Skip to content

Commit

Permalink
refactor: remove yq dependency (#386)
Browse files Browse the repository at this point in the history
  • Loading branch information
thesayyn authored Apr 25, 2024
1 parent c19ce14 commit 5088c9f
Show file tree
Hide file tree
Showing 23 changed files with 104 additions and 127 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
push:
branches: [main]
pull_request:
branches: [main]
branches: [main, \d.x]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
Expand Down
2 changes: 1 addition & 1 deletion MODULE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ module(
compatibility_level = 1,
)

bazel_dep(name = "aspect_bazel_lib", version = "1.42.1")
bazel_dep(name = "aspect_bazel_lib", version = "2.7.1")
bazel_dep(name = "bazel_skylib", version = "1.4.1")
bazel_dep(name = "platforms", version = "0.0.5")

Expand Down
6 changes: 4 additions & 2 deletions WORKSPACE
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,11 @@ oci_register_toolchains(
)

## Setup bazel-lib
load("@aspect_bazel_lib//lib:repositories.bzl", "aspect_bazel_lib_dependencies")
load("@aspect_bazel_lib//lib:repositories.bzl", "aspect_bazel_lib_dependencies", "aspect_bazel_lib_register_toolchains")

aspect_bazel_lib_dependencies(override_local_config_platform = True)
aspect_bazel_lib_dependencies()

aspect_bazel_lib_register_toolchains()

## Setup cosign
load("//cosign:repositories.bzl", "cosign_register_toolchains")
Expand Down
8 changes: 4 additions & 4 deletions cosign/private/attest.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ _attrs = {

def _cosign_attest_impl(ctx):
cosign = ctx.toolchains["@rules_oci//cosign:toolchain_type"]
yq = ctx.toolchains["@aspect_bazel_lib//lib:yq_toolchain_type"]
jq = ctx.toolchains["@aspect_bazel_lib//lib:jq_toolchain_type"]

if ctx.attr.repository.find(":") != -1 or ctx.attr.repository.find("@") != -1:
fail("repository attribute should not contain digest or tag.")
Expand All @@ -67,15 +67,15 @@ def _cosign_attest_impl(ctx):
is_executable = True,
substitutions = {
"{{cosign_path}}": cosign.cosign_info.binary.short_path,
"{{yq_path}}": yq.yqinfo.bin.short_path,
"{{jq_path}}": jq.jqinfo.bin.short_path,
"{{image_dir}}": ctx.file.image.short_path,
"{{fixed_args}}": " ".join(fixed_args),
"{{type}}": ctx.attr.type,
},
)

runfiles = ctx.runfiles(files = [ctx.file.image, ctx.file.predicate])
runfiles = runfiles.merge(yq.default.default_runfiles)
runfiles = runfiles.merge(jq.default.default_runfiles)
runfiles = runfiles.merge(cosign.default.default_runfiles)

return DefaultInfo(executable = executable, runfiles = runfiles)
Expand All @@ -87,6 +87,6 @@ cosign_attest = rule(
executable = True,
toolchains = [
"@rules_oci//cosign:toolchain_type",
"@aspect_bazel_lib//lib:yq_toolchain_type",
"@aspect_bazel_lib//lib:jq_toolchain_type",
],
)
4 changes: 2 additions & 2 deletions cosign/private/attest.sh.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
set -o pipefail -o errexit -o nounset

readonly COSIGN="{{cosign_path}}"
readonly YQ="{{yq_path}}"
readonly JQ="{{jq_path}}"
readonly IMAGE_DIR="{{image_dir}}"
readonly DIGEST=$("${YQ}" '.manifests[].digest' "${IMAGE_DIR}/index.json")
readonly DIGEST=$("${JQ}" -r '.manifests[].digest' "${IMAGE_DIR}/index.json")
readonly FIXED_ARGS=({{fixed_args}})


Expand Down
8 changes: 4 additions & 4 deletions cosign/private/sign.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ _attrs = {

def _cosign_sign_impl(ctx):
cosign = ctx.toolchains["@rules_oci//cosign:toolchain_type"]
yq = ctx.toolchains["@aspect_bazel_lib//lib:yq_toolchain_type"]
jq = ctx.toolchains["@aspect_bazel_lib//lib:jq_toolchain_type"]

if ctx.attr.repository.find(":") != -1 or ctx.attr.repository.find("@") != -1:
fail("repository attribute should not contain digest or tag.")
Expand All @@ -56,14 +56,14 @@ def _cosign_sign_impl(ctx):
is_executable = True,
substitutions = {
"{{cosign_path}}": cosign.cosign_info.binary.short_path,
"{{yq_path}}": yq.yqinfo.bin.short_path,
"{{jq_path}}": jq.jqinfo.bin.short_path,
"{{image_dir}}": ctx.file.image.short_path,
"{{fixed_args}}": " ".join(["--repository", ctx.attr.repository]),
},
)

runfiles = ctx.runfiles(files = [ctx.file.image])
runfiles = runfiles.merge(yq.default.default_runfiles)
runfiles = runfiles.merge(jq.default.default_runfiles)
runfiles = runfiles.merge(cosign.default.default_runfiles)

return DefaultInfo(executable = executable, runfiles = runfiles)
Expand All @@ -75,6 +75,6 @@ cosign_sign = rule(
executable = True,
toolchains = [
"@rules_oci//cosign:toolchain_type",
"@aspect_bazel_lib//lib:yq_toolchain_type",
"@aspect_bazel_lib//lib:jq_toolchain_type",
],
)
4 changes: 2 additions & 2 deletions cosign/private/sign.sh.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
set -o pipefail -o errexit -o nounset

readonly COSIGN="{{cosign_path}}"
readonly YQ="{{yq_path}}"
readonly JQ="{{jq_path}}"
readonly IMAGE_DIR="{{image_dir}}"
readonly DIGEST=$("${YQ}" '.manifests[].digest' "${IMAGE_DIR}/index.json")
readonly DIGEST=$("${JQ}" -r '.manifests[].digest' "${IMAGE_DIR}/index.json")
readonly FIXED_ARGS=({{fixed_args}})

# set $@ to be FIXED_ARGS+$@
Expand Down
7 changes: 4 additions & 3 deletions e2e/convert_docker_tarball/WORKSPACE
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,12 @@ oci_register_toolchains(
crane_version = LATEST_CRANE_VERSION,
)


http_archive(
name = "container_structure_test",
sha256 = "2da13da4c4fec9d4627d4084b122be0f4d118bd02dfa52857ff118fde88e4faa",
strip_prefix = "container-structure-test-1.16.0",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.0.zip"],
sha256 = "4fd1e0d4974fb95e06d0e94e6ceaae126382bf958524062db4e582232590b863",
strip_prefix = "container-structure-test-1.16.1",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.1.zip"],
)

load("@container_structure_test//:repositories.bzl", "container_structure_test_register_toolchain")
Expand Down
7 changes: 4 additions & 3 deletions e2e/crane_as_registry/WORKSPACE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,12 @@ load("@rules_pkg//:deps.bzl", "rules_pkg_dependencies")

rules_pkg_dependencies()


http_archive(
name = "container_structure_test",
sha256 = "2da13da4c4fec9d4627d4084b122be0f4d118bd02dfa52857ff118fde88e4faa",
strip_prefix = "container-structure-test-1.16.0",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.0.zip"],
sha256 = "4fd1e0d4974fb95e06d0e94e6ceaae126382bf958524062db4e582232590b863",
strip_prefix = "container-structure-test-1.16.1",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.1.zip"],
)

load("@container_structure_test//:repositories.bzl", "container_structure_test_register_toolchain")
Expand Down
6 changes: 3 additions & 3 deletions e2e/custom_registry/WORKSPACE
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,9 @@ oci_pull(

http_archive(
name = "container_structure_test",
sha256 = "2da13da4c4fec9d4627d4084b122be0f4d118bd02dfa52857ff118fde88e4faa",
strip_prefix = "container-structure-test-1.16.0",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.0.zip"],
sha256 = "4fd1e0d4974fb95e06d0e94e6ceaae126382bf958524062db4e582232590b863",
strip_prefix = "container-structure-test-1.16.1",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.1.zip"],
)

load("@container_structure_test//:repositories.bzl", "container_structure_test_register_toolchain")
Expand Down
2 changes: 1 addition & 1 deletion e2e/smoke/MODULE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ bazel_dep(name = "container_structure_test", version = "1.15.0", dev_dependency
bazel_dep(name = "rules_oci", version = "0.0.0", dev_dependency = True)

bazel_dep(name = "platforms", version = "0.0.5")
bazel_dep(name = "aspect_bazel_lib", version = "1.32.0")
bazel_dep(name = "aspect_bazel_lib", version = "2.7.1")
bazel_dep(name = "bazel_skylib", version = "1.1.1")

local_path_override(
Expand Down
13 changes: 10 additions & 3 deletions e2e/smoke/WORKSPACE.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,18 @@ local_repository(

load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

http_archive(
name = "aspect_bazel_lib",
sha256 = "b554eb7942a5ab44c90077df6a0c76fc67c5874c9446a007e9ba68be82bd4796",
strip_prefix = "bazel-lib-2.7.1",
url = "https://github.com/aspect-build/bazel-lib/releases/download/v2.7.1/bazel-lib-v2.7.1.tar.gz",
)

http_archive(
name = "container_structure_test",
sha256 = "2da13da4c4fec9d4627d4084b122be0f4d118bd02dfa52857ff118fde88e4faa",
strip_prefix = "container-structure-test-1.16.0",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.0.zip"],
sha256 = "4fd1e0d4974fb95e06d0e94e6ceaae126382bf958524062db4e582232590b863",
strip_prefix = "container-structure-test-1.16.1",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.1.zip"],
)

load("@container_structure_test//:repositories.bzl", "container_structure_test_register_toolchain")
Expand Down
2 changes: 1 addition & 1 deletion examples/multi_arch/BUILD.bazel
Original file line number Diff line number Diff line change
Expand Up @@ -43,5 +43,5 @@ genrule(
assert_contains(
name = "check_digest",
actual = ":hash",
expected = "sha256:7dc510461a627051f9276ec21a26ed9a314e87e94eac1be996fcf48be6cc9aa2",
expected = "sha256:a5285d5827015227664ab5a2334a32b9750bd6ec8cfe3b655376b997f020eb43",
)
2 changes: 1 addition & 1 deletion examples/multi_arch_go/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ assert_json_matches(
name = "check_multiarch_tags",
file1 = ":tar_multiarch_index",
file2 = ":expected_RepoTags",
filter1 = ".manifests[].annotations[\"org.opencontainers.image.ref.name\"]",
filter1 = """.manifests[].annotations["org.opencontainers.image.ref.name"]""",
filter2 = ".[]",
)

Expand Down
6 changes: 3 additions & 3 deletions internal_deps.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -61,9 +61,9 @@ def rules_oci_internal_deps():

http_archive(
name = "container_structure_test",
sha256 = "2da13da4c4fec9d4627d4084b122be0f4d118bd02dfa52857ff118fde88e4faa",
strip_prefix = "container-structure-test-1.16.0",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.0.zip"],
sha256 = "4fd1e0d4974fb95e06d0e94e6ceaae126382bf958524062db4e582232590b863",
strip_prefix = "container-structure-test-1.16.1",
urls = ["https://github.com/GoogleContainerTools/container-structure-test/archive/v1.16.1.zip"],
)

http_archive(
Expand Down
6 changes: 3 additions & 3 deletions oci/dependencies.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ def rules_oci_dependencies():

http_archive(
name = "aspect_bazel_lib",
sha256 = "d0203b032a26086729ade48c46bc6159fb4aa825d9a5bdf2d972449bcbefe967",
strip_prefix = "bazel-lib-1.42.1",
url = "https://github.com/aspect-build/bazel-lib/releases/download/v1.42.1/bazel-lib-v1.42.1.tar.gz",
sha256 = "b554eb7942a5ab44c90077df6a0c76fc67c5874c9446a007e9ba68be82bd4796",
strip_prefix = "bazel-lib-2.7.1",
url = "https://github.com/aspect-build/bazel-lib/releases/download/v2.7.1/bazel-lib-v2.7.1.tar.gz",
)
8 changes: 4 additions & 4 deletions oci/private/image_index.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ def _expand_image_to_args(image, expander):
return args

def _oci_image_index_impl(ctx):
yq = ctx.toolchains["@aspect_bazel_lib//lib:yq_toolchain_type"]
jq = ctx.toolchains["@aspect_bazel_lib//lib:jq_toolchain_type"]
coreutils = ctx.toolchains["@aspect_bazel_lib//lib:coreutils_toolchain_type"]

launcher = ctx.actions.declare_file("image_index_{}.sh".format(ctx.label.name))
Expand All @@ -49,7 +49,7 @@ def _oci_image_index_impl(ctx):
output = launcher,
is_executable = True,
substitutions = {
"{{yq_path}}": yq.yqinfo.bin.path,
"{{jq_path}}": jq.jqinfo.bin.path,
"{{coreutils_path}}": coreutils.coreutils_info.bin.path,
},
)
Expand All @@ -65,7 +65,7 @@ def _oci_image_index_impl(ctx):
arguments = [args],
outputs = [output],
executable = launcher,
tools = [yq.yqinfo.bin, coreutils.coreutils_info.bin],
tools = [jq.jqinfo.bin, coreutils.coreutils_info.bin],
mnemonic = "OCIIndex",
progress_message = "OCI Index %{label}",
)
Expand All @@ -77,7 +77,7 @@ oci_image_index = rule(
attrs = _attrs,
doc = _DOC,
toolchains = [
"@aspect_bazel_lib//lib:yq_toolchain_type",
"@aspect_bazel_lib//lib:jq_toolchain_type",
"@aspect_bazel_lib//lib:coreutils_toolchain_type",
],
)
28 changes: 15 additions & 13 deletions oci/private/image_index.sh.tpl
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#!/usr/bin/env bash
set -o pipefail -o errexit -o nounset

readonly YQ="{{yq_path}}"
readonly JQ="{{jq_path}}"
readonly COREUTILS="{{coreutils_path}}"

# Only crete the directory if it doesn't already exist.
Expand All @@ -15,17 +15,18 @@ function add_image() {
local image_path="$1"
local output_path="$2"

local manifests=$("${YQ}" eval '.manifests[]' "${image_path}/index.json")
local manifests=$("${JQ}" -c '.manifests[]' "${image_path}/index.json")

for manifest in "${manifests}"; do
local manifest_blob_path=$("${YQ}" '.digest | sub(":"; "/")' <<< ${manifest})
local config_blob_path=$("${YQ}" '.config.digest | sub(":"; "/")' "${image_path}/blobs/${manifest_blob_path}")

local platform=$("${YQ}" --output-format=json '{"os": .os, "architecture": .architecture, "variant": .variant, "os.version": .["os.version"], "os.features": .["os.features"]} | with_entries(select( .value != null ))' "${image_path}/blobs/${config_blob_path}")

platform="${platform}" \
manifest="${manifest}" \
"${YQ}" --inplace --output-format=json '.manifests += [env(manifest) + {"platform": env(platform)}]' "${output_path}/manifest_list.json"
local manifest_blob_path=$("${JQ}" -r '.digest | sub(":"; "/")' <<< ${manifest})
local config_blob_path=$("${JQ}" -r '.config.digest | sub(":"; "/")' "${image_path}/blobs/${manifest_blob_path}")

local platform=$("${JQ}" -c '{"os": .os, "architecture": .architecture, "variant": .variant, "os.version": .["os.version"], "os.features": .["os.features"]} | with_entries(select( .value != null ))' "${image_path}/blobs/${config_blob_path}")
"${JQ}" --argjson platform "${platform}" \
--argjson manifest "${manifest}" \
'.manifests |= [$manifest + {"platform": $platform}]'\
"${output_path}/manifest_list.json" > "${output_path}/manifest_list.new.json"
cat "${output_path}/manifest_list.new.json" > "${output_path}/manifest_list.json"
done
}

Expand Down Expand Up @@ -60,9 +61,10 @@ for ARG in "$@"; do
done


export checksum=$("${COREUTILS}" sha256sum "${OUTPUT}/manifest_list.json" | "${COREUTILS}" cut -f 1 -d " ")
export size=$("${COREUTILS}" wc -c < "${OUTPUT}/manifest_list.json")
checksum=$("${COREUTILS}" sha256sum "${OUTPUT}/manifest_list.json" | "${COREUTILS}" cut -f 1 -d " ")
size=$("${COREUTILS}" wc -c < "${OUTPUT}/manifest_list.json")

"${YQ}" --inplace --output-format=json '.manifests += [{"mediaType": "application/vnd.oci.image.index.v1+json", "size": env(size), "digest": "sha256:" + env(checksum)}]' "$OUTPUT/index.json"
"${JQ}" -n --arg checksum "${checksum}" --argjson size "${size}" \
'.manifests = [{"mediaType": "application/vnd.oci.image.index.v1+json", "size": $size, "digest": ("sha256:" + $checksum) }]' > "$OUTPUT/index.json"

"${COREUTILS}" mv "${OUTPUT}/manifest_list.json" "$OUTPUT/blobs/sha256/${checksum}"
8 changes: 4 additions & 4 deletions oci/private/push.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ def _quote_args(args):

def _impl(ctx):
crane = ctx.toolchains["@rules_oci//oci:crane_toolchain_type"]
yq = ctx.toolchains["@aspect_bazel_lib//lib:yq_toolchain_type"]
jq = ctx.toolchains["@aspect_bazel_lib//lib:jq_toolchain_type"]

if ctx.attr.repository and ctx.attr.repository_file:
fail("must specify exactly one of 'repository_file' or 'repository'")
Expand All @@ -151,7 +151,7 @@ def _impl(ctx):
files = [ctx.file.image]
substitutions = {
"{{crane_path}}": crane.crane_info.binary.short_path,
"{{yq_path}}": yq.yqinfo.bin.short_path,
"{{jq_path}}": jq.jqinfo.bin.short_path,
"{{image_dir}}": ctx.file.image.short_path,
"{{fixed_args}}": "",
}
Expand All @@ -175,7 +175,7 @@ def _impl(ctx):
substitutions = substitutions,
)
runfiles = ctx.runfiles(files = files)
runfiles = runfiles.merge(yq.default.default_runfiles)
runfiles = runfiles.merge(jq.default.default_runfiles)
runfiles = runfiles.merge(crane.default.default_runfiles)

return DefaultInfo(executable = executable, runfiles = runfiles)
Expand All @@ -185,7 +185,7 @@ oci_push_lib = struct(
attrs = _attrs,
toolchains = [
"@rules_oci//oci:crane_toolchain_type",
"@aspect_bazel_lib//lib:yq_toolchain_type",
"@aspect_bazel_lib//lib:jq_toolchain_type",
],
)

Expand Down
4 changes: 2 additions & 2 deletions oci/private/push.sh.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
set -o pipefail -o errexit -o nounset

readonly CRANE="{{crane_path}}"
readonly YQ="{{yq_path}}"
readonly JQ="{{jq_path}}"
readonly IMAGE_DIR="{{image_dir}}"
readonly TAGS_FILE="{{tags}}"
readonly FIXED_ARGS=({{fixed_args}})
Expand Down Expand Up @@ -44,7 +44,7 @@ while (( $# > 0 )); do
esac
done

DIGEST=$("${YQ}" eval '.manifests[0].digest' "${IMAGE_DIR}/index.json")
DIGEST=$("${JQ}" -r '.manifests[0].digest' "${IMAGE_DIR}/index.json")

REFS=$(mktemp)
"${CRANE}" push "${IMAGE_DIR}" "${REPOSITORY}@${DIGEST}" "${ARGS[@]+"${ARGS[@]}"}" --image-refs "${REFS}"
Expand Down
Loading

0 comments on commit 5088c9f

Please sign in to comment.