diff options
author | 2018-08-02 07:09:41 -0700 | |
---|---|---|
committer | 2018-08-02 07:11:03 -0700 | |
commit | f32aa9a7de90a268a468c60500c8bb178fd3ce9f (patch) | |
tree | 366a1806cab1eb6c2ae08595ef9a7e0722021265 /src/main/java/com/google/devtools/build | |
parent | d4d3d506f4cf6cfaafaeeb717d681ff7784e2384 (diff) |
Docker sandbox: Pass client environment to "docker" when calling it.
Otherwise Docker will not be able to read the configuration of the current user and might fail to download containers from registries that require authentication.
Closes #5721.
PiperOrigin-RevId: 207094268
Diffstat (limited to 'src/main/java/com/google/devtools/build')
-rw-r--r-- | src/main/java/com/google/devtools/build/lib/sandbox/DockerSandboxedSpawnRunner.java | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/DockerSandboxedSpawnRunner.java b/src/main/java/com/google/devtools/build/lib/sandbox/DockerSandboxedSpawnRunner.java index bc609d22d0..36459486b6 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/DockerSandboxedSpawnRunner.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/DockerSandboxedSpawnRunner.java @@ -16,7 +16,6 @@ package com.google.devtools.build.lib.sandbox; import com.google.common.base.Throwables; import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import com.google.common.collect.MoreCollectors; import com.google.common.eventbus.Subscribe; @@ -110,7 +109,7 @@ final class DockerSandboxedSpawnRunner extends AbstractSandboxSpawnRunner { Command cmd = new Command( new String[] {dockerClient.getPathString(), "info"}, - ImmutableMap.of(), + cmdEnv.getClientEnv(), cmdEnv.getExecRoot().getPathFile()); try { cmd.execute(ByteStreams.nullOutputStream(), ByteStreams.nullOutputStream()); @@ -149,6 +148,7 @@ final class DockerSandboxedSpawnRunner extends AbstractSandboxSpawnRunner { private final int uid; private final int gid; private final List<UUID> containersToCleanup; + private final CommandEnvironment cmdEnv; /** * Creates a sandboxed spawn runner that uses the {@code linux-sandbox} tool. @@ -179,6 +179,7 @@ final class DockerSandboxedSpawnRunner extends AbstractSandboxSpawnRunner { this.commandId = cmdEnv.getCommandId().toString(); this.reporter = cmdEnv.getReporter(); this.useCustomizedImages = useCustomizedImages; + this.cmdEnv = cmdEnv; if (OS.getCurrent() == OS.LINUX) { this.uid = ProcessUtils.getuid(); this.gid = ProcessUtils.getgid(); @@ -259,7 +260,7 @@ final class DockerSandboxedSpawnRunner extends AbstractSandboxSpawnRunner { sandboxPath, sandboxExecRoot, cmdLine.build(), - environment, + cmdEnv.getClientEnv(), SandboxHelpers.processInputFiles(spawn, context, execRoot), outputs, ImmutableSet.of()); @@ -347,8 +348,11 @@ final class DockerSandboxedSpawnRunner extends AbstractSandboxSpawnRunner { private String executeCommand(List<String> cmdLine, InputStream stdIn) throws UserExecException { ByteArrayOutputStream stdOut = new ByteArrayOutputStream(); ByteArrayOutputStream stdErr = new ByteArrayOutputStream(); + + // Docker might need the $HOME and $PATH variables in order to be able to use advanced + // authentication mechanisms (e.g. for Google Cloud), thus we pass in the client env. Command cmd = - new Command(cmdLine.toArray(new String[0]), ImmutableMap.of(), execRoot.getPathFile()); + new Command(cmdLine.toArray(new String[0]), cmdEnv.getClientEnv(), execRoot.getPathFile()); try { cmd.executeAsync(stdIn, stdOut, stdErr, Command.KILL_SUBPROCESS_ON_INTERRUPT).get(); } catch (CommandException e) { @@ -412,7 +416,7 @@ final class DockerSandboxedSpawnRunner extends AbstractSandboxSpawnRunner { } Command cmd = - new Command(cmdLine.toArray(new String[0]), ImmutableMap.of(), execRoot.getPathFile()); + new Command(cmdLine.toArray(new String[0]), cmdEnv.getClientEnv(), execRoot.getPathFile()); try { cmd.execute(); |