Commit graph

903 commits

Author SHA1 Message Date
Debarshi Ray
685f1f794d test/system: Be more strict when checking the version
https://github.com/containers/toolbox/pull/1165
2022-11-17 11:28:00 +01:00
Ondřej Míchal
fe63222916 cmd/completion: Use RunE instead of Run as elsewhere
Fallout from d69ce6794b

https://github.com/containers/toolbox/pull/1055
https://github.com/containers/toolbox/pull/840
2022-11-17 10:20:01 +01:00
Debarshi Ray
9b7793bd76 cmd/create: Fix typo
Fallout from e935ed893d

https://github.com/containers/toolbox/pull/1164
2022-11-16 23:01:25 +01:00
Debarshi Ray
68d63bf09e test/system: Ensure that the right containers are run
https://github.com/containers/toolbox/pull/1163
2022-11-16 20:46:47 +01:00
Debarshi Ray
a61f88d7b2 test/system: Ensure that /run/.containerenv and /run/.toolboxenv exist
This is a precursor to verifying the names of the containers and
ensuring that the right ones are getting used.

https://github.com/containers/toolbox/pull/1163
2022-11-16 20:46:47 +01:00
Debarshi Ray
0000c68ee6 test/system: Ensure that 'toolbox run false' has exit code 1
This is a precursor to checking that higher valued exit codes from the
command running inside the container are retained, and commands like
test(1) can be used with 'toolbox run ...' in subsequent test cases.

https://github.com/containers/toolbox/pull/1163
2022-11-16 20:46:40 +01:00
Debarshi Ray
78683b38ae test/system: Use long options, instead of their shorter aliases
The long options are easier to grep(1) for in the sources than their
shorter aliases.

https://github.com/containers/toolbox/pull/1162
2022-11-16 19:56:24 +01:00
Debarshi Ray
220164b396 test/system: Shorten the names of the tests and use consistent wording
Currently, some of the names of the tests were too long, and had
inconsistent and verbose wording.  This made it difficult to look at
them and get a gist of all the scenarios being tested.  The names are
like headings.  They shouldn't be too long, should capture the primary
objective of the test and be consistent in their wording.

https://github.com/containers/toolbox/pull/1161
2022-11-16 19:49:56 +01:00
Debarshi Ray
8ec03ab85f test/system: Order the tests by increasing order of the exit code
This is another step towards making it easy to look at the file and get
a gist of all the scenarios being tested.

https://github.com/containers/toolbox/pull/1161
2022-11-16 13:41:43 +01:00
Debarshi Ray
485489867b test/system: Simplify the exit code checks by relying on Bats >= 1.5.0
Commit 978bb524e4 already added a dependency on Bats >= 1.5.0,
which is present in Fedora >= 35.  Therefore, it should be exploited
wherever possible to simplify things.

However, bats_require_minimum_version can't be used, because it's
only available from Bats 1.7.0 [1], which is new enough that it's absent
from Fedora 35.

[1] Bats commit 71d6b71cebc3d32b
    https://github.com/bats-core/bats-core/issues/556
    https://bats-core.readthedocs.io/en/stable/warnings/BW02.html

https://github.com/containers/toolbox/pull/1161
2022-11-16 13:41:39 +01:00
Debarshi Ray
80f9ac754d test/system: Remove redundant assertion
Fallout from 978bb524e4

https://github.com/containers/toolbox/pull/1161
2022-11-16 13:40:36 +01:00
Debarshi Ray
04e94868e0 test/system: Check the line count in the standard error & output streams
https://github.com/containers/toolbox/pull/1160
2022-11-16 12:51:35 +01:00
Debarshi Ray
e8ad1eaad0 test/system: Ensure that error messages go to the standard error stream
Currently, there's no way to get assert_line to use the stderr_lines
array [1].  This is worked around by assigning stderr_lines to the
'lines' array.

[1] https://github.com/bats-core/bats-assert/issues/42

https://github.com/containers/toolbox/pull/1160
2022-11-16 12:36:46 +01:00
Debarshi Ray
8b7511ab6f playbooks/dependencies: Improve the names of the tasks
https://github.com/containers/toolbox/pull/1158
2022-11-16 11:11:18 +01:00
Debarshi Ray
03922893af playbooks: Highlight failures from 'meson compile' and 'meson install'
Currently, 'meson compile' and 'meson install' were being invoked from
pre-run playbooks.  This meant that a genuine build failure from either
of those commands would be shown as a RETRY_LIMIT failure by the CI.

This was misleading.  It made it look as if the failure was caused by
some transient networking problem or that the CI node was too slow due
to momentary heavy load, whereas the failure was actually due to a
problem in the Toolbx sources.  A genuine problem in the sources should
be reflected as a FAILURE, not RETRY_LIMIT.

However, it's worth noting that 'meson compile' invokes 'go build',
which downloads all the Go modules required by the Toolbx sources.  This
is worth retaining in the pre-run playbooks since it primarily depends
on Internet infrastructure beyond the Toolbx sources.

As a nice side-effect, the CI no longer gets mysteriously stuck like
this while the Go modules are being downloaded:
  TASK [Build Toolbox]
  ci-node-36 | ninja: Entering directory
    `/home/zuul-worker/src/github.com/containers/toolbox/builddir'
  ...
  ci-node-36 | [8/13] Generating doc/toolbox-rmi.1 with a custom command
  ci-node-36 | [9/13] Generating doc/toolbox-run.1 with a custom command
  ci-node-36 | [10/13] Generating doc/toolbox.conf.5 with a custom
    command
  ci-node-36 | [11/13] Generating src/toolbox with a custom command

https://github.com/containers/toolbox/pull/1158
2022-11-16 11:11:01 +01:00
Debarshi Ray
9bf9f97e2c test/system: Ensure that 'toolbox run --preserve-fds ...' works
Note that file descriptors 3 and 4 are reserved by Bats.  The former is
used for adding custom text to the Test Anything Protocol (or TAP)
stream [1] and the latter for tracing [2].

[1] https://bats-core.readthedocs.io/en/stable/writing-tests.html#file-descriptor-3-read-this-if-bats-hangs
    https://bats-core.readthedocs.io/en/stable/writing-tests.html#printing-to-the-terminal

[2] Bats commit 635700cd2282b754
    https://github.com/bats-core/bats-core/pull/467
    https://github.com/bats-core/bats-core/pull/488

https://github.com/containers/toolbox/issues/1066
2022-11-14 23:10:29 +01:00
Allison Karlitskaya
d4213c2358 Support leaking additional file descriptors to the container
This mirrors the --preserve-fds option of Podman.

Converting an unsigned 'uint', which is what Podman uses for its
--preserve-fds option, to a string is surprisingly annoying.
strconv.Itoa [1] takes a signed 'int', which would require a cast, and
there's no unsigned counterpart.  There's strconv.FormatUint [2] which
takes an unsigned 'uint64', which is better, but would still require a
cast.

So, fmt.Sprint [3] it is, if the cast is to be avoided.  It's more
expensive than the other two functions, but there's no need to worry
unless it's proven to be a performance bottle neck.

Some changes by Debarshi Ray.

[1] https://pkg.go.dev/strconv#Itoa

[2] https://pkg.go.dev/strconv#FormatUint

[3] https://pkg.go.dev/fmt#Sprint

https://github.com/containers/toolbox/issues/1066

Signed-off-by: Allison Karlitskaya <allison.karlitskaya@redhat.com>
2022-11-14 22:28:27 +01:00
Debarshi Ray
f779c798f0 test/system: Remove workaround for carriage return without a terminal
Commit a22d7821cb ensured that a nested pseudo-terminal device is
only created for the process running inside the container, if the Toolbx
binary's standard input and output streams are connected to a terminal.

Therefore, 'echo ...' no longer ends with an unwanted extra carriage
return when terminal devices are absent - there's only a line feed for
the trailing newline.  Hence, there's no need to use the -n flag to skip
the trailing newline.

This reverts parts of commit 16b0c5d88f.

https://github.com/containers/toolbox/issues/157
2022-11-10 19:28:54 +01:00
Debarshi Ray
190a76ac0a test/system: Group the test cases somewhat logically
It seems that as new test cases got developed they got appended towards
the end of the file.  Now that there are a non-trivial number of test
cases, it's difficult to look at the file and get a gist of all the
scenarios being tested.

It will be better to have some logical grouping -- starting with the
most basic functionality, then moving on to more advanced features,
and then finally the errors.

