[PATCH 00/11] Update container tooling (podman, buildah)

  • Done
  • quality assurance status badge
Details
3 participants
  • Sharlatan Hellseher
  • Wilke Schwiedop
  • Tomas Volf
Owner
unassigned
Submitted by
Tomas Volf
Severity
normal
T
T
Tomas Volf wrote on 31 Mar 20:32 +0200
(address . guix-patches@gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
cover.1711909824.git.~@wolfsden.cz
This series reworks the build process for podman and buildah, making it more
self-contained and (hopefully) more maintainable going to the future. Some
required packages are also updated or added.

Tomas Volf (10):
gnu: crun: Update to 1.14.4.
gnu: podman: Drop obsolete comment.
gnu: podman: Update to 5.0.0.
gnu: conmon: Update to 2.1.10.
gnu: passt: Update to 2024_03_20.71dd405.
gnu: Add podman-compose.
gnu: gvisor-tap-vsock: Remove references to go.
gnu: podman: Revamp the package.
gnu: buildah: Update to 1.35.3.
gnu: buildah: Switch to gnu-build-system.

Wilke Schwiedop (1):
gnu: Add catatonit.

gnu/local.mk | 1 -
gnu/packages/containers.scm | 313 ++++++++++++------
.../patches/podman-program-lookup.patch | 120 -------
3 files changed, 212 insertions(+), 222 deletions(-)
delete mode 100644 gnu/packages/patches/podman-program-lookup.patch

--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:34 +0200
[PATCH 02/11] gnu: podman: Drop obsolete comment.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
286152c31974061c0783ef711489b25c0273cfa8.1711909824.git.~@wolfsden.cz
cgroup2 is now the default type.

* gnu/packages/containers.scm (podman): Drop the comment.

Change-Id: I197ed7e4901b26ad820295ed7adcaffd7bf533f5
---
gnu/packages/containers.scm | 3 ---
1 file changed, 3 deletions(-)

Toggle diff (16 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index f1b76f8512..b08d0ee762 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -410,9 +410,6 @@ (define-public gvisor-tap-vsock
The binary is called @command{gvproxy}.")
(license license:asl2.0)))
-;; For podman to work, the user needs to run
-;; `sudo mount -t cgroup2 none /sys/fs/cgroup`
-
(define-public podman
(package
(name "podman")
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:34 +0200
[PATCH 01/11] gnu: crun: Update to 1.14.4.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
160eb0e97e1f079ba6a20e2336b1cb5704622536.1711909824.git.~@wolfsden.cz
* gnu/packages/containers.scm (crun): Update to 1.14.4.

Change-Id: I769c15663bf668a967cf32243dd8139b6c949953
---
gnu/packages/containers.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (24 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 31260c5c0a..f1b76f8512 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -58,7 +58,7 @@ (define-module (gnu packages containers)
(define-public crun
(package
(name "crun")
- (version "1.14.1")
+ (version "1.14.4")
(source
(origin
(method url-fetch)
@@ -68,7 +68,7 @@ (define-public crun
"/crun-" version ".tar.gz"))
(sha256
(base32
- "02lplc2asyllb58mvy7l8b9gsk7fxs95g928xk28yzmf592ay33x"))))
+ "1d7fjhajf3bg576fzz96yi1djdqqs12bbhzv8br02h5czlxh29sm"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--disable-systemd")
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 03/11] gnu: podman: Update to 5.0.0.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
f8e019e7683be52a998fbccaf789057eac7a48c8.1711909824.git.~@wolfsden.cz
* gnu/packages/containers.scm (podman): Update to 5.0.0.

Change-Id: Id12c017e68f30db4ea99547beca54dbd01e3b029
---
gnu/packages/containers.scm | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)

Toggle diff (43 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index b08d0ee762..f62e4017dc 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -49,6 +49,7 @@ (define-module (gnu packages containers)
#:use-module (gnu packages python)
#:use-module (gnu packages networking)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages rust-apps)
#:use-module (gnu packages selinux)
#:use-module (gnu packages version-control)
#:use-module (gnu packages virtualization)
@@ -413,7 +414,7 @@ (define-public gvisor-tap-vsock
(define-public podman
(package
(name "podman")
- (version "4.9.3")
+ (version "5.0.0")
(source
(origin
(method git-fetch)
@@ -428,7 +429,7 @@ (define-public podman
(search-patches
"podman-program-lookup.patch"))
(sha256
- (base32 "17g7n09ndxhpjr39s9qwxdcv08wavjj0g5nmnrvrkz2wgdqigl1x"))
+ (base32 "0g15m10mgwssw5axkyn2ms5k858dbc6vf3cbxv7hvdncgwnfk5f0"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
@@ -459,7 +460,9 @@ (define-public podman
(("@SLIRP4NETNS_DIR@")
(string-append #$slirp4netns "/bin"))
(("@PASST_DIR@")
- (string-append #$passt "/bin")))
+ (string-append #$passt "/bin"))
+ (("@NETAVARK_DIR@")
+ (string-append #$netavark "/bin")))
(substitute* "hack/install_catatonit.sh"
(("CATATONIT_PATH=\"[^\"]+\"")
(string-append "CATATONIT_PATH=" (which "true"))))
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 04/11] gnu: conmon: Update to 2.1.10.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
e081dcb92cd0805acf0c2a0d9a4e84a50abd0603.1711909824.git.~@wolfsden.cz
* gnu/packages/containers.scm (conmon): Update to 2.1.10.

Change-Id: I2a46b2dcd344909da34199145fef4ad3fa4418de
---
gnu/packages/containers.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (24 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index f62e4017dc..9e3ba8918e 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -105,7 +105,7 @@ (define-public crun
(define-public conmon
(package
(name "conmon")
- (version "2.0.31")
+ (version "2.1.10")
(source
(origin
(method git-fetch)
@@ -113,7 +113,7 @@ (define-public conmon
(url "https://github.com/containers/conmon")
(commit (string-append "v" version))))
(sha256
- (base32 "1cxklcihb2i4ywli0fxafkp2gi1x831r37z7spnigaj6pzj1517w"))
+ (base32 "0q4kn54pfgq1c2h00hkidagxrynkgq9nmm1ikgd9084njg3z4iar"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(arguments
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 05/11] gnu: passt: Update to 2024_03_20.71dd405.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
c32ed8727262cbdbd3cfb9efe8857857c5669862.1711909824.git.~@wolfsden.cz
* gnu/packages/containers.scm (passt): Update to 2024_03_20.71dd405.

Change-Id: I089b7e9364058e59139bdb7cb942fad693254c1f
---
gnu/packages/containers.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (23 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 9e3ba8918e..29577c5201 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -282,14 +282,14 @@ (define-public slirp4netns
(define-public passt
(package
(name "passt")
- (version "2023_12_30.f091893")
+ (version "2024_03_20.71dd405")
(source
(origin
(method url-fetch)
(uri (string-append "https://passt.top/passt/snapshot/passt-" version
".tar.gz"))
(sha256
- (base32 "1nyd4h93qlxn1r01ffijpsd7r7ny62phki5j58in8gz021jj4f3d"))))
+ (base32 "1xyi1rqc3q2nbkd5mc4mp2m488ih5jy8v3xg0dgznh0149alx3y0"))))
(build-system gnu-build-system)
(arguments
(list
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 06/11] gnu: Add catatonit.
(address . 70112@debbugs.gnu.org)(name . Wilke Schwiedop)(address . wilke.schwiedop@agfa.com)
09c7cafab463c35a8b3a47358dfab5b22c4bcf51.1711909824.git.~@wolfsden.cz
From: Wilke Schwiedop <wilke.schwiedop@agfa.com>

* gnu/packages/containers.scm (catatonit): New variable.

Change-Id: Ib6948bde8204426a8cb008982cb7cc9302f9e6d6
---
gnu/packages/containers.scm | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)

Toggle diff (33 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 29577c5201..36948cf5e2 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -411,6 +411,26 @@ (define-public gvisor-tap-vsock
The binary is called @command{gvproxy}.")
(license license:asl2.0)))
+(define-public catatonit
+ (package
+ (name "catatonit")
+ (version "0.2.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/openSUSE/catatonit/releases/download/v"
+ version "/catatonit.tar.xz"))
+ (sha256
+ (base32 "141b5lypgqib546zmldi4kqzpqfd6vvqddqqkfaz3w11fjsc4hwq"))))
+ (build-system gnu-build-system)
+ (native-inputs (list autoconf automake libtool))
+ (synopsis "Container init")
+ (description
+ "A container init that is so simple it's effectively brain-dead.")
+ (home-page "https://github.com/openSUSE/catatonit")
+ (license license:gpl2+)))
+
(define-public podman
(package
(name "podman")
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 07/11] gnu: Add podman-compose.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
e5159ec4fa61544e6d0a6ed55f259e0b59a70211.1711909824.git.~@wolfsden.cz
* gnu/packages/containers.scm (podman-compose): New variable.

Change-Id: Ieb5ee4b6e82464599a17ec950be8a7dbb2efa842
---
gnu/packages/containers.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

Toggle diff (57 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 36948cf5e2..faea15b8c4 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -34,6 +34,7 @@ (define-module (gnu packages containers)
#:use-module (guix build-system gnu)
#:use-module (guix build-system go)
#:use-module (guix build-system meson)
+ #:use-module (guix build-system python)
#:use-module (guix utils)
#:use-module (gnu packages admin)
#:use-module (gnu packages autotools)
@@ -49,6 +50,7 @@ (define-module (gnu packages containers)
#:use-module (gnu packages python)
#:use-module (gnu packages networking)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages python-xyz)
#:use-module (gnu packages rust-apps)
#:use-module (gnu packages selinux)
#:use-module (gnu packages version-control)
@@ -532,6 +534,34 @@ (define-public podman
packaged.")
(license license:asl2.0)))
+(define-public podman-compose
+ (package
+ (name "podman-compose")
+ (version "1.0.6")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/podman-compose")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "11dwpifkm20vyi6r3fgmiiqc01mpm4r8l0p5gfh0bawi2gklrhsf"))))
+ (build-system python-build-system)
+ (arguments
+ (list
+ #:tests? #f))
+ (inputs (list python-dotenv
+ python-pyyaml))
+ (home-page "https://github.com/containers/podman-compose")
+ (synopsis "Implementation of @url{https://compose-spec.io/,,Compose Spec}
+with @code{podman} backend")
+ (description "Provides an implementation of
+@url{https://compose-spec.io/,,Compose Spec} for @code{podman} focused on
+being rootless and not requiring any daemon to be running.")
+ (license license:gpl2)))
+
(define-public buildah
(package
(name "buildah")
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 08/11] gnu: gvisor-tap-vsock: Remove references to go.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
c30d670a2dcee20724f01d4685b3fda6d2fd1230.1711909824.git.~@wolfsden.cz
This is handled automatically by go-build-system, but (obviously) not by the
gnu-build-system, so add the phase manually.

* gnu/packages/containers.scm (gvisor-tap-vsock)[arguments]<#:phases>: Add
'remove-go-references phase.

Change-Id: I5cef0bc03dfa7f219bdfec4226d0e7772401a5a5
---
gnu/packages/containers.scm | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)

Toggle diff (35 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index faea15b8c4..992ef82d3f 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -26,6 +26,7 @@
(define-module (gnu packages containers)
#:use-module (guix gexp)
#:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix modules)
#:use-module (gnu packages)
#:use-module (guix packages)
#:use-module (guix download)
@@ -387,6 +388,9 @@ (define-public gvisor-tap-vsock
(list
#:make-flags `(list ,(string-append "GIT_VERSION=v" version))
#:test-target "test"
+ #:imported-modules
+ (source-module-closure `(,@%gnu-build-system-modules
+ (guix build go-build-system)))
#:phases
#~(modify-phases %standard-phases
(delete 'configure)
@@ -400,7 +404,9 @@ (define-public gvisor-tap-vsock
(invoke "rm" "-r" "test")))
(replace 'install
(lambda _
- (install-file "bin/gvproxy" (string-append #$output "/bin")))))))
+ (install-file "bin/gvproxy" (string-append #$output "/bin"))))
+ (add-after 'install 'remove-go-references
+ (@@ (guix build go-build-system) remove-go-references)))))
(native-inputs (list go-1.20))
(home-page "https://github.com/containers/gvisor-tap-vsock")
(synopsis "Network stack for virtualization based on gVisor")
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 10/11] gnu: buildah: Update to 1.35.3.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
f33ba1cd788261b64b6de84ad66af80b827ac7bf.1711909824.git.~@wolfsden.cz
* gnu/packages/containers.scm (buildah): Update to 1.35.3.

Change-Id: I0a00d6a73079ddaa38a454856781adfc2d7f158f
---
gnu/packages/containers.scm | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)

Toggle diff (34 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index abd403af34..48b276e250 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -600,16 +600,17 @@ (define-public podman-compose
(define-public buildah
(package
(name "buildah")
- (version "1.29.1")
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/containers/buildah")
- (commit (string-append "v" version))))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "1mcqkz68fjccdla1bgxw57w268a586brm6x28fcm6x425ah0w07h"))))
+ (version "1.35.3")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/buildah")
+ (commit (string-append "v" version))))
+ (sha256
+ (base32
+ "07hr2cfp4kblnmva02ap97id5nzhbqigdfvx7c8nyrkfzw0340n0"))
+ (file-name (git-file-name name version))))
(build-system go-build-system)
(arguments
(list #:import-path "github.com/containers/buildah/cmd/buildah"
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 09/11] gnu: podman: Revamp the package.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
b61c04a17521934cce1a49f7420443785e7158b6.1711909824.git.~@wolfsden.cz
Substantial rework of the podman package. The source is no longer patched (at
all) and all necessary modifications were moved into wrap-program and phases.

Not everything is supported out of the box, but description mentions what
packages to install to get additional functionality working.

* gnu/packages/containers.scm (podman)[source]: Remove snippet and patches.
[arguments]<#:make-flags>: Add HELPER_BINARIES_DIR. Add GOMD2MAN to actually
use go-github-com-go-md2man package instead of the bundled version.
<#:imported-modules>: Add (guix build go-build-system).
<#:phases>{'set-env}: Set `CC' as an environment variable due to bug in make
before 4.4.
{'fix-hardcoded-paths}: Remove everything except patching `libexec' and `lib'
locations.
{'symlink-helpers}: New phase symlinking tools not discoverable via $PATH into
one directory (`HELPER_BINARIES_DIR').
{'wrap-podman}: New phase wrapping `podman' to set correct $PATH.
{'remove-go-references}: New phase stripping references to the golang
toolchain from the binaries.
[inputs]: Remove no longer needed cni-plugins, slirp4netns. Remove referenced
in 'wrap-podman conmon, crun, iptables, passt. Move go-github-com-go-md2man
into native-inputs. Add bash-minimal.
[native-inputs]: Add custom grep with supported -P. Use newer go. Add
mandoc.
[description]: Explain how to get `podman compose' and `podman machine'
working.
* gnu/packages/patches/podman-program-lookup.patch: Delete file.

Change-Id: Ifc28971a68751831d781517b041eec951a617087
---
gnu/local.mk | 1 -
gnu/packages/containers.scm | 119 ++++++++++-------
.../patches/podman-program-lookup.patch | 120 ------------------
3 files changed, 74 insertions(+), 166 deletions(-)
delete mode 100644 gnu/packages/patches/podman-program-lookup.patch

Toggle diff (323 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index f2b480bded..7056d4fdbc 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1804,7 +1804,6 @@ dist_patch_DATA = \
%D%/packages/patches/plasp-fix-normalization.patch \
%D%/packages/patches/plasp-include-iostream.patch \
%D%/packages/patches/pocketfft-cpp-prefer-preprocessor-if.patch \
- %D%/packages/patches/podman-program-lookup.patch \
%D%/packages/patches/pokerth-boost.patch \
%D%/packages/patches/ppsspp-disable-upgrade-and-gold.patch \
%D%/packages/patches/procps-strtod-test.patch \
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 992ef82d3f..abd403af34 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -44,10 +44,13 @@ (define-module (gnu packages containers)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages glib)
+ #:use-module (gnu packages gcc)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages golang)
#:use-module (gnu packages guile)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages man)
+ #:use-module (gnu packages pcre)
#:use-module (gnu packages python)
#:use-module (gnu packages networking)
#:use-module (gnu packages pkg-config)
@@ -449,84 +452,104 @@ (define-public podman
(uri (git-reference
(url "https://github.com/containers/podman")
(commit (string-append "v" version))))
- (modules '((guix build utils)))
- ;; FIXME: Btrfs libraries not detected by these scripts.
- (snippet '(substitute* "Makefile"
- ((".*hack/btrfs.*") "")))
- (patches
- (search-patches
- "podman-program-lookup.patch"))
(sha256
(base32 "0g15m10mgwssw5axkyn2ms5k858dbc6vf3cbxv7hvdncgwnfk5f0"))
(file-name (git-file-name name version))))
-
(build-system gnu-build-system)
(arguments
(list
#:make-flags
- #~(list #$(string-append "CC=" (cc-for-target))
- (string-append "PREFIX=" #$output))
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "PREFIX=" #$output)
+ (string-append "HELPER_BINARIES_DIR=" #$output "/_guix")
+ (string-append "GOMD2MAN="
+ #$go-github-com-go-md2man "/bin/go-md2man"))
#:tests? #f ; /sys/fs/cgroup not set up in guix sandbox
#:test-target "test"
+ #:imported-modules
+ (source-module-closure `(,@%gnu-build-system-modules
+ (guix build go-build-system)))
#:phases
#~(modify-phases %standard-phases
(delete 'configure)
(add-after 'unpack 'set-env
- (lambda* (#:key inputs #:allow-other-keys)
- ;; when running go, things fail because
- ;; HOME=/homeless-shelter.
- (setenv "HOME" "/tmp")))
+ (lambda _
+ ;; When running go, things fail because HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")
+ ;; Required for detecting btrfs in hack/btrfs* due to bug in GNU
+ ;; Make <4.4 causing CC not to be propagated into $(shell ...)
+ ;; calls. Can be removed once we update to >4.3.
+ (setenv "CC" #$(cc-for-target))))
(replace 'check
(lambda* (#:key tests? #:allow-other-keys)
(when tests?
- ;; (invoke "strace" "-f" "bin/podman" "version")
(invoke "make" "localsystem")
(invoke "make" "remotesystem"))))
(add-after 'unpack 'fix-hardcoded-paths
(lambda _
- (substitute* "vendor/github.com/containers/common/pkg/config/config.go"
- (("@SLIRP4NETNS_DIR@")
- (string-append #$slirp4netns "/bin"))
- (("@PASST_DIR@")
- (string-append #$passt "/bin"))
- (("@NETAVARK_DIR@")
- (string-append #$netavark "/bin")))
- (substitute* "hack/install_catatonit.sh"
- (("CATATONIT_PATH=\"[^\"]+\"")
- (string-append "CATATONIT_PATH=" (which "true"))))
(substitute* "vendor/github.com/containers/common/pkg/config/config_linux.go"
(("/usr/local/libexec/podman")
(string-append #$output "/libexec/podman"))
(("/usr/local/lib/podman")
- (string-append #$output "/bin")))
- (substitute* "vendor/github.com/containers/common/pkg/config/default.go"
- (("/usr/libexec/podman/conmon") (which "conmon"))
- (("/usr/local/libexec/cni")
- (string-append #$(this-package-input "cni-plugins")
- "/bin"))
- (("/usr/bin/crun") (which "crun")))))
+ (string-append #$output "/bin")))))
+ (add-after 'install 'symlink-helpers
+ (lambda _
+ (mkdir-p (string-append #$output "/_guix"))
+ (for-each
+ (lambda (what)
+ (symlink (string-append (car what) "/bin/" (cdr what))
+ (string-append #$output "/_guix/" (cdr what))))
+ ;; Only tools that cannot be discovered via $PATH are
+ ;; symlinked. Rest is handled in the 'wrap-podman phase.
+ `((#$aardvark-dns . "aardvark-dns")
+ ;; Required for podman-machine, which is *not* supported out
+ ;; of the box. But it cannot be discovered via $PATH, so
+ ;; there is no other way for the user to install it. It
+ ;; costs ~10MB, so let's leave it here.
+ (#$gvisor-tap-vsock . "gvproxy")
+ (#$netavark . "netavark")))))
+ (add-after 'install 'wrap-podman
+ (lambda _
+ (wrap-program (string-append #$output "/bin/podman")
+ `("PATH" suffix
+ (,(string-append #$catatonit "/bin")
+ ,(string-append #$conmon "/bin")
+ ,(string-append #$crun "/bin")
+ ,(string-append #$gcc "/bin") ; cpp
+ ,(string-append #$iptables "/sbin")
+ ,(string-append #$passt "/bin")
+ ,(string-append #$procps "/bin") ; ps
+ "/run/setuid-programs")))))
+ (add-after 'install 'remove-go-references
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((go (assoc-ref inputs "go")))
+ (for-each
+ (lambda (file)
+ (when (executable-file? file)
+ ((@@ (guix build go-build-system) remove-store-reference)
+ file go)))
+ (append (find-files (string-append #$output "/bin"))
+ (find-files (string-append #$output "/libexec"))
+ (find-files (string-append #$output "/lib")))))))
(add-after 'install 'install-completions
(lambda _
(invoke "make" "install.completions"
(string-append "PREFIX=" #$output)))))))
(inputs
- (list btrfs-progs
- cni-plugins
- conmon
- crun
+ (list bash-minimal
+ btrfs-progs
gpgme
- go-github-com-go-md2man
- iptables
libassuan
libseccomp
- libselinux
- passt
- slirp4netns))
+ libselinux))
(native-inputs
- (list bats
+ (list (package/inherit grep
+ (inputs (list pcre2))) ; Drop once grep on master supports -P
+ bats
git
go-1.21
- ; strace ; XXX debug
+ go-github-com-go-md2man
+ mandoc
pkg-config
python))
(home-page "https://podman.io")
@@ -536,8 +559,14 @@ (define-public podman
volumes mounted into those containers, and pods made from groups of
containers.
-The @code{machine} subcommand is not supported due to gvproxy not being
-packaged.")
+Not all commands are working out of the box due to requiring additional
+binaries to be present in the $PATH.
+
+To get @code{podman compose} working, install either @code{podman-compose} or
+@code{docker-compose} packages.
+
+To get @code{podman machine} working, install @code{qemu-minimal}, and
+@code{openssh} packages.")
(license license:asl2.0)))
(define-public podman-compose
diff --git a/gnu/packages/patches/podman-program-lookup.patch b/gnu/packages/patches/podman-program-lookup.patch
deleted file mode 100644
index 27a9421285..0000000000
--- a/gnu/packages/patches/podman-program-lookup.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From 914aed3e04f71453fbdc30f4287e13ca3ce63a36 Mon Sep 17 00:00:00 2001
-From: Tomas Volf <~@wolfsden.cz>
-Date: Wed, 14 Feb 2024 20:02:03 +0100
-Subject: [PATCH] Modify search for binaries to fit Guix model
-
-Podman basically looked into the $PATH and into its libexec. That does not fit
-Guix's model very well, to an additional option to specify additional
-directories during compilation was added.
-
-* pkg/rootless/rootless_linux.go
-(tryMappingTool): Also check /run/setuid-programs.
-* vendor/github.com/containers/common/pkg/config/config.go
-(extraGuixDir): New function.
-(FindHelperBinary): Use it.
-* vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-(guixLookupSetuidPath): New function.
-(Start): Use it.
----
- pkg/rootless/rootless_linux.go | 3 +++
- .../containers/common/pkg/config/config.go | 23 +++++++++++++++++++
- .../storage/pkg/unshare/unshare_linux.go | 14 +++++++++--
- 3 files changed, 38 insertions(+), 2 deletions(-)
-
-diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go
-index d303c8b..0191d90 100644
---- a/pkg/rootless/rootless_linux.go
-+++ b/pkg/rootless/rootless_linux.go
-@@ -102,6 +102,9 @@ func tryMappingTool(uid bool, pid int, hostID int, mappings []idtools.IDMap) err
- idtype = "setgid"
- }
- path, err := exec.LookPath(tool)
-+ if err != nil {
-+ path, err = exec.LookPath("/run/setuid-programs/" + tool)
-+ }
- if err != nil {
- return fmt.Errorf("command required for rootless mode with multiple IDs: %w", err)
- }
-diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
-index 75b917f..ed2f131 100644
---- a/vendor/github.com/containers/common/pkg/config/config.go
-+++ b/vendor/github.com/containers/common/pkg/config/config.go
-@@ -1102,6 +1102,24 @@ func findBindir() string {
- return bindirCached
- }
-
-+func extraGuixDir(bin_name string) string {
-+ if (bin_name == "slirp4netns") {
-+ return "@SLIRP4NETNS_DIR@";
-+ } else if (bin_name == "pasta") {
-+ return "@PASST_DIR@";
-+ } else if (strings.HasPrefix(bin_name, "qemu-")) {
-+ return "@QEMU_DIR@";
-+ } else if (bin_name == "gvproxy") {
-+ return "@GVPROXY_DIR@";
-+ } else if (bin_name == "netavark") {
-+ return "@NETAVARK_DIR@";
-+ } else if (bin_name == "aardvark-dns") {
-+ return "@AARDVARK_DNS_DIR@";
-+ } else {
-+ return "";
-+ }
-+}
-+
- // FindHelperBinary will search the given binary name in the configured directories.
- // If searchPATH is set to true it will also search in $PATH.
- func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) {
-@@ -1109,6 +1127,11 @@ func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error)
- bindirPath := ""
- bindirSearched := false
-
-+ if dir := extraGuixDir(name); dir != "" {
-+ /* If there is a Guix dir, skip the PATH search. */
-+ dirList = append([]string{dir}, dirList...)
-+ }
-+
- // If set, search this directory first. This is used in testing.
- if dir, found := os.LookupEnv("CONTAINERS_HELPER_BINARY_DIR"); found {
- dirList = append([]string{dir}, dirList...)
-diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-index a8dc1ba..0b0d755 100644
---- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-+++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-@@ -26,6 +26,16 @@ import (
- "github.com/syndtr/gocapability/capability"
- )
-
-+func guixLookupSetuidPath(prog string) (string, error) {
-+ path, err := exec.LookPath(prog)
-+ if err != nil {
-+ path, err = exec.LookPath("/run/setuid-programs/" + prog)
-+ }
-+ return path, err
-+}
-+
-+
-+
- // Cmd wraps an exec.Cmd created by the reexec package in unshare(), and
- // handles setting ID maps and other related settings by triggering
- // initialization code in the child.
-@@ -237,7 +247,7 @@ func (c *Cmd) Start() error {
- gidmapSet := false
- // Set the GID map.
- if c.UseNewgidmap {
-- path, err := exec.LookPath("newgidmap")
-+ path, err := guixLookupSetuidPath("newgidmap")
- if err != nil {
- return fmt.Errorf("finding newgidmap: %w", err)
- }
-@@ -297,7 +307,7 @@ func (c *Cmd) Start() error {
- uidmapSet := false
- // Set the UID map.
- if c.UseNewuidmap {
-- path, err := exec.LookPath("newuidmap")
-+ path, err := guixLookupSetuidPath("newuidmap")
- if err != nil {
- return fmt.Errorf("finding newuidmap: %w", err)
- }
---
-2.41.0
-
--
2.41.0
T
T
Tomas Volf wrote on 31 Mar 20:35 +0200
[PATCH 11/11] gnu: buildah: Switch to gnu-build-system.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
31a1cbe8a908ae2892ea88606ee877be0915aeae.1711909824.git.~@wolfsden.cz
Buildah is fundamentally similar to podman and provides its own Makefile.
This commit switches from go-build-system to gnu-build-system so that the
build can be done using `make' instead of reinvention some parts (like
documentation) in the guile. The package pretty much follows how podman
package looks like.

