)]}'
{
  "log": [
    {
      "commit": "2983d7285fe019f943f1b722f26a0f2e959c5f80",
      "tree": "f6b5056682bef41597d02347dff0d523916d196f",
      "parents": [
        "e28e1b3556feb786c71f161b357fcf6899e44c19"
      ],
      "author": {
        "name": "Leopold Schabel",
        "email": "leo@nexantic.com",
        "time": "Wed Oct 23 12:16:42 2019 +0200"
      },
      "committer": {
        "name": "Leopold Schabel",
        "email": "leo@nexantic.com",
        "time": "Wed Oct 23 12:16:42 2019 +0200"
      },
      "message": "Improve Bazel Fedora build container handling and cache repository downloads\n\nAdds lifecycle management scripts for the dev container and a \"bazel\" wrapper script, which sets container-only startup options.\n\nReplaces /dev/null bind mounts by SELinux contexts for container breakup prevention, since newer podman versions managed to somehow break the ordering of mounts and mounting on top of a volume gives ENOENT. This requires a placeholder .arcconfig.\n\nOn Fedora, SELinux prevents the container from accessing /dev/kvm, which requires a custom policy (see rWa716c988d69e).\n\nDesign considerations:\n\n- The build cache is on a tmpfs. This avoids fuse-overlayfs overhead. If the container is recreated, we want to drop the build cache - Bazel does not track ambient dependencies, so we do not know if we need to rebuild anything (like after upgrading a compiler).\n\n- The repository cache contains just workspace dependencies and is mounted as a volume.\n\nThe repository caches does not work terribly well yet, we probably need to mount parts ~/.cache/bazel as well. podman always mounts volumes as noexec, so this is not as straight-forward as it looks.\n\nTest Plan:\nRan the commands from the README as my unprivileged workstation user.\nSmalltown was built and launched successfully.\n\nX-Origin-Diff: phab/D198\nGitOrigin-RevId: aff720d2862cdf5d1df67813d842d221d69a84c0\n"
    }
  ]
}