diff --git a/.gitattributes b/.gitattributes index 3312d8f6..b4db5aa2 100644 --- a/.gitattributes +++ b/.gitattributes @@ -3,7 +3,7 @@ docs/image_index.md linguist-generated=true docs/image.md linguist-generated=true docs/pull.md linguist-generated=true docs/push.md linguist-generated=true -docs/tarball.md linguist-generated=true +docs/load.md linguist-generated=true ################################# # Configuration for 'git archive' diff --git a/.prettierignore b/.prettierignore index c26d6173..c5293cbd 100644 --- a/.prettierignore +++ b/.prettierignore @@ -3,4 +3,4 @@ docs/image*.md docs/structure*.md docs/pull.md docs/push.md -docs/tarball.md +docs/load.md diff --git a/README.md b/README.md index 2ae76efd..afc946f0 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,9 @@ _Need help?_ This ruleset has support provided by [Aspect Build](https://www.asp ## Comparison with rules_docker This ruleset is not intended as a complete replacement for [rules_docker]! -Many use cases can be accomodated, and we know that many users have completely replaced rules_docker. +Many use cases can be accomodated, and we know that many users have completely replaced rules*docker. You can find a migration guide at . -However, some other use cases such as `container_run_and_*` rules have no equivalent. +However, some other use cases such as `container_run_and*\*` rules have no equivalent. [rules_docker] was largely unmaintained for 18 months, and as of October 2023 it has been archived. See https://github.com/bazelbuild/rules_docker/discussions/2038. @@ -78,7 +78,7 @@ Note that these examples rely on the setup code in the `/WORKSPACE` file in the - [oci_image](docs/image.md) Build an OCI compatible container image. - [oci_image_index](docs/image_index.md) Build a multi-architecture OCI compatible container image. -- [oci_tarball](docs/tarball.md) Creates tarball from `oci_image` that can be loaded by runtimes. +- [oci_load](docs/load.md) Loads an `oci_image` into a container daemon. Can optionally produce a loadable tarball. ### Pull and Push diff --git a/docs/BUILD.bazel b/docs/BUILD.bazel index f7994781..24f42da6 100644 --- a/docs/BUILD.bazel +++ b/docs/BUILD.bazel @@ -12,8 +12,8 @@ stardoc_with_diff_test( ) stardoc_with_diff_test( - name = "tarball", - bzl_library_target = "//oci/private:tarball", + name = "load", + bzl_library_target = "//oci/private:load", ) stardoc_with_diff_test( diff --git a/docs/cpp.md b/docs/cpp.md index a1356d04..79ae2c42 100644 --- a/docs/cpp.md +++ b/docs/cpp.md @@ -6,6 +6,7 @@ in rules_docker. ## An example of packaging a simple C++ program Using a minimal example C++ program `example.cc`: + ```cpp #include @@ -15,8 +16,9 @@ int main(){ ``` To make a container image for this program, the `BUILD.bazel` would have something like this: + ```python -load("@rules_oci//oci:defs.bzl", "oci_image", "oci_tarball") +load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load") load("@rules_cc//cc:defs.bzl", "cc_binary") load("@rules_pkg//pkg:tar.bzl", "pkg_tar") @@ -47,16 +49,17 @@ oci_image( entrypoint = ["/example_binary"], ) -# Create tarball from oci image that can be run by container runtime. +# Use with 'bazel run' to load the oci image into a container runtime. # The image is designated using `repo_tags` attribute. -oci_tarball( - name = "image_tarball", +oci_load( + name = "image_load", image = ":image", repo_tags = ["example:latest"], ) ``` In `MODULE.bazel` file, be sure to add the following sections: + ```python # Pull needed base image oci.pull( @@ -71,17 +74,20 @@ oci.pull( # Expose the base image use_repo(oci, "docker_lib_ubuntu") ``` + ```python # Import rules_pkg bazel_dep(name = "rules_pkg", version = "0.10.1") ``` -To make tarball, execute: +To load the image, execute: + ```bash -bazel run //:image_tarball +bazel run //:image_load ``` Then to run the program with runtime, e.g., Docker: + ```bash docker run --rm example:latest ``` diff --git a/docs/load.md b/docs/load.md new file mode 100644 index 00000000..4de816e1 --- /dev/null +++ b/docs/load.md @@ -0,0 +1,72 @@ + + +Load an oci_image into runtimes such as podman and docker. +Intended for use with `bazel run`. + +For example, given an `:image` target, you could write + +``` +oci_load( + name = "load", + image = ":image", + repo_tags = ["my-repository:latest"], +) +``` + +and then run it in a container like so: + +``` +bazel run :load +docker run --rm my-repository:latest +``` + + + + +## oci_load + +
+oci_load(name, format, image, loader, repo_tags)
+
