This repository has been archived by the owner on Oct 2, 2023. It is now read-only.
container_run_and_extract does not work with Podman
#2251
Comments
|
I forgot to mention that a workaround is to use different sandboxing and with |
nyoxi
added a commit
to nyoxi/forklift
that referenced
this issue
Apr 27, 2023
The appliance used Kubevirt is missing some packages we need. For legal reasons it is not possible to include the missing packages there. We need to build our own fixed appliance. We imitate multi-stage Dockerfile build in Bazel. Unfortunately container_run_and_extract() does not work with Podmana [1] and Bazel's linux-sandbox. Slightly less secure but working processwrapper sandbox is used as a workaround. [1] bazelbuild/rules_docker#2251 Signed-off-by: Tomáš Golembiovský <[email protected]>
nyoxi
added a commit
to nyoxi/forklift
that referenced
this issue
Apr 27, 2023
The appliance from Kubevirt [1] is missing some packages we need. For legal reasons it is not possible to include the missing packages there. We need to build our own fixed appliance. We imitate multi-stage Dockerfile build in Bazel. Unfortunately container_run_and_extract() does not work with Podmana [2] and Bazel's linux-sandbox. Slightly less secure but working processwrapper sandbox is used as a workaround. [1] kubevirt/libguestfs-appliance#17 [2] bazelbuild/rules_docker#2251 Signed-off-by: Tomáš Golembiovský <[email protected]>
nyoxi
added a commit
to nyoxi/forklift
that referenced
this issue
May 2, 2023
The appliance from Kubevirt [1] is missing some packages we need. For legal reasons it is not possible to include the missing packages there. We need to build our own fixed appliance. We imitate multi-stage Dockerfile build in Bazel. Unfortunately container_run_and_extract() does not work with Podmana [2] and Bazel's linux-sandbox. Slightly less secure but working processwrapper sandbox is used as a workaround. [1] kubevirt/libguestfs-appliance#17 [2] bazelbuild/rules_docker#2251 Signed-off-by: Tomáš Golembiovský <[email protected]>
nyoxi
added a commit
to nyoxi/forklift
that referenced
this issue
May 2, 2023
The appliance from Kubevirt [1] is missing some packages we need. For legal reasons it is not possible to include the missing packages there. We need to build our own fixed appliance. We imitate multi-stage Dockerfile build in Bazel. Unfortunately container_run_and_extract() does not work with Podman [2] and Bazel's linux-sandbox. Slightly less secure but working processwrapper sandbox is used as a workaround. [1] kubevirt/libguestfs-appliance#17 [2] bazelbuild/rules_docker#2251 Signed-off-by: Tomáš Golembiovský <[email protected]>
ahadas
pushed a commit
to kubev2v/forklift
that referenced
this issue
May 2, 2023
The appliance from Kubevirt [1] is missing some packages we need. For legal reasons it is not possible to include the missing packages there. We need to build our own fixed appliance. We imitate multi-stage Dockerfile build in Bazel. Unfortunately container_run_and_extract() does not work with Podman [2] and Bazel's linux-sandbox. Slightly less secure but working processwrapper sandbox is used as a workaround. [1] kubevirt/libguestfs-appliance#17 [2] bazelbuild/rules_docker#2251 Signed-off-by: Tomáš Golembiovský <[email protected]>
ahadas
pushed a commit
to kubev2v/forklift
that referenced
this issue
Jun 8, 2023
The appliance from Kubevirt [1] is missing some packages we need. For legal reasons it is not possible to include the missing packages there. We need to build our own fixed appliance. We imitate multi-stage Dockerfile build in Bazel. Unfortunately container_run_and_extract() does not work with Podman [2] and Bazel's linux-sandbox. Slightly less secure but working processwrapper sandbox is used as a workaround. [1] kubevirt/libguestfs-appliance#17 [2] bazelbuild/rules_docker#2251 Signed-off-by: Tomáš Golembiovský <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
🐞 bug report
Affected Rule
The issue is caused by the rule:
container_run_and_extractwhen run with Podman.Is this a regression?
I don't have prior experience and I cannot answer this.
Description
When Podman is used instead of Docker to run containers together with
linux-sandboxin Bazel, the execution ofcontainer_run_and_extractcommand fails with errors because of read-only mounts. E.g.:When I try to workaround it by adding several
--sandbox_writable_patharguments the build further fails with:I am running it as a non-root user if that is relevant.
🔬 Minimal Reproduction
🔥 Exception or Error
See the description above.
🌍 Your Environment
Operating System:
Output of
bazel version:Rules_docker version:
Anything else relevant?
The text was updated successfully, but these errors were encountered: