Hey folks I m trying to get environments working for osx use Pants #general

Hey folks, I'm trying to get environments working ...

powerful-scooter-95162

06/19/2024, 6:06 PM

Hey folks, I'm trying to get environments working for osx users so they can build linux binaries/containers for prod. The building is working as intended, but when I attempt to publish the containers to AWS ECR using pants publish on my usual Linux setup, I get auth errors, even when I pare down the setup to just a local_environment. Presumably this is docker-credential-ecr-login being unable to access ~/.aws/ when environments are used, but it's obviously hard to debug

powerful-scooter-95162

06/19/2024, 6:13 PM

specifically I think it needs access to ~/.aws/ since we're using AWS' sso profile thing where the env var is just AWS_PROFILE= When I run containers locally I map ~/.aws/ into them for aws commands to work inside them with our auth setup

powerful-scooter-95162

06/19/2024, 8:53 PM

though very weirdly, this all works fine on an osx machine through docker?

powerful-scooter-95162

06/19/2024, 9:43 PM

This is the debug level output for the publish:

Copy code

17:38:53.85 [DEBUG] Execute InteractiveProcess(process=Process(argv=('/usr/bin/docker', 'push', '<account>.<http://dkr.ecr.us-east-1.amazonaws.com/api:0.1-73359abbef5c3bd099fa5f8972adaa4aabf698d72b01fd76bfa01db8ec23b5ab'|dkr.ecr.us-east-1.amazonaws.com/api:0.1-73359abbef5c3bd099fa5f8972adaa4aabf698d72b01fd76bfa01db8ec23b5ab'>), description='Interactive process', level=<LogLevel.INFO: 'info'>, input_digest=Digest('e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 0), immutable_input_digests=FrozenDict({'_binary_shims_5ede0345e5f621b11b9a009823e7d2c9512866663bd1844a59e2317131fd6b82': Digest('5ede0345e5f621b11b9a009823e7d2c9512866663bd1844a59e2317131fd6b82', 691)}), use_nailgun=(), working_directory=None, env=FrozenDict({'PATH': '{chroot}/_binary_shims_5ede0345e5f621b11b9a009823e7d2c9512866663bd1844a59e2317131fd6b82'}), append_only_caches=FrozenDict({}), output_files=(), output_directories=(), timeout_seconds=-1, jdk_home=None, execution_slot_variable=None, concurrency_available=0, cache_scope=<ProcessCacheScope.SUCCESSFUL: 'successful'>, remote_cache_speculation_delay_millis=0, attempt=0), run_in_workspace=False, forward_signals_to_process=True, restartable=False, keep_sandboxes=<KeepSandboxes.never: 'never'>)
17:38:53.85 [DEBUG] Completed: setup_sandbox
log: failed to find directory: exec: "getent": executable file not found in $PATHThe push refers to repository [<account>.<http://dkr.ecr.us-east-1.amazonaws.com/api|dkr.ecr.us-east-1.amazonaws.com/api>]
485ef1dc05e4: Preparing
...
b706c187b212: Waiting
no basic auth credentials
17:38:59.06 [DEBUG] Completed: interactive_process

✕ <account>.<http://dkr.ecr.us-east-1.amazonaws.com/api:0.1-73359abbef5c3bd099fa5f8972adaa4aabf698d72b01fd76bfa01db8ec23b5ab|dkr.ecr.us-east-1.amazonaws.com/api:0.1-73359abbef5c3bd099fa5f8972adaa4aabf698d72b01fd76bfa01db8ec23b5ab> failed.

Running the docker push command in that output works just fine

powerful-scooter-95162

06/19/2024, 9:45 PM

I guess it could also be failing to pass the AWS_PROFILE env var

powerful-scooter-95162

06/19/2024, 9:52 PM

actually, yeah, in that debug output I see that the

env=FrozenDict({'PATH': '{chroot}/_binary_shims_5ede0345e5f621b11b9a009823e7d2c9512866663bd1844a59e2317131fd6b82'})

whereas when I run it without environments, this has my AWS_PROFILE and other env vars

powerful-scooter-95162

06/19/2024, 9:58 PM

ok, yeah, hacking

docker_env_vars=["AWS_PROFILE=profile"]

into my local_environment fixes this

broad-processor-92400

06/20/2024, 3:39 AM

Sorry for the trouble. Did you get it working fully successfully now?

happy-kitchen-89482

06/20/2024, 11:14 AM

This would make a good short "how to do it" blog post!

happy-kitchen-89482

06/20/2024, 11:17 AM

If you feel like writing it up @powerful-scooter-95162?

powerful-scooter-95162

06/20/2024, 12:55 PM

I did get it working, but I think the env var thing may be an issue with pants, I don't think duplicating my pants.toml [docker].env_vars in my local_environment docker_env_vars should be necessary. Happy to write up a short blog post on the building Linux x64 containers on apple silicon though.

happy-kitchen-89482

06/23/2024, 10:37 AM

That would be fantastic

happy-kitchen-89482

06/23/2024, 10:38 AM

Blog posts are now just PRs in https://github.com/pantsbuild/pantsbuild.org/tree/main/blog

powerful-scooter-95162

06/24/2024, 7:37 PM

@happy-kitchen-89482 I wrote a draft of a short blog post https://github.com/kuza55/pantsbuild.org/blob/main/blog/2024-07-01-building-linux-on-osx-silicon/index.mdx

🙏 2

happy-kitchen-89482

06/30/2024, 11:43 AM

Looks great! Can you send a PR? I have just one comment which is that the heading "Errors to help Google users" is a bit confusing. I get what you mean ("I'm putting this here so Google will index it") but a casual reader might wonder what Google has to do with it. Maybe that heading could just be more topical? Something like "Common Architecture Errors"?

powerful-scooter-95162

07/01/2024, 3:42 PM

@happy-kitchen-89482 changed the heading & a few more small updates: https://github.com/pantsbuild/pantsbuild.org/pull/230

🙏 1

5 Views

Open in Slack

Previous Next