diff --git a/README.md b/README.md index cd123b88a..bf8ddf84b 100644 --- a/README.md +++ b/README.md @@ -133,7 +133,7 @@ docker_toolchain_configure( # OPTIONAL: Path to a directory which has a custom docker client config.json. # See https://docs.docker.com/engine/reference/commandline/cli/#configuration-files # for more details. - client_config="", + client_config="", # OPTIONAL: Path to the docker binary. # Should be set explicitly for remote execution. docker_path="", @@ -1150,13 +1150,12 @@ load("@io_bazel_rules_docker//toolchains/docker:toolchain.bzl", docker_toolchain_configure( name = "docker_config", - # Replace this with an absolute path to a directory which has a custom docker - # client config.json. Note relative paths are not supported. - # Docker allows you to specify custom authentication credentials + # Replace this with a Bazel label to the config.json file. Note absolute or relative + # paths are not supported. Docker allows you to specify custom authentication credentials # in the client configuration JSON file. # See https://docs.docker.com/engine/reference/commandline/cli/#configuration-files # for more details. - client_config="/path/to/docker/client/config-dir", + client_config="@//path/to/docker:client.json", ) ``` In `BUILD` file: @@ -1250,14 +1249,8 @@ load("@io_bazel_rules_docker//toolchains/docker:toolchain.bzl", # Configure the docker toolchain. docker_toolchain_configure( name = "docker_config", - # Path to the directory which has a custom docker client config.json with + # Bazel label to a custom docker client config.json with # authentication credentials for registry.gitlab.com (used in this example). - client_config="/path/to/docker/client/config", -) - -# Alternatively, specify the Bazel label for the config.json -docker_toolchain_configure( - name = "docker_config", client_config="@//path/to/docker/client:config.json", ) diff --git a/container/pull.bzl b/container/pull.bzl index a8845546c..d5b2adfc2 100644 --- a/container/pull.bzl +++ b/container/pull.bzl @@ -47,9 +47,8 @@ _container_pull_attrs = { "digest": attr.string( doc = "The digest of the image to pull.", ), - "docker_client_config": attr.string( - doc = """Specifies a custom directory to look for the docker client configuration, or a Bazel label of - the config.json file. + "docker_client_config": attr.label( + doc = """Specifies a Bazel label of the config.json file. Don't use this directly. Instead, specify the docker configuration directory using a custom docker toolchain configuration. @@ -172,10 +171,8 @@ def _impl(repository_ctx): # Use the custom docker client config directory if specified. docker_client_config = repository_ctx.attr.docker_client_config - if docker_client_config.startswith("@") or docker_client_config.startswith("//"): - args += ["-client-config-dir", repository_ctx.path(Label(docker_client_config)).dirname] - elif docker_client_config: - args += ["-client-config-dir", docker_client_config] + if docker_client_config: + args += ["-client-config-dir", repository_ctx.path(docker_client_config).dirname] cache_dir = repository_ctx.os.environ.get("DOCKER_REPO_CACHE") if cache_dir: diff --git a/docs/container.md b/docs/container.md index 889754a7c..b51fe8e9e 100644 --- a/docs/container.md +++ b/docs/container.md @@ -197,7 +197,7 @@ please use the bazel startup flag `--loading_phase_threads=1` in your bazel invo | architecture | Which CPU architecture to pull if this image refers to a multi-platform manifest list, default 'amd64'. | String | optional | "amd64" | | cpu_variant | Which CPU variant to pull if this image refers to a multi-platform manifest list. | String | optional | "" | | digest | The digest of the image to pull. | String | optional | "" | -| docker_client_config | Specifies a custom directory to look for the docker client configuration, or a Bazel label of the config.json file.

Don't use this directly. Instead, specify the docker configuration directory using a custom docker toolchain configuration. Look for the client_config attribute in docker_toolchain_configure [here](https://github.com/bazelbuild/rules_docker#setup) for details. See [here](https://github.com/bazelbuild/rules_docker#container_pull-custom-client-configuration) for an example on how to use container_pull after configuring the docker toolchain

When left unspecified (ie not set explicitly or set by the docker toolchain), docker will use the directory specified via the DOCKER_CONFIG environment variable.

If DOCKER_CONFIG isn't set, docker falls back to $HOME/.docker. | String | optional | "" | +| docker_client_config | Specifies a Bazel label of the config.json file.

Don't use this directly. Instead, specify the docker configuration directory using a custom docker toolchain configuration. Look for the client_config attribute in docker_toolchain_configure [here](https://github.com/bazelbuild/rules_docker#setup) for details. See [here](https://github.com/bazelbuild/rules_docker#container_pull-custom-client-configuration) for an example on how to use container_pull after configuring the docker toolchain

When left unspecified (ie not set explicitly or set by the docker toolchain), docker will use the directory specified via the DOCKER_CONFIG environment variable.

