| commit | be57a039071a451763adc6c3456b7d79ca1999bb | [log] [tgz] | 
|---|---|---|
| author | Serge Bazanski <serge@nexantic.com> | Tue May 11 13:41:52 2021 +0200 | 
| committer | Leopold Schabel <leo@nexantic.com> | Tue May 11 13:42:23 2021 +0200 | 
| tree | 391ebab65e54c88c0b101a137371b283c5fd3812 | |
| parent | 3536e4d4923e76486167c85c2b09a1cf4ca5502d [diff] | 
m/test/launch: fix TPM tempdir permissions, wrap errors
On Linux, the following generally fails:
    $ cd /tmp
    $ mkdir test
    $ cd test/
    $ chmod 644 .
    $ touch foo
    touch: cannot touch 'foo': Permission denied
This changes our launch code to create a temporary TPM directory with
755 instead of 644 permissions, preventing a situation like above
manifesting in our new CI.
This didn't manifest before as we always ran builds through podman, and
there this behaviour doesn't appear to hold, probably because we are uid
0 there:
    $ podman exec -it monogon-dev bash
    bash-5.0# id
    uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:system_r:spc_t:s0
    bash-5.0# cd /tmp/
    bash-5.0# mkdir test
    bash-5.0# cd test/
    bash-5.0# chmod 644 .
    bash-5.0# touch foo
We also drive-by some unwrapped error returns to be a bit more helpful.
Test Plan: Tested on new CI, manually.
X-Origin-Diff: phab/D773
GitOrigin-RevId: 5a55a7878109717f0c17251a659dfc6ee04b94f4
This is the main repository containing the source code for the Monogon Project.
⚠️ This is pre-release software that happens to be publicly available. Nothing to see here, please move along.
Our build environment requires a working Podman binary (your distribution should have one).
Spinning up: scripts/create_container.sh
Spinning down: scripts/destroy_container.sh
Running commands: scripts/run_in_container.sh <...>
Using bazel using a wrapper script: scripts/bin/bazel <...> (add to your local $PATH for convenience)
This repository is compatible with the IntelliJ Bazel plugin, which enables full autocompletion for external dependencies and generated code. All commands run inside the container, and necessary paths are mapped into the container.
The following steps are necessary:
Install Google's Bazel plugin in IntelliJ. On IntelliJ 2020.3 or later, you need to install a beta release of the plugin.
Add the absolute path to your ~/.cache/bazel-nxt folder to your idea64.vmoptions (Help → Edit Custom VM Options) and restart IntelliJ:
-Dbazel.bep.path=/home/leopold/.cache/bazel-nxt
Set "Bazel Binary Location" in Other Settings → Bazel Settings to the absolute path of scripts/bin/bazel. This is a wrapper that will execute Bazel inside the container.
Use File → Import Bazel project... to create a new project from .bazelproject.
After running the first sync, everything should now resolve in the IDE, including generated code.
It's strongly recommend to use our project presets for file watchers and other IDE features. Run this command and re-open the project in order to install them:
bazel run intellij/localconfig $(pwd)
Launch the node:
scripts/bin/bazel run //:launch
Run a kubectl command:
scripts/bin/bazel run //metropolis/cli/dbg -- kubectl describe
Run tests:
scripts/bin/bazel test //...