New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
--sandbox_block_path should ignore missing directories #4963
Comments
cc @philwo |
From my reading of the code, this is only an issue on Linux: we try to bind-mount these paths and their non-existence causes the failure. On macOS, we just use these paths to configure We should make the behavior consistent across platforms, document what this is in the flag description, and add a test. |
Requires a downgrade to bazel-3.6.0. In combination with cockroachdb#56142, this will compile cockroach-short correctly on linux machines. However, there is a drawback -- /usr/lib/include is needed for linux to work. As such, MacOS users who have proj_api.h will need to use --sandbox_block_path (you cannot sandbox_block_path a path that does not exist due to bazelbuild/bazel#4963. I will send an email out shortly afterwards. Release note: None
56143: bazel: pin go1.13.14, fix rules_foreign_cc to latest version r=irfansharif,jlinder a=otan Resolves #56060 Release note: None 56150: bazel: fix build on ubuntu machines r=irfansharif,jlinder a=otan Requires a downgrade to bazel-3.6.0. In combination with #56142, this will compile cockroach-short correctly on linux machines. However, there is a drawback -- /usr/lib/include is needed for linux to work. As such, MacOS users who have proj_api.h will need to use --sandbox_block_path (you cannot sandbox_block_path a path that does not exist due to bazelbuild/bazel#4963. I will send an email out shortly afterwards. Release note: None Co-authored-by: Oliver Tan <otan@cockroachlabs.com>
I'm still running into this issue on bazel 5.1.1. |
Description of the problem / feature request:
When I add the following to my
.bazelrc
, I get failures when/search
does not exist:Feature requests: what underlying problem are you trying to solve with this feature?
I would like to exclude a directory from being readable in the sandbox to prevent likely cases of loss of hermeticity. If this directory does not exist, Bazel should ignore the
--sandbox_block_path
entry.Bugs: what's the simplest, easiest way to reproduce this bug? Please provide a minimal example if possible.
What operating system are you running Bazel on?
CentOS 7
What's the output of
bazel info release
?release 0.10.0
Have you found anything relevant by searching the web?
My own StackOverflow question. :)
The text was updated successfully, but these errors were encountered: