Ap/bzlmod #16
Ap/bzlmod #16
Conversation
![codereviewbot-ai[bot]](https://avatars.githubusercontent.com/in/309638?s=60&v=4){kind=small}
| bazel_dep(name = "rules_go", version = "0.44.0", repo_name = "io_bazel_rules_go") | ||
|
|
||
| go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk") | ||
| go_sdk.download(version = "1.21.5") |
There was a problem hiding this comment.
The go_sdk.download function is called with a specific version of the Go SDK (1.21.5). This version of the Go SDK does not exist as Go versions follow a MAJOR.MINOR.PATCH format and as of my knowledge cutoff in early 2023, the Go language has not reached a 1.21.x version. Using a non-existent or incorrect version could lead to build failures or unexpected behavior. It is important to specify a valid Go SDK version that is compatible with the project's requirements.
Recommended solution: Verify the intended Go SDK version and update the version argument to go_sdk.download with a valid Go version. If the version was a typo, correct it to the intended version, such as 1.21.5 to 1.20.5 if that was the intended release.
MODULE.bazel
Outdated
| # repo_rule = use_repo_rule("@rules_gitops//skylib/kustomize:kustomize.bzl", "download_binary") | ||
| # repo_rule(name = "kustomize_bin") |
There was a problem hiding this comment.
The repo_rule definition and its usage are commented out. If this code is not needed, it should be removed to avoid confusion and maintain a clean codebase. Commented-out code can lead to misunderstanding about its purpose or relevance, and it can become outdated quickly, making the codebase harder to maintain.
Recommended solution: If the repo_rule related to kustomize_bin is no longer required, remove the commented-out lines to keep the codebase clean and maintainable. If it might be needed in the future, consider documenting the reason for its presence in comments or in project documentation.
| @@ -19,7 +19,7 @@ import ( | |||
| "os" | |||
| "strings" | |||
|
|
|||
| resolver "github.com/adobe/rules_gitops/resolver/pkg" | |||
| resolver "github.com/fasterci/rules_gitops/resolver/pkg" | |||
| ) | |||
|
|
|||
| type imagesFlags map[string]string | |||
There was a problem hiding this comment.
The imagesFlags type is defined as a map with both keys and values as strings. This naming convention is not very descriptive and does not convey the intended use of the map. It is recommended to use a more descriptive name that indicates the purpose of the map, such as imageToFlagMap or imageFlagAssociations. This will improve the readability and maintainability of the code by making the intent of the map clearer to other developers.
| @@ -29,11 +27,12 @@ if [ "$1" == "" ]; then | |||
| fi | |||
| set -euo pipefail | |||
| dir=$(mktemp -d) | |||
| trap "rm -rf $dir" EXIT # Delete on exit | |||
There was a problem hiding this comment.
The trap command is used to ensure that the temporary directory is deleted when the script exits. However, the use of double quotes around $dir in the trap command could lead to unexpected behavior if $dir contains spaces or other special characters. To prevent this, it is recommended to use single quotes around $dir to ensure that the variable is treated as a literal string and not subject to word splitting or pathname expansion by the shell.
| KUSTOMIZE_BIN="$(rlocation kustomize_bin/kustomize)" | ||
| exec $KUSTOMIZE_BIN build ${dir} | ||
| $KUSTOMIZE_BIN build ${dir} |
There was a problem hiding this comment.
The script assumes that the kustomize_bin/kustomize binary is available at the location returned by rlocation. However, there is no error handling in case the rlocation command fails or the kustomize binary is not found. This could lead to a confusing error message for the user. It is recommended to check if KUSTOMIZE_BIN is a valid path to an executable file before attempting to use it and provide a clear error message if it is not found.
MODULE.bazel
Outdated
| # repo_rule = use_repo_rule("@rules_gitops//skylib/kustomize:kustomize.bzl", "download_binary") | ||
| # repo_rule(name = "kustomize_bin") |
There was a problem hiding this comment.
The repo_rule for kustomize_bin is commented out. If this is intentional because the rule is no longer needed, it should be removed to avoid confusion. If it's commented out temporarily for debugging purposes, it's important to remember to uncomment or remove it before merging the code.
Recommended solution: Determine whether the commented-out repo_rule is necessary. If it is not, remove the commented lines to clean up the code. If it is necessary, uncomment and ensure it is properly integrated into the build configuration.
e2e/MODULE.bazel
Outdated
| name = "go_image_static", | ||
| digest = "sha256:ebd8cc37d22551dce0957ba8e58f03b22a8448bbf844c8c9ded4feef883b36bc", | ||
| image = "gcr.io/distroless/static", | ||
| # platforms = ["linux/amd64"], |
There was a problem hiding this comment.
The platforms argument is commented out in the oci.pull function call. If the intention is to pull an image for a specific platform, this line should be uncommented and configured appropriately. If multiple platforms are not needed, it's better to remove the comment to avoid confusion.
| bazel_dep(name = "rules_gitops", version = "0.50.0") | ||
| local_path_override( | ||
| module_name = "rules_gitops", | ||
| path = "../", |
There was a problem hiding this comment.
The local_path_override function is used to override the path for the rules_gitops module. This could be problematic for reproducibility and portability of the build, as it assumes a relative path to the current project. It's recommended to use a more robust method for path handling that does not rely on relative paths or ensure that the documentation clearly states the assumptions about the project structure.
| bazel_dep(name = "rules_go", version = "0.44.0", repo_name = "io_bazel_rules_go") | ||
|
|
||
| go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk") | ||
| go_sdk.download(version = "1.21.5") |
There was a problem hiding this comment.
The version of the Go SDK specified for download is "1.21.5", which does not correspond to any official Go release version. Using a non-existent or incorrect version of the Go SDK could lead to build failures or unexpected behavior. It is important to specify a valid Go version that matches the official release versions. The recommended solution is to verify the intended Go version and update the version string to match an official Go release, such as "1.15.5" or "1.16.3".
MODULE.bazel
Outdated
| kubeconfig = use_repo_rule("@rules_gitops//skylib:k8s.bzl", "kubeconfig") | ||
|
|
||
| kubeconfig( | ||
| name = "k8s_test", | ||
| cluster = "mycluster", | ||
| use_host_config = True, | ||
| ) |
There was a problem hiding this comment.
The kubeconfig rule is being defined with a hard-coded cluster name "mycluster" and the use_host_config parameter set to True. This could potentially lead to security risks if the host's kubeconfig contains sensitive information and is used in an unintended context. Additionally, hard-coding the cluster name reduces the flexibility and reusability of the Bazel configuration. The recommended solution is to parameterize the cluster name and consider the security implications of using the host's kubeconfig, possibly by providing a way to specify a custom kubeconfig file for different environments or use cases.
| oci.pull( | ||
| name = "go_image_static", | ||
| digest = "sha256:ebd8cc37d22551dce0957ba8e58f03b22a8448bbf844c8c9ded4feef883b36bc", | ||
| image = "gcr.io/distroless/static", |
There was a problem hiding this comment.
The oci.pull function is used to pull a specific image by its digest. However, using a hardcoded digest for an image can lead to issues if the image is updated and the digest changes. This can cause the build to fail or use an outdated version of the image. To mitigate this, consider using a tag that is updated with each release of the image, or implement a process to automatically update the digest when a new version of the image is available.
| path = "../", | ||
| ) |
There was a problem hiding this comment.
The local_path_override function is used to override the path for a Bazel dependency. This can be problematic for reproducibility and consistency across different environments, as it assumes a specific local directory structure. It's important to ensure that the path provided is valid in all environments where the build might run, or to use a more robust method for managing local dependencies, such as using a version control system to reference the dependency.
| bazel_dep(name = "rules_go", version = "0.46.0", repo_name = "io_bazel_rules_go") | ||
|
|
||
| go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk") | ||
| go_sdk.download(version = "1.21.5") |
There was a problem hiding this comment.
The Go SDK version specified for download, "1.21.5", does not exist as Go versions follow a different semantic versioning pattern. The latest Go versions as of the last update are in the format of "1.x" where x is a sequential number, and there hasn't been a version "1.21.5". This could lead to build failures or unexpected behavior due to the incorrect version specification. It's recommended to verify and use a valid Go version that matches the project's requirements and is compatible with the rest of the dependencies.
| bazel_dep(name = "rules_go", version = "0.46.0", repo_name = "io_bazel_rules_go") | ||
|
|
||
| go_sdk = use_extension("@io_bazel_rules_go//go:extensions.bzl", "go_sdk") | ||
| go_sdk.download(version = "1.21.5") |
There was a problem hiding this comment.
The Go SDK version specified for download, "1.21.5", does not exist. The Go project follows a versioning scheme of 1.x.y, where x and y are integers. As of my last update, the Go project had not released a version "1.21.5". Using a non-existent version will likely cause the build to fail when attempting to download or use the Go SDK. It's important to verify the version number against the official Go releases and use a valid version.
| oci.pull( | ||
| name = "go_image_static", | ||
| digest = "sha256:ebd8cc37d22551dce0957ba8e58f03b22a8448bbf844c8c9ded4feef883b36bc", | ||
| image = "gcr.io/distroless/static", | ||
| ) |
There was a problem hiding this comment.
The oci.pull function is used to pull a specific image by its digest. While this ensures that the exact version of the image is used, it also means that any updates, including critical security patches, will not be automatically applied. This can lead to using outdated and potentially vulnerable dependencies in your project. It's recommended to periodically review and update the digests of external images to include the latest patches and improvements. Consider implementing a process or tooling to help track and update these dependencies regularly to maintain the security and reliability of your project.
| # Only available in bazel 7 | ||
| # kubeconfig = use_repo_rule("@rules_gitops//skylib:k8s.bzl", "kubeconfig") | ||
|
|
||
| # kubeconfig( | ||
| # name = "k8s_test", | ||
| # cluster = "gke_rules-gitops-demo_us-central1_cluster-demo", | ||
| # use_host_config = True, | ||
| # ) |
There was a problem hiding this comment.
The commented-out code related to kubeconfig usage indicates an attempt to use a feature only available in Bazel 7, but there's no indication of the Bazel version this project is using. If the project is not yet on Bazel 7, this code will not work, and keeping it might confuse contributors or maintainers about the project's current capabilities or requirements.
Recommended solution: Verify the Bazel version used in the project. If the project is not on Bazel 7, consider removing or updating the commented-out code to reflect the current capabilities. If an upgrade to Bazel 7 is planned or in progress, document this clearly near the commented code to avoid confusion.
# This is the 1st commit message: app name first # This is the commit message nazzzzz#2: clean up file # This is the commit message nazzzzz#3: fix reference to proto package # This is the commit message fasterci#4: better parse # This is the commit message fasterci#5: fix again # This is the commit message fasterci#6: fix again # This is the commit message fasterci#7: fix again # This is the commit message fasterci#8: fix again # This is the commit message fasterci#9: fix again # This is the commit message fasterci#10: fix again # This is the commit message fasterci#11: add debug statements for seeing if branch is dirty # This is the commit message fasterci#12: fix again # This is the commit message fasterci#13: fix again # This is the commit message fasterci#14: fix again # This is the commit message fasterci#15: fix again # This is the commit message fasterci#16: fix again # This is the commit message fasterci#17: fix again # This is the commit message fasterci#18: fix again # This is the commit message fasterci#19: fix again # This is the commit message fasterci#20: fix again # This is the commit message fasterci#21: fix again # This is the commit message fasterci#22: fix again # This is the commit message fasterci#23: fix again
Migrate to bzlmod
Fixes
--nolegacy_external_runfiles#4