From 35f813bd1d0d66c6a421c9d3a1cc9e3e79b64cbf Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 18:48:10 -0700 Subject: [PATCH 01/24] chore: tooling pt 2 - feat: better test coverage matrix for bazel ci - feat: buildifier in bazel ci - feat: split bazel settings by version - feat: test bazel `5.4.0` and `6.3.2` - chore: conditional ci on actual package code Signed-off-by: Sam Gammon --- .bazelci/presubmit.yml | 11 ++++++++--- .bazelrc | 3 +-- .github/workflows/bazel.ci.yml | 3 +-- .github/workflows/check.buildifier.yml | 14 ++++++++++++++ .github/workflows/check.codeql.yml | 12 ++++++++++++ .github/workflows/on.pr.yml | 6 ++++++ .github/workflows/on.push.yml | 6 ++++++ tools/bazel/bazel4.bazelrc | 1 + tools/bazel/bazel7.bazelrc | 2 ++ tools/versions/README.md | 3 +++ tools/versions/bazel4.bazelrc | 1 + tools/versions/bazel5.bazelrc | 1 + tools/versions/bazel6.bazelrc | 1 + tools/versions/bazel7.bazelrc | 1 + version.bazelrc | 1 + 15 files changed, 59 insertions(+), 7 deletions(-) create mode 100644 tools/bazel/bazel4.bazelrc create mode 100644 tools/versions/README.md create mode 100644 tools/versions/bazel4.bazelrc create mode 100644 tools/versions/bazel5.bazelrc create mode 100644 tools/versions/bazel6.bazelrc create mode 100644 tools/versions/bazel7.bazelrc create mode 100644 version.bazelrc diff --git a/.bazelci/presubmit.yml b/.bazelci/presubmit.yml index 24924ef2..544566cf 100644 --- a/.bazelci/presubmit.yml +++ b/.bazelci/presubmit.yml @@ -1,11 +1,16 @@ --- matrix: - platform: - - ubuntu2004 - - macos + bazel_version: ["5.4.0", "6.3.2", "7.0.0-pre.20230724.1"] + unix_platform: ["centos7", "debian10", "macos", "ubuntu2004"] + +validate_config: 1 +buildifier: latest tasks: build: + include_json_profile: + - build + - test build_targets: - "..." test_targets: diff --git a/.bazelrc b/.bazelrc index e11e5240..a0aa8acd 100644 --- a/.bazelrc +++ b/.bazelrc @@ -1,7 +1,6 @@ common:verbose --announce_rc # Import Aspect bazelrc presets -import %workspace%/.aspect/bazelrc/bazel7.bazelrc import %workspace%/.aspect/bazelrc/convenience.bazelrc import %workspace%/.aspect/bazelrc/correctness.bazelrc import %workspace%/.aspect/bazelrc/debug.bazelrc @@ -9,7 +8,6 @@ import %workspace%/.aspect/bazelrc/performance.bazelrc # Import project-level presets import %workspace%/tools/bazel/base.bazelrc -import %workspace%/tools/bazel/bazel7.bazelrc import %workspace%/tools/bazel/buildbuddy.bazelrc import %workspace%/tools/bazel/cache.bazelrc import %workspace%/tools/bazel/ci.bazelrc @@ -27,3 +25,4 @@ build --verbose_failures common:noop --logging=3 try-import %workspace%/local.bazelrc +try-import %workspace%/version.bazelrc diff --git a/.github/workflows/bazel.ci.yml b/.github/workflows/bazel.ci.yml index af19c1dd..ae4bddf4 100644 --- a/.github/workflows/bazel.ci.yml +++ b/.github/workflows/bazel.ci.yml @@ -25,7 +25,6 @@ jobs: exclude: | [ {"bazelversion": "5.4.0", "bzlmodEnabled": true}, - {"bazelversion": "5.4.0", "bzlmodEnabled": false}, {"bazelversion": "5.4.0", "os": "macos-latest"}, - {"bazelversion": "5.4.0", "os": "windows-latest"} + {"os": "windows-latest"}, ] diff --git a/.github/workflows/check.buildifier.yml b/.github/workflows/check.buildifier.yml index 41a3475b..45a64ed9 100644 --- a/.github/workflows/check.buildifier.yml +++ b/.github/workflows/check.buildifier.yml @@ -6,8 +6,22 @@ name: Buildifier # Triggers the workflow on push or pull request events but only for the main branch push: branches: [main] + paths: + - docs/**/*.* + - example/**/*.* + - graalvm/**/*.* + - internal/**/*.* + - tools/**/*.* + pull_request: branches: [main] + paths: + - docs/**/*.* + - example/**/*.* + - graalvm/**/*.* + - internal/**/*.* + - tools/**/*.* + # Allows you to run this workflow manually from the Actions tab workflow_dispatch: diff --git a/.github/workflows/check.codeql.yml b/.github/workflows/check.codeql.yml index 36e48ba7..8772b431 100644 --- a/.github/workflows/check.codeql.yml +++ b/.github/workflows/check.codeql.yml @@ -4,8 +4,20 @@ name: "CodeQL" "on": push: branches: ["main"] + paths: + - docs/**/*.* + - example/**/*.* + - graalvm/**/*.* + - internal/**/*.* + - tools/**/*.* pull_request: branches: ["main"] + paths: + - docs/**/*.* + - example/**/*.* + - graalvm/**/*.* + - internal/**/*.* + - tools/**/*.* schedule: - cron: "0 0 * * 1" diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 4423d9cd..a1cedfc3 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -6,6 +6,12 @@ name: "PR" pull_request: branches: - main + paths: + - docs/**/*.* + - example/**/*.* + - graalvm/**/*.* + - internal/**/*.* + - tools/**/*.* ## Run on PR queue check requests merge_group: {} diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml index 585d9dfe..371a4b9b 100644 --- a/.github/workflows/on.push.yml +++ b/.github/workflows/on.push.yml @@ -5,6 +5,12 @@ name: "CI" push: branches: - main + paths: + - docs/**/*.* + - example/**/*.* + - graalvm/**/*.* + - internal/**/*.* + - tools/**/*.* jobs: build: diff --git a/tools/bazel/bazel4.bazelrc b/tools/bazel/bazel4.bazelrc new file mode 100644 index 00000000..9e69f75e --- /dev/null +++ b/tools/bazel/bazel4.bazelrc @@ -0,0 +1 @@ +# Nothing at this time. \ No newline at end of file diff --git a/tools/bazel/bazel7.bazelrc b/tools/bazel/bazel7.bazelrc index 705f8d6a..52033040 100644 --- a/tools/bazel/bazel7.bazelrc +++ b/tools/bazel/bazel7.bazelrc @@ -1 +1,3 @@ +import %workspace%/.aspect/bazelrc/bazel7.bazelrc + build --remote_build_event_upload=minimal diff --git a/tools/versions/README.md b/tools/versions/README.md new file mode 100644 index 00000000..c0db4c27 --- /dev/null +++ b/tools/versions/README.md @@ -0,0 +1,3 @@ +## Version-specific Bazel settings + +Each of the files in this directory can be moved to the root at `version.bazelrc`. In doing so, settings specific to that version of Bazel are applied, from Aspect's base settings and from the local repository settings. diff --git a/tools/versions/bazel4.bazelrc b/tools/versions/bazel4.bazelrc new file mode 100644 index 00000000..f1b0f54e --- /dev/null +++ b/tools/versions/bazel4.bazelrc @@ -0,0 +1 @@ +import %workspace%/tools/bazel/bazel4.bazelrc diff --git a/tools/versions/bazel5.bazelrc b/tools/versions/bazel5.bazelrc new file mode 100644 index 00000000..7f900b21 --- /dev/null +++ b/tools/versions/bazel5.bazelrc @@ -0,0 +1 @@ +import %workspace%/tools/bazel/bazel5.bazelrc diff --git a/tools/versions/bazel6.bazelrc b/tools/versions/bazel6.bazelrc new file mode 100644 index 00000000..ce7dcb04 --- /dev/null +++ b/tools/versions/bazel6.bazelrc @@ -0,0 +1 @@ +import %workspace%/tools/bazel/bazel6.bazelrc diff --git a/tools/versions/bazel7.bazelrc b/tools/versions/bazel7.bazelrc new file mode 100644 index 00000000..391445e1 --- /dev/null +++ b/tools/versions/bazel7.bazelrc @@ -0,0 +1 @@ +import %workspace%/tools/bazel/bazel7.bazelrc diff --git a/version.bazelrc b/version.bazelrc new file mode 100644 index 00000000..9e69ea0c --- /dev/null +++ b/version.bazelrc @@ -0,0 +1 @@ +import %workspace%/tools/bazel/bazel7.bazelrc \ No newline at end of file From 14f837b7ad61c18bd692c6c52957c0f2b0aac266 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 18:52:43 -0700 Subject: [PATCH 02/24] fix: flags on bazel5 Signed-off-by: Sam Gammon --- tools/bazel/bazel6.bazelrc | 1 + tools/bazel/bazel7.bazelrc | 1 + tools/bazel/cache.bazelrc | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/bazel/bazel6.bazelrc b/tools/bazel/bazel6.bazelrc index 2ab1c0b4..50288efd 100644 --- a/tools/bazel/bazel6.bazelrc +++ b/tools/bazel/bazel6.bazelrc @@ -1 +1,2 @@ build --experimental_remote_build_event_upload=minimal +build --noexperimental_check_external_repository_files diff --git a/tools/bazel/bazel7.bazelrc b/tools/bazel/bazel7.bazelrc index 52033040..b5180430 100644 --- a/tools/bazel/bazel7.bazelrc +++ b/tools/bazel/bazel7.bazelrc @@ -1,3 +1,4 @@ import %workspace%/.aspect/bazelrc/bazel7.bazelrc build --remote_build_event_upload=minimal +build --noexperimental_check_external_repository_files diff --git a/tools/bazel/cache.bazelrc b/tools/bazel/cache.bazelrc index 2c20ffd1..5c6609de 100644 --- a/tools/bazel/cache.bazelrc +++ b/tools/bazel/cache.bazelrc @@ -6,7 +6,7 @@ build:buildless --remote_cache=https://bazel.less.build/cache/generic build --modify_execution_info=PackageTar=+no-remote build --remote_local_fallback build --incompatible_remote_results_ignore_disk -build --noexperimental_check_output_files --noexperimental_check_external_repository_files +build --noexperimental_check_output_files build --nolegacy_important_outputs build --incompatible_default_to_explicit_init_py build --experimental_remote_merkle_tree_cache From 0824ea5df3f73d551e77d0ffdd399d2b0551bf6a Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:04:02 -0700 Subject: [PATCH 03/24] feat: version-pinned bazel builds in actions - chore: add `centos` to bazel ci - feat: version-pin support for bazel builds and tests Signed-off-by: Sam Gammon --- .bazelci/presubmit.yml | 2 +- .github/workflows/module.build.yml | 37 +++++++++++++++++++++++++++--- 2 files changed, 35 insertions(+), 4 deletions(-) diff --git a/.bazelci/presubmit.yml b/.bazelci/presubmit.yml index 544566cf..8c563ad2 100644 --- a/.bazelci/presubmit.yml +++ b/.bazelci/presubmit.yml @@ -19,7 +19,7 @@ tasks: bcr_test_module: module_path: "example/integration_tests/bzlmod" matrix: - platform: ["debian10", "macos", "ubuntu2004"] + platform: ["debian10", "macos", "ubuntu2004", "centos7"] tasks: build_bzlmod_test: name: "Build test module" diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index 653b3052..5a6c350b 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -15,6 +15,19 @@ name: "Build" description: "Enable Bzlmod" type: boolean default: false + + ## Bazel version to use + bazel_version: + description: "Bazel version" + type: string + default: "7.0.0-pre.20230724.1" + + ## Configuration profile to use + bazel_config: + description: "Bazel profile" + type: string + default: "bazel7" + workflow_call: inputs: runner: @@ -33,11 +46,22 @@ name: "Build" description: "Skip Failures" type: boolean default: false + bazel_version: + description: "Bazel version" + type: string + default: "7.0.0-pre.20230724.1" + bazel_config: + description: "Bazel profile" + type: string + default: "bazel7" secrets: + ## Secrets: BuildBuddy API key BUILDBUDDY_APIKEY: - required: true + required: false + + ## Secrets: Buildless API key BUILDLESS_APIKEY: - required: true + required: false jobs: build: @@ -61,8 +85,15 @@ jobs: with: path: "~/.cache/bazel" key: bazel-v2 - - name: "Configure: Bazel" + - name: "Configure: Bazel Version" + shell: bash + if: inputs.bazel_version != '' && inputs.bazel_config != '' + run: | + echo "${{ inputs.bazel_version }}" > .bazelversion + echo "import %workspace%/tools/bazel/${{ inputs.bazel_config }}.bazelrc" > version.bazelrc + - name: "Configure: Bazel Services" shell: bash + if: contains(env.BUILDLESS_APIKEY || '', 'user_') run: | echo "build --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_APIKEY }}" >> local.bazelrc echo "build --remote_header=x-api-key=${{ secrets.BUILDLESS_APIKEY }}" >> local.bazelrc From 005fca02f98c2ca0d4bb69795d2cee409bd3115f Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:10:41 -0700 Subject: [PATCH 04/24] chore: build refactor for fork security Signed-off-by: Sam Gammon --- .github/workflows/module.build.yml | 62 +++++++++++++- .github/workflows/module.test.yml | 130 ----------------------------- .github/workflows/on.pr.yml | 2 +- .github/workflows/on.push.yml | 36 ++------ 4 files changed, 66 insertions(+), 164 deletions(-) delete mode 100644 .github/workflows/module.test.yml diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index 5a6c350b..d6fedda7 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -16,6 +16,12 @@ name: "Build" type: boolean default: false + ## Whether to run tests + tests: + description: "Run Tests" + type: boolean + default: true + ## Bazel version to use bazel_version: description: "Bazel version" @@ -42,6 +48,10 @@ name: "Build" description: "Enable Bzlmod" type: boolean default: false + tests: + description: "Run Tests" + type: boolean + default: true labs: description: "Skip Failures" type: boolean @@ -98,10 +108,58 @@ jobs: echo "build --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_APIKEY }}" >> local.bazelrc echo "build --remote_header=x-api-key=${{ secrets.BUILDLESS_APIKEY }}" >> local.bazelrc - name: "Configure: Bzlmod" - if: ${{ inputs.bzlmod }} + if: inputs.bzlmod run: | echo "build --config=bzlmod" >> local.bazelrc - - name: "Build: Example" + - name: "Build: Project" + continue-on-error: ${{ inputs.labs }} + shell: bash + run: bazel build --config=ci "//..." + - name: "Test: Example" + if: inputs.tests continue-on-error: ${{ inputs.labs }} shell: bash run: bazel build --config=ci "//..." + + integration-tests: + name: "Test: ${{ matrix.label }} (${{ inputs.label || 'Rules' }})" + runs-on: ${{ inputs.runner || 'ubuntu-latest' }} + continue-on-error: ${{ inputs.labs || matrix.labs }} + needs: ["build"] + if: inputs.tests + strategy: + fail-fast: false + matrix: + label: ["BCR"] + target: ["//sample"] + action: ["build"] + directory: ["./example/integration_tests/bzlmod"] + labs: [false] + steps: + - name: Harden Runner + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + with: + egress-policy: audit + - name: "Setup: Checkout" + uses: actions/checkout@v3 + - name: "Setup: msbuild" + uses: microsoft/setup-msbuild@v1.1 + if: ${{ contains(inputs.runner, 'windows') }} + - name: "Setup: Bazel" + uses: bazelbuild/setup-bazelisk@v2 + - name: "Setup: Cache" + uses: actions/cache@v3 + with: + path: "~/.cache/bazel" + key: bazel-v2 + - name: "Configure: Bazel Version" + shell: bash + if: inputs.bazel_version != '' && inputs.bazel_config != '' + run: | + echo "${{ inputs.bazel_version }}" > .bazelversion + echo "import %workspace%/tools/bazel/${{ inputs.bazel_config }}.bazelrc" > version.bazelrc + - name: "Build: ${{ matrix.label }}" + continue-on-error: ${{ inputs.labs }} + working-directory: ${{ matrix.directory }} + shell: bash + run: bazel ${{ matrix.action || 'build' }} "${{ matrix.target || '//...' }}" diff --git a/.github/workflows/module.test.yml b/.github/workflows/module.test.yml deleted file mode 100644 index d0452176..00000000 --- a/.github/workflows/module.test.yml +++ /dev/null @@ -1,130 +0,0 @@ ---- -name: "Test" - -"on": - workflow_dispatch: - inputs: - ## Runner to use - runner: - description: "Runner" - type: string - default: "ubuntu-latest" - - ## Whether to build with bzlmod - bzlmod: - description: "Enable Bzlmod" - type: boolean - default: false - - ## Whether to collect and report coverage - coverage: - description: "Enable Coverage" - type: boolean - default: false - workflow_call: - inputs: - runner: - description: "Runner" - type: string - default: "ubuntu-latest" - label: - description: "Label" - type: string - default: "Ubuntu" - bzlmod: - description: "Enable Bzlmod" - type: boolean - default: false - coverage: - description: "Enable Coverage" - type: boolean - default: false - labs: - description: "Skip Failures" - type: boolean - default: false - secrets: - BUILDBUDDY_APIKEY: - required: true - BUILDLESS_APIKEY: - required: true - -jobs: - test: - name: "Test: ${{ inputs.label || 'Rules' }}" - runs-on: ${{ inputs.runner || 'ubuntu-latest' }} - continue-on-error: ${{ inputs.labs }} - steps: - - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 - with: - egress-policy: audit - - name: "Setup: Checkout" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - name: "Setup: msbuild" - uses: microsoft/setup-msbuild@34cfbaee7f672c76950673338facd8a73f637506 # v1.1.3 - if: ${{ contains(inputs.runner, 'windows') }} - - name: "Setup: Bazel" - uses: bazelbuild/setup-bazelisk@95c9bf48d0c570bb3e28e57108f3450cd67c1a44 # v2.0.0 - - name: "Setup: Cache" - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 - with: - path: "~/.cache/bazel" - key: bazel-v2 - - name: "Configure: Bazel" - shell: bash - run: | - echo "build --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_APIKEY }}" >> local.bazelrc - echo "build --remote_header=x-api-key=${{ secrets.BUILDLESS_APIKEY }}" >> local.bazelrc - - name: "Configure: Bzlmod" - if: ${{ inputs.bzlmod }} - run: | - echo "build --config=bzlmod" >> local.bazelrc - - name: "Build: Example" - continue-on-error: ${{ inputs.labs }} - shell: bash - run: | - bazel \ - ${{ inputs.coverage && 'coverage' || 'test' }} \ - --config=ci \ - //... - - integration-tests: - name: "Test: ${{ matrix.label }} (${{ inputs.label || 'Rules' }})" - runs-on: ${{ inputs.runner || 'ubuntu-latest' }} - continue-on-error: ${{ inputs.labs || matrix.labs }} - strategy: - fail-fast: false - matrix: - label: ["BCR"] - target: ["//sample"] - action: ["build"] - directory: ["./example/integration_tests/bzlmod"] - labs: [false] - steps: - - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 - with: - egress-policy: audit - - name: "Setup: Checkout" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - name: "Setup: msbuild" - uses: microsoft/setup-msbuild@34cfbaee7f672c76950673338facd8a73f637506 # v1.1.3 - if: ${{ contains(inputs.runner, 'windows') }} - - name: "Setup: Bazel" - uses: bazelbuild/setup-bazelisk@95c9bf48d0c570bb3e28e57108f3450cd67c1a44 # v2.0.0 - - name: "Setup: Cache" - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 - with: - path: "~/.cache/bazel" - key: bazel-v2 - - name: "Configure: Bazel" - shell: bash - run: | - echo "build --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_APIKEY }}" >> local.bazelrc - echo "build --remote_header=x-api-key=${{ secrets.BUILDLESS_APIKEY }}" >> local.bazelrc - - name: "Build: ${{ matrix.label }}" - continue-on-error: ${{ inputs.labs }} - working-directory: ${{ matrix.directory }} - shell: bash - run: bazel ${{ matrix.action || 'build' }} "${{ matrix.target || '//...' }}" diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index a1cedfc3..9af0145c 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -34,7 +34,7 @@ jobs: test: name: "Test (${{ matrix.label }})" - uses: ./.github/workflows/module.test.yml + uses: ./.github/workflows/module.build.yml strategy: fail-fast: false matrix: diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml index 371a4b9b..c127366b 100644 --- a/.github/workflows/on.push.yml +++ b/.github/workflows/on.push.yml @@ -2,6 +2,7 @@ name: "CI" "on": + ## Events: Pushes on Main push: branches: - main @@ -14,7 +15,7 @@ name: "CI" jobs: build: - name: "Build" + name: "Build (${{ matrix.label }})" uses: ./.github/workflows/module.build.yml strategy: fail-fast: false @@ -22,41 +23,13 @@ jobs: runner: [ubuntu-latest, windows-latest, macos-latest] include: - runner: ubuntu-latest - label: Ubuntu + label: Ubuntu - Standard bzlmod: true labs: false - - runner: windows-latest - label: Windows - bzlmod: false - labs: true - - runner: macos-latest - label: macOS - bzlmod: false - labs: false - - secrets: inherit - with: - runner: ${{ matrix.runner }} - label: ${{ matrix.label }} - bzlmod: ${{ matrix.bzlmod }} - labs: ${{ matrix.labs }} - - test: - name: "Test" - needs: ["build"] - uses: ./.github/workflows/module.test.yml - strategy: - fail-fast: false - matrix: - runner: [ubuntu-latest, windows-latest, macos-latest] - include: - - runner: ubuntu-latest - label: Ubuntu - labs: false - runner: ubuntu-latest label: Ubuntu - Bzlmod bzlmod: true - labs: true + labs: false - runner: windows-latest label: Windows bzlmod: false @@ -72,3 +45,4 @@ jobs: label: ${{ matrix.label }} bzlmod: ${{ matrix.bzlmod }} labs: ${{ matrix.labs }} + tests: true From 80f3e016707780ad0dd494c30428b5f7fb1bde34 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:22:36 -0700 Subject: [PATCH 05/24] feat: separate bazel5 test for bazel ci Signed-off-by: Sam Gammon --- .bazelci/presubmit.yml | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/.bazelci/presubmit.yml b/.bazelci/presubmit.yml index 8c563ad2..281b655a 100644 --- a/.bazelci/presubmit.yml +++ b/.bazelci/presubmit.yml @@ -1,7 +1,7 @@ --- matrix: - bazel_version: ["5.4.0", "6.3.2", "7.0.0-pre.20230724.1"] - unix_platform: ["centos7", "debian10", "macos", "ubuntu2004"] + bazel_version: ["6.3.2", "7.0.0-pre.20230724.1"] + platform: ["centos7", "debian10", "macos", "ubuntu2004"] validate_config: 1 buildifier: latest @@ -16,6 +16,14 @@ tasks: test_targets: - "..." + kythe_ubuntu2004: + index_targets: + - "..." + index_targets_query: 'kind("java_(binary|import|library|plugin|test|proto_library) rule", ...)' + index_flags: + - "--define=kythe_corpus=github.com/sgammon/rules_graalvm" + index_upload_policy: "IfBuildSuccess" + bcr_test_module: module_path: "example/integration_tests/bzlmod" matrix: @@ -26,3 +34,21 @@ bcr_test_module: platform: ${{ platform }} build_targets: - "//..." +--- +bazel: 5.4.0 + +matrix: + platform: ["centos7", "debian10", "macos", "ubuntu2004"] + +tasks: + build: + include_json_profile: + - build + - test + shell_commands: + - echo "5.4.0" > .bazelversion + - echo "import %workspace%/tools/bazel/bazel5.bazelrc" > version.bazelrc + build_targets: + - "..." + test_targets: + - "..." From f324ccc4f72ec9aed3a8328ab901e7977c1ffe74 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:32:29 -0700 Subject: [PATCH 06/24] chore: broader testing across bazel versions Signed-off-by: Sam Gammon --- .github/workflows/bazel.ci.yml | 3 +- .github/workflows/module.build.yml | 2 +- .github/workflows/on.pr.yml | 47 +++++++++++++++++++++++++++--- 3 files changed, 46 insertions(+), 6 deletions(-) diff --git a/.github/workflows/bazel.ci.yml b/.github/workflows/bazel.ci.yml index ae4bddf4..ae146403 100644 --- a/.github/workflows/bazel.ci.yml +++ b/.github/workflows/bazel.ci.yml @@ -22,9 +22,10 @@ jobs: [ "." ] + exclude_windows: true exclude: | [ {"bazelversion": "5.4.0", "bzlmodEnabled": true}, + {"bazelversion": "5.4.0", "bzlmodEnabled": false}, {"bazelversion": "5.4.0", "os": "macos-latest"}, - {"os": "windows-latest"}, ] diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index d6fedda7..0de3ad25 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -126,7 +126,7 @@ jobs: runs-on: ${{ inputs.runner || 'ubuntu-latest' }} continue-on-error: ${{ inputs.labs || matrix.labs }} needs: ["build"] - if: inputs.tests + if: inputs.tests && inputs.bzlmod strategy: fail-fast: false matrix: diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 9af0145c..50349add 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -40,22 +40,60 @@ jobs: matrix: runner: [ubuntu-latest, windows-latest, macos-latest] bzlmod: [false] + bazelversion: ["7.0.0-pre.20230724.1", "6.3.2", "5.4.0"] include: - runner: ubuntu-latest - label: Ubuntu - Standard + label: Ubuntu - Bazel 7 labs: false + bazelversion: 7.0.0-pre.20230724.1 - runner: ubuntu-latest - label: Ubuntu - Bzlmod + label: Ubuntu - Bzlmod 7 bzlmod: true labs: true + bazelversion: 7.0.0-pre.20230724.1 - runner: windows-latest - label: Windows + label: Windows - Bazel 7 bzlmod: false labs: true + bazelversion: 7.0.0-pre.20230724.1 - runner: macos-latest - label: macOS + label: macOS - Bazel 7 bzlmod: false labs: false + bazelversion: 7.0.0-pre.20230724.1 + - runner: ubuntu-latest + label: Ubuntu - Bazel 6 + labs: false + bazelversion: 6.3.2 + - runner: ubuntu-latest + label: Ubuntu - Bzlmod 6 + bzlmod: true + labs: true + bazelversion: 6.3.2 + - runner: windows-latest + label: Windows - Bazel 6 + bzlmod: false + labs: true + bazelversion: 6.3.2 + - runner: macos-latest + label: macOS - Bazel 6 + bzlmod: false + labs: false + bazelversion: 6.3.2 + - runner: ubuntu-latest + label: Ubuntu - Bazel 5 + labs: true + bazelversion: 5.4.0 + - runner: windows-latest + label: Windows - Bazel 5 + bzlmod: false + labs: true + bazelversion: 5.4.0 + - runner: macos-latest + label: macOS - Bazel 5 + bzlmod: false + labs: true + bazelversion: 5.4.0 secrets: inherit with: @@ -63,3 +101,4 @@ jobs: label: ${{ matrix.label }} bzlmod: ${{ matrix.bzlmod }} labs: ${{ matrix.labs }} + bazel_version: ${{ matrix.bazelversion }} From 0e6e8a01ec70a3e1a1833ac304546d7ea1958401 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:43:35 -0700 Subject: [PATCH 07/24] fix: build labels and secret detection Signed-off-by: Sam Gammon --- .github/workflows/module.build.yml | 8 ++++++-- .github/workflows/on.pr.yml | 31 ++++++++++++++++++------------ 2 files changed, 25 insertions(+), 14 deletions(-) diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index 0de3ad25..b9cca8c9 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -73,9 +73,13 @@ name: "Build" BUILDLESS_APIKEY: required: false +env: + BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} + BUILDBUDDY_APIKEY: ${{ secrets.BUILDBUDDY_APIKEY }} + jobs: build: - name: "Build: ${{ inputs.label || 'Rules' }}" + name: "Build" runs-on: ${{ inputs.runner || 'ubuntu-latest' }} continue-on-error: ${{ inputs.labs }} steps: @@ -122,7 +126,7 @@ jobs: run: bazel build --config=ci "//..." integration-tests: - name: "Test: ${{ matrix.label }} (${{ inputs.label || 'Rules' }})" + name: "${{ matrix.label }}" runs-on: ${{ inputs.runner || 'ubuntu-latest' }} continue-on-error: ${{ inputs.labs || matrix.labs }} needs: ["build"] diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 50349add..cd53a6db 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -33,7 +33,7 @@ jobs: config-file: "./.github/dependency-review-config.yml" test: - name: "Test (${{ matrix.label }})" + name: "Test" uses: ./.github/workflows/module.build.yml strategy: fail-fast: false @@ -43,57 +43,64 @@ jobs: bazelversion: ["7.0.0-pre.20230724.1", "6.3.2", "5.4.0"] include: - runner: ubuntu-latest - label: Ubuntu - Bazel 7 + label: Ubuntu / Bazel 7 labs: false bazelversion: 7.0.0-pre.20230724.1 - runner: ubuntu-latest - label: Ubuntu - Bzlmod 7 + label: Ubuntu / Bzlmod 7 bzlmod: true labs: true bazelversion: 7.0.0-pre.20230724.1 - runner: windows-latest - label: Windows - Bazel 7 + label: Windows / Bazel 7 bzlmod: false labs: true bazelversion: 7.0.0-pre.20230724.1 - runner: macos-latest - label: macOS - Bazel 7 + label: macOS / Bazel 7 bzlmod: false labs: false bazelversion: 7.0.0-pre.20230724.1 - runner: ubuntu-latest - label: Ubuntu - Bazel 6 + label: Ubuntu / Bazel 6 labs: false bazelversion: 6.3.2 + bazel_config: bazel6 - runner: ubuntu-latest - label: Ubuntu - Bzlmod 6 + label: Ubuntu / Bzlmod 6 bzlmod: true labs: true bazelversion: 6.3.2 + bazel_config: bazel6 - runner: windows-latest - label: Windows - Bazel 6 + label: Windows / Bazel 6 bzlmod: false labs: true bazelversion: 6.3.2 + bazel_config: bazel6 - runner: macos-latest - label: macOS - Bazel 6 + label: macOS / Bazel 6 bzlmod: false labs: false bazelversion: 6.3.2 + bazel_config: bazel6 - runner: ubuntu-latest - label: Ubuntu - Bazel 5 + label: Ubuntu / Bazel 5 labs: true bazelversion: 5.4.0 + bazel_config: bazel5 - runner: windows-latest - label: Windows - Bazel 5 + label: Windows / Bazel 5 bzlmod: false labs: true bazelversion: 5.4.0 + bazel_config: bazel5 - runner: macos-latest - label: macOS - Bazel 5 + label: macOS / Bazel 5 bzlmod: false labs: true bazelversion: 5.4.0 + bazel_config: bazel5 secrets: inherit with: From aa763b76e6bf7cfa7d6fa9693e552145241815e8 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:57:38 -0700 Subject: [PATCH 08/24] fix: versioned bazel flags Signed-off-by: Sam Gammon --- .github/workflows/on.pr.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index cd53a6db..822fd6ff 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -41,6 +41,7 @@ jobs: runner: [ubuntu-latest, windows-latest, macos-latest] bzlmod: [false] bazelversion: ["7.0.0-pre.20230724.1", "6.3.2", "5.4.0"] + bazel_config: ["bazel7", "bazel6", "bazel5"] include: - runner: ubuntu-latest label: Ubuntu / Bazel 7 @@ -109,3 +110,4 @@ jobs: bzlmod: ${{ matrix.bzlmod }} labs: ${{ matrix.labs }} bazel_version: ${{ matrix.bazelversion }} + bazel_config: ${{ matrix.bazel_config }} From f9d60885a2e0197254aceb012a174f6fb209e762 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 19:59:21 -0700 Subject: [PATCH 09/24] fix: build matrix Signed-off-by: Sam Gammon --- .github/workflows/on.pr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 822fd6ff..77986f84 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -40,8 +40,8 @@ jobs: matrix: runner: [ubuntu-latest, windows-latest, macos-latest] bzlmod: [false] - bazelversion: ["7.0.0-pre.20230724.1", "6.3.2", "5.4.0"] - bazel_config: ["bazel7", "bazel6", "bazel5"] + bazelversion: ["7.0.0-pre.20230724.1"] + bazel_config: ["bazel7"] include: - runner: ubuntu-latest label: Ubuntu / Bazel 7 From 25447e8917e810a39f8e5124664ac456bd9dfd77 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 20:01:27 -0700 Subject: [PATCH 10/24] fix: don't enforce lockfile in ci Signed-off-by: Sam Gammon --- tools/bazel/ci.bazelrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/bazel/ci.bazelrc b/tools/bazel/ci.bazelrc index b2055123..c6293a31 100644 --- a/tools/bazel/ci.bazelrc +++ b/tools/bazel/ci.bazelrc @@ -1,3 +1,3 @@ build:ci --build_metadata=ROLE=CI build:ci --build_metadata=VISIBILITY=PUBLIC -build:ci --lockfile_mode=error +build:ci-strict --lockfile_mode=error From b786d671020717a87a4302dd218403751cfd6e2f Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 20:02:27 -0700 Subject: [PATCH 11/24] fix: bazel5 build flags Signed-off-by: Sam Gammon --- tools/bazel/bazel5.bazelrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/bazel/bazel5.bazelrc b/tools/bazel/bazel5.bazelrc index 70b12324..9e69f75e 100644 --- a/tools/bazel/bazel5.bazelrc +++ b/tools/bazel/bazel5.bazelrc @@ -1 +1 @@ -build --experimental_remote_build_event_upload=minimal \ No newline at end of file +# Nothing at this time. \ No newline at end of file From b5972e49750d2f40f6bb73ceee7ea85ffe907a6c Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 20:07:06 -0700 Subject: [PATCH 12/24] chore: cleanup/move renovate config Signed-off-by: Sam Gammon --- .github/renovate.json | 18 ++++++++++++++++++ renovate.json | 13 ------------- 2 files changed, 18 insertions(+), 13 deletions(-) create mode 100644 .github/renovate.json delete mode 100644 renovate.json diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 00000000..f83b2703 --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,18 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "enabledManagers": ["bazel", "git-submodules", "npm", "bazelisk"], + "baseBranches": ["main"], + "pinDigests": true, + "rangeStrategy": "pin", + "updateLockFiles": true, + "dependencyDashboard": true, + "dependencyDashboardApproval": true, + "lockFileMaintenance": { "enabled": true }, + "labels": ["dependencies"], + "encrypted": { + "BUILDLESS_APIKEY": "wcFMA/xDdHCJBTolAQ//ZlxBi4WHvXzRIihVCeYomsCrSSPjKrHR0cuX8aDQENaGwIHyNmuyziCIHky3j/xoflJaFalDQkFzWcjPl35SroRZl/I8+T3wtR8jTutKF3MouJkMM7oaXkWk50/putF9ubb32tcdpRSbOzzpxIhPhxb5EyjqttaxgjQ553r4zBsLPZVSGxnCQ2PYbbAw3DA7MGq3mh5P7kityopLEOGeLfHJxQSNQ7CslJyX8rNGZINOjDOpZ31Q88n4jyGfzfuVcHRYWw03+7vjJls+MePhxTe7qK2IwkADEsRaGurH6a236hHTjuOVmsMN5r7KKAgauZ2umSRMn/5Nu6o8ZelVKMZ5R1Sa+4mLHA/EvTn33DGCGAmI/khScu/jktn6faKT7psbMd8CBUlHcmfhdMlfuuHassYaPf+LRjyBON+c0lfMgoQdYeD4d1EF/HlnDy0LIqYHgkWHz1wBgOVaBXc+vSFZ7lpeLrE4OA8Cbkye6XIKpm+sbs0YxUTzWLfGLf+TZW4btCB7Tzo8nhaq8NrHwYATh7qb2l36XvYXwrSQmyFBUEumEl6KsmJ9ocwFZak5cnoZOkzG08vREkIXGpExyjthIFztCQxsCpHj4KMkB0a2Ap4xiLrSjHT6kO8+S8hCMu+bCMBsgDStPZgJsGO/ZYIT9Uq0G7tPCqlC5Rl3nPvSjgGBOyQNDQUFk2ilmeB6GHv1HIVjTsLWMdVGQsUcgTEVMieqC3RywMF3013T6Ta+Mtw3cbBBOrJRd5E+bYwvg0RcKOVBTVOckscJGou5Sa0/5Bqnh2dRkOeuK+/re5VxRN+whHsJzPLm3/za/ONonbqZWlNnWNpk6dmf9JNwtUj9pkxVOAgCUs83vgRphVg", + "BUILDBUDDY_APIKEY": "wcFMA/xDdHCJBTolAQ/+Kd8pfh3V4huB5qeRGmN+MqJzpr4RUbxHvuCE55BM6u8M5EAJoQn2/0XzVrLgR6KtqzFUmLura1bZ4EtG87uim2wIjnN3yb8hNQm43ozNBn5ATGLziYE54jhEgF+Vn9V5+9kSnUibqGYDdgL8D2mvj9i5n+W29sZ//IHV+hP3gjX4kk1c50MZQimyOJEPHhZXg4r0ojqePiGwuH65XYimwnlnHeuXc+bjY+9zMZ0/PQZTBeoryQ2DPKu5fdpuaCX16B4MQbHYBMBXOpw7Mn3kAQS7zbJIGDoBmpnwjcsldndK6o1Odea2MrPManccIJ7MHEoUI8tycZxhVRq4D0aoW6sQu/uvU18mjeecpM/e7xdVQAvaOjzB28CdU2COFTKQMwyX1TQL702H4jKKbBmgKGI/DX1fFRZ4W6XlnUxYKp6ZtpTmDJLfVWvLFPoEVHJcWEtpjMchpi3MBqjE7SJezbGMDx5a17TW0t55R0ZgsNM37frHmzde36duxg9jU3pCBon+ecmfReZZFY0H7e7U1iF9Sd+q3B6M8Z73oTDzOfcQ5lzF3lsjKvDNiSkKJngD5fumpLRGvyX+Fq4IEOZO4qBpas1j7n1cRS/EcTTV5JHgeiWGLZD00mc19TkHhVTbIb+3flHij5bDrlTDc0IVBnmVgXPWUBn1FiI3/2+yuUjSbwFI8T5hSjtMJNGNjFoC9v/zab3RKR17YR0iQDagFdfoVodSwC/eD+AOsw9/BPhL5crSx79PeP0vcrYUb9mWJUhfZgCkygamjyloGE+QQ+CPAw4UO3aPGd/D9h3Ph6ocU2QMC3oemi3t99ddULt0GQ", + "BUF_TOKEN": "wcFMA/xDdHCJBTolAQ//QuIQGMVDlGwd81dD+xx081uJbEiCcdjgkczfXwAWEtq93QxzOMGseC2KLB/7/pTeKkWMTjGhArciKvMqb6s5hu/G9sxGXCc5jjvvhd4rpv0psl9CeBiJoR1Gr/SpXtjFsayRCbFPPTQ3bz7AixWaJAayk5ART/HjwkeITSfGWgpAZ7gtPaawM+oQM16rKeztNI1ploLH6E9QuY0SHGc0l9Lu49GTOisfNzomqqrmQLTW1QPTKznimQpSoQQrqTK6Rlk+S10uF+NcCtOoNOvuA+d1d4PZLj402HqbXONl957W7xXQGGHu7eZ86a6TSPE5FwISRw2ZU1avdZeLEmcKfJmoUY0oIr4YJjNImd6v/XWpnUc1PN5PsfGgwd/jghJpuWx+yneu0FehMsTY+cfKHeZW6aSGnCKgQ7FywTLlh7/JJGcMdKZMuW3akI6hC6/vPneQMdV6vdaSUK1eErgs8noemcZsHutNzSF57REUgPXXqbfdiBIs7rnjRwcmtWnmy6373I0ZGrkHEtFPv8RkJkDlzqzxGSU8YnU4Z+QdR5nhzr9RT4vsFCWamg30wyF43ZNQzpeZ9f9K9mc5JNO4VhNDvOCO9afCqMlOOuQbd+sGrVno7EVwY1Dd3XE4SZbk3rkGawrOPtNGMJPQ21aBxjAhKUDOmlwpRT4iBbZ1JcLSmwHWxHo3d4j9UfHapqxv+WSIqCjJ6nRgBA9H/UUFaFLNpwVUtQIRvFRNGB5UgDJCJe2Pxdxxp5K+SxPAT/kAE3lAXx1TCKNLGrRKunMuz2IXQGnfL0MVdOlLefEU2cvZaVYUwqooOcPGQq/4XMYSuY0OJTYB0CJvQuShK2CNkWD/4v6N9Ec0zlslSEcEAz9QdaW+UdIcbYTkdRzt" + } +} diff --git a/renovate.json b/renovate.json deleted file mode 100644 index 9d78c0a0..00000000 --- a/renovate.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": ["config:base"], - "enabledManagers": ["bazel", "git-submodules", "npm", "bazelisk"], - "baseBranches": ["main"], - "pinDigests": true, - "rangeStrategy": "pin", - "updateLockFiles": true, - "dependencyDashboard": true, - "dependencyDashboardApproval": true, - "lockFileMaintenance": { "enabled": true }, - "labels": ["dependencies"] -} From b0a300fc6c42ee2af7eb3a9a5361a6b63cc411ce Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 20:14:54 -0700 Subject: [PATCH 13/24] fix: windows builds, hopefully Signed-off-by: Sam Gammon --- .github/workflows/module.build.yml | 18 ++++++------ .github/workflows/on.pr.yml | 44 +++--------------------------- internal/config.bzl | 2 -- 3 files changed, 13 insertions(+), 51 deletions(-) diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index b9cca8c9..185a743b 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -99,12 +99,6 @@ jobs: with: path: "~/.cache/bazel" key: bazel-v2 - - name: "Configure: Bazel Version" - shell: bash - if: inputs.bazel_version != '' && inputs.bazel_config != '' - run: | - echo "${{ inputs.bazel_version }}" > .bazelversion - echo "import %workspace%/tools/bazel/${{ inputs.bazel_config }}.bazelrc" > version.bazelrc - name: "Configure: Bazel Services" shell: bash if: contains(env.BUILDLESS_APIKEY || '', 'user_') @@ -126,11 +120,11 @@ jobs: run: bazel build --config=ci "//..." integration-tests: - name: "${{ matrix.label }}" + name: "Test: ${{ matrix.label }}" runs-on: ${{ inputs.runner || 'ubuntu-latest' }} continue-on-error: ${{ inputs.labs || matrix.labs }} needs: ["build"] - if: inputs.tests && inputs.bzlmod + if: inputs.tests && (inputs.bazel_config == 'bazel7' || inputs.bazel_config == 'bazel6') strategy: fail-fast: false matrix: @@ -162,7 +156,13 @@ jobs: run: | echo "${{ inputs.bazel_version }}" > .bazelversion echo "import %workspace%/tools/bazel/${{ inputs.bazel_config }}.bazelrc" > version.bazelrc - - name: "Build: ${{ matrix.label }}" + - name: "Configure: Bazel Services" + shell: bash + if: contains(env.BUILDLESS_APIKEY || '', 'user_') + run: | + echo "build --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_APIKEY }}" >> local.bazelrc + echo "build --remote_header=x-api-key=${{ secrets.BUILDLESS_APIKEY }}" >> local.bazelrc + - name: "Test: ${{ matrix.label }}" continue-on-error: ${{ inputs.labs }} working-directory: ${{ matrix.directory }} shell: bash diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index 77986f84..ef4a72d3 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -47,61 +47,25 @@ jobs: label: Ubuntu / Bazel 7 labs: false bazelversion: 7.0.0-pre.20230724.1 + bazel_config: bazel7 - runner: ubuntu-latest label: Ubuntu / Bzlmod 7 bzlmod: true labs: true bazelversion: 7.0.0-pre.20230724.1 + bazel_config: bazel7 - runner: windows-latest label: Windows / Bazel 7 bzlmod: false labs: true bazelversion: 7.0.0-pre.20230724.1 + bazel_config: bazel7 - runner: macos-latest label: macOS / Bazel 7 bzlmod: false labs: false bazelversion: 7.0.0-pre.20230724.1 - - runner: ubuntu-latest - label: Ubuntu / Bazel 6 - labs: false - bazelversion: 6.3.2 - bazel_config: bazel6 - - runner: ubuntu-latest - label: Ubuntu / Bzlmod 6 - bzlmod: true - labs: true - bazelversion: 6.3.2 - bazel_config: bazel6 - - runner: windows-latest - label: Windows / Bazel 6 - bzlmod: false - labs: true - bazelversion: 6.3.2 - bazel_config: bazel6 - - runner: macos-latest - label: macOS / Bazel 6 - bzlmod: false - labs: false - bazelversion: 6.3.2 - bazel_config: bazel6 - - runner: ubuntu-latest - label: Ubuntu / Bazel 5 - labs: true - bazelversion: 5.4.0 - bazel_config: bazel5 - - runner: windows-latest - label: Windows / Bazel 5 - bzlmod: false - labs: true - bazelversion: 5.4.0 - bazel_config: bazel5 - - runner: macos-latest - label: macOS / Bazel 5 - bzlmod: false - labs: true - bazelversion: 5.4.0 - bazel_config: bazel5 + bazel_config: bazel7 secrets: inherit with: diff --git a/internal/config.bzl b/internal/config.bzl index f7872fc7..ef55691f 100644 --- a/internal/config.bzl +++ b/internal/config.bzl @@ -32,7 +32,5 @@ MAVEN_REPOSITORIES = [ ] GRAALVM_COMPONENTS = [ - "js", "native-image", - "wasm", ] From 8b59bdb844a22e3ae66e3ca041153fe0d8d80fef Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 20:58:33 -0700 Subject: [PATCH 14/24] fix: drop components from base project (tmp) Signed-off-by: Sam Gammon --- internal/config.bzl | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/internal/config.bzl b/internal/config.bzl index ef55691f..9f7c4a32 100644 --- a/internal/config.bzl +++ b/internal/config.bzl @@ -31,6 +31,4 @@ MAVEN_REPOSITORIES = [ "https://repo1.maven.org/maven2", ] -GRAALVM_COMPONENTS = [ - "native-image", -] +GRAALVM_COMPONENTS = [] From f5263ee8a3e5a8ff73787b75053e19aaff28581e Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 21:00:45 -0700 Subject: [PATCH 15/24] fix: bzlmod sample target on windows Signed-off-by: Sam Gammon --- .github/workflows/module.build.yml | 2 +- .../bzlmod/MODULE.bazel.lock | 24 +++++++++---------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index 185a743b..66a62732 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -129,7 +129,7 @@ jobs: fail-fast: false matrix: label: ["BCR"] - target: ["//sample"] + target: ["sample"] action: ["build"] directory: ["./example/integration_tests/bzlmod"] labs: [false] diff --git a/example/integration_tests/bzlmod/MODULE.bazel.lock b/example/integration_tests/bzlmod/MODULE.bazel.lock index 516694b7..29a25c1d 100644 --- a/example/integration_tests/bzlmod/MODULE.bazel.lock +++ b/example/integration_tests/bzlmod/MODULE.bazel.lock @@ -1,6 +1,6 @@ { "lockFileVersion": 1, - "moduleFileHash": "6be84de15badc5396a07a1fb21af5fcef4bac5f5368efd8aeb1b098effc794bb", + "moduleFileHash": "da0cfa558e7a652d5a0080c5868f465dc6740ea481e76dc2ecc58631c2fffc00", "flags": { "cmdRegistries": [ "https://bcr.bazel.build/" @@ -14,7 +14,7 @@ }, "localOverrideHashes": { "bazel_tools": "6dc722d59f08f40b58c8202f8e4a67b08a6af4f242cc00688e683e72cd9087f6", - "rules_graalvm": "618d7112f0da53485db4528465e4f51516c4653069d5247a66abbaf819446878" + "rules_graalvm": "12c44e04b6f7ef89525db362f856460d7ff277138179f9aa3bed852439584fe6" }, "moduleDepGraph": { "": { @@ -31,7 +31,7 @@ "usingModule": "", "location": { "file": "@@//:MODULE.bazel", - "line": 23, + "line": 21, "column": 20 }, "imports": { @@ -41,11 +41,11 @@ "tags": [ { "tagName": "graalvm", - "attributeValues": {"name":"--graalvm","version":"--20.0.2","distribution":"--oracle","java_version":"--20"}, + "attributeValues": {"name":"--graalvm","distribution":"--oracle","java_version":"--20","version":"--20.0.2"}, "devDependency": false, "location": { "file": "@@//:MODULE.bazel", - "line": 25, + "line": 22, "column": 12 } } @@ -313,7 +313,7 @@ "usingModule": "rules_graalvm@_", "location": { "file": "@@rules_graalvm~override//:MODULE.bazel", - "line": 124, + "line": 109, "column": 22 }, "imports": { @@ -324,11 +324,11 @@ "tags": [ { "tagName": "install", - "attributeValues": {"name":"--maven_gvm","artifacts":["--org.graalvm.nativeimage:svm:23.0.1","--org.graalvm.sdk:graal-sdk:23.0.1"],"repositories":["--https://maven.pkg.st","--https://maven.google.com","--https://repo1.maven.org/maven2"],"lock_file":"--//:maven_install.json"}, + "attributeValues": {"name":"--maven_gvm","artifacts":["--org.graalvm.nativeimage:svm:23.0.1","--org.graalvm.sdk:graal-sdk:23.0.1"],"lock_file":"--//:maven_install.json","repositories":["--https://maven.pkg.st","--https://maven.google.com","--https://repo1.maven.org/maven2"]}, "devDependency": false, "location": { "file": "@@rules_graalvm~override//:MODULE.bazel", - "line": 126, + "line": 110, "column": 14 } } @@ -342,7 +342,7 @@ "usingModule": "rules_graalvm@_", "location": { "file": "@@rules_graalvm~override//:MODULE.bazel", - "line": 139, + "line": 122, "column": 20 }, "imports": { @@ -352,11 +352,11 @@ "tags": [ { "tagName": "graalvm", - "attributeValues": {"name":"--graalvm","version":"--20.0.2","distribution":"--oracle","java_version":"--20"}, + "attributeValues": {"name":"--graalvm","distribution":"--oracle","java_version":"--20","version":"--20.0.2"}, "devDependency": false, "location": { "file": "@@rules_graalvm~override//:MODULE.bazel", - "line": 141, + "line": 123, "column": 12 } } @@ -1155,7 +1155,7 @@ } }, "@rules_graalvm~override//:extensions.bzl%graalvm": { - "bzlTransitiveDigest": "yKSZqFgZDsBQJ7idxvtiuwWuk7K9Ym2V3xNPD2f4I4c=", + "bzlTransitiveDigest": "XL2gg8eqwCzRKsgdlxCJ533/zTBnhHcCD4ve9I79d0Y=", "envVariables": {}, "generatedRepoSpecs": { "graalvm": { From 58723c43dab20de6d23bfea86a2b0bdd4069af17 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 21:39:43 -0700 Subject: [PATCH 16/24] chore: add `js` component back to build Signed-off-by: Sam Gammon --- MODULE.bazel | 3 +++ internal/config.bzl | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/MODULE.bazel b/MODULE.bazel index 7623ac72..1a6d9bbe 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -122,6 +122,9 @@ use_repo( gvm = use_extension(":extensions.bzl", "graalvm") gvm.graalvm( name = "graalvm", + components = [ + "js", + ], distribution = "oracle", java_version = "20", version = "20.0.2", diff --git a/internal/config.bzl b/internal/config.bzl index 9f7c4a32..986bdd75 100644 --- a/internal/config.bzl +++ b/internal/config.bzl @@ -31,4 +31,6 @@ MAVEN_REPOSITORIES = [ "https://repo1.maven.org/maven2", ] -GRAALVM_COMPONENTS = [] +GRAALVM_COMPONENTS = [ + "js", +] From 746fca9a0f60379ce8026b4e601d6449b99dcd2c Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 21:40:03 -0700 Subject: [PATCH 17/24] chore: better progress messages Signed-off-by: Sam Gammon --- graalvm/nativeimage/rules.bzl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/graalvm/nativeimage/rules.bzl b/graalvm/nativeimage/rules.bzl index 8d955a0d..dbc0240c 100644 --- a/graalvm/nativeimage/rules.bzl +++ b/graalvm/nativeimage/rules.bzl @@ -13,7 +13,7 @@ load( ) def _graal_binary_implementation(ctx): - graal_attr = ctx.attr.graalvm + graal_attr = ctx.attr.native_image graal_inputs, _, _ = ctx.resolve_command(tools = [graal_attr]) graal = graal_inputs[0] @@ -109,7 +109,7 @@ def _graal_binary_implementation(ctx): arguments = [args], executable = graal, mnemonic = "NativeImage", - progress_message = "Compiling %{label} with native-image", + progress_message = "Compiling native image %{label}", env = env, ) @@ -134,9 +134,9 @@ native_image = rule( "initialize_at_build_time": attr.string_list(), "initialize_at_run_time": attr.string_list(), "native_features": attr.string_list(), - "graalvm": attr.label( + "native_image": attr.label( cfg = "exec", - default = Label("@graalvm//:bin/native-image"), + default = Label("@graalvm//:native-image"), allow_files = True, executable = True, ), From 5e2c61b4f586b0d9bbbf14df7c667357ef50c90b Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 21:40:09 -0700 Subject: [PATCH 18/24] feat: aliased binaries in gvm repo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - feat: alias for root of repo name - feat: unconditional alias for `:graalvm` → `java` - feat: aliases for `java`, `javac` - feat: alias for `native-image` - feat: alias for `gu` - fix: binary targets on windows Signed-off-by: Sam Gammon --- internal/graalvm_bindist.bzl | 175 ++++++++++++++++++++++++++++++++--- 1 file changed, 162 insertions(+), 13 deletions(-) diff --git a/internal/graalvm_bindist.bzl b/internal/graalvm_bindist.bzl index e6410623..bec52c88 100644 --- a/internal/graalvm_bindist.bzl +++ b/internal/graalvm_bindist.bzl @@ -342,14 +342,17 @@ def _toolchain_config_impl(ctx): ctx.file("WORKSPACE", "workspace(name = \"{name}\")\n".format(name = ctx.name)) ctx.file("BUILD.bazel", ctx.attr.build_file) -def _graal_postinstall_actions(ctx): +def _graal_postinstall_actions(ctx, os): + cmd = "bin/gu" + if os == "windows": + cmd = "bin\\gu.cmd" if ctx.attr.setup_actions and len(ctx.attr.setup_actions) > 0: for action in ctx.attr.setup_actions: if not action.startsWith("gu "): fail("GraalVM setup action did not start with 'gu'. Please only run GraalVM updater commands.") action_cmd = action.replace("gu ", "").split(" ") - exec_result = ctx.execute(["bin/gu"] + action_cmd, quiet = False) + exec_result = ctx.execute([cmd] + action_cmd, quiet = False) if exec_result.return_code != 0: fail("Unable to run GraalVM setup action '{cmd}':\n{stdout}\n{stderr}".format( cmd = action, @@ -394,13 +397,17 @@ def _graal_bindist_repository_impl(ctx): output = "native-image-installer.jar", ) - exec_result = ctx.execute(["bin/gu", "install", "--local-file", "native-image-installer.jar"], quiet = False) + cmd = "bin/gu" + if os == "windows": + cmd = "bin\\gu.cmd" + + exec_result = ctx.execute([cmd, "install", "--local-file", "native-image-installer.jar"], quiet = False) if exec_result.return_code != 0: fail("Unable to install native image:\n{stdout}\n{stderr}".format(stdout = exec_result.stdout, stderr = exec_result.stderr)) ctx.file("BUILD", """exports_files(glob(["**/*"]))""") ctx.file("WORKSPACE", "workspace(name = \"{name}\")".format(name = ctx.name)) - _graal_postinstall_actions(ctx) + _graal_postinstall_actions(ctx, os) else: platform, os, archive = _get_platform(ctx, True) @@ -460,12 +467,41 @@ def _graal_bindist_repository_impl(ctx): stripPrefix = effective_prefix, ) + cmd = "bin/gu" + image_exe = "bin/native-image" + java_exe = "bin/java" + javac_exe = "bin/javac" + js_exe = "bin/js" + polyglot_exe = "bin/polyglot" + wasm_exe = "bin/wasm" + python_exe = "bin/python" + ruby_exe = "bin/ruby" + lli_exe = "bin/lli" + if os == "windows": + cmd = "bin\\gu.cmd" + image_exe = "bin\\native-image.cmd" + java_exe = "bin\\java.exe" + javac_exe = "bin\\javac.exe" + js_exe = "bin\\js.exe" + polyglot_exe = "bin\\polyglot.exe" + wasm_exe = "bin\\wasm.exe" + python_exe = "bin\\python.exe" + ruby_exe = "bin\\ruby.exe" + lli_exe = "bin\\lli.exe" + if ctx.attr.components and len(ctx.attr.components) > 0: ctx.report_progress("Downloading GraalVM components") - exec_result = ctx.execute(["bin/gu", "install"] + ctx.attr.components, quiet = False) + exec_result = ctx.execute([cmd, "install"] + ctx.attr.components, quiet = False) if exec_result.return_code != 0: fail("Unable to install GraalVM components:\n{stdout}\n{stderr}".format(stdout = exec_result.stdout, stderr = exec_result.stderr)) + if ctx.name in ["native-image", "toolchain_native_image", "toolchain_gvm", "entry", "bootstrap_runtime_toolchain", "toolchain", "jdk", "jre", "jre-lib"]: + fail("Cannot use name '%s' for repository name: It will clash with other targets" % ctx.name) + + ctx_alias = ctx.name + if ctx.name == "graalvm": + ctx_alias = "gvm_entry" + toolchain_aliases_template = """ alias( name = "toolchain", @@ -477,18 +513,72 @@ alias( actual = "@{repo}//:bootstrap_runtime_toolchain", visibility = ["//visibility:public"], ) +alias( + name = "entry", + actual = ":bin/java", +) +alias( + name = "graalvm", + actual = ":entry", +) +alias( + name = "{name}", + actual = ":entry", +) alias( name = "toolchain_gvm", actual = "@{repo}//:gvm", visibility = ["//visibility:public"], ) +alias( + name = "native-image", + actual = ":native-image-bin", +) +alias( + name = "java", + actual = ":java-bin", +) +alias( + name = "gu", + actual = ":gu-bin", +) +alias( + name = "javac", + actual = ":javac-bin", +) +alias( + name = "js", + actual = ":js-bin", +) +alias( + name = "wasm", + actual = ":wasm-bin", +) +alias( + name = "python", + actual = ":python-bin", +) +alias( + name = "ruby", + actual = ":ruby-bin", +) +alias( + name = "lli", + actual = ":lli-bin", +) +alias( + name = "polyglot", + actual = ":polyglot-bin", +) alias( name = "toolchain_native_image", actual = "@{repo}//:native_image", visibility = ["//visibility:public"], ) """.format( + name = ctx_alias, repo = ctx.attr.toolchain_config, + native_image_exe = image_exe, ) ctx.file( @@ -496,19 +586,78 @@ alias( """ exports_files(glob(["**/*"])) -%s -%s -""" % ( - ctx.attr.enable_toolchain and toolchain_aliases_template or "", - _JDK_BUILD_TEMPLATE.format(RUNTIME_VERSION = java_version), - ), - ) +alias( + name = "native-image-bin", + actual = ":{native_image_exe}", +) + +alias( + name = "java-bin", + actual = ":{java_exe}", +) + +alias( + name = "javac-bin", + actual = ":{javac_exe}", +) + +alias( + name = "gu-bin", + actual = ":{gu_exe}", +) + +alias( + name = "polyglot-bin", + actual = ":{polyglot_exe}", +) + +alias( + name = "js-bin", + actual = ":{js_exe}", +) + +alias( + name = "wasm-bin", + actual = ":{wasm_exe}", +) + +alias( + name = "python-bin", + actual = ":{python_exe}", +) + +alias( + name = "ruby-bin", + actual = ":{ruby_exe}", +) + +alias( + name = "lli-bin", + actual = ":{lli_exe}", +) + +{toolchain} +{aliases} +""".format( + toolchain = _JDK_BUILD_TEMPLATE.format(RUNTIME_VERSION = java_version), + aliases = ctx.attr.enable_toolchain and toolchain_aliases_template or "", + native_image_exe = image_exe, + java_exe = java_exe, + javac_exe = javac_exe, + polyglot_exe = polyglot_exe, + js_exe = js_exe, + wasm_exe = wasm_exe, + python_exe = python_exe, + ruby_exe = ruby_exe, + lli_exe = lli_exe, + gu_exe = cmd, + )) ctx.file("WORKSPACE.bazel", """ workspace(name = \"{name}\") """.format(name = ctx.name)) - _graal_postinstall_actions(ctx) + _graal_postinstall_actions(ctx, os) # Done. _graalvm_bindist_repository = repository_rule( From b753443d83564c883456aa59e45d79d9220fb401 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 21:41:10 -0700 Subject: [PATCH 19/24] chore: update module lock Signed-off-by: Sam Gammon --- MODULE.bazel.