This is a step towards that.

https://github.com/containers/toolbox/pull/1155
2022-11-10 18:09:19 +01:00
Debarshi Ray
12940e0b45 cmd/run: Suppress errors from Podman when interactive and not verbose
Here's some historical context to understand what's going on.

In the past, before commit a22d7821cb, Podman's standard error
stream was only revealed when --verbose was used.

During that time, the standard error and output streams of the process
running inside the Toolbx container, but not 'podman exec ...' itself,
were merged into the standard output stream read and revealed by the
Toolbx binary.

Then commit a22d7821cb ensured that a nested pseudo-terminal
device is only created for the process running inside the container, if
the Toolbx binary's standard input and output streams are connected to a
terminal.  This meant that the standard error stream of the container
process stayed separate from the standard output stream received by the
Toolbx binary, when terminal devices were absent.  The errors from
'podman exec ...' itself continued to be separate as before.

However, Toolbx only read and revealed the standard error stream of the
spawned 'podman exec ...' process when --verbose was used.  This meant
that all the errors from the container process got lost in the absence
of --verbose.  This was an unintended change in behaviour caused by
commit a22d7821cb that got addressed in the subsequent commit
7cba807e45, but with yet another unintended change in behaviour.

Commit 7cba807e45 started reading and revealing the standard
error stream of the spawned 'podman exec ...' process unconditionally.
This caused the errors from both Podman and the container process to be
revealed unconditionally, which is a problem.

Podman is an implementation detail of Toolbx.  Therefore, Toolbx users
shouldn't be directly exposed to errors from Podman, unless they are
using --verbose to debug a problem.  On the other hand, the container
process is the outcome of a command specified by the user.  So, the user
does expect to see what's going on with it.

That's the unintended change in behaviour this commit tries to fix.

Unfortunately, when Toolbx is being used non-interactively (ie., no
terminal devices), the errors from the process running inside the
Toolbx container and the errors from 'podman exec ...' itself are part
of the same standard error stream received by Toolbx.  It's impossible
to distinguish between the two without deeper changes.

Hence, this commit only focuses on interactive use (ie., terminals are
present), which is where the visual appearance and presentation of error
messages really matter.  Non-interactive use is programmatic use, so the
visuals don't matter so much.

Fallout from 7cba807e45

https://github.com/containers/toolbox/pull/1154
2022-11-10 16:45:43 +01:00
Debarshi Ray
1fc1f08405 cmd/run: Style fixes
In particular, the --env options had gotten shuffled by mistake in
commit 2da4cc4634.
2022-11-10 15:08:32 +01:00
Debarshi Ray
67849e03a4 cmd/run: Don't check the stdin and stdout in a loop in the fallback case
The outcome of checking whether the standard input and output of the
current invocation of toolbox are connected to a terminal device is
going to stay constant for the life cycle of the process.  So, checking
it repeatedly in a loop when falling back to a different command or
working directory is wasteful.

Secondly, it prevents secondary logic like this from intermingling with
the code that actually assembles the list of arguments.  This makes it
easier to get a quick gist of the final command and its structure.

Fallout from a22d7821cb
2022-11-10 15:08:32 +01:00
Debarshi Ray
741603c64e test/system: Ensure that $HOME is used as a fallback working directory
This needs a directory that's going to be present on the host operating
system across various configurations of all supported distributions,
such as the hosts running the CI, but not inside the Toolbx containers.

It looks like /etc/kernel is present on both Debian and Fedora, but
absent from the fedora-toolbox images.  On a Debian 10 server, it's
owned by several packages:
  $ dpkg-query --search /etc/kernel
  dkms, systemd, grub2-common, initramfs-tools, apt: /etc/kernel

... while on Fedora 36 Workstation:
  $ rpm --file --query /etc/kernel
  systemd-udev-250.8-1.fc36.x86_64

Currently, there's no way to get assert_line to use the stderr_lines
array [1].  This is worked around by assigning stderr_lines to the
'lines' array.

[1] https://github.com/bats-core/bats-assert/issues/42

https://github.com/containers/toolbox/pull/1153
2022-11-10 12:28:14 +01:00
Debarshi Ray
3326dda259 test/system: Group the test cases somewhat logically
It seems that as new test cases got developed they got appended towards
the end of the file.  Now that there are a non-trivial number of test
cases, it's difficult to look at the file and get a gist of all the
scenarios being tested.

It will be better to have some logical grouping -- starting with the
most basic functionality, then moving on to more advanced features,
and then finally the errors.

This a step towards that.

https://github.com/containers/toolbox/pull/1152
2022-11-08 20:06:11 +01:00
Debarshi Ray
1ce59a6a2d cmd/run: Ensure that 'run' has the same container environment as 'enter'
Currently, commands invoked using 'toolbox run' have a different
environment than the interactive environment offered by 'toolbox enter'.
This is because 'toolbox run' was invoking the commands using something
like this:
  $ bash -c 'exec "$@"' bash [COMMAND]

... whereas, 'toolbox enter' was using something like this:
  $ bash -c 'exec "$@"' bash bash --login

In the first case, the helper Bash shell is a non-interactive non-login
shell.  This means that it doesn't read any of the usual start-up files,
and, hence, it doesn't pick up anything that's specified in them.  It
runs with the default environment variables set up by Podman and the
Toolbx image, plus the environment variables set by Toolbx itself.

In the second case, even though the helper Bash shell is still the same
as the first, it eventually invokes a login shell, which runs the usual
set of start-up files and picks up everything that's specified in them.

Therefore, to ensure parity, 'toolbox run' should always have a login
shell in the call chain inside the Toolbx container.

The easiest option is to always use a helper shell that's a login shell
with 'toolbox run', but not 'toolbox enter' so as to avoid reading the
same start-up files twice, due to two login shells in the call chain.
It will still end up reading the same start-up files twice, if someone
tried to invoke a login shell through 'toolbox run', which is fine.
It's very difficult to be sure that the user is invoking a login shell
through 'toolbox run', and it's not what most users will be doing.

https://github.com/containers/toolbox/issues/1076
2022-10-25 16:56:20 +02:00
Debarshi Ray
fd3bd05b4a cmd/run: Split out the code to construct the arguments to capsh(1)
This will be used by the subsequent commit to conditionally use a login
shell as the helper shell invoked by capsh(1).

https://github.com/containers/toolbox/issues/1076
2022-10-25 16:50:28 +02:00
Debarshi Ray
5284f875d3 cmd/run: Fix the name of the shell for running commands in containers
For the most part, this fixes a minor cosmetic issue for users, but it
does make the code less misleading to read for those hacking on Toolbx.
Further details below.

Commands are invoked inside a Toolbx from a helper shell invoked by
capsh(1).  Unless capsh(1) is built with custom options, the helper
shell is always bash, not /bin/sh:
  $ capsh --caps="" -- -c 'echo "$(readlink /proc/$$/exe)"'
  /usr/bin/bash

( The possibility of capsh(1) using a different shell, other than Bash,
  through a custom build option is ignored for the time being.  If there
  really are downstream distributors who do that, then this can be
  addressed one way or another. )

Secondly, the name assigned to the embedded command string's '$0' should
only be the basename of the helper shell's binary, not the full path, to
match the usual behaviour:
  $ bash -c 'exec foo'
  bash: line 1: exec: foo: not found

With 'toolbox run' it was:
  $ toolbox run foo
  /bin/sh: line 1: exec: foo: not found
  Error: command foo not found in container fedora-toolbox-36

https://github.com/containers/toolbox/pull/1147
2022-10-24 18:04:19 +02:00
Debarshi Ray
8a1d81df28 test/system: Tweak
Using 'true' is likely going to be quicker than launching the entire
shell (ie., /bin/sh).

Note that 'toolbox run' already invokes a wrapper shell via capsh(1)
before invoking the user-specified command.  So, this was the second
instance of a shell.

https://github.com/containers/toolbox/pull/1145
2022-10-23 21:02:11 +02:00
Debarshi Ray
a093dc697b cmd/list, cmd/run: Consolidate the dependencies for the IsTerminal() API
It was decided in commit 950f510872 that golang.org/x/* would be
used for the IsTerminal() API, not github.com/mattn/go-isatty.  However,
github.com/mattn/go-isatty had crept in through commits f49df914f4
and a22d7821cb.

The size savings seem to have been lost, because with Go 1.18.6, the
binary size actually grew from 9410616 bytes to 9410912.  However, it
seems better to stick to packages from the golang.org domain, whenever
possible.

https://github.com/containers/toolbox/pull/1144
2022-10-23 20:13:28 +02:00
Debarshi Ray
c0f9fcf208 doc/toolbox-run: Tweak the wording for consistency
... with the toolbox-create(1) and toolbox-enter(1) manuals.

Fallout from ffd365342e

https://github.com/containers/toolbox/pull/1143
2022-10-21 21:45:50 +02:00
Debarshi Ray
df22010e4f playbooks: Use the same commands as mentioned in the documentation
... at https://containertoolbx.org/install/

There are some minor benefits to always invoking meson(1), as opposed to
directly invoking the underlying build backend, like 'ninja'.

It's one less command to be aware of.  Secondly, in theory, Meson can be
used with backends other than Ninja (see 'meson configure'), even though
Ninja is the most likely option for building Toolbx because it's only
supported on Linux.

https://github.com/containers/toolbox/pull/1142
2022-10-21 20:23:34 +02:00
Debarshi Ray
8b2d25f1e8 build: Replace join_paths with the / operator
Since Meson 0.49.0, the / operator on strings is equivalent to calling
join_paths() [1], and the former is less verbose, and easier to read.

[1] https://mesonbuild.com/Reference-manual_functions.html#join_paths

https://github.com/containers/toolbox/pull/1141
2022-10-21 17:24:03 +02:00
Debarshi Ray
fce8a3c058 build: Skip a needless failure when running systemd-tmpfiles as non-root
If 'systemd-tmpfiles --create' is called as a non-root user, then it
causes:
  --- stdout ---
  Calling systemd-tmpfiles --create ...

  --- stderr ---
  Failed to open directory 'cryptsetup': Permission denied
  Failed to open directory 'certs': Permission denied
  Failed to create directory or subvolume "/var/spool/cups/tmp":
    Permission denied
  ...
  ...
  ...
  Traceback (most recent call last):
    File "toolbox/meson_post_install.py", line 26, in <module>
      subprocess.run(['systemd-tmpfiles', '--create'], check=True)
    File "/usr/lib64/python3.10/subprocess.py", line 524, in run
      raise CalledProcessError(retcode, process.args,
  subprocess.CalledProcessError: Command '['systemd-tmpfiles',
      '--create']' returned non-zero exit status 73.

Since, systemd-tmpfiles(8) can't be used like this as a non-root user,
there's no point in calling it and needlessly failing the build.

Unfortunately, Meson doesn't seem to offer a way to get the process'
effective UID inside its scripts.  Therefore, this leaves a spurious
build-time dependency on systemd when building as a non-root user.

https://github.com/containers/toolbox/pull/1140
2022-10-21 16:45:37 +02:00
Debarshi Ray
5d26b9d71d build: Enable changing the completion paths & drop install_completions
The bash-completion and fish dependencies were already optional - the
shell completions for Bash and fish won't be generated and installed if
they are absent; and there's no dependency required for Z shell.  So the
install_completions build option wasn't reducing the dependency burden.

The build option was a way to disable the generation and installation of
the shell completions, regardless of whether the necessary dependencies
are present or not.  The only use-case for this is when installing to a
non-system-wide prefix while hacking on Toolbox as a non-root user,
because the locations for the completions advertised by the shells' APIs
might not be accessible.  Being able to disable the completions prevents
the installation from failing.

A different way of ensuring a smooth developer experience for a Toolbx
hacker is to offer a way to change the locations where the shell
completions are installed, which is necessary and beneficial for other
use-cases.

Z shell, unlike Bash's bash-completion.pc and fish's fish.pc, doesn't
offer an API to detect the location for the shell completions.  This
means that Debian and Fedora use different locations [1, 2].  Namely,
/usr/share/zsh/vendor-completions and /usr/share/zsh/site-functions.

An option to specify the locations for the shell completions can
optimize the build, if there's an alternate API for the location that
doesn't involve using bash-completion.pc and fish.pc as build
dependencies.  eg., Fedora provides the _tmpfilesdir RPM macro to
specify the location for vendor-supplied tmpfiles.d(5) files, which
makes it possible to avoid having systemd.pc as a build dependency [3].

Fallout from bafbbe81c9

[1] Debian zsh commit bf0a44a8744469b5
    https://salsa.debian.org/debian/zsh/-/commit/bf0a44a8744469b5
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620452

[2] https://src.fedoraproject.org/rpms/zsh/blob/f37/f/zsh.spec

[3] Fedora toolbox commit 9bebde5bb60f36e3
    https://src.fedoraproject.org/rpms/toolbox/c/9bebde5bb60f36e3

https://github.com/containers/toolbox/pull/1123
https://github.com/containers/toolbox/pull/840
2022-10-21 16:42:29 +02:00
Debarshi Ray
bd6e9d66d9 build: Style fixes
https://github.com/containers/toolbox/pull/1123
2022-10-21 16:42:29 +02:00
Nieves Montero
f5388cfc06 Add corrections to avoid duplicate packages
The following lines have been added to the fedora 37 and 38 images:
RUN dnf -y swap glibc-minimal-langpack glibc-all-langpacks
RUN rm /etc/rom/macros.image-language.conf
These two lines avoid redundant packages inside the images.

https://github.com/containers/toolbox/issues/1136
https://github.com/containers/toolbox/issues/1137

Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-10-20 07:15:34 -04:00
Debarshi Ray
a6d7104840 build: Fix indentation
https://github.com/containers/toolbox/pull/1123
https://github.com/containers/toolbox/pull/1138
2022-10-17 16:47:38 +02:00
Debarshi Ray
8a9920a420 build: Remove unused variables
Fallout from bafbbe81c9

https://github.com/containers/toolbox/pull/1123
https://github.com/containers/toolbox/pull/1138
2022-10-17 16:47:35 +02:00
Debarshi Ray
a6fd0db218 build: Rename variables for consistency and ease of grepping
Names like bash_comp_dir and fish_comp_dir get missed when grepping for
'completion'.

Note that the name of the directory is a plural, because it contains
lots of completions for many different programs, just like the name of
the pkgconfig variable.

https://github.com/containers/toolbox/pull/1123
https://github.com/containers/toolbox/pull/1138
2022-10-17 16:47:26 +02:00
Nieves Montero
c1e238f689 Add findutils and sudo to missing docs for image f38
Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-10-13 07:18:06 -04:00
Jonathan Lebon
1f7b9d0d75 images: add findutils and sudo to missing docs for f36+
Noticed today that `man xargs` was returning the POSIX manpage instead
of the one shipped by `findutils`.

Signed-off-by: Jonathan Lebon <jonathan@jlebon.com>
2022-10-13 07:18:06 -04:00
Nieves Montero
d85c71795d Add new packages to Fedora 38
The following packages have also been added to Fedora 38 image:
mesa-dri-drivers
mesa-vulkan-drivers
vulkan-loader
Fixing up fedora 38 image to match the changes made earlier on fedora 37.

Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-09-29 08:09:20 -04:00
Nieves Montero
e6a27d7926 Add package glibc-all-langpacks to f37 and f38
This new packet allows the user to set a locale inside the
toolbox and make locale dependent commands work

https://github.com/containers/toolbox/issues/60

Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-09-29 08:08:59 -04:00
Ondřej Míchal
8f6deadaef test/system: Drop extra pull when caching images
In 54a2ca1 image caching has been done by first pulling using Podman and
then moving the image from the local container store to a directory. The
pull to the local container store can be skipped and instead we can use
Skopeo to directly save the pulled image into a directory.

On my machine this reduced the time of the system test setup "test" by
about 50 seconds. This speed-up largely depends on the available network
connection, though.
2022-09-21 14:49:21 +02:00
Nieves Montero
f10fe7fbb2 Added directory for f38 image
https://github.com/containers/toolbox/issues/1111

Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-09-21 11:41:23 +02:00
Nieves Montero
2f7c8586ef Added new packages to images f36 AND f35
The following packages have also been added to images f36 and f35:
mesa-dri-drivers
mesa-vulkan-drivers
vulkan-loader

https://github.com/containers/toolbox/pull/1124
Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-09-14 07:00:57 -04:00
Nieves Montero
a87fd19980 Added new packages
The following packages have been added to the
image to make OpenGL and Vulkan work:
mesa-dri-drivers
mesa-vulkan-drivers
vulkan-loader

https://github.com/containers/toolbox/issues/1110
Signed-off-by: Nieves Montero <nmontero@redhat.com>
2022-09-14 07:00:57 -04:00
Debarshi Ray
01d3510141 build: Remove a redundant message
If systemd-tmpfiles(8) couldn't be spawned, then the attempted command
is already included in the traceback:
  Traceback (most recent call last):
    File "toolbox/meson_post_install.py", line 26, in <module>
      subprocess.run(['systemd-tmpfiles', '--create'], check=True)
    File "/usr/lib64/python3.10/subprocess.py", line 524, in run
      raise CalledProcessError(retcode, process.args,
  subprocess.CalledProcessError: Command '['systemd-tmpfiles',
      '--create']' returned non-zero exit status 73.

https://github.com/containers/toolbox/pull/1122
2022-09-09 18:36:02 +02:00
Debarshi Ray
a0569fdc3e build: Don't try to handle exceptions when spawning subprocesses
In short, it's a lot of effort to cover all possible exceptions that can
be thrown, and things work reasonably well even without handling them.
Since this is just part of the build, there's no point in complicating
things for aesthetic reasons.

More details below.

First, not every runtime error leads to a subprocess.CalledProcessError.
It's only thrown if the spawned process returns with a non-zero exit
code.  There can be other problems.  eg., if the gofmt file isn't
executable then a PermissionError is thrown that's currently not
handled, and the wrapper Python script returns with a non-zero exit
code:
  Traceback (most recent call last):
    File "toolbox/src/meson_go_fmt.py", line 28, in <module>
      gofmt = subprocess.run(['gofmt', '-d', source_dir],
          capture_output=True, check=True)
    File "/usr/lib64/python3.10/subprocess.py", line 501, in run
      with Popen(*popenargs, **kwargs) as process:
    File "/usr/lib64/python3.10/subprocess.py", line 969, in __init__
      self._execute_child(args, executable, preexec_fn, close_fds,
    File "/usr/lib64/python3.10/subprocess.py", line 1845, in
        _execute_child
      raise child_exception_type(errno_num, err_msg, err_filename)
  PermissionError: [Errno 13] Permission denied: 'gofmt'

Second, when a subprocess.CalledProcessError is thrown, the wrapper
Python script will still return with a non-zero exit code with an
understandable error message, even if the exception isn't handled.  eg.,
if 'meson install' is called without the adequate permissions, then
systemd-tmpfiles(8) will return with a non-zero exit code, which shows
up as:
  --- stdout ---
  Calling systemd-tmpfiles --create ...

  --- stderr ---
  Failed to open directory 'cryptsetup': Permission denied
  Failed to open directory 'certs': Permission denied
  Failed to create directory or subvolume "/var/spool/cups/tmp":
    Permission denied
  ...
  ...
  ...
  Traceback (most recent call last):
    File "toolbox/meson_post_install.py", line 26, in <module>
      subprocess.run(['systemd-tmpfiles', '--create'], check=True)
    File "/usr/lib64/python3.10/subprocess.py", line 524, in run
      raise CalledProcessError(retcode, process.args,
  subprocess.CalledProcessError: Command '['systemd-tmpfiles',
      '--create']' returned non-zero exit status 73.

Similarly, if there problems generating the shell completions:
  --- stderr ---
  Error: unknown command "__completion" for "toolbox"
  Run 'toolbox --help' for usage.
  exit status 1
  Traceback (most recent call last):
    File "toolbox/completion/generate_completions.py", line 35, in
        <module>
    output = subprocess.run(['go', 'run', '.', '__completion',
        completion_type], check=True)
    File "/usr/lib64/python3.10/subprocess.py", line 524, in run
      raise CalledProcessError(retcode, process.args,
  subprocess.CalledProcessError: Command '['go', 'run', '.',
      '__completion', 'bash']' returned non-zero exit status 1.

https://github.com/containers/toolbox/pull/1122
2022-09-09 18:35:55 +02:00
Ondřej Míchal
9d1b5887ae Revert "cmd/completion: Add prefix to command to hide it better"
Cobra provides a default command 'completion' that is always visible.
The reverted change caused an additional command 'completion' to show up
in the list because the then called command '__completion' didn't
override the default one. This became apparent due to d69ce6794b
dynamically generating completion arguments for the 'help' command.

This reverts commit 4469774fb1.

https://github.com/containers/toolbox/pull/1055
https://github.com/containers/toolbox/pull/1121
2022-09-09 17:58:31 +02:00