORKSPACE files is not per-user but more like per-repo and affects cache too Using python from nixpkgs shouldn't be too bad in the lack of simpler hermetic python toolchain options - bazel_4.updater is bazel on `bazel query` to support new constructs in WORKSPACE (load of vars, transitive load etc). This is more robust but requires bazel to run the updater, using bazel_3 for now. This is only needed to bump package version, doesn't introduce bazel_4 build dependency on bazel_3 https://blog.bazel.build/2020/11/10/bazel-4.0-announce.html https://blog.bazel.build/2020/11/10/long-term-support-release.html https://github.com/bazelbuild/bazel/issues/12455 https://github.com/bazelbuild/bazel/releases/tag/4.0.0 https://blog.bazel.build/2021/01/19/bazel-4-0.html
55 lines
1.8 KiB
Python
Executable File
55 lines
1.8 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
import sys
|
|
import json
|
|
|
|
if len(sys.argv) != 2:
|
|
print("usage: ./this-script src-deps.json < WORKSPACE", file=sys.stderr)
|
|
print("Takes the bazel WORKSPACE file and reads all archives into a json dict (by evaling it as python code)", file=sys.stderr)
|
|
print("Hail Eris.", file=sys.stderr)
|
|
sys.exit(1)
|
|
|
|
http_archives = []
|
|
|
|
# just the kw args are the dict { name, sha256, urls … }
|
|
def http_archive(**kw):
|
|
http_archives.append(kw)
|
|
# like http_file
|
|
def http_file(**kw):
|
|
http_archives.append(kw)
|
|
|
|
# this is inverted from http_archive/http_file and bundles multiple archives
|
|
def distdir_tar(**kw):
|
|
for archive_name in kw['archives']:
|
|
http_archives.append({
|
|
"name": archive_name,
|
|
"sha256": kw['sha256'][archive_name],
|
|
"urls": kw['urls'][archive_name]
|
|
})
|
|
|
|
# TODO?
|
|
def git_repository(**kw):
|
|
print(json.dumps(kw, sort_keys=True, indent=4), file=sys.stderr)
|
|
sys.exit(1)
|
|
|
|
# execute the WORKSPACE like it was python code in this module,
|
|
# using all the function stubs from above.
|
|
exec(sys.stdin.read())
|
|
|
|
# transform to a dict with the names as keys
|
|
d = { el['name']: el for el in http_archives }
|
|
|
|
def has_urls(el):
|
|
return ('url' in el and el['url']) or ('urls' in el and el['urls'])
|
|
def has_sha256(el):
|
|
return 'sha256' in el and el['sha256']
|
|
bad_archives = list(filter(lambda el: not has_urls(el) or not has_sha256(el), d.values()))
|
|
if bad_archives:
|
|
print('Following bazel dependencies are missing url or sha256', file=sys.stderr)
|
|
print('Check bazel sources for master or non-checksummed dependencies', file=sys.stderr)
|
|
for el in bad_archives:
|
|
print(json.dumps(el, sort_keys=True, indent=4), file=sys.stderr)
|
|
sys.exit(1)
|
|
|
|
with open(sys.argv[1], "w") as f:
|
|
print(json.dumps(d, sort_keys=True, indent=4), file=f)
|