)]}'
{
  "commit": "7afd390eadf37eac58d4db8ad3751783c40bdf37",
  "tree": "73b7533e0ba991eb8f2d98ed58e4350ca4c8e394",
  "parents": [
    "2983d7285fe019f943f1b722f26a0f2e959c5f80"
  ],
  "author": {
    "name": "Leopold Schabel",
    "email": "leo@nexantic.com",
    "time": "Wed Oct 23 12:16:57 2019 +0200"
  },
  "committer": {
    "name": "Leopold Schabel",
    "email": "leo@nexantic.com",
    "time": "Wed Oct 23 12:16:57 2019 +0200"
  },
  "message": "Use --privileged in Fedora container\n\nThis enables the namespace-based sandbox in Bazel.\n\nUsing `--privileged` isn\u0027t as dangerous as it looks, when used with podman in rootless mode (i.e. ran as unprivileged user), in which case it uses user namespaces.\n\nWe drop `--net\u003dhost`, which is not actually necessary.\n\nTest Plan:\n    scripts/destroy_container.sh\n    scripts/create_container.sh\n    scripts/run_in_container.sh bazelisk build :swtpm_data\n\n This now fails properly when ran with the container:\n\n     swtpm-localca: touch: cannot touch \u0027/var/lib/swtpm-localca/.lock.swtpm-localca\u0027: Read-only file system\n     swtpm-localca: Error: Could not create lock file /var/lib/swtpm-localca/.lock.swtpm-localca.\n\nX-Origin-Diff: phab/D202\nGitOrigin-RevId: f51a831e7584cccf21860e9f18b73272a658f055\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "6d284a1988a355db2c697e06751421c8ee3eae86",
      "old_mode": 33261,
      "old_path": "scripts/create_container.sh",
      "new_id": "8d01706fa6f399acce7fce474d8baae61e7aa91d",
      "new_mode": 33261,
      "new_path": "scripts/create_container.sh"
    }
  ]
}