+ +Loads an OCI layout into a container daemon without needing to publish the image first. + +Passing anything other than oci_image to the image attribute will lead to build time errors. + +### Build Outputs + +The default output is an mtree specification file. +This is because producing the tarball in `bazel build` is expensive, and should typically not be an input to any other build actions, +so producing it only creates unnecessary load on the action cache. + +If needed, the `tarball` output group allows you to depend on the tar output from another rule. + +On the command line, `bazel build //path/to:my_tarball --output_groups=tarball` + +or in a BUILD file: + +```starlark +oci_load( + name = "my_tarball", + ... +) +filegroup( + name = "my_tarball.tar", + srcs = [":my_tarball"], + output_group = "tarball", +) +``` + + +**ATTRIBUTES** + + +| Name | Description | Type | Mandatory | Default | +| :------------- | :------------- | :------------- | :------------- | :------------- | +| name | A unique name for this target. | Name | required | | +| format | Format of image to generate. Options are: docker, oci. Currently, when the input image is an image_index, only oci is supported, and when the input image is an image, only docker is supported. Conversions between formats may be supported in the future. | String | optional | "docker" | +| image | Label of a directory containing an OCI layout, typically oci_image | Label | required | | +| loader | Alternative target for a container cli tool that will be used to load the image into the local engine when using bazel run on this target.

By default, we look for docker or podman on the PATH, and run the load command.

See the _run_template attribute for the script that calls this loader tool. | Label | optional | None | +| repo_tags | a file containing repo_tags, one per line. | Label | required | | + + diff --git a/docs/static_content.md b/docs/static_content.md index 11794a89..9f677435 100644 --- a/docs/static_content.md +++ b/docs/static_content.md @@ -47,7 +47,7 @@ And finally the build rules for our image. **./frontend/BUILD** ```python -load("@rules_oci//oci:defs.bzl", "oci_image", "oci_tarball") +load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load") load("@rules_pkg//pkg:tar.bzl", "pkg_tar") filegroup( name = "static", @@ -70,7 +70,7 @@ oci_image( # entrypoint = [], # cmd = [], ) -oci_tarball( +oci_load( name = "frontend_tarball", image = ":frontend_image", repo_tags = ["ourfrontend:latest"], diff --git a/docs/tarball.md b/docs/tarball.md deleted file mode 100644 index be501077..00000000 --- a/docs/tarball.md +++ /dev/null @@ -1,72 +0,0 @@ - - -Create a tarball from oci_image that can be loaded by runtimes such as podman and docker. -Intended for use with `bazel run`. - -For example, given an `:image` target, you could write - -``` -oci_tarball( - name = "tarball", - image = ":image", - repo_tags = ["my-repository:latest"], -) -``` - -and then run it in a container like so: - -``` -bazel run :tarball -docker run --rm my-repository:latest -``` - - - - -## oci_tarball - -
-oci_tarball(name, format, image, loader, repo_tags)
-
- -Creates tarball from OCI layouts that can be loaded into docker daemon without needing to publish the image first. - -Passing anything other than oci_image to the image attribute will lead to build time errors. - -### Outputs - -The default output is an mtree specification file. -This is because producing the tarball in `bazel build` is expensive, and should typically not be an input to any other build actions, -so producing it only creates unnecessary load on the action cache. - -If needed, the `tarball` output group allows you to depend on the tar output from another rule. - -On the command line, `bazel build //path/to:my_tarball --output_groups=tarball` - -or in a BUILD file: - -```starlark -oci_tarball( - name = "my_tarball", - ... -) -filegroup( - name = "my_tarball.tar", - srcs = [":my_tarball"], - output_group = "tarball", -) -``` - - -**ATTRIBUTES** - - -| Name | Description | Type | Mandatory | Default | -| :------------- | :------------- | :------------- | :------------- | :------------- | -| name | A unique name for this target. | Name | required | | -| format | Format of image to generate. Options are: docker, oci. Currently, when the input image is an image_index, only oci is supported, and when the input image is an image, only docker is supported. Conversions between formats may be supported in the future. | String | optional | "docker" | -| image | Label of a directory containing an OCI layout, typically oci_image | Label | required | | -| loader | Alternative target for a container cli tool that will be used to load the image into the local engine when using bazel run on this oci_tarball.

By default, we look for docker or podman on the PATH, and run the load command.

> Note that rules_docker has an "incremental loader" which is faster than oci_tarball by design. > Something similar can be done for oci_tarball. > See [loader.sh](/examples/incremental_loader/loader.sh) and explanation about [how](/examples/incremental_loader/README.md) it works.

See the _run_template attribute for the script that calls this loader tool. | Label | optional | None | -| repo_tags | a file containing repo_tags, one per line. | Label | required | | - - diff --git a/e2e/smoke/BUILD.bazel b/e2e/smoke/BUILD.bazel index 68389568..58209f9c 100644 --- a/e2e/smoke/BUILD.bazel +++ b/e2e/smoke/BUILD.bazel @@ -1,7 +1,7 @@ load("@aspect_bazel_lib//lib:testing.bzl", "assert_json_matches") load("@bazel_skylib//rules:write_file.bzl", "write_file") load("@container_structure_test//:defs.bzl", "container_structure_test") -load("@rules_oci//oci:defs.bzl", "oci_image", "oci_tarball") +load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load") oci_image( name = "image", @@ -21,15 +21,15 @@ tags = [ "my/image:latest", ] -oci_tarball( - name = "tarball", +oci_load( + name = "load", image = ":image", repo_tags = tags, ) filegroup( name = "tarball.tar", - srcs = [":tarball"], + srcs = [":load"], output_group = "tarball", ) diff --git a/e2e/wasm/BUILD.bazel b/e2e/wasm/BUILD.bazel index 9932a0f1..0e0db653 100644 --- a/e2e/wasm/BUILD.bazel +++ b/e2e/wasm/BUILD.bazel @@ -1,7 +1,7 @@ load("@aspect_bazel_lib//lib:tar.bzl", "tar") load("@aspect_bazel_lib//lib:transitions.bzl", "platform_transition_filegroup") load("@bazel_skylib//rules:build_test.bzl", "build_test") -load("@rules_oci//oci:defs.bzl", "oci_image", "oci_tarball") +load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load") load("@rules_rust//rust:defs.bzl", "rust_binary") package(default_visibility = ["//visibility:public"]) @@ -48,7 +48,7 @@ build_test( # then run the following; # `bazel run :tarball`` # `docker run --runtime=io.containerd.wasmedge.v1 --platform=wasi/wasm32 --pull=never gcr.io/wasm:latest` -oci_tarball( +oci_load( name = "tarball", image = ":image", repo_tags = ["gcr.io/wasm:latest"], diff --git a/examples/assert.bzl b/examples/assert.bzl index 635a48a9..f68dab94 100644 --- a/examples/assert.bzl +++ b/examples/assert.bzl @@ -6,7 +6,7 @@ load("@bazel_skylib//rules:write_file.bzl", "write_file") # THIS LOAD STATEMENT DEPENDS ON setup_assertion_repos.bzl load("@docker_configure//:defs.bzl", "TARGET_COMPATIBLE_WITH") -load("//oci:defs.bzl", "oci_tarball") +load("//oci:defs.bzl", "oci_load") DIGEST_CMD = """ image_path="$(location {image})" @@ -118,7 +118,7 @@ def assert_oci_image_command( "assert a that a container works with the given command." tag = "oci.local/assert/" + native.package_name().replace("/", "_") + ":latest" - oci_tarball( + oci_load( name = name + "_tarball", image = image, repo_tags = [tag], diff --git a/examples/assertion/BUILD.bazel b/examples/assertion/BUILD.bazel index 86617b95..cc8b9742 100644 --- a/examples/assertion/BUILD.bazel +++ b/examples/assertion/BUILD.bazel @@ -3,7 +3,7 @@ load("@aspect_bazel_lib//lib:testing.bzl", "assert_json_matches") load("@aspect_bazel_lib//lib:transitions.bzl", "platform_transition_filegroup") load("@bazel_skylib//rules:build_test.bzl", "build_test") load("@bazel_skylib//rules:write_file.bzl", "write_file") -load("@rules_oci//oci:defs.bzl", "oci_image", "oci_tarball") +load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load") load("//examples:assert.bzl", "assert_oci_config") # Case 1: image name containing a capital case. @@ -63,15 +63,15 @@ platform_transition_filegroup( target_platform = "//examples:linux_arm64", ) -oci_tarball( - name = "case4_tarball", +oci_load( + name = "case4_load", image = ":case4_transition", repo_tags = ["case4:example"], ) filegroup( - name = "case4_tarball_tar", - srcs = [":case4_tarball"], + name = "case4_tar", + srcs = [":case4_load"], output_group = "tarball", ) @@ -82,15 +82,15 @@ oci_image( os = "linux", ) -oci_tarball( - name = "case5_tarball", +oci_load( + name = "case5_load", image = ":case5", repo_tags = ["case5:example"], ) filegroup( - name = "case5_tarball_tar", - srcs = [":case5_tarball"], + name = "case5_tar", + srcs = [":case5_load"], output_group = "tarball", ) @@ -231,15 +231,15 @@ assert_oci_config( "5678/udp", "5000", ], - volumes_eq = [ - "/srv/data", - ], image = ":case8", labels_eq = { "org.opencontainers.image.version": "0.0.0", "org.opencontainers.image.source": "https://github.com/bazel-contrib/rules_oci=", }, user_eq = "root", + volumes_eq = [ + "/srv/data", + ], workdir_eq = "/root", ) @@ -257,9 +257,9 @@ oci_image( os = "linux", ) -# Intended to be `bazel run` to load the tarball into a container runtime. +# Intended to be `bazel run` to load the image into a container runtime. # Produces only an mtree specification as the default output. -oci_tarball( +oci_load( name = "case9_tarball", image = ":case9_image", repo_tags = repo_tags, @@ -301,7 +301,7 @@ oci_image( os = "linux", ) -oci_tarball( +oci_load( name = "case10_tarball", image = ":case10", repo_tags = ["case10:example"], @@ -323,7 +323,7 @@ oci_image( os = "linux", ) -oci_tarball( +oci_load( name = "case11_tarball", image = ":case11", repo_tags = ["case11:example"], @@ -355,8 +355,8 @@ build_test( ":imagE", ":case2", ":case3", - ":case4_tarball_tar", - ":case5_tarball_tar", + ":case4_tar", + ":case5_tar", ":case10_run", ], ) diff --git a/examples/assertion/big_image/BUILD.bazel b/examples/assertion/big_image/BUILD.bazel index bb10705f..a506f845 100644 --- a/examples/assertion/big_image/BUILD.bazel +++ b/examples/assertion/big_image/BUILD.bazel @@ -1,5 +1,5 @@ load("@aspect_bazel_lib//lib:tar.bzl", "tar") -load("//oci:defs.bzl", "oci_image", "oci_tarball") +load("//oci:defs.bzl", "oci_image", "oci_load") # These numbers were gathered on a `Apple M2 Pro` # Darwin Kernel Version 23.2.0: Wed Nov 15 21:55:06 PST 2023; root:xnu-10002.61.3~2/RELEASE_ARM64_T6020 @@ -51,7 +51,7 @@ oci_image( tars = [":blayer_%s" % i for i in range(N_BASE_LAYERS)], ) -oci_tarball( +oci_load( name = "evil", image = ":base", repo_tags = ["hello:test"], diff --git a/examples/deb/BUILD.bazel b/examples/deb/BUILD.bazel index 36465317..cc37fb69 100644 --- a/examples/deb/BUILD.bazel +++ b/examples/deb/BUILD.bazel @@ -1,4 +1,4 @@ -load("//oci:defs.bzl", "oci_image", "oci_tarball") +load("//oci:defs.bzl", "oci_image", "oci_load") _ARCH = [ "amd64", @@ -20,8 +20,8 @@ _ARCH = [ for architecture in _ARCH ] -oci_tarball( - name = "tarball", +oci_load( + name = "load", image = ":image_amd64", repo_tags = ["test:test"], ) diff --git a/examples/tarball_incremental_loader/BUILD.bazel b/examples/tarball_incremental_loader/BUILD.bazel index 880ebf7b..a26d2e35 100644 --- a/examples/tarball_incremental_loader/BUILD.bazel +++ b/examples/tarball_incremental_loader/BUILD.bazel @@ -1,5 +1,5 @@ load("@aspect_bazel_lib//lib:tar.bzl", "tar") -load("//oci:defs.bzl", "oci_image", "oci_tarball") +load("//oci:defs.bzl", "oci_image", "oci_load") tar( name = "app", @@ -13,8 +13,8 @@ oci_image( tars = [":app"], ) -oci_tarball( - name = "tarball", +oci_load( + name = "load", image = ":image", loader = "loader.sh", repo_tags = ["test:test"], diff --git a/oci/BUILD.bazel b/oci/BUILD.bazel index 1518fa84..57e1be5a 100644 --- a/oci/BUILD.bazel +++ b/oci/BUILD.bazel @@ -23,7 +23,7 @@ bzl_library( srcs = ["repositories.bzl"], visibility = ["//visibility:public"], deps = [ - "//oci/private:tarball", + "//oci/private:load", "//oci/private:toolchains_repo", "//oci/private:versions", "@bazel_tools//tools/build_defs/repo:http.bzl", @@ -48,8 +48,8 @@ bzl_library( deps = [ "//oci/private:image", "//oci/private:image_index", + "//oci/private:load", "//oci/private:push", - "//oci/private:tarball", "@aspect_bazel_lib//lib:copy_file", "@aspect_bazel_lib//lib:directory_path", "@aspect_bazel_lib//lib:jq", diff --git a/oci/defs.bzl b/oci/defs.bzl index d9e76e82..49467bcc 100644 --- a/oci/defs.bzl +++ b/oci/defs.bzl @@ -14,8 +14,8 @@ load("@bazel_skylib//lib:types.bzl", "types") load("@bazel_skylib//rules:write_file.bzl", "write_file") load("//oci/private:image.bzl", _oci_image = "oci_image") load("//oci/private:image_index.bzl", _oci_image_index = "oci_image_index") +load("//oci/private:load.bzl", _oci_tarball = "oci_load") load("//oci/private:push.bzl", _oci_push = "oci_push") -load("//oci/private:tarball.bzl", _oci_tarball = "oci_tarball") oci_tarball_rule = _oci_tarball oci_image_rule = _oci_image @@ -190,7 +190,7 @@ def oci_push(name, remote_tags = None, **kwargs): **kwargs ) -def oci_tarball(name, repo_tags = None, **kwargs): +def oci_load(name, repo_tags = None, **kwargs): """Macro wrapper around [oci_tarball_rule](#oci_tarball_rule). Allows the repo_tags attribute to be a list of strings in addition to a text file. diff --git a/oci/private/BUILD.bazel b/oci/private/BUILD.bazel index f19e44e5..e8efc8d0 100644 --- a/oci/private/BUILD.bazel +++ b/oci/private/BUILD.bazel @@ -11,8 +11,8 @@ exports_files(glob([ ]) + ["empty.tar"]) bzl_library( - name = "tarball", - srcs = ["tarball.bzl"], + name = "load", + srcs = ["load.bzl"], visibility = [ "//docs:__pkg__", "//oci:__subpackages__", diff --git a/oci/private/tarball.bzl b/oci/private/load.bzl similarity index 87% rename from oci/private/tarball.bzl rename to oci/private/load.bzl index f9a0c762..ff130eb6 100644 --- a/oci/private/tarball.bzl +++ b/oci/private/load.bzl @@ -1,11 +1,11 @@ -"""Create a tarball from oci_image that can be loaded by runtimes such as podman and docker. +"""Load an oci_image into runtimes such as podman and docker. Intended for use with `bazel run`. For example, given an `:image` target, you could write ``` -oci_tarball( - name = "tarball", +oci_load( + name = "load", image = ":image", repo_tags = ["my-repository:latest"], ) @@ -14,7 +14,7 @@ oci_tarball( and then run it in a container like so: ``` -bazel run :tarball +bazel run :load docker run --rm