@ -1,6 +1,8 @@
{ lib
, buildBazelPackage
, fetchFromGitHub
, callPackage
, bash
, cacert
, git
, glibcLocales
@ -9,6 +11,7 @@
, iptables
, makeWrapper
, procps
, protobuf
, python3
} :
@ -16,9 +19,12 @@ let
preBuild = ''
patchShebangs .
substituteInPlace tools/defs.bzl \
- - replace " # ! / b i n / b a s h " " # ! ${ bash } / b i n / b a s h "
# Tell rules_go to use the Go binary found in the PATH
sed - E - i \
- e ' s | go_version \ s * = \ s * " [ ^ " ] + " , | g o _ v e r s i o n = " host " , | g ' \
- e ' s | go_version \ s * = \ s * " [ ^ " ] + " | g o _ v e r s i o n = " host " | g ' \
WORKSPACE
# The gazelle Go tooling needs CA certs
@ -31,20 +37,37 @@ let
export GOPATH =
'' ;
# Patch the protoc alias so that it always builds from source.
rulesProto = fetchFromGitHub {
owner = " b a z e l b u i l d " ;
repo = " r u l e s _ p r o t o " ;
rev = " f 7 a 3 0 f 6 f 8 0 0 0 6 b 5 9 1 f a 7 c 4 3 7 f e 5 a 9 5 1 e b 1 0 b c b c f " ;
sha256 = " 1 0 b c w 0 i r 0 s k k 7 h 3 3 l m q m 3 8 n 9 w 4 n f s 2 4 m w a j n n g k b s 6 j b 5 w s v k q v 8 " ;
extraPostFetch = ''
sed - i ' s | name = " p r o t o c " | name = " _ p r o t o c _ o r i g i n a l " | ' $ out/proto/private/BUILD.release
cat < < EOF > > $ out/proto/private/BUILD.release
alias ( name = " p r o t o c " , actual = " @ c o m _ g i t h u b _ p r o t o c o l b u f f e r s _ p r o t o b u f / / : p r o t o c " , visibility = [ " / / v i s i b i l i t y : p u b l i c " ] )
EOF
'' ;
} ;
in buildBazelPackage rec {
name = " g v i s o r - ${ version } " ;
version = " 2 0 1 9 - 1 1 - 1 4 " ;
version = " 2 0 2 1 0 5 1 8 . 0 " ;
src = fetchFromGitHub {
owner = " g o o g l e " ;
repo = " g v i s o r " ;
rev = " r e l e a s e - 2 0 1 9 1 1 1 4 . 0 " ;
sha256 = " 0 k y i x j j l w s 9 i z 2 r 2 s r g p d d 4 r r q 9 4 v p x k m h 2 r m m z x d 9 m c q y 2 i 9 b g 1 " ;
rev = " r e l e a s e - ${ version } " ;
sha256 = " 1 5 a 6 m l c l n y f c 9 m x 3 b j k s n n f 4 v l a 0 x h 0 r v 9 k x d p 3 4 l a 4 g w 3 c 4 h k s n " ;
} ;
nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ] ;
bazelTarget = " / / r u n s c : r u n s c " ;
bazelFlags = [
" - - o v e r r i d e _ r e p o s i t o r y = r u l e s _ p r o t o = ${ rulesProto } "
] ;
# gvisor uses the Starlark implementation of rules_cc, not the built-in one,
# so we shouldn't delete it from our dependencies.
@ -76,14 +99,14 @@ in buildBazelPackage rec {
rm - f " $ b a z e l O u t " /java.log " $ b a z e l O u t " /java.log. *
'' ;
sha256 = " 0 f h m l q 0 d 2 3 1 7 g w h m a 2 m z 1 a n b 6 9 j 4 c h y b k 9 0 j 7 1 j 8 8 w p g w 1 h x b k 3 4 " ;
sha256 = " 1 3 p a h p p m 4 3 1 m 1 9 8 v 5 b f f r z q 5 i w 8 m 7 9 r i p l b f q p 0 a f h 3 8 4 l n 6 6 9 h b " ;
} ;
buildAttrs = {
inherit preBuild ;
installPhase = ''
install - Dm755 bazel-bin/runsc /* _ p u r e _ s t r i p p e d / r u n s c $ o u t / b i n / r u n s c
install - Dm755 bazel-out /* / b i n / r u n s c / r u n s c _ / r u n s c $ o u t / b i n / r u n s c
# Needed for the 'runsc do' subcomand
wrapProgram $ out/bin/runsc \