Build with podman may require --custom-cacerts #3862
Comments
judovana
added a commit
to judovana/temurin-build
that referenced
this issue
Jun 24, 2024
judovana
changed the title
sxa
added a commit
that referenced
this issue
Jun 25, 2024
* added podman to switches
with -D podman is preffered, becuase if there is podman, then docker
woudl be podman wrapper, and it is not 1:1 with original docker
All other work shoudl be in signalhandler.sh and docker-build.sh and
not sure how with ./docker/buildDocker.sh
* Adjusted signalHandler to countwith podman/docker
Not sure if it is used:
KEEP_CONTAINER and $CONTAINER_NAME are nowhere to found
however BUILD_CONFIG[KEEP_CONTAINER] and BUILD_CONFIG[CONTAINER_NAME] are
thus using them and BUILD_CONFIG[USE_DOCKER] for command handler
* reworked BUILD_CONFIG[DOCKER] to contain only sudo information
it is not used consitently anyway, there is BUILD_CONFIG[DOCKER] x
plain docker. It will be utilised to ${BUILD_CONFIG[DOCKER]} ${BUILD_CONFIG[USE_DOCKER]}
where commands are same.
Where not (eg buildah), ${BUILD_CONFIG[DOCKER]} will be used as needed
Once it is unified, it would be worth to rename
BUILD_CONFIG[DOCKER] to BUILD_CONFIG[CONTAINER_WITH_SUDO]
BUILD_CONFIG[USE_DOCKER] to BUILD_CONFIG[CONTAINER_PROVIDER]
* using the BUILD_CONFIG[DOCKER] BUILD_CONFIG[USE_DOCKER] combo proeprly
* On podman, set --userns=keep-id
* porecreate all necessary dirs
Podman is creating all mounted folders as root root 744
So next to --userns=keep-id which set proeprly the owner ow mounted
folder itself, we have to pre-create the used parents of mounted folder
Maybe this should be podman only, but afaik it do not hurt in docker
* Added warinbg to `docker build` command when used with podman
* Using absolute path instead of "."
however it was not guilty:
open my $fh, '<', $filename or die "Couldn't open file: $!";
in mk-ca-bundle.pl is.
* docker-build.sh jsut-> just
Co-authored-by: Stewart X Addison <[email protected]>
* Removed unused parameter of buildOpenJDKViaDocker
buildOpenJDKViaDocker do not need ${BUILD_CONFIG[USE_DOCKER]} as
parameter. docker-build.sh is inheriting the whole BUILD_CONFIG
* use which podman without [] and to dev/null
Co-authored-by: Stewart X Addison <[email protected]>
* Revert "Using absolute path instead of ".""
This reverts commit 55f1195.
* Fixed issue with missing test for mk-ca-bundle.pl
* Always generate configure-and-build.sh
* Removed more hardcoded dockers
* Do not set boot jdk for docekr builds (it is removed later anyway)
* Added few more missing dirs
* Fixed boot jdk check against new docker/podman/false
* replacing missed ${BUILD_CONFIG[DOCKER]} by ${BUILD_CONFIG[DOCKER]} "${BUILD_CONFIG[USE_DOCKER]}"
Originally, this patch started to fix properly quote for safety (thanx
linter), I foudn that on sme pleaces, original ${BUILD_CONFIG[DOCKER]}
was not repalced by new tandem. ${BUILD_CONFIG[DOCKER]} was 'docker'
or 'sudo docker'. I had split it, so ${BUILD_CONFIG[DOCKER]} is sudo or
nothing and ${BUILD_CONFIG[USE_DOCKER]}" is docker or podman. The
variables have to be renamed at the end to adhere more to theirs purposes.
* instead of workspace/build/src creatig directly /workspace/build
all sub dirs should be then created by follwoing prepare-workspace
* Remoed accident tab
* Added support for building local dir/src tarball in contianer
* Removed wrongly added ASSEMBLE_EXPLODED_IMAGE=true to container builds
* used -n instead of '! -z '
* Highlighted sudo for dcoekr
* Added missing bracket
* Fixed typo
* Mentioned issue with --custom-cacerts on podman
with #3862
* renamed USE_DOCKER->CONTAINER_COMMAND DOCKER->CONTAINER_AS_ROOT
BUILD_CONFIG[USE_DOCKER]-> BUILD_CONFIG[CONTAINER_COMMAND]
BUILD_CONFIG[DOCKER] -> BUILD_CONFIG[CONTAINER_AS_ROOT]
BUILD_CONFIG[USE_DOCKER] values: false, podman, docker
BUILD_CONFIG[DOCKER] values: sudo,empty string
Other docker based variables which are globally container bound remained
intact (CLEAN_DOCKER_BUILD, DEBUG_DOCKER, DOCKER_FILE_PATH...)
* Improved warning about --custom-cacerts
---------
Co-authored-by: Stewart X Addison <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When podman support was added - #3796 - to containerised build, an weird exception was spotted: #3796 (comment)
To workaround it, podman build must be configured with
--custom-cacertsDocker build do not suffer this problem. This problem will be solved asap.
The text was updated successfully, but these errors were encountered: