1"""Functions for generating pull and push targets for third party container images"""
2
3load("@io_bazel_rules_docker//container:container.bzl", "container_pull")
4load("@rules_oci//oci:pull.bzl", "oci_pull")
5load(":constants.bzl", "COMMON_TAGS")
6load(":push.bzl", container_push = "container_push2")
7
8RULES_DOCKER_OVERRIDES = ["alpine", "ubuntu", "go_image_base"]
9
10def pull_third_party_images(imgs): # buildifier: disable=unnamed-macro
11 """Creates targets for pulling all of our third party container images we use.
12
13 Args:
14 imgs: A dict of image_infos.
15 """
16
17 for image_name, image_info in imgs.items():
18 src_registry = image_info.get("REGISTRY")
19 src_repository = image_info.get("REPO")
20 digest = image_info.get("DIGEST")
21 tag = image_info.get("TAG")
22
23 registry = "us-east1-docker.pkg.dev"
24
25 # convert registries to names of GAR remote repos, eg:
26 # index.docker.io -> index-docker-io-proxy. quay.io -> quay-io-proxy
27 repository = "ret-edge-pltf-infra/{0}-proxy/{1}".format(src_registry.replace(".", "-"), src_repository)
28
29 if digest == None:
30 fail("DIGEST not found for {0}".format(image_name))
31
32 # temporary override for images using alpine base
33 if image_name in RULES_DOCKER_OVERRIDES:
34 container_pull(
35 # Snake case repo / target names to align with .bzl style guide
36 name = image_name.replace("-", "_"),
37 digest = digest,
38 registry = registry,
39 repository = repository,
40 tag = tag,
41 import_tags = COMMON_TAGS,
42 )
43 continue
44
45 oci_pull(
46 # Snake case repo / target names to align with .bzl style guide
47 name = image_name.replace("-", "_"),
48 digest = digest,
49 registry = registry,
50 repository = repository,
51 )
52
53def push_third_party_images(imgs): # buildifier: disable=unnamed-macro
54 """Creates container push targets for each third-party image
55
56 Args:
57 imgs: A dict of image_infos.
58 """
59
60 for image_name, image_info in imgs.items():
61 if image_name not in RULES_DOCKER_OVERRIDES:
62 # Snake case repo / target names to align with .bzl style guide
63 image_name = image_name.replace("-", "_")
64
65 container_push(
66 name = image_name + "_container_push",
67 image = "@{0}//:{0}".format(image_name),
68 digest = "@{0}//:digest".format(image_name),
69 repository_file = "//hack/build/rules/container:thirdparty-repo",
70 image_name = _dst_image_name(image_info),
71 from_third_party = True,
72 tag = image_info.get("TAG") or "",
73 tags = COMMON_TAGS,
74 )
75 else:
76 image_name = image_name.replace("-", "_")
77 container_push(
78 name = image_name + "_container_push",
79 image = "@{0}//image".format(image_name),
80 repository_file = "//hack/build/rules/container:thirdparty-repo",
81 image_name = _dst_image_name(image_info),
82 from_third_party = True,
83 tag = image_info.get("TAG") or "",
84 rules_docker = True,
85 )
86
87def _dst_image_name(img):
88 """Determines destination path in mirrored repository for third party images
89
90 Args:
91 img: An image_info dict.
92
93 Returns:
94 The resolved string.
95 """
96
97 if img.get("DESTINATION_REPO") != None:
98 return img.get("DESTINATION_REPO")
99
100 path = img.get("REPO")
101
102 if img.get("REGISTRY") != "index.docker.io":
103 path = "{0}/{1}".format(img.get("REGISTRY"), path)
104
105 return path
106
107def third_party_container_dep(
108 name,
109 digest,
110 registry,
111 repository,
112 platforms = None,
113 tag = None,
114 destination_repo = None): # @unused
115 """third_party_container_dep is a macro that wraps an `oci_pull` with strongly typed data.
116
117 It also enables
118 Gazelle to read these dependencies and create accompanying `container_push` targets that push to the
119 edge-infra third party repo
120
121 Args:
122 name: The name field will be passed to downstream targets in the form of:
123 oci_pull.name = name
124 container_push.name = name_container_push
125 digest: A digest in the standard sha256@abcde1234 format
126 registry: The name of the registry to pull from i.e. {registry}/cool-repo/an-image
127 repository: The path after registry that includes the image name in the fully
128 qualified URI i.e. registry.io/{repository} The repository path includes the name of the image
129 platforms: A list of OCI standard platforms to pull Ex. ["linux/amd64", "darwin/aarch64"]
130 tag: An optional tag to push up to the thirdparty registry, usually something like a version of the container pulled in
131 destination_repo: An override for the destination path in the thirdparty repo i.e. library/nginx -> nginx
132 This override only affects the corresponding container_push rule, as the external repo
133 pull-through in GAR requries the correct path in order to pull into the mirror repository.
134
135 """
136
137 if "-" in name:
138 fail("name {} cannot contain '_'".format(name))
139
140 mirror_registry = "us-east1-docker.pkg.dev"
141
142 # convert registries to names of GAR remote repos, eg:
143 # index.docker.io -> index-docker-io-proxy. quay.io -> quay-io-proxy
144 mirror_repository = "ret-edge-pltf-infra/{0}-proxy/{1}".format(
145 registry.replace(".", "-"),
146 repository,
147 )
148
149 oci_pull(
150 name = name,
151 digest = digest,
152 image = "{registry}/{repository}".format(
153 registry = mirror_registry,
154 repository = mirror_repository,
155 ),
156 tag = tag if tag else None,
157 platforms = platforms,
158 )
View as plain text