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index d34d8eb6..5cdada52 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -1,6 +1,6 @@ { "lockFileVersion": 1, - "moduleFileHash": "12c44e04b6f7ef89525db362f856460d7ff277138179f9aa3bed852439584fe6", + "moduleFileHash": "0f829925e575a3df5b9aad9d2e122affd665c55c983bfbb874323955c44dc686", "flags": { "cmdRegistries": [ "https://bcr.bazel.build/" @@ -69,7 +69,7 @@ "tags": [ { "tagName": "graalvm", - "attributeValues": {"name":"--graalvm","distribution":"--oracle","java_version":"--20","version":"--20.0.2"}, + "attributeValues": {"name":"--graalvm","components":["--js"],"distribution":"--oracle","java_version":"--20","version":"--20.0.2"}, "devDependency": false, "location": { "file": "@@//:MODULE.bazel", @@ -3347,13 +3347,13 @@ } }, "//:extensions.bzl%graalvm": { - "bzlTransitiveDigest": "XL2gg8eqwCzRKsgdlxCJ533/zTBnhHcCD4ve9I79d0Y=", + "bzlTransitiveDigest": "tRgHoVzahIC6lb9CbdUTElSAl7FhYccLMZO33cXLpms=", "envVariables": {}, "generatedRepoSpecs": { "graalvm": { "bzlFile": "@@//internal:graalvm_bindist.bzl", "ruleClassName": "_graalvm_bindist_repository", - "attributes": {"name":"--_main~graalvm~graalvm","version":"--20.0.2","java_version":"--20","distribution":"--oracle","components":[],"setup_actions":[],"enable_toolchain":true,"toolchain_config":"--graalvm_toolchain_config_repo","sha256":"--"} + "attributes": {"name":"--_main~graalvm~graalvm","version":"--20.0.2","java_version":"--20","distribution":"--oracle","components":["--js"],"setup_actions":[],"enable_toolchain":true,"toolchain_config":"--graalvm_toolchain_config_repo","sha256":"--"} }, "graalvm_toolchain_config_repo": { "bzlFile": "@@//internal:graalvm_bindist.bzl", From f6f6e0b2f8773794956968279a22c7f51b806bd4 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 21:52:02 -0700 Subject: [PATCH 20/24] fix: more windows path fixes Signed-off-by: Sam Gammon --- internal/graalvm_bindist.bzl | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/internal/graalvm_bindist.bzl b/internal/graalvm_bindist.bzl index bec52c88..9e3426f3 100644 --- a/internal/graalvm_bindist.bzl +++ b/internal/graalvm_bindist.bzl @@ -478,16 +478,16 @@ def _graal_bindist_repository_impl(ctx): ruby_exe = "bin/ruby" lli_exe = "bin/lli" if os == "windows": - cmd = "bin\\gu.cmd" - image_exe = "bin\\native-image.cmd" - java_exe = "bin\\java.exe" - javac_exe = "bin\\javac.exe" - js_exe = "bin\\js.exe" - polyglot_exe = "bin\\polyglot.exe" - wasm_exe = "bin\\wasm.exe" - python_exe = "bin\\python.exe" - ruby_exe = "bin\\ruby.exe" - lli_exe = "bin\\lli.exe" + cmd = "bin/gu.cmd" + image_exe = "bin/native-image.cmd" + java_exe = "bin/java.exe" + javac_exe = "bin/javac.exe" + js_exe = "bin/js.exe" + polyglot_exe = "bin/polyglot.exe" + wasm_exe = "bin/wasm.exe" + python_exe = "bin/python.exe" + ruby_exe = "bin/ruby.exe" + lli_exe = "bin/lli.exe" if ctx.attr.components and len(ctx.attr.components) > 0: ctx.report_progress("Downloading GraalVM components") From 0dff8c73e6b2f8a449ff15adc6f09cfa74aed695 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 22:00:20 -0700 Subject: [PATCH 21/24] chore: add inert pom Signed-off-by: Sam Gammon --- pom.xml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 pom.xml diff --git a/pom.xml b/pom.xml new file mode 100644 index 00000000..0452dca5 --- /dev/null +++ b/pom.xml @@ -0,0 +1,15 @@ + + 4.0.0 + + dev.elide + rules_graalvm + 0.9.0 + + + + org.graalvm.sdk + graal-sdk + 23.0.1 + + + From d4cd2b0f01fa5ab088949b557bc93f687d934fc7 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 22:03:56 -0700 Subject: [PATCH 22/24] chore: dependency graph reporting via inert pom Signed-off-by: Sam Gammon --- .github/workflows/on.pr.yml | 15 +++++++++++++++ .github/workflows/on.push.yml | 15 +++++++++++++++ pom.xml | 15 +++++++++++++++ 3 files changed, 45 insertions(+) diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index ef4a72d3..bbc7c86f 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -17,6 +17,21 @@ name: "PR" merge_group: {} jobs: + dependency-graph: + name: "Dependency Graph" + continue-on-error: true + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + with: + egress-policy: audit + - name: "Setup: Checkout" + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - name: "Report: Dependency Graph" + continue-on-error: true + uses: advanced-security/maven-dependency-submission-action@v3 + dependency-review: name: "Dependency Review" runs-on: ubuntu-latest diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml index c127366b..f49e02e5 100644 --- a/.github/workflows/on.push.yml +++ b/.github/workflows/on.push.yml @@ -14,6 +14,21 @@ name: "CI" - tools/**/*.* jobs: + dependency-graph: + name: "Dependency Graph" + continue-on-error: true + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + with: + egress-policy: audit + - name: "Setup: Checkout" + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - name: "Report: Dependency Graph" + continue-on-error: true + uses: advanced-security/maven-dependency-submission-action@v3 + build: name: "Build (${{ matrix.label }})" uses: ./.github/workflows/module.build.yml diff --git a/pom.xml b/pom.xml index 0452dca5..065787a1 100644 --- a/pom.xml +++ b/pom.xml @@ -11,5 +11,20 @@ graal-sdk 23.0.1 + + org.graalvm.compiler + compiler + 23.0.1 + + + org.graalvm.nativeimage + svm + 23.0.1 + + + org.graalvm.nativeimage + native-image-base + 23.0.1 + From b7a3bab8b114d76978bbdb0a347201b74608a275 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 22:13:45 -0700 Subject: [PATCH 23/24] fix: more windows fixes Signed-off-by: Sam Gammon --- .github/workflows/module.build.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index 66a62732..0976388d 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -112,12 +112,7 @@ jobs: - name: "Build: Project" continue-on-error: ${{ inputs.labs }} shell: bash - run: bazel build --config=ci "//..." - - name: "Test: Example" - if: inputs.tests - continue-on-error: ${{ inputs.labs }} - shell: bash - run: bazel build --config=ci "//..." + run: bazel build --config=ci "//example/native" integration-tests: name: "Test: ${{ matrix.label }}" From 92da9693f134e9f240c29e7496cec2d54f95df03 Mon Sep 17 00:00:00 2001 From: Sam Gammon Date: Sun, 13 Aug 2023 22:24:58 -0700 Subject: [PATCH 24/24] chore: add inert gosum/gomod Enables a way to list ourselves on Graal's page via the dependency graph. Signed-off-by: Sam Gammon --- go.mod | 7 +++++++ go.sum | 2 ++ 2 files changed, 9 insertions(+) create mode 100644 go.mod create mode 100644 go.sum diff --git a/go.mod b/go.mod new file mode 100644 index 00000000..2244dd53 --- /dev/null +++ b/go.mod @@ -0,0 +1,7 @@ +module github.com/sgammon/rules_graalvm + +go 1.20 + +require ( + github.com/oracle/graal v0.0.0-20230404173117-d009080559d8 // indirect +) \ No newline at end of file diff --git a/go.sum b/go.sum new file mode 100644 index 00000000..15be4f45 --- /dev/null +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/oracle/graal v0.0.0-20230404173117-d009080559d8 h1:tMJyA85Y++BJhS6UnByMf8DoqDEDJYaRtcIi84Zu8sE= +github.com/oracle/graal v0.0.0-20230404173117-d009080559d8/go.mod h1:1dYHRgwmI8y3khulqCfD/VVrZ2F+qyra5Mh+jfBwork=