use podman with UID 1002, GID 1003 instead of 1000 for s390x #986
Conversation
Thank you for creating a pull request!Please check out the information below if you have not made a pull request here before (or if you need a reminder how things work). Code Quality and Contributing GuidelinesIf you have not done so already, please familiarise yourself with our Contributing Guidelines and Code Of Conduct, even if you have contributed before. TestsGithub actions will run a set of jobs against your PR that will lint and unit test your changes. Keep an eye out for the results from these on the latest commit you submitted. For more information, please see our testing documentation. In order to run the advanced pipeline tests (executing a set of mock pipelines), it requires an admin to post |
github-actions
bot
added
jenkins-pipeline
mac
s390x
| @@ -2046,7 +2046,7 @@ class Build { | |||
| if (isPodman == 0) { | |||
| // Note: --userns was introduced in podman 4.3.0 | |||
| // Add uid and gid userns mapping required for podman | |||
| dockerRunArg += " --userns keep-id:uid=1000,gid=1000" | |||
| dockerRunArg += " --userns keep-id:uid=1002,gid=1003" | |||
There was a problem hiding this comment.
Has --userns=keep-id been considered? When running podman with the id:gid of the desired user (i.e. 1002:1003 in this case), explicit uid, gid mappings wouldn't be needed.
There was a problem hiding this comment.
Has --userns=keep-id been considered?
Short answer: No. This was intended as a tactical fix based on what Andrew had done previously to get something live until I had the time to look at other options, of which your suggestion sounds like a good one to look at.
There was a problem hiding this comment.
Thanks - I've added a note to my issue about the s390x devkit about this so it doesn't get forgotten about.
Fixes the issue described in adoptium/temurin-build#3700 (comment) - UID 1000 was used by @andrew-m-leonard for some internal testing and is no longer required. This will fix it so that it matches what is on the Adoptium Marist s390x machines and allow the use of podman for the build process as per other reasons described in that issue.
I may switch this back or come up with a more generic solution in the future.