sgammon · sgammon · Aug 14, 2023 · Aug 13, 2023 · Aug 13, 2023 · Aug 13, 2023
@@ -0,0 +1,24 @@
+---
+matrix:
+ platform:
+ - ubuntu2004
+ - macos
+ - windows
+
+tasks:
+ build:
+ build_targets:
+ - "..."
+ test_targets:
+ - "..."
+
+bcr_test_module:
+ module_path: "example/integration_tests/bzlmod"
+ matrix:
+ platform: ["debian10", "macos", "ubuntu2004", "windows"]
+ tasks:
+ build_bzlmod_test:
+ name: "Build test module"
+ platform: ${{ platform }}
+ build_targets:
+ - "//..."
@@ -0,0 +1,2 @@
+---
+moduleRoots: ["."]
@@ -0,0 +1,13 @@
+{
+ "homepage": "https://github.com/sgammon/rules_graalvm",
+ "maintainers": [
+ {
+ "email": "sam@elide.dev",
+ "github": "sgammon",
+ "name": "Sam Gammon"
+ }
+ ],
+ "repository": ["github:sgammon/rules_graalvm"],
+ "versions": [],
+ "yanked_versions": {}
+}
@@ -0,0 +1,11 @@
+---
+bcr_test_module:
+ module_path: "example/integration_tests/bzlmod"
+ matrix:
+ platform: ["debian10", "macos", "ubuntu2004", "windows"]
+ tasks:
+ build_bzlmod_test:
+ name: "Build test module"
+ platform: ${{ platform }}
+ build_targets:
+ - "//..."
@@ -0,0 +1,5 @@
+{
+ "integrity": "",
+ "strip_prefix": "{REPO}-{VERSION}",
+ "url": "https://github.com/{OWNER}/{REPO}/archive/refs/tags/{TAG}.tar.gz"
+}
@@ -0,0 +1,3 @@
+rules:
+ line-length:
+ max: 120
@@ -14,21 +14,21 @@ appearance, race, religion, or sexual identity and orientation.
 Examples of behavior that contributes to creating a positive environment
 include:
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
 
 Examples of unacceptable behavior by participants include:
 
-* The use of sexualized language or imagery and unwelcome sexual attention or
+- The use of sexualized language or imagery and unwelcome sexual attention or
  advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or electronic
  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
+- Other conduct which could reasonably be considered inappropriate in a
  professional setting
 
 ## Our Responsibilities

@@ -0,0 +1,144 @@
+## GraalVM Rules for Bazel: Contribution Guide
+
+This codebase is a conventional Bazel 6 or Bazel 7 codebase, with support for [Bzlmod](https://docs.bazel.build/versions/5.0.0/bzlmod.html). To use it, you build and test from [Bazel](https://bazel.build).
+
+### Primer: Running Bazel Builds
+
+You will need a Bazel installation; you could install [Bazel](https://github.com/bazelbuild/bazel/releases) directly, but the best way to do this usually involves a wrapper which manages versions for you.
+
+There are several good Bazel wrappers. In order of preference for this project (but it's up to you):
+
+- **Aspect CLI**: [Aspect.dev](https://aspect.dev) makes a fantastic CLI and Bazel wrapper. You can install it [here][1].
+- **[Bazelisk](https://github.com/bazelbuild/bazelisk):** The beloved open-source canonical wrapper for Bazel. You can download it [here][2].
+
+Both of these clients use the `.bazelversion` file to determine what version of Bazel to run. On this project, it's a version of Bazel 7, usually. You can check the current Bazel version with:
+
+```
+➜ rules_graalvm git:(main) cat .bazelversion
+
+7.0.0-pre.20230724.1
+```
+
+Once you have Aspect, Bazelisk, or _that exact Bazel binary version_ installed and ready to go, you can proceed.
+
+## Running builds
+
+On this project, you can build with Bazel directly (using the wrappers, etc), or you can use the `Makefile`. They are functionally equivalent, but the `Makefile` conveniently applies various configurations for you, if you want.
+
+### Using the `Makefile`
+
+Run `make help` to see available tasks, as the `Makeile` is self-documenting:
+
+```
+➜ rules_graalvm git:(main) make help
+
+GraalVM Rules for Bazel:
+args Show current build args.
+build Build all targets.
+clean Clean built targets.
+config Show current build configuration.
+distclean Clean and expunge; drops all state and kills worker.
+docs Build docs.
+forceclean Clean, expunge, reset, and drop all ignored files (DANGEROUS).
+help Show this help message.
+lint-format Run the lint formatter.
+lint Run the lint checker.
+reset Clean, expunge, and perform a hard Git reset (DANGEROUS).
+test Run all tests.
+yamllint Run yamllint.
+```
+
+There are some top-level build variables which configure the `Makefile` (defaults listed):
+
+```
+CI ?= no # Turns on CI build settings.
+DEBUG ?= no # Turns on `verbose_failures`, `sandbox_debug`, etc.
+RELEASE ?= no # Builds in release (optimized) mode.
+VERBOSE ?= no # Emits commands and applies `verbose_failures`.
+BZLMOD ?= no # Builds with `bzlmod` turned on.
+COVERAGE ?= yes # Whether to test with the `coverage` command instead.
+TARGETS ?= //... # Targets to build via `make build`.
+TESTS ?= //... # Tests to run via `make test`.
+ARGS ?= # Additional Bazel arguments to pass.
+CONFIGS ?= # Additional Bazel `--config=` names to pass.
+```
+
+Checking the current build configuration with the `Makefile`:
+
+```
+➜ rules_graalvm git:(main) make config
+
+Current configuration:
+CI: no
+Bzlmod: yes
+Debug: no
+Release: no
+Verbose: no
+Coverage: yes
+Test task: coverage
+Configs: bzlmod
+Targets: //...
+Tests: //...
+Args:
+ --config=bzlmod --config=fastbuild
+```
+
+As you can see, the `Makefile` has decided to apply the `fastbuild` config based on having no other inputs (it's the default in Bazel too). Let's see what passing `RELEASE=yes` does:
+
+```
+➜ rules_graalvm git:(main) make config RELEASE=yes
+
+Current configuration:
+CI: no
+Bzlmod: no
+Debug: no
+Release: yes
+Verbose: no
+Coverage: yes
+Test task: coverage
+Configs: bzlmod
+Targets: //...
+Tests: //...
+Args:
+ --config=bzlmod --config=release
+```
+
+Makes sense, checks out. You can pass these `Args` and `Targets` yourself directly to Bazel if you want, which is all the `Makefile` will do anyway.
+
+### Using Bazel
+
+To build directly using Bazel, it's pretty easy:
+
+```
+bazel build //...
+```
+
+To run tests:
+
+```
+bazel test //...
+```
+
+### Configuring Bazel with local settings
+
+The Bazel build will look for a user configuration at `local.bazelrc` at the root of the codebase. You can use this file to apply Bazel settings within the scope of only your user.
+
+This is the best way to configure things like [Buildless](https://less.build) and [BuildBuddy](https://buildbuddy.io), both of which we use on this project. You can use them if you want.
+
+There is a sample configuration at `local.bazelrc.inert`. You can use it like this:
+
+```
+cp local.bazelrc.inert local.bazelrc
+# now edit it lol
+```
+
+You will want to add your own API keys, of course. The default configuration is sufficient from there. If you want to, say, enable Bzlmod locally for all your builds, you can add:
+
+```
+build --config=bzlmod
+```
+
+And so on.
+
+[1]: https://www.aspect.build/cli
+[2]: https://github.com/bazelbuild/bazelisk/releases
@@ -0,0 +1,6 @@
+version: 2
+updates:
+ - package-ecosystem: github-actions
+ directory: /
+ schedule:
+ interval: daily
@@ -0,0 +1,11 @@
+license-check: true
+vulnerability-check: true
+fail-on-severity: "low"
+
+allow-licenses:
+ - GPL-3.0
+ - BSD-3-Clause
+ - MIT
+ - Apache-2.0
+
+allow-ghsas: []
@@ -0,0 +1,8 @@
+load("@buildifier_prebuilt//:rules.bzl", "buildifier")
+
+buildifier(
+ name = "buildifier.check",
+ exclude_patterns = ["./.git/*"],
+ lint_mode = "warn",
+ mode = "diff",
+)
@@ -0,0 +1,31 @@
+---
+name: Bazel CI
+
+# Controls when the action will run.
+"on":
+ push:
+ branches: [main]
+ pull_request:
+ branches: [main]
+ workflow_dispatch: {}
+
+concurrency:
+ # Cancel previous actions from the same PR: https://stackoverflow.com/a/72408109
+ group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+ cancel-in-progress: true
+
+jobs:
+ test:
+ uses: bazel-contrib/.github/.github/workflows/bazel.yaml@29e53247c6366e30acbedfc767f58f79fc05836c
+ with:
+ folders: |
+ [
+ "."
+ ]
+ exclude: |
+ [
+ {"bazelversion": "5.4.0", "bzlmodEnabled": true},
+ {"bazelversion": "5.4.0", "bzlmodEnabled": false},
+ {"bazelversion": "5.4.0", "os": "macos-latest"},
+ {"bazelversion": "5.4.0", "os": "windows-latest"}
+ ]
@@ -0,0 +1,26 @@
+---
+name: Buildifier
+
+# Controls when the action will run.
+"on":
+ # Triggers the workflow on push or pull request events but only for the main branch
+ push:
+ branches: [main]
+ pull_request:
+ branches: [main]
+ # Allows you to run this workflow manually from the Actions tab
+ workflow_dispatch:
+
+jobs:
+ check:
+ runs-on: ubuntu-latest
+ continue-on-error: true
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+ with:
+ egress-policy: audit
+ - uses: actions/checkout@v3
+ - name: buildifier
+ continue-on-error: true
+ run: bazel run --enable_bzlmod //.github/workflows:buildifier.check
@@ -0,0 +1,69 @@
+---
+name: "CodeQL"
+
+"on":
+ push:
+ branches: ["main"]
+ pull_request:
+ branches: ["main"]
+ schedule:
+ - cron: "0 0 * * 1"
+
+permissions:
+ contents: read
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: ["java"]
+ # CodeQL supports [ $supported-codeql-languages ]
+ # Learn more about CodeQL language support at:
+ # https://aka.ms/codeql-docs/language-support
+
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
+ with:
+ egress-policy: audit
+
+ - name: Checkout repository
+ uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
+ # If this step fails, then you should remove it and run the build manually (see below)
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3
+
+ # ℹ️ Command-line programs to run using the OS shell.
+ # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+ # If the Autobuild fails above, remove it and uncomment the following three lines.
+ # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+ # - run: |
+ # echo "Run, Build Application using script"
+ # ./location_of_script_within_repo/buildscript.sh
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3
+ continue-on-error: true
+ with:
+ category: "/language:${{matrix.language}}"