Home¶

October 20, 2023
in security, bazel, buck2, build, reclient
5 min read

Secure Builds with Credential Helpers

Secure and reproducible builds are something we'd all like, and something many of us work on regularly.

One area that is frequently overlooked in the topic is how to securely provide credentials for external services used during a build. Systems often fall back to insecure methods like passing them on the command-line or storing them in plaintext on disk.

In this post, we will provide an overview of common authentication mechanisms and why they should not be considered secure, and then introduce Credential Helpers and how they do provide secure builds.

October 18, 2023
in engflow
4 min read

EngFlow Belfast Meetup

A lot has happened since our last update, so we’d like to provide you with recent and relevant insights. We welcome questions and feedback, which we’ll collect via a brief survey below.

From our early days, we have set our company’s priorities in the following order: Happy Team, Happy Customers, More Happy Customers. We’d like to provide you with a few updates in that construct.

October 16, 2023
in bazel, ibazel, livereload, javascript
8 min read

Coding in the Fast Lane with ibazel

The alternating sound of ctrl+s and ctrl+r followed by a deep sigh fill my days working on EngFlow's Build and Test UI. I mean, centering divs is already frustrating, but having to glance back and forth from one screen to another while refreshing the browser adds insult to injury. It doesn't help that being your average frontend dev I usually work with no less than a few thousand monitors. How else would I be able to look at the application, the code, and the ever present Flexbox layout cheatsheet at the same time?

Example of a minimal frontend dev's workstation

October 9, 2023
in bazel, security
2 min read

Configuring Bazel's Credential Helper

Configuring Bazel to authenticate against external services like Remote Caching, Remote Execution, a Build Event Service, or external repositories like http_archive or http_file has historically been challenging for many for users. However as of Bazel 5.4.0, Credential Helpers provide a simple, extensible, and secure way to inject credentials into a build.

October 5, 2023
in cmake, remote execution, performance
6 min read

Running CMake at scale

The main service we provide at EngFlow is Remote Execution (or RE for short). Remote Execution allows a build to run over a horizontally-scalable distributed system, thus speeding up highly parallelized builds. This parallelization is one of the features that make Bazel builds so scalable. Outside of Bazel, Buck2 and a few exotic build systems such as Chromium and AOSP, the adoption of this protocol is almost non-existent. Here at EngFlow we saw many C and C++ codebases successfully adopting RE, and decided to partner with tipi.build, experts in that field, to bring CMake support to EngFlow.

September 18, 2023
in bazel, testing
4 min read

Bazel Testing Tips

One of Bazel’s key features is that tests are treated as the same as other build actions. Bazel provides a uniform command line interface for running tests no matter the underlying language or test framework. While there’s much to be said about writing test rules and frameworks that mesh well with Bazel, this post will focus on the experience of running tests as a developer with bazel test. Running tests is a core software engineering workflow, so it’s not surprising Bazel has many useful features for iterating locally with a test.

September 11, 2023
in goma, reclient, chromium
8 min read

Goma is Gone — Put Everything Into Reclient!

On September 7th, Google officially announced the deprecation of the Goma remote execution platform used to accelerate Chromium builds. Chromium is migrating to Reclient, a more modern tool compatible with the Remote Execution API (RE-API) used by Bazel, Buck2, recc, and other tools.

We are writing to inform you that we plan to delete support for Goma in Chromium builds around the beginning of 2024. We will also stop maintaining the goma client and server.

If you use Goma to build a Chromium browser, this may seem like bad news — and it's true that it may cause you some disruption in the short term. However in the longer term, the benefits of switching to Reclient vastly outweigh the costs. This transition has been in the works for a long time, and the deprecation notice was only sent out after Reclient has been proven to work smoothly, with minimal client-side migration requirements.

August 18, 2023
in bazel, fun
4 min read

That’s cool, but can your build system run Snake?

Once upon a time a young and innocent Antonio spent healthy chunks of his youth playing Snake on a Nokia 3310; chasing apples and dodging his own tail. Surprisingly, much later, he found himself chasing the world of Developer Experience (DevEx) and build engineering, with no alchemy to be found.

June 1, 2023
in bazel, community
6 min read

Bazel Community Day – San Francisco

On May 23, 2023, EngFlow teamed up with Snap to organize a Bazel Community Day for the Bay Area. Over 70 people attended the event, hosted at Snap's offices in beautiful San Francisco.

April 26, 2023
in bazel, community
5 min read

Bazel Community Day – Israel

EngFlow and Wix bring the Bazel community together in Tel Aviv

On February 23, 2023 EngFlow and Wix teamed up to organize the first Bazel Community Day in Israel. Wix hosted the event in its event space in the picturesque Tel Aviv Port, welcoming guests from the Google Munich Bazel team, as well as engineers from local and global companies.

Impressions from Bazel Community Day, Tel Aviv