FR: Why Bazel? #138
Comments
har00ga
added
documentation
|
Note: Please update DEPENDENCIES.md with the proper link for Why Bazel? after it has been created. See prysmaticlabs/prysm@6629ec4 |
* Fix a few deps to work with go.mod, check in generated files * Update Gossipsub to 1.1 (#5998) * update libs * add new validators * add new deps * new set of deps * tls * further fix gossip update * get everything to build * clean up * gaz * fix build * fix all tests * add deps to images * imports Co-authored-by: rauljordan <raul@prysmaticlabs.com> * Beacon chain builds with go build * fix bazel * fix dep * lint * Add github action for testing go * on PR for any branch * fix libp2p test failure * Fix TestProcessBlock_PassesProcessingConditions by updating the proposer index in test * Revert "Fix TestProcessBlock_PassesProcessingConditions by updating the proposer index in test" This reverts commit 4367689. * Compute and set proposer index instead of hard code * Add back go mod/sum, fix deps * go build ./... * Temporarily skip two tests * Fix kafka confluent patch * Fix kafka confluent patch * fix kafka build * fix kafka * Add info in DEPENDENCIES. Added a stub link for Why Bazel? until prysmaticlabs/documentation#138 * Update fuzz ssz files as well * Update fuzz ssz files as well * getting closer * rollback rules_go and gazelle * fix gogo protobuf * install librdkafka-dev as part of github actions * Update kafka to a recent version where librkafkfa is not required for go modules * clarify comment * fix kafka build * disable go tests * comment * Fix geth dependencies for end to end * rename word * lint * fix docker Co-authored-by: Nishant Das <nishdas93@gmail.com> Co-authored-by: rauljordan <raul@prysmaticlabs.com> Co-authored-by: terence tsao <terence@prysmaticlabs.com>
|
This would be great. As a contributor to the project I would also like to understand how exactly Bazel and Go co-exist in the project. Here is my question that I asked on Discord;
|
|
Any updates? |
rauljordan
added
priority:low
|
Can the documentation include the "how" on building without Bazel? While I have read through the rationale, there are plenty of reasons and examples of how dependency managers like bazel exponentially increase the number of vulnerabilities in produced products (legacy compilers and baseimages locked into bazel releases or Workspace workflows). We are very much against the use of these dependency managers as they are leading to vulnerability explosions in software today. Is there a detailed document/process for a release build of the c++ lib dependencies, rpc gRPCs libs, compile optimization flags, go build process for beacon-chain and validator, and dockerfiles for creating the containers? The lack of the build process and dependency abstraction is of great concern. |
|
Hi @smijolovic we agree with some of the concerns above. However, curious if you can give us evidence of |
Feature request: add documentation page with a full, in-depth, rationale around the design choice around bazel build tooling and why it is critical to the success of Prysm.
The text was updated successfully, but these errors were encountered: