New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No usable sandbox! Update your kernel
from puppeteer on RTD
#10108
Comments
Hi! Thanks for reporting this issue. Unfortunately, I don't have experience with mermaid but, before jumping too deep into this issue, I'd like to ask you if you are able to build the documentation locally without any strange configuration. In case you are, do you know if you have required to do some extra steps? (like the changes you linked to in StackOverflow, for example) |
After a quick look, it seems safe to use Besides, Read the Docs does not pass private environment variables to the build process on pull requests, so those cannot be exposed either. In case there could be a security issue, I'm not seeing it and I think it will at the same level than allowing anyone to run Python code when building your docs. So, probably not too much to worry about, "I'd say" 😄 |
I didn't have to do anything special, but I tested it on macOS, rather than on an Ubuntu 22.04 container.
I'll check who makes that subprocess call (
Thanks! |
https://github.com/mermaidjs/mermaid.cli#linux-sandbox-issue
That sounds pretty threatening but I guess we can go ahead - you might want to update your kernel though? 😅 |
Interesting. Can you try using "build.apt_packages" to install the latest kernel version available in the Ubuntu repositories? We are using Ubuntu 22.04, which is the latest LTS, but we haven't rebuilt it since it's creation. I guess there are done upgrades since then. Maybe this idea solves your issue, tho 😏 |
It will make our builds a bit longer though :/ going to try the |
I confirm that the workaround worked: docs/conf.py | 2 ++
docs/puppeteer-config.json | 3 +++
2 files changed, 5 insertions(+)
create mode 100644 docs/puppeteer-config.json
diff --git a/docs/conf.py b/docs/conf.py
index 1dc02d139..ce62e0e03 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -571,3 +571,5 @@ def setup(app):
# https://github.com/kedro-org/kedro/issues/1772
mermaid_output_format = "svg"
+# https://github.com/mermaidjs/mermaid.cli#linux-sandbox-issue
+mermaid_params = ["-p", here / "puppeteer-config.json"]
diff --git a/docs/puppeteer-config.json b/docs/puppeteer-config.json
new file mode 100644
index 000000000..3201af7b7
--- /dev/null
+++ b/docs/puppeteer-config.json
@@ -0,0 +1,3 @@
+{
+ "args": ["--no-sandbox"]
+} |
👍🏼 -- if you have the time, I'd like to know this answer, too 😄 . So, it's all contained in this issue and we know if we can suggest to other users. BTW, thanks for sharing the workaround solution with everybody 💯 |
I just realized that, 1 month before I opened this issue, someone had already added the instructions to |
I'll close this issue because I don't think there is anything we can do from the Read the Docs side, right? The original package already added a section that documents how to build it on Read the Docs at https://github.com/mgaitan/sphinxcontrib-mermaid#building-pdfs-on-readthedocsio Feel free to reopen if you consider there is something we should do here. |
Details
I'm trying to render mermaid diagrams on RTD (because mgaitan/sphinxcontrib-mermaid#22) and I get an error from puppetteer:
I'm using the
ubuntu-22.04
image.PR: kedro-org/kedro#2392
I read on https://stackoverflow.com/a/60797615/554319 and iridium-browser/tracker#208 that there are some ways around it but I'm not sure if they pose a security thread, or they're at all possible on RTD.
The text was updated successfully, but these errors were encountered: