forked from hswaw/hscloud
This is an attempt to see how well we do without rules_nixpkgs. rules_nixpkgs has the following problems: - complicates our build system significantly (generated external repository indirection for picking local/nix python and go) - creates builds that cannot run on production (as they are tainted by /nix/store libraries) - is not a full solution to the bazel hermeticity problem anyway, and we'll have to tackle that some other way (eg. by introducing proper C++ cross-compilation toolchains and building everything from C, including Python and Go) Instead of rules_nixpkgs, we ship a shell.nix file, so NixOS users can just: jane@hacker:~/hscloud $ nix-shell hscloud-build-chrootenv:jane@hacker:~/hscloud$ prodaccess This shell.nix is in a way nicer, as it immediately gives you all tools needed to access production straight away. Change-Id: Ieceb5ae0fb4d32e87301e5c99416379cedc900c5
42 lines
1,002 B
Text
42 lines
1,002 B
Text
load("@bazel_tools//tools/build_defs/pkg:pkg.bzl", "pkg_tar", "pkg_deb")
|
|
load("//bzl:rules.bzl", "copy_go_binary")
|
|
|
|
copy_go_binary(
|
|
name = "kubectl",
|
|
src = "@io_k8s_kubernetes//cmd/kubectl:kubectl",
|
|
visibility = ["//visibility:public"],
|
|
)
|
|
|
|
copy_go_binary(
|
|
name = "kubecfg",
|
|
src = "//cluster/tools/kartongips",
|
|
visibility = ["//visibility:public"],
|
|
)
|
|
|
|
copy_go_binary(
|
|
name = "calicoctl.bin",
|
|
src = "@com_github_projectcalico_calicoctl//calicoctl:calicoctl",
|
|
visibility = ["//visibility:public"],
|
|
)
|
|
|
|
sh_binary(
|
|
name = "calicoctl",
|
|
srcs = ["calicoctl.sh"],
|
|
data = [":calicoctl.bin", "//tools:secretstore"],
|
|
)
|
|
|
|
copy_go_binary(
|
|
name = "cfssl",
|
|
src = "@com_github_cloudflare_cfssl//cmd/cfssl:cfssl",
|
|
visibility = ["//visibility:public"],
|
|
)
|
|
|
|
sh_binary(
|
|
name = "rook-s3cmd-config",
|
|
srcs = ["rook-s3cmd-config.sh"],
|
|
data = [
|
|
"@bazel_tools//tools/bash/runfiles",
|
|
"@com_github_stedolan_jq//:jq",
|
|
":kubectl",
|
|
],
|
|
)
|