Has any work gone into allowing Pants to build con...
# generall
limited-insurance-37393
06/15/2022, 3:25 PMHas any work gone into allowing Pants to build container images using Podman or Buildah to allow for rootless builds in CI environments?
👀 1
limited-insurance-37393
06/15/2022, 3:30 PM@curved-television-6568 curious if you have explored this at all given your work on the Docker implementation
c
curved-television-6568
06/15/2022, 3:34 PMI’ve been exploring it, yes, but haven’t gotten that far, yet. There’s a couple of tickets for this:
https://github.com/pantsbuild/pants/issues/14657
https://github.com/pantsbuild/pants/issues/14395
b
big-crayon-94763
06/15/2022, 3:52 PMI have a WIP plugin that uses buildah to create an image and then build an RPM package inside the container. Most of my work was on the RPM side and I just quickly built something to use buildah based on the docker plugin so it isn't good enough for general use. Would love to see buildah / podman added!
b
busy-vase-39202
06/16/2022, 12:53 AM@big-crayon-94763 is the wip plugin something you'd be comfortable sharing? Maybe someone in the community would find it a helpful starting point to build upon...?
busy-vase-39202
06/16/2022, 12:53 AM(no pressure if you'd rather not post it)
b
big-crayon-94763
06/16/2022, 1:30 PMRight now it is very specific to our company needs but I do want to try and extract something or at least write about it once it is done. I'm working on something else for the moment but intend to get back to it when I can!
👍 1
big-crayon-94763
06/16/2022, 1:34 PMThis is my BuildahBinary rule:
Copy code
from dataclasses import dataclass
from typing import Mapping
from pants.core.util_rules.system_binaries import (
BinaryPath,
BinaryPathRequest,
BinaryPaths,
BinaryPathTest,
BinaryShims,
BinaryShimsRequest,
)
from pants.engine.environment import Environment, EnvironmentRequest
from pants.engine.fs import Digest
from pants.engine.rules import Get, rule, collect_rules
from pants.util.logging import LogLevel
import os
@dataclass
class BuildahBinary(BinaryPath):
"""The `buildah` binary."""
extra_env: Mapping[str, str]
extra_input_digests: Mapping[str, Digest]
def __init__(
self,
path: str,
fingerprint: str,
extra_env: Mapping[str, str],
extra_input_digests: Mapping[str, Digest],
) -> None:
self.extra_env = {} if extra_env is None else extra_env
self.extra_input_digests = extra_input_digests
super().__init__(path, fingerprint)
@rule(level=LogLevel.DEBUG)
async def get_buildah_binary() -> BuildahBinary:
request = BinaryPathRequest(
binary_name="buildah",
search_path=["/usr/local/bin"],
test=BinaryPathTest(args=["-v"]),
)
paths = await Get(BinaryPaths, BinaryPathRequest, request)
first_path = paths.first_path_or_raise(request, rationale="use buildah")
# fixes these warnings:
# "The cgroupv2 manager is set to systemd but there is no systemd user session available"
# "For using systemd, you may need to login using an user session"
# "Alternatively, you can enable lingering with: `loginctl enable-linger 1000` (possibly as root)"
# "Falling back to --cgroup-manager=cgroupfs"
env = await Get(Environment, EnvironmentRequest(["DBUS_SESSION_BUS_ADDRESS"]))
tools = await Get(
BinaryShims,
BinaryShimsRequest,
BinaryShimsRequest.for_binaries(
*["newgidmap", "newuidmap", "ls"],
rationale="use buildah",
output_directory="bin",
search_path=["/usr/bin"],
),
)
tools_path = ".shims"
extra_env = {**env, "PATH": os.path.join(tools_path, tools.bin_directory)}
extra_input_digests = {tools_path: tools.digest}
return BuildahBinary(
first_path.path,
first_path.fingerprint,
extra_env=extra_env,
extra_input_digests=extra_input_digests,
)
def rules():
return collect_rules()