qemu-build.sh: Allow WORKSPACE to be anywhere while building
When getting latest-qemu-aarch64 working, I encountered an error
saying the script which should have been mounted wasn't there [1].
Upon investigating, I realized that this works only if WORKSPACE
is a child of HOME which does get bind mounted. When building on
the meta machines, the main writable mount is not a users home
directory.
This change makes it so that we just bind WORKSPACE
directly and it simplifies things by remapping the docker root
user to the caller's UID/GID so permissions line up.
I was able to manually run this on the meta graviton host and
verified that it made the build artifacts with the correct
username and group.
[1] https://jenkins.openbmc.org/job/latest-qemu-aarch64/1/console
Change-Id: Ief4fb34c3f160767122c0129c447114a9e86692a
Signed-off-by: James Athappilly <jamesatha@gmail.com>
diff --git a/qemu-build.sh b/qemu-build.sh
index 5baa02e..8af4ee2 100755
--- a/qemu-build.sh
+++ b/qemu-build.sh
@@ -12,7 +12,7 @@
# When building locally set WORKSPACE to be the directory above the qemu
# checkout:
# git clone https://github.com/qemu/qemu
-# WORKSPACE=$PWD/qemu ~/openbmc-build-scripts/qemu-build.sh
+# WORKSPACE=$PWD ~/openbmc-build-scripts/qemu-build.sh
#
###############################################################################
#
@@ -117,11 +117,6 @@
python3-venv \
python3-yaml \
iputils-ping
-
-RUN grep -q ${GROUPS[0]} /etc/group || groupadd -g ${GROUPS[0]} ${USER}
-RUN grep -q ${UID} /etc/passwd || useradd -d ${HOME} -m -u ${UID} -g ${GROUPS[0]} ${USER}
-USER ${USER}
-ENV HOME ${HOME}
EOF
)
@@ -131,10 +126,10 @@
fi
docker run \
+ --userns host \
+ --user "$UID:${GROUPS[0]}" \
--rm=true \
-e WORKSPACE="${WORKSPACE}" \
- -w "${HOME}" \
- --user="${USER}" \
- -v "${HOME}":"${HOME}" \
+ -v "${WORKSPACE}":"${WORKSPACE}" \
-t ${img_name} \
"${WORKSPACE}"/build.sh