scripts: clean up build environment launch scripts
- With a privileged container (which makes the Bazel sandbox work), the SELinux
trick doesn't work anyway. Replace it by a `z` modifier which tells podman to
set the right SELinux context on systems that have it.
- Do not fail if IntelliJ is absent.
Test Plan: works on my machineā¢
X-Origin-Diff: phab/D758
GitOrigin-RevId: b9020bdd54fccde222872ca609ee79b1805dd479
diff --git a/scripts/create_container.sh b/scripts/create_container.sh
index f98c296..c6d77a6 100755
--- a/scripts/create_container.sh
+++ b/scripts/create_container.sh
@@ -1,10 +1,6 @@
#!/bin/bash
set -euo pipefail
-# TODO(by 2021/02/01): remove this (backward compatibility for dev envs)
-! podman pod stop nexantic
-! podman pod rm nexantic --force
-
# Our local user needs write access to /dev/kvm (best accomplished by
# adding your user to the kvm group).
if ! touch /dev/kvm; then
@@ -22,14 +18,6 @@
# Rebuild base image
podman build -t monogon-builder build
-# Set up SELinux contexts to prevent the container from writing to
-# files that would allow for easy breakouts via tools ran on the host.
-chcon -Rh system_u:object_r:container_file_t:s0 .
-
-# Ignore errors - these might already be masked, like when synchronizing the source.
-! chcon -Rh unconfined_u:object_r:user_home_t:s0 \
- .arcconfig .idea .git
-
# Keep this in sync with ci.sh:
podman pod create --name monogon
@@ -41,16 +29,22 @@
# The Bazel plugin injects a Bazel repository into the sync command line,
# We need to copy the aspect repository and apply a custom patch.
+
+# TODO(leo): the IntelliJ path changed to ~/.config on new setups, we should look for that as well
+
IJ_HOME=$(echo ${HOME}/.IntelliJIdea* | tr ' ' '\n' | sort | tail -n 1)
ASPECT_ORIG=${IJ_HOME}/config/plugins/ijwb/aspect
-
ASPECT_PATH=${BAZEL_ROOT}/ijwb_aspect
-rm -rf "$ASPECT_PATH"
-cp -r "$ASPECT_ORIG" "$ASPECT_PATH"
-patch -d "$ASPECT_PATH" -p1 < scripts/patches/bazel_intellij_aspect_filter.patch
+
+if [[ -d "$IJ_HOME" ]]; then
+ echo "IntelliJ found, copying aspect file to Bazel root"
+ rm -rf "$ASPECT_PATH"
+ cp -r "$ASPECT_ORIG" "$ASPECT_PATH"
+ patch -d "$ASPECT_PATH" -p1 < scripts/patches/bazel_intellij_aspect_filter.patch
+fi
podman run -it -d \
- -v $(pwd):$(pwd) \
+ -v $(pwd):$(pwd):z \
-w $(pwd) \
--volume=${BAZEL_ROOT}:${BAZEL_ROOT} \
--device /dev/kvm \
diff --git a/scripts/destroy_container.sh b/scripts/destroy_container.sh
index 750c829..4196697 100755
--- a/scripts/destroy_container.sh
+++ b/scripts/destroy_container.sh
@@ -1,8 +1,4 @@
#!/bin/bash
-# TODO(by 2021/02/01): remove this (backward compatibility for dev envs)
-! podman pod stop nexantic
-! podman pod rm nexantic --force
-
podman pod stop monogon
podman pod rm monogon --force