From dc5b894e341f3b8c1bba8d9abc18a40bdd06dd0f Mon Sep 17 00:00:00 2001 From: "Tobias Schlatter (tos)" Date: Wed, 25 Oct 2023 09:20:18 +0200 Subject: [PATCH] Fix #220: Add exposed_ports to oci_image --- docs/image.md | 8 +++++--- e2e/crane_as_registry/BUILD.bazel | 5 +++++ oci/defs.bzl | 14 +++++++++++++- oci/private/image.bzl | 5 +++++ oci/private/image.sh.tpl | 5 +++++ 5 files changed, 33 insertions(+), 4 deletions(-) diff --git a/docs/image.md b/docs/image.md index 27d8ba1c..3b830bc0 100644 --- a/docs/image.md +++ b/docs/image.md @@ -13,8 +13,8 @@ load("@rules_oci//oci:defs.bzl", ...) ## oci_image_rule 
-oci_image_rule(name, annotations, architecture, base, cmd, entrypoint, env, labels, os, tars, user,
-               variant, workdir)
+oci_image_rule(name, annotations, architecture, base, cmd, entrypoint, env, exposed_ports, labels,
+               os, tars, user, variant, workdir)
Build an OCI compatible container image. @@ -77,6 +77,7 @@ oci_image( | cmd | A file containing a comma separated list to be used as the command & args of the container. These values act as defaults and may be replaced by any specified when creating a container. | Label | optional | None | | entrypoint | A file containing a comma separated list to be used as the entrypoint to execute when the container starts. These values act as defaults and may be replaced by an entrypoint specified when creating a container. | Label | optional | None | | env | A file containing the default values for the environment variables of the container. These values act as defaults and are merged with any specified when creating a container. Entries replace the base environment variables if any of the entries has conflicting keys. To merge entries with keys specified in the base, ${KEY} or $KEY syntax may be used. | Label | optional | None | +| exposed_ports | A file containing a comma separated list of exposed ports. (e.g. 2000/tcp, 3000/udp or 4000. No protocol defaults to tcp). | Label | optional | None | | labels | A file containing a dictionary of labels. Each line should be in the form name=value. | Label | optional | None | | os | The name of the operating system which the image is built to run on. eg: linux, windows. See $GOOS documentation for possible values: https://go.dev/doc/install/source#environment | String | optional | "" | | tars | List of tar files to add to the image as layers. Do not sort this list; the order is preserved in the resulting image. Less-frequently changed files belong in lower layers to reduce the network bandwidth required to pull and push.

The authors recommend [dive](https://github.com/wagoodman/dive) to explore the layering of the resulting image. | List of labels | optional | [] | @@ -90,7 +91,7 @@ oci_image( ## oci_image 
-oci_image(name, labels, annotations, env, cmd, entrypoint, kwargs)
+oci_image(name, labels, annotations, env, cmd, entrypoint, exposed_ports, kwargs)
Macro wrapper around [oci_image_rule](#oci_image_rule). @@ -118,6 +119,7 @@ This is similar to the same-named target created by rules_docker's `container_im | env | Environment variables provisioned by default to the running container. See documentation above. | None | | cmd | Command & argument configured by default in the running container. See documentation above. | None | | entrypoint | Entrypoint configured by default in the running container. See documentation above. | None | +| exposed_ports | Exposed ports in the running container. See documentation above. | None | | kwargs | other named arguments to [oci_image_rule](#oci_image_rule) and [common rule attributes](https://bazel.build/reference/be/common-definitions#common-attributes). | none | diff --git a/e2e/crane_as_registry/BUILD.bazel b/e2e/crane_as_registry/BUILD.bazel index 189c4a21..4ca94a15 100644 --- a/e2e/crane_as_registry/BUILD.bazel +++ b/e2e/crane_as_registry/BUILD.bazel @@ -15,6 +15,11 @@ oci_image( env = { "ENV": "/test", }, + exposed_ports = [ + "1234/tcp", + "5678/udp", + "5000", + ], os = "linux", ) diff --git a/oci/defs.bzl b/oci/defs.bzl index 154c1536..413a4a6f 100644 --- a/oci/defs.bzl +++ b/oci/defs.bzl @@ -22,7 +22,7 @@ oci_image_rule = _oci_image oci_image_index = _oci_image_index oci_push_rule = _oci_push -def oci_image(name, labels = None, annotations = None, env = None, cmd = None, entrypoint = None, **kwargs): +def oci_image(name, labels = None, annotations = None, env = None, cmd = None, entrypoint = None, exposed_ports = None, **kwargs): """Macro wrapper around [oci_image_rule](#oci_image_rule). Allows labels and annotations to be provided as a dictionary, in addition to a text file. @@ -43,6 +43,7 @@ def oci_image(name, labels = None, annotations = None, env = None, cmd = None, e env: Environment variables provisioned by default to the running container. See documentation above. cmd: Command & argument configured by default in the running container. See documentation above. entrypoint: Entrypoint configured by default in the running container. See documentation above. + exposed_ports: Exposed ports in the running container. See documentation above. **kwargs: other named arguments to [oci_image_rule](#oci_image_rule) and [common rule attributes](https://bazel.build/reference/be/common-definitions#common-attributes). """ @@ -108,6 +109,16 @@ def oci_image(name, labels = None, annotations = None, env = None, cmd = None, e ) entrypoint = entrypoint_label + if types.is_list(exposed_ports): + exposed_ports_label = "_{}_write_exposed_ports".format(name) + write_file( + name = exposed_ports_label, + out = "_{}.exposed_ports.txt".format(name), + content = [",".join(exposed_ports)], + **forwarded_kwargs, + ) + exposed_ports = exposed_ports_label + oci_image_rule( name = name, annotations = annotations, @@ -115,6 +126,7 @@ def oci_image(name, labels = None, annotations = None, env = None, cmd = None, e env = env, cmd = cmd, entrypoint = entrypoint, + exposed_ports = exposed_ports, **kwargs ) diff --git a/oci/private/image.bzl b/oci/private/image.bzl index 1b8b6eaf..76accf7f 100644 --- a/oci/private/image.bzl +++ b/oci/private/image.bzl @@ -72,6 +72,7 @@ For Linux based systems, all of the following are valid: `user`, `uid`, `user:gr If `group/gid` is not specified, the default group and supplementary groups of the given `user/uid` in `/etc/passwd` from the container are applied. """), "workdir": attr.string(doc = "Sets the current working directory of the `entrypoint` process in the container. This value acts as a default and may be replaced by a working directory specified when creating a container."), + "exposed_ports": attr.label(doc = "A file containing a comma separated list of exposed ports. (e.g. 2000/tcp, 3000/udp or 4000. No protocol defaults to tcp).", allow_single_file = True), "os": attr.string(doc = "The name of the operating system which the image is built to run on. eg: `linux`, `windows`. See $GOOS documentation for possible values: https://go.dev/doc/install/source#environment"), "architecture": attr.string(doc = "The CPU architecture which the binaries in this image are built to run on. eg: `arm64`, `arm`, `amd64`, `s390x`. See $GOARCH documentation for possible values: https://go.dev/doc/install/source#environment"), "variant": attr.string(doc = "The variant of the specified CPU architecture. eg: `v6`, `v7`, `v8`. See: https://github.com/opencontainers/image-spec/blob/main/image-index.md#platform-variants for more."), @@ -149,6 +150,10 @@ def _oci_image_impl(ctx): args.add(ctx.file.entrypoint.path, format = "--entrypoint-file=%s") inputs_depsets.append(depset([ctx.file.entrypoint])) + if ctx.attr.exposed_ports: + args.add(ctx.file.exposed_ports.path, format = "--exposed-ports-file=%s") + inputs_depsets.append(depset([ctx.file.exposed_ports])) + if ctx.attr.cmd: args.add(ctx.file.cmd.path, format = "--cmd-file=%s") inputs_depsets.append(depset([ctx.file.cmd])) diff --git a/oci/private/image.sh.tpl b/oci/private/image.sh.tpl index 0379349a..1d85e7e8 100644 --- a/oci/private/image.sh.tpl +++ b/oci/private/image.sh.tpl @@ -131,6 +131,11 @@ for ARG in "$@"; do FIXED_ARGS+=("--entrypoint=$in") done <"${ARG#--entrypoint-file=}" ;; + (--exposed-ports-file=*) + while IFS= read -r in || [ -n "$in" ]; do + FIXED_ARGS+=("--exposed-ports=$in") + done <"${ARG#--exposed-ports-file=}" + ;; (*) FIXED_ARGS+=( "${ARG}" ) esac done