Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(rootless): help detection with execv check "is current builder rootless?" #1380

Merged
merged 4 commits into from
Dec 17, 2023
Merged

feat(rootless): help detection with execv check "is current builder rootless?" #1380

merged 4 commits into from
Dec 17, 2023

Conversation

fenollp
Copy link
Contributor

@fenollp fenollp commented Dec 3, 2023

I recently encountered #1098 and propose an iteration on the fix in #890

This patch adds a last minute check that looks up the current builder endpoint. This may be seen as a costly operation however, as mentioned in #889

Here's the output of docker builder inspect on my rootless install:

Name:          rootless
Driver:        docker
Last Activity: 2023-12-03 02:04:14 +0000 UTC

Nodes:
Name:      rootless
Endpoint:  rootless  # <= THIS HERE
Status:    running
Buildkit:  v0.11.7+d3e6c1360f6e
Platforms: linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/amd64/v4, linux/386
Labels:
 org.mobyproject.buildkit.worker.moby.host-gateway-ip: 172.17.0.1

@fenollp fenollp requested a review from a team as a code owner December 3, 2023 23:34
@Emilgardis
Copy link
Member

does docker info -f "{{println .SecurityOptions}}" mention rootless? if so we could maybe use that instead earlier in the chain, while we gather the server and client versions here

@fenollp
Copy link
Contributor Author

fenollp commented Dec 4, 2023

[name=seccomp,profile=builtin name=rootless name=cgroupns]

Alright I'll see about extracting this then, then :)

@fenollp fenollp marked this pull request as draft December 4, 2023 13:56
@fenollp
rewrite
4b2f955 
Signed-off-by: Pierre Fenoll <[email protected]>
@fenollp
redo tests
bd0be76 
Signed-off-by: Pierre Fenoll <[email protected]>
@fenollp
somewhat test is_rootless
edf7422 
Signed-off-by: Pierre Fenoll <[email protected]>
@fenollp fenollp marked this pull request as ready for review December 4, 2023 21:13
@fenollp
Copy link
Contributor Author

fenollp commented Dec 4, 2023

@Emilgardis here ya go

Emilgardis
Emilgardis requested changes Dec 5, 2023
View reviewed changes
Copy link
Member

@Emilgardis Emilgardis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

src/docker/engine.rs Show resolved Hide resolved
Emilgardis
Emilgardis approved these changes Dec 17, 2023
View reviewed changes
Copy link
Member

@Emilgardis Emilgardis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@Emilgardis Emilgardis added no changelog A valid PR without changelog (no-changelog) no-ci-targets PRs that do not affect any cross-compilation targets. labels Dec 17, 2023
@Emilgardis Emilgardis added this pull request to the merge queue Dec 17, 2023
Merged via the queue into cross-rs:main with commit 5896ed1 Dec 17, 2023
22 of 23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Emilgardis Emilgardis Emilgardis approved these changes

Assignees
No one assigned
Labels
no changelog A valid PR without changelog (no-changelog) no-ci-targets PRs that do not affect any cross-compilation targets.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fenollp @Emilgardis