feat: implement home

GoogleContainerTools · Nov 18, 2023 · bfa6b99 · bfa6b99
1 parent 5b47360
commit bfa6b99
Show file tree

Hide file tree

Showing 8 changed files with 104 additions and 7 deletions.
diff --git a/distroless/BUILD.bazel b/distroless/BUILD.bazel
@@ -20,6 +20,7 @@ bzl_library(
     deps = [
         "//distroless/private:cacerts",
         "//distroless/private:group",
+        "//distroless/private:home",
         "//distroless/private:locale",
         "//distroless/private:os_release",
         "//distroless/private:passwd",

diff --git a/distroless/defs.bzl b/distroless/defs.bzl
@@ -2,6 +2,7 @@
 
 load("//distroless/private:cacerts.bzl", _cacerts = "cacerts")
 load("//distroless/private:group.bzl", _group = "group")
+load("//distroless/private:home.bzl", _home = "home")
 load("//distroless/private:locale.bzl", _locale = "locale")
 load("//distroless/private:os_release.bzl", _os_release = "os_release")
 load("//distroless/private:passwd.bzl", _passwd = "passwd")
@@ -11,3 +12,4 @@ locale = _locale
 os_release = _os_release
 group = _group
 passwd = _passwd
+home = _home
diff --git a/distroless/private/BUILD.bazel b/distroless/private/BUILD.bazel
@@ -52,6 +52,16 @@ bzl_library(
     ],
 )
 
+bzl_library(
+    name = "home",
+    srcs = ["home.bzl"],
+    visibility = ["//distroless:__subpackages__"],
+    deps = [
+        ":tar",
+        "@aspect_bazel_lib//lib:tar",
+    ],
+)
+
 bzl_library(
     name = "tar",
     srcs = ["tar.bzl"],

diff --git a/distroless/private/home.bzl b/distroless/private/home.bzl
@@ -0,0 +1,27 @@
+"home"
+
+load("@aspect_bazel_lib//lib:tar.bzl", "tar")
+load(":tar.bzl", "tar_lib")
+
+def home(name, dirs, **kwargs):
+    """
+    Create home directories with specific uid and gids.
+
+    Args:
+        name: name of the target
+        dirs: an array of dicts
+        **kwargs: other named arguments to that is passed to tar. see [common rule attributes](https://bazel.build/reference/be/common-definitions#common-attributes).
+    """
+    mtree = []
+
+    for home in dirs:
+        mtree.extend(
+            tar_lib.add_directory_with_parents(home["path"], uid = str(home["uid"]), gid = str(home["gid"])),
+        )
+
+    tar(
+        name = name,
+        srcs = [],
+        mtree = mtree,
+        **kwargs
+    )
diff --git a/distroless/private/passwd.bzl b/distroless/private/passwd.bzl
@@ -50,7 +50,7 @@ def passwd(name, passwds, **kwargs):
         stamp = 0,
         template = [
             "#mtree",
-            "etc/passwd uid=0 gid=0 mode=0700 time=0 type=file content={content}",
+            "./etc/passwd uid=0 gid=0 mode=0700 time=0 type=file content={content}",
             "",
         ],
         substitutions = {

diff --git a/distroless/private/tar.bzl b/distroless/private/tar.bzl
@@ -15,21 +15,29 @@ def _mtree_line(file, type, content = None, uid = "0", gid = "0", time = "167256
         spec.append("content=" + content)
     return " ".join(spec)
 
-def _add_parents(path):
+def _add_parents(path, uid = "0", gid = "0", time = "1672560000", mode = "0755"):
     lines = []
     segments = path.split("/")
-    for i in range(1, len(segments)):
-        parent = "/".join(segments[:i])
-        if parent == "":
+    segments.pop()
+    for i in range(0, len(segments)):
+        parent = "/".join(segments[:i + 1])
+        if not parent or parent == ".":
             continue
-        lines.append(_mtree_line(parent.lstrip("/"), "dir"))
+        lines.append(
+            _mtree_line(parent.lstrip("/"), "dir", uid = uid, gid = gid, time = time, mode = mode),
+        )
     return lines
 
 def _add_file_with_parents(path, file):
     lines = _add_parents(path)
     lines.append(_mtree_line(path.lstrip("/"), "file", content = file.path))
     return lines
 
+def _add_directory_with_parents(path, **kwargs):
+    lines = _add_parents(path)
+    lines.append(_mtree_line(path.lstrip("/"), "dir", **kwargs))
+    return lines
+
 def _build_tar(ctx, mtree, output, inputs = [], compression = "gzip", mnemonic = "Tar"):
     bsdtar = ctx.toolchains[BSDTAR_TOOLCHAIN]
 
@@ -71,7 +79,7 @@ def _create_mtree(ctx):
 tar_lib = struct(
     create_mtree = _create_mtree,
     line = _mtree_line,
-    add_directory_with_parents = _add_file_with_parents,
+    add_directory_with_parents = _add_directory_with_parents,
     add_file_with_parents = _add_file_with_parents,
     TOOLCHAIN_TYPE = BSDTAR_TOOLCHAIN,
 )
diff --git a/docs/rules.md b/docs/rules.md
diff --git a/examples/home/BUILD.bazel b/examples/home/BUILD.bazel
@@ -0,0 +1,29 @@
+load("//distroless:defs.bzl", "home")
+load("//distroless/tests:asserts.bzl", "assert_tar_listing")
+
+home(
+    name = "home",
+    dirs = [
+        {
+            "path": "./root",
+            "uid": 0,
+            "gid": 0,
+        },
+        {
+            "path": "./home/nonroot",
+            "uid": 666,
+            "gid": 666,
+        },
+    ],
+)
+
+assert_tar_listing(
+    name = "test_home",
+    actual = "home",
+    expected = """\
+#mtree
+./home time=1672560000.0 mode=755 gid=0 uid=0 type=dir
+./home/nonroot time=1672560000.0 mode=755 gid=666 uid=666 type=dir
+./root time=1672560000.0 mode=755 gid=0 uid=0 type=dir
+""",
+)