Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Native driver bugfixes and org improvements #57

Merged
merged 5 commits into from
Feb 23, 2024
Merged

Native driver bugfixes and org improvements #57

merged 5 commits into from
Feb 23, 2024

Conversation

sparshev
Copy link
Collaborator

@sparshev sparshev commented Feb 22, 2024
edited

Fixed multiple issues with Native driver on macos - mostly:

  • Proper passing of metadata as env variables to the workload - sudo & su are quite prohibitive there and to not make the node config harder I used just storing the metadata to env export variable and source it in the shell command. The file is stored in tmp and available via ACL to the newly created user only.
  • Proper log output for the workload right into the node log - it prepends stdout/stderr lines with the resource identifier and looks nice.
  • Using current fish node group as dynamic user group by default - otherwise the user is incomplete.
  • Configuration for the binaries location - by default it tries to find it in PATH, but now it's easy to override.

Also a couple of small improvements:

Related Issue

Fixes: #2

Motivation and Context

m1 mac machines is here and it's good to have dynamic envs on them and VMX is much harder to prepare for m1 properly, so native driver could be a good replacement, as well as it should help with VMX images building as well.

How Has This Been Tested?

Manually

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • I have signed the Adobe Open Source CLA.
  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@sparshev sparshev added bug Something isn't working enhancement New feature or request labels Feb 22, 2024
@sparshev sparshev self-assigned this Feb 22, 2024
@sparshev
Copy link
Collaborator Author

Found that on M1 it doesn't want to allow to delete user via dscl even with proper sudoers rules:

Command exited with error: exit status 40: <main> delete status: eDSPermissionError <dscl_cmd> DS Error: -14120 (eDSPermissionError)

So after installation aquarium-fish binary should be added to TCC database /Library/Application Support/com.apple.TCC/TCC.db to allow kTCCServiceSystemPolicySysAdminFiles or kTCCServiceSystemPolicyAllFiles. Also it could be done through Privacy & Security in MacOS preferences after aquarium-fish started and failed with verification of native driver.

Info: https://www.rainforestqa.com/blog/macos-tcc-db-deep-dive

@sparshev sparshev merged commit b42228e into main Feb 23, 2024
4 checks passed
@sparshev sparshev deleted the native_driver_bugfixes branch February 23, 2024 21:13
@sparshev sparshev restored the native_driver_bugfixes branch February 23, 2024 22:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sparshev sparshev

Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Native driver implementation
1 participant
@sparshev