If DOCKER_CONFIG isn't set, docker falls back to $HOME/.docker. | Label | optional | None | | import_tags | Tags to be propagated to generated rules. | List of strings | optional | [] | | os | Which os to pull if this image refers to a multi-platform manifest list. | String | optional | "linux" | | os_features | Specifies os features when pulling a multi-platform manifest list. | List of strings | optional | [] | diff --git a/toolchains/docker/toolchain.bzl b/toolchains/docker/toolchain.bzl index a5bd395b1..b5f7edd28 100644 --- a/toolchains/docker/toolchain.bzl +++ b/toolchains/docker/toolchain.bzl @@ -20,9 +20,9 @@ DockerToolchainInfo = provider( fields = { "build_tar_target": "Optional Bazel target for the build_tar tool", "client_config": "A custom directory for the docker client " + - "config.json. If DOCKER_CONFIG is not specified, " + + "config.json. If this is not specified, " + "the value of the DOCKER_CONFIG environment variable " + - "will be used. DOCKER_CONFIG is not defined, the " + + "will be used. If DOCKER_CONFIG is not defined, the " + "home directory will be used.", "docker_flags": "Additional flags to the docker command", "gzip_path": "Optional path to the gzip binary.", @@ -66,11 +66,15 @@ docker_toolchain = rule( cfg = "host", executable = True, ), + # client_config cannot be a Bazel label because this attribute will be used in + # container_push's implmentation to get the path. Because container_push is + # a regular Bazel rule, it cannot convert a Label into an absolute path. + # toolchain_configure is responsible for generating this attribute from a Label. "client_config": attr.string( default = "", - doc = "A custom directory or a Bazel label for the docker client config.json. " + - "If DOCKER_CONFIG is not specified, the value of the " + - "DOCKER_CONFIG environment variable will be used. " + + doc = "An absolute path to a custom directory for the docker client " + + "config.json. If this is not specified, the value of the " + + "DOCKER_CONFIG environment variable will be used. If " + "DOCKER_CONFIG is not defined, the home directory will be " + "used.", ), @@ -148,15 +152,29 @@ def _toolchain_configure_impl(repository_ctx): if repository_ctx.attr.build_tar_target: build_tar_attr = "build_tar_target = \"%s\"," % repository_ctx.attr.build_tar_target - # If client_config is not set we need to pass an empty string to the - # template. - client_config = repository_ctx.attr.client_config or "" + if repository_ctx.attr.client_config: + # Generate a custom variant authenticated version of the repository rule + # container_push if a custom docker client config directory was specified. + repository_ctx.template( + "pull.bzl", + Label("@io_bazel_rules_docker//toolchains/docker:pull.bzl.tpl"), + { + "%{docker_client_config}": str(repository_ctx.attr.client_config), + }, + False, + ) + client_config_dir = repository_ctx.path(repository_ctx.attr.client_config).dirname + else: + # If client_config is not set we need to pass an empty string to the + # toolchain. + client_config_dir = "" + repository_ctx.template( "BUILD", Label("@io_bazel_rules_docker//toolchains/docker:BUILD.tpl"), { "%{BUILD_TAR_ATTR}": "%s" % build_tar_attr, - "%{DOCKER_CONFIG}": "%s" % client_config, + "%{DOCKER_CONFIG}": "%s" % client_config_dir, "%{DOCKER_FLAGS}": "%s" % "\", \"".join(docker_flags), "%{TOOL_ATTR}": "%s" % tool_attr, "%{GZIP_ATTR}": "%s" % gzip_attr, @@ -165,18 +183,6 @@ def _toolchain_configure_impl(repository_ctx): False, ) - # Generate a custom variant authenticated version of the repository rule - # container_push if a custom docker client config directory was specified. - if client_config != "": - repository_ctx.template( - "pull.bzl", - Label("@io_bazel_rules_docker//toolchains/docker:pull.bzl.tpl"), - { - "%{docker_client_config}": "%s" % client_config, - }, - False, - ) - # Repository rule to generate a docker_toolchain target toolchain_configure = repository_rule( attrs = { @@ -187,12 +193,12 @@ toolchain_configure = repository_rule( mandatory = False, doc = "The bazel target for the build_tar tool.", ), - "client_config": attr.string( + "client_config": attr.label( mandatory = False, - doc = "A custom directory or a Bazel label for the docker client" + - "config.json. If DOCKER_CONFIG is not specified, the value " + + doc = "A Bazel label for the docker client config.json. " + + "If this is not specified, the value " + "of the DOCKER_CONFIG environment variable will be used. " + - "DOCKER_CONFIG is not defined, the default set for the " + + "If DOCKER_CONFIG is not defined, the default set for the " + "docker tool (typically, the home directory) will be " + "used.", ),