https://pantsbuild.org/ logo
Join Slack
Powered by
Executing external tools this way is something tha...
# general
c
Executing external tools this way is something that make sense or what is the recommended path for this?
Copy code
file(
    name="grype",
    source=
        per_platform(
            macos_arm64=http_source("<https://github.com/anchore/grype/releases/download/v0.61.1/grype_0.61.1_darwin_arm64.tar.gz>", sha256="6a72f55f3106c9498ec5f5f967c71da754951b61a3d6c9122e08652ec80e5e66", len=123456),
        )
    
)

adhoc_tool(
    name="grype-scan",
    runnable=":grype",
    args=[""],
    execution_dependencies=[":scripts"],
    output_directories=["logs/my-script.log"],
    output_files=["results/"],
)
This does not work as file is not consider executable so it is refused by the runnable field
1
b
Haha I just went through this exercise. When I'm back on tower I can show you what I got
Copy code
def external_tool(name, exe, url, len, sha256):
    file(
        name=f"downloaded-{name}",
        source=http_source(
            len=len,
            sha256=sha256,
            url=url,
        ),
    )
    filename = url.rsplit("/", 1)[-1]
    command = f"chmod +x {filename}"
    if filename.endswith(".tar.gz"):
        command = f"tar -xf {filename} &&" + command
    shell_command(
        name=f"sandboxed-{name}",
        command=command,
        tools=["tar", "gzip", "chmod"],
        execution_dependencies=[f":downloaded-{name}"],
        output_directories=["."],
    )
    run_shell_command(
        name=name,
        command=f"exec -a $0 {{chroot}}/{build_file_dir() / exe}",
        execution_dependencies=[f":sandboxed-{name}"],
        workdir="/",
    )
c
Great thank you! still trying to get my head around pants and its logic
b
No worries! Feel free to ask questions 🙂
Also my code specifically works for downloaded executables or tarballs, feel free to slice as you need
c
Copy code
def external_tool(name, exe, url, len, sha256):
    file(
        name=f"downloaded-{name}",
        source=http_source(
            len=len,
            sha256=sha256,
            url=url,
        ),
    )
    filename = url.rsplit("/", 1)[-1]
    command = f"chmod +x {filename}"
    if filename.endswith(".tar.gz"):
        command = f"tar -xf {filename} &&" + command
    shell_command(
        name=f"sandboxed-{name}",
        command=command,
        tools=["tar", "gzip", "chmod"],
        execution_dependencies=[f":downloaded-{name}"],
        output_directories=["."],
    )
    run_shell_command(
        name=name,
        command=f"exec -a $0 {{chroot}}/{build_file_dir() / exe}",
        execution_dependencies=[f":sandboxed-{name}"],
        workdir="/",
    )

external_tool(
    name="grype2",
    exe="grype",
    url="<https://github.com/anchore/grype/releases/download/v0.61.1/grype_0.61.1_darwin_arm64.tar.gz>",
    sha256="6a72f55f3106c9498ec5f5f967c71da754951b61a3d6c9122e08652ec80e5e66",
    len=16285210)
Copy code
PY=python3 PANTS_SOURCE=../pants pants run ci:grype2                                            
Pantsd has been turned off via Env.
18:12:04.48 [INFO] Completed: Running the `shell_command` at `ci:sandboxed-grype2`
pants run ci:grype2 --: line 0: exec: run: not found
b
Usually trying with 
--keep-sandboxes=always
after 
pants
is illuminating. Let's you poke around the sandbox Pants created when running
c
yes i have it with on-failure
b
Oh try 
command=f'exec -a "$0" {{chroot}}/{build_file_dir() / exe}',
1
c
thanks it did launch
so was able to find my bearing to get a macro and some download for grype
how can i have the variable replacement or target resolution from a macro?
Copy code
docker_image(
    name="website-preview",
    source="Containerfile",
    dependencies=[":sources", ":version"],
    repository=".../website",
    image_tags=["pr-{build_args.PULL_REQUEST}"],
    description="Build website preview docker image",
    extra_build_args=["PULL_REQUEST"],
)

grype_run(
  name="grype",
  tag=".../website:pr-{build_args.PULL_REQUEST}",
  dependencies=[":website"],
)
the build_args.PULL_REQUEST is resolved for the docker_image but not for the macro grype_run
basically use the InterpolationContext.TextSource
b
You lost me 😅
c
If you’re trying out the 2.16.x release branch there’s now generic support for env vars in BUILD files (and macros).
Otherwise, for 
docker_image
the field value is just a string, so you use the interpolation from a macro just as you would directly in the BUILD file.
It doesn’t scale to use in other targets though, so that would require the use of 
env()
instead..
c
thanks it worked with env
👍 1
2 Views
Open in Slack
PreviousNext
Powered by