https://pantsbuild.org/ logo
Join Slack
Powered by
When running a build in a `docker_environment` I g...
# development
p
When running a build in a 
docker_environment
I get a an error after pants installs its standalone python in the container. When i check in the bin dir the executables lack 
x
permissions. If i manually 
chmod +x
then the build proceeds as normal. The container is running as 
root
also.
Copy code
16:37:06.23 [INFO] Initializing scheduler...
16:37:06.28 [INFO] Initializing Nailgun pool for 20 processes...
16:37:09.09 [INFO] Scheduler initialized.
16:37:32.58 [ERROR] 1 Exception encountered:

Engine traceback:
  in `package` goal

ProcessExecutionFailure: Process 'Find interpreter for constraints: CPython<3.13,>=3.12.7' failed with exit code 126.
stdout:
OCI runtime exec failed: exec failed: unable to start container process: exec: "/pants-named-caches/python_build_standalone/5e8ca33b9f968d45c562dc4dbf5ea34945daef5bcc25e8a82eb02c25be4292c0/bin/python3": permission denied: unknown

stderr:



Use `--keep-sandboxes=on_failure` to preserve the process chroot for inspection.
f
The named caches are bind mounted into the host environment.
How are the permissions (e.g. user/group) for the named cache directory tree in the host environment?
p
Copy code
{
			"Type": "volume",
			"Name": "pants-named-caches-4f4694b233a1",
			"Source": "/var/lib/docker/volumes/pants-named-caches-4f4694b233a1/_data",
			"Destination": "/pants-named-caches",
			"Driver": "local",
			"Mode": "z",
			"RW": true,
			"Propagation": ""
		},
Looks like it's a volume mount if i'm not mistaken
f
Ah yeah, that detail changed then since I last looked at this code (which was a long while ago).
Maybe mount the volume in a container and poke around to see how the permissions are?
For example, you should be able to execute the Python from Python Build Standalone (at the subpath 
python_build_standalone/5e8ca33b9f968d45c562dc4dbf5ea34945daef5bcc25e8a82eb02c25be4292c0/bin/python3
) successfully.
p
I changed the image to vanilla 
ubuntu:24.04
still get the same issue, for more context Im on mac running docker-desktop 4.37.2 with docker VMM
Copy code
docker_environment(
    name="build",
    image="ubuntu:24.04",
)
f
right, but are you able to execute the Python distribution in that named cache even without Pants? i.e., 
docker run -ti --mount=type=volume,src=pants-named-caches-4f4694b233a1,dst=/named-caches  ubuntu:24.04
. Then try executing 
/named-caches/python_build_standalone/5e8ca33b9f968d45c562dc4dbf5ea34945daef5bcc25e8a82eb02c25be4292c0/bin/python3
within that container.
And maybe also look at any logs on your machine to see if any reason for the permission error was logged somewhere.
p
Copy code
/bin/sh: 4: /pants-named-caches/python_build_standalone/5e8ca33b9f968d45c562dc4dbf5ea34945daef5bcc25e8a82eb02c25be4292c0/bin/python3: Permission denied
Do you know where the bootsrap install script is located so i can run it manually?
f
It's a dynamically generated shell script which is then run inside the container.
p
If I manualy download the tarball ,extract it in that volume, it has the right perms
f
I would suggest the next step of running Pants from sources and adding additional error checking and validation logic to the install script generated in the rules.
And hopefully that provides more information on what is going on.
5 Views
Open in Slack
PreviousNext
Powered by