Skip to content

Add new rules to automatically handle rpath patching, SO symlinking & misc files packaging#47807

Draft
chouquette wants to merge 15 commits intomainfrom
chouquette/bazel/automatic_deps_rpath/1
Draft

Add new rules to automatically handle rpath patching, SO symlinking & misc files packaging#47807
chouquette wants to merge 15 commits intomainfrom
chouquette/bazel/automatic_deps_rpath/1

Conversation

@chouquette
Copy link
Contributor

@chouquette chouquette commented Mar 13, 2026
edited
Loading

What does this PR do?

This PR adds a few new rules & aspect in order to simplify our dependencies management, and drop the need to manually patch rpath for our executables & shared libraries.

  • The dd_cc_packaged macro serves as a wrapper on top of CcInfo or CcSharedLibrary. It can be used transparently just like a cc_binary or cc_shared_library executable, but also takes an installed_files attribute, which can bundle a set of files along with the binary. At installation time, these files will be installed along with the executable and/or shared objects.
    • If a version is provided, symlinks for that version will be created automatically
    • The macro automatically appends the rpath patched version of the binary to the list of files to install at packaging time
  • A dd_collect_dependencies rule that leverages a new _collect_dd_packaging_aspect aspect. It automatically walks the build tree to find all binaries provided by dd_cc_packaged and includes their installed_files to the list of files to install

Motivation

Getting rid of the manual rewrite_rpath invocations that are left in the omnibus recipes.

At the end of the day, we want to:

  • be able to automatically install all libraries and all their associated files
  • automatically patch the rpath when installing
  • automatically provide symlinks when installing
  • not having to care about what dependencies should be pulled in with a tool that we want to install. If we need openscap to be installed, we should include all its dependencies, their dependencies' dependencies, and so on.

Describe how you validated your changes

Mostly to be done through the CI and file inventory check, but also by manually building & installing openscap locally

Additional Notes

This is only at the POC level. It only handles zlib so prove that we can still build with a wrapped object, and since zlib is the most commonly used lib, it's a good candidate for this.
RPM is used as the example for automatic installation as it's only used in openscap, so it's simple to just remove it from openscap.rb and check that we don't miss any file afterward.

All namings are debatable, no doc was provided until the API is settled.

chouquette added 12 commits March 13, 2026 12:12
@chouquette
bazel: introduce a DdPackagingInfo provider
1cddc93 
It will allow us to wrap our cc_binary and cc_shared_library and
propagate the files that must be installed along, and traverse the build
tree to automatically propagate (potentially patched) dependencies based
on the final binary we want to ship.
@chouquette
bazel: introduce a dd_cc_shared_library macro
99e54b3 
It currently only provides rpath patching of cc_shared_library, but can
later be extended to handle stripping.
In a later step, it will also include providers for automatic dependency
gathering but without requiring call sites changes
@chouquette
deps: zlib: expose a wrapped cc_shared_library
535987d
@chouquette
deps: use the wrapped zlib shared library
ed9d228 
fixup

remove comment from dd_ss_shared
@chouquette
bazel: allow some files to be provided for install with a cc_shared_lib
49f0d99
@chouquette
bazel: rename dd_cc_shared_library to dd_cc_packaged
1769125 
It now handles both cc_shared_library & cc_binary the same way
@chouquette
bazel: introduce a dd_collect_dependencies rule
2e67530 
It will walk the build tree to collect all files that need to be
installed alongside a dependency and will allow us to drop the manual
installation from omnibus recipes
@chouquette
bazel: dd_cc_packaged: ensure a visibility can be provided
2f78e06
@chouquette
bazel: so_symlink: allow visibility to be provided
99c1cc9
@chouquette
deps: zlib: move to dd_cc_packaged
99dd616 
This removes the explicit so_symlink invocation and start paving the way
for automated dependency files collection & packaging
@chouquette
deps: start using dd_collect_dependencies from openscap
690f48e 
rpm serves as a POC to prove that we can now remove individual file
installation & patching by leveraging the new aspect to do it for us
@chouquette
omnibus: don't manually install rpm anymore
92fd888
@github-actions github-actions bot added the long review PR is complex, plan time to review it label Mar 13, 2026
@chouquette chouquette added changelog/no-changelog No changelog entry needed qa/no-code-change No code change in Agent code requiring validation labels Mar 13, 2026
@chouquette chouquette force-pushed the chouquette/bazel/automatic_deps_rpath/1 branch from 5a22faa to 1c4565d Compare March 13, 2026 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

changelog/no-changelog No changelog entry needed internal Identify a non-fork PR long review PR is complex, plan time to review it qa/no-code-change No code change in Agent code requiring validation team/agent-build team/agent-cspm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chouquette