* gnu/packages/containers.scm (buildah)[source]: Reformat.
[build-system]: Use gnu-build-system.
[arguments]<#:import-path, #:unpack-path, #:go, #:install-source?>: Delete.
<#:make-flags>: Set make flags.
<#:test-target>: Set, even though the tests are disabled.
<#:imported-modules>: Also import (guix build go-build-system) for the
remove-go-references phase.
<#:phases>{'prepare-install-docs, 'build-docs, 'install-docs}: Delete.
{'configure}: Delete.
{'set-env, 'check, 'symlink-helpers, 'wrap-buildah, 'remove-go-references}
{'install-completions}: New phases.
[inputs]: Remove no longer used cni-plugins, conmon, runc. Add bash-minimal.
[native-inputs]: Remove gnu-make, add go-1.21 and bats.

Change-Id: I0ddd5febb0116a71a857e2a98a9951dbe8bd40d9
---
gnu/packages/containers.scm | 99 +++++++++++++++++++++++--------------
1 file changed, 62 insertions(+), 37 deletions(-)

Toggle diff (119 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 48b276e250..2e68d08c94 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -611,50 +611,75 @@ (define-public buildah
(base32
"07hr2cfp4kblnmva02ap97id5nzhbqigdfvx7c8nyrkfzw0340n0"))
(file-name (git-file-name name version))))
- (build-system go-build-system)
+ (build-system gnu-build-system)
(arguments
- (list #:import-path "github.com/containers/buildah/cmd/buildah"
- #:unpack-path "github.com/containers/buildah"
-
- ;; Some dependencies require go-1.18 to build.
- #:go go-1.18
-
- #:tests? #f
- #:install-source? #f
- #:phases
- #~(modify-phases %standard-phases
- (add-after 'unpack 'prepare-install-docs
- (lambda* (#:key unpack-path #:allow-other-keys)
- (substitute* (string-append "src/"
- unpack-path
- "/docs/Makefile")
- (("../tests/tools/build/go-md2man")
- (which "go-md2man")))
- (substitute* (string-append "src/"
- unpack-path
- "/docs/Makefile")
- (("/usr/local") (string-append #$output)))))
- (add-after 'build 'build-docs
- (lambda* (#:key unpack-path #:allow-other-keys)
- (let ((doc (string-append "src/" unpack-path "/docs")))
- (invoke "make" "-C" doc))))
- (add-after 'install 'install-docs
- (lambda* (#:key unpack-path #:allow-other-keys)
- (let ((doc (string-append "src/" unpack-path "/docs")))
- (invoke "make" "-C" doc "install")))))))
- (inputs (list btrfs-progs
- cni-plugins
- conmon
+ (list
+ #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "PREFIX=" #$output)
+ (string-append "GOMD2MAN="
+ #$go-github-com-go-md2man "/bin/go-md2man"))
+ #:tests? #f ; /sys/fs/cgroup not set up in guix sandbox
+ #:test-target "test-unit"
+ #:imported-modules
+ (source-module-closure `(,@%gnu-build-system-modules
+ (guix build go-build-system)))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'unpack 'set-env
+ (lambda _
+ ;; When running go, things fail because HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")
+ ;; Required for detecting btrfs in hack/btrfs* due to bug in GNU
+ ;; Make <4.4 causing CC not to be propagated into $(shell ...)
+ ;; calls. Can be removed once we update to >4.3.
+ (setenv "CC" #$(cc-for-target))))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make" "test-unit")
+ (invoke "make" "test-conformance")
+ (invoke "make" "test-integration"))))
+ (add-after 'install 'symlink-helpers
+ (lambda _
+ (mkdir-p (string-append #$output "/_guix"))
+ (for-each
+ (lambda (what)
+ (symlink (string-append (car what) "/bin/" (cdr what))
+ (string-append #$output "/_guix/" (cdr what))))
+ ;; Only tools that cannot be discovered via $PATH are
+ ;; symlinked. Rest is handled in the 'wrap-buildah phase.
+ `((#$aardvark-dns . "aardvark-dns")
+ (#$netavark . "netavark")))))
+ (add-after 'install 'wrap-buildah
+ (lambda _
+ (wrap-program (string-append #$output "/bin/buildah")
+ `("CONTAINERS_HELPER_BINARY_DIR" =
+ (,(string-append #$output "/_guix")))
+ `("PATH" suffix
+ (,(string-append #$crun "/bin")
+ ,(string-append #$gcc "/bin") ; cpp
+ ,(string-append #$passt "/bin")
+ "/run/setuid-programs")))))
+ (add-after 'install 'remove-go-references
+ (@@ (guix build go-build-system) remove-go-references))
+ (add-after 'install 'install-completions
+ (lambda _
+ (invoke "make" "install.completions"
+ (string-append "PREFIX=" #$output)))))))
+ (inputs (list bash-minimal
+ btrfs-progs
eudev
glib
gpgme
libassuan
libseccomp
- lvm2
- runc))
+ lvm2))
(native-inputs
- (list go-github-com-go-md2man
- gnu-make
+ (list bats
+ go-1.21
+ go-github-com-go-md2man
pkg-config))
(synopsis "Build @acronym{OCI, Open Container Initiative} images")
(description
--
2.41.0
W
W
Wilke Schwiedop wrote on 4 Apr 10:51 +0200
RE: #66887: guix-podman missing catatonit binary
(name . Tomas Volf)(address . ~@wolfsden.cz)
DB9P190MB19859BC818AA3E273268985E9E3C2@DB9P190MB1985.EURP190.PROD.OUTLOOK.COM
Hello Tomas,
absolutely no issues to report. Works like a charm. ?
Wilke
-----Original Message-----
From: Tomas Volf <~@wolfsden.cz>
Sent: Montag, 1. April 2024 17:31
To: Wilke Schwiedop <wilke.schwiedop@agfa.com>
Subject: Re: #66887: guix-podman missing catatonit binary
On 2024-04-01 15:20:28 +0000, Wilke Schwiedop wrote:
Toggle quote (5 lines)
> Hi Tomas,
>
> I just read the patch series. That solution to podman's binary-lookup
> looks very clean. ?
> I've run podman-5 with a slightly more advanced deployment (a paperless-ngx instance: ppl-ngx, redis, pause-container) which worked without any problems.
Happy to hear that.
Toggle quote (2 lines)
> Tue or Wed I'll test the setup we're running at work, which includes all steps from building to pushing to running a deployment of 8 (or 9?) different containers.
> I'll report back to you.
Looking forward to it.
Toggle quote (3 lines)
>
> A question though: podman uses iptables, which requires the kernel module ip_tables to be loaded. Do you happen to know if there is a way to specify the module as a dependency?
> Like "if iptables is in profile: modprobe ip_tables"?
Sadly I do not know of a way to specify dependency like that. It is further complicated by the fact that the user installing the podman package might not even have permissions to load the module.
This actually caused me some problems and I had to load the ip_tables manually (I normally have just nf_tables loaded) using sudo when I was trying to test it.
I am not sure what the solution should be here...
Tomas
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 03/11] gnu: podman: Update to 5.0.2.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
d93ca70c28359a086f63a82d63a5c5c6512db7f9.1715293394.git.~@wolfsden.cz
* gnu/packages/containers.scm (podman): Update to 5.0.2.

Change-Id: Id12c017e68f30db4ea99547beca54dbd01e3b029
---
v2: Update to 5.0.2.

gnu/packages/containers.scm | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)

Toggle diff (41 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index f5328e4803..44317acbea 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -49,6 +49,7 @@ (define-module (gnu packages containers)
#:use-module (gnu packages python)
#:use-module (gnu packages networking)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages rust-apps)
#:use-module (gnu packages selinux)
#:use-module (gnu packages version-control)
#:use-module (gnu packages virtualization)
@@ -413,7 +414,7 @@ (define-public gvisor-tap-vsock
(define-public podman
(package
(name "podman")
- (version "4.9.3")
+ (version "5.0.2")
(source
(origin
(method git-fetch)
@@ -428,7 +429,7 @@ (define-public podman
(search-patches
"podman-program-lookup.patch"))
(sha256
- (base32 "17g7n09ndxhpjr39s9qwxdcv08wavjj0g5nmnrvrkz2wgdqigl1x"))
+ (base32 "0x8npz0i3dyiaw30vdlb5n8kiaflgjqnrdbdk0yn5zgf5k1jlb7i"))
(file-name (git-file-name name version))))

(build-system gnu-build-system)
@@ -459,7 +460,9 @@ (define-public podman
(("@SLIRP4NETNS_DIR@")
(string-append #$slirp4netns "/bin"))
(("@PASST_DIR@")
- (string-append #$passt "/bin")))
+ (string-append #$passt "/bin"))
+ (("@NETAVARK_DIR@")
+ (string-append #$netavark "/bin")))
(substitute* "hack/install_catatonit.sh"
(("CATATONIT_PATH=\"[^\"]+\"")
(string-append "CATATONIT_PATH=" (which "true"))))
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 02/11] gnu: podman: Drop obsolete comment.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
bf89515e31a1e8e14d45c45da9ff6f5ab89f007e.1715293394.git.~@wolfsden.cz
cgroup2 is now the default type.

* gnu/packages/containers.scm (podman): Drop the comment.

Change-Id: I197ed7e4901b26ad820295ed7adcaffd7bf533f5
---
gnu/packages/containers.scm | 3 ---
1 file changed, 3 deletions(-)

Toggle diff (16 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index ccee920325..f5328e4803 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -410,9 +410,6 @@ (define-public gvisor-tap-vsock
The binary is called @command{gvproxy}.")
(license license:asl2.0)))
-;; For podman to work, the user needs to run
-;; `sudo mount -t cgroup2 none /sys/fs/cgroup`
-
(define-public podman
(package
(name "podman")
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 04/11] gnu: conmon: Update to 2.1.11.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
7f94ed781f3f402afea9b6bb4c06505ca19ba867.1715293394.git.~@wolfsden.cz
* gnu/packages/containers.scm (conmon): Update to 2.1.11.