my-repository:latest ``` """ @@ -22,11 +22,11 @@ docker run --rm my-repository:latest load("@aspect_bazel_lib//lib:paths.bzl", "BASH_RLOCATION_FUNCTION", "to_rlocation_path") load("//oci/private:util.bzl", "util") -doc = """Creates tarball from OCI layouts that can be loaded into docker daemon without needing to publish the image first. +doc = """Loads an OCI layout into a container daemon without needing to publish the image first. Passing anything other than oci_image to the image attribute will lead to build time errors. -### Outputs +### Build Outputs The default output is an mtree specification file. This is because producing the tarball in `bazel build` is expensive, and should typically not be an input to any other build actions, @@ -39,7 +39,7 @@ On the command line, `bazel build //path/to:my_tarball --output_groups=tarball` or in a BUILD file: ```starlark -oci_tarball( +oci_load( name = "my_tarball", ... ) @@ -68,13 +68,9 @@ attrs = { "loader": attr.label( doc = """\ Alternative target for a container cli tool that will be - used to load the image into the local engine when using `bazel run` on this oci_tarball. + used to load the image into the local engine when using `bazel run` on this target. By default, we look for `docker` or `podman` on the PATH, and run the `load` command. - - > Note that rules_docker has an "incremental loader" which is faster than oci_tarball by design. - > Something similar can be done for oci_tarball. - > See [loader.sh](/examples/incremental_loader/loader.sh) and explanation about [how](/examples/incremental_loader/README.md) it works. See the _run_template attribute for the script that calls this loader tool. """, @@ -84,9 +80,9 @@ attrs = { cfg = "target", ), "_run_template": attr.label( - default = Label("//oci/private:tarball_run.sh.tpl"), + default = Label("//oci/private:load.sh.tpl"), doc = """ \ - The template used to load the container when using `bazel run` on this oci_tarball. + The template used to load the container when using `bazel run` on this target. See the `loader` attribute to replace the tool which is called. Please reference the default template to see available substitutions. @@ -98,7 +94,7 @@ attrs = { "_windows_constraint": attr.label(default = "@platforms//os:windows"), } -def _tarball_impl(ctx): +def _load_impl(ctx): jq = ctx.toolchains["@aspect_bazel_lib//lib:jq_toolchain_type"] bsdtar = ctx.toolchains["@aspect_bazel_lib//lib:tar_toolchain_type"] @@ -106,7 +102,7 @@ def _tarball_impl(ctx): repo_tags = ctx.file.repo_tags mtree_spec = ctx.actions.declare_file("{}/tarball.spec".format(ctx.label.name)) - executable = ctx.actions.declare_file("{}/tarball.sh".format(ctx.label.name)) + executable = ctx.actions.declare_file("{}/load.sh".format(ctx.label.name)) manifest_json = ctx.actions.declare_file("{}/manifest.json".format(ctx.label.name)) # Represents either manifest.json or index.json depending on the image format @@ -192,8 +188,8 @@ def _tarball_impl(ctx): OutputGroupInfo(tarball = depset([tarball])), ] -oci_tarball = rule( - implementation = _tarball_impl, +oci_load = rule( + implementation = _load_impl, attrs = attrs, doc = doc, toolchains = [ diff --git a/oci/private/tarball_run.sh.tpl b/oci/private/load.sh.tpl similarity index 100% rename from oci/private/tarball_run.sh.tpl rename to oci/private/load.sh.tpl