fix: processes in docker images and pass full environment to

subprocesses Since 1.0.4 release devtools require systemd to be run in order to create slice for unit
2025-04-24 15:27:17 +00:00 · 2023-09-28 15:17:20 +03:00 · 2023-09-28 15:17:20 +03:00 · d5f4fc9b86
commit d5f4fc9b86
parent 462096ee8a
6 changed files with 27 additions and 4 deletions
--- a/.github/workflows/setup.sh
+++ b/.github/workflows/setup.sh
@ -22,6 +22,8 @@ if [[ -z $MINIMAL_INSTALL ]]; then
    # additional features
    pacman --noconfirm -Sy gnupg python-boto3 rsync
 fi
+# FIXME since 1.0.4 devtools requires dbus to be run, which doesn't work now in container
+cp "docker/systemd-nspawn.sh" "/usr/local/bin/systemd-nspawn"

 # create fresh tarball
 make VERSION=1.0.0 archlinux  # well, it does not really matter which version we will put here
--- a/.github/workflows/setup.yml
+++ b/.github/workflows/setup.yml
@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest

    container:
-      image: archlinux:latest
+      image: archlinux:base
      volumes:
        - ${{ github.workspace }}:/build
      options: --privileged -w /build
@ -28,7 +28,7 @@ jobs:
    runs-on: ubuntu-latest

    container:
-      image: archlinux:latest
+      image: archlinux:base
      volumes:
        - ${{ github.workspace }}:/build
      options: --privileged -w /build
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest

    container:
-      image: archlinux:latest
+      image: archlinux:base
      volumes:
        - ${{ github.workspace }}:/build
      options: -w /build
--- a/3
+++ b/3
@ -35,6 +35,9 @@ RUN pacman -Sy --noconfirm --asdeps devtools git pyalpm python-cerberus python-i
    runuser -u build -- install-aur-package python-aioauth-client python-aiohttp-apispec-git python-aiohttp-jinja2  \
                                            python-aiohttp-debugtoolbar python-aiohttp-session python-aiohttp-security

+## FIXME since 1.0.4 devtools requires dbus to be run, which doesn't work now in container
+COPY "docker/systemd-nspawn.sh" "/usr/local/bin/systemd-nspawn"
+
 # install ahriman
 ## copy tree
 COPY --chown=build . "/home/build/ahriman"
--- a/docker/systemd-nspawn.sh
+++ b/docker/systemd-nspawn.sh
@ -0,0 +1,15 @@
+#!/bin/bash
+# Since https://gitlab.archlinux.org/archlinux/devtools/-/commit/5f4fd52e3836ddddb25a0f9e15d0acfed06f693d
+# it is impossible to start devtools inside docker container, because it requires slice registering
+# which is impossible because there is no init in container
+
+is_slice() {
+    [[ $1 =~ ^--slice* ]]
+}
+
+allowed=()
+for arg in "$@"; do
+    is_slice "$arg" && allowed+=("--keep-unit") || allowed+=("$arg")
+done
+
+exec /usr/bin/systemd-nspawn "${allowed[@]}"
--- a/src/ahriman/core/util.py
+++ b/src/ahriman/core/util.py
@ -125,11 +125,14 @@ def check_output(*args: str, exception: Exception | Callable[[int, list[str], st

            yield key.data, line

+    # build system environment based on args and current environment
    environment = environment or {}
    if user is not None:
        environment["HOME"] = getpwuid(user).pw_dir
+    full_environment = os.environ | environment
+
    with subprocess.Popen(args, cwd=cwd, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
-                          user=user, env=environment, text=True, encoding="utf8", bufsize=1) as process:
+                          user=user, env=full_environment, text=True, encoding="utf8", bufsize=1) as process:
        if input_data is not None:
            input_channel = get_io(process, "stdin")
            input_channel.write(input_data)