Change-Id: I2a46b2dcd344909da34199145fef4ad3fa4418de
---
v2: Update to 2.1.11.

gnu/packages/containers.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (22 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 44317acbea..680ef6cee7 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -105,7 +105,7 @@ (define-public crun
(define-public conmon
(package
(name "conmon")
- (version "2.0.31")
+ (version "2.1.11")
(source
(origin
(method git-fetch)
@@ -113,7 +113,7 @@ (define-public conmon
(url "https://github.com/containers/conmon")
(commit (string-append "v" version))))
(sha256
- (base32 "1cxklcihb2i4ywli0fxafkp2gi1x831r37z7spnigaj6pzj1517w"))
+ (base32 "1ax13n2npz5b7qa7f4glvnfq9biz220gyb8prh8s0jrvz6z2j221"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(arguments
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 05/11] gnu: passt: Update to 2024_03_20.71dd405.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
c33c6b105ebd060a6b472f0c24f15e0ae7387d3c.1715293394.git.~@wolfsden.cz
* gnu/packages/containers.scm (passt): Update to 2024_03_20.71dd405.

Change-Id: I089b7e9364058e59139bdb7cb942fad693254c1f
---
gnu/packages/containers.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (23 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 680ef6cee7..12716ac787 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -282,14 +282,14 @@ (define-public slirp4netns
(define-public passt
(package
(name "passt")
- (version "2023_12_30.f091893")
+ (version "2024_03_20.71dd405")
(source
(origin
(method url-fetch)
(uri (string-append "https://passt.top/passt/snapshot/passt-" version
".tar.gz"))
(sha256
- (base32 "1nyd4h93qlxn1r01ffijpsd7r7ny62phki5j58in8gz021jj4f3d"))))
+ (base32 "1xyi1rqc3q2nbkd5mc4mp2m488ih5jy8v3xg0dgznh0149alx3y0"))))
(build-system gnu-build-system)
(arguments
(list
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 06/11] gnu: Add catatonit.
(address . 70112@debbugs.gnu.org)(name . Wilke Schwiedop)(address . wilke.schwiedop@agfa.com)
c3b6409e4d671f24e870a53a762e60174a42a10a.1715293394.git.~@wolfsden.cz
From: Wilke Schwiedop <wilke.schwiedop@agfa.com>

* gnu/packages/containers.scm (catatonit): New variable.

Change-Id: Ib6948bde8204426a8cb008982cb7cc9302f9e6d6
---
gnu/packages/containers.scm | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)

Toggle diff (33 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 12716ac787..2fd5d844ec 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -411,6 +411,26 @@ (define-public gvisor-tap-vsock
The binary is called @command{gvproxy}.")
(license license:asl2.0)))
+(define-public catatonit
+ (package
+ (name "catatonit")
+ (version "0.2.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/openSUSE/catatonit/releases/download/v"
+ version "/catatonit.tar.xz"))
+ (sha256
+ (base32 "141b5lypgqib546zmldi4kqzpqfd6vvqddqqkfaz3w11fjsc4hwq"))))
+ (build-system gnu-build-system)
+ (native-inputs (list autoconf automake libtool))
+ (synopsis "Container init")
+ (description
+ "A container init that is so simple it's effectively brain-dead.")
+ (home-page "https://github.com/openSUSE/catatonit")
+ (license license:gpl2+)))
+
(define-public podman
(package
(name "podman")
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 01/11] gnu: crun: Update to 1.15.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
4554ead7e7440610c700ba6d5403489f95cfdf80.1715293394.git.~@wolfsden.cz
* gnu/packages/containers.scm (crun): Update to 1.15.

Change-Id: I769c15663bf668a967cf32243dd8139b6c949953
---
v2: Update to 1.15.

gnu/packages/containers.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (22 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 31260c5c0a..ccee920325 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -58,7 +58,7 @@ (define-module (gnu packages containers)
(define-public crun
(package
(name "crun")
- (version "1.14.1")
+ (version "1.15")
(source
(origin
(method url-fetch)
@@ -68,7 +68,7 @@ (define-public crun
"/crun-" version ".tar.gz"))
(sha256
(base32
- "02lplc2asyllb58mvy7l8b9gsk7fxs95g928xk28yzmf592ay33x"))))
+ "0zq8vcn2vg9snaqmf8k5gngskiclpm1ln0hhs1vsw8w8igjs2fx0"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags '("--disable-systemd")
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 07/11] gnu: Add podman-compose.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
3e21bec1560a61969b5873e514fd26b71f0192d5.1715293394.git.~@wolfsden.cz
* gnu/packages/containers.scm (podman-compose): New variable.

Change-Id: Ieb5ee4b6e82464599a17ec950be8a7dbb2efa842
---
gnu/packages/containers.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

Toggle diff (57 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 2fd5d844ec..dadef35d6d 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -34,6 +34,7 @@ (define-module (gnu packages containers)
#:use-module (guix build-system gnu)
#:use-module (guix build-system go)
#:use-module (guix build-system meson)
+ #:use-module (guix build-system python)
#:use-module (guix utils)
#:use-module (gnu packages admin)
#:use-module (gnu packages autotools)
@@ -49,6 +50,7 @@ (define-module (gnu packages containers)
#:use-module (gnu packages python)
#:use-module (gnu packages networking)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages python-xyz)
#:use-module (gnu packages rust-apps)
#:use-module (gnu packages selinux)
#:use-module (gnu packages version-control)
@@ -532,6 +534,34 @@ (define-public podman
packaged.")
(license license:asl2.0)))
+(define-public podman-compose
+ (package
+ (name "podman-compose")
+ (version "1.0.6")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/podman-compose")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "11dwpifkm20vyi6r3fgmiiqc01mpm4r8l0p5gfh0bawi2gklrhsf"))))
+ (build-system python-build-system)
+ (arguments
+ (list
+ #:tests? #f))
+ (inputs (list python-dotenv
+ python-pyyaml))
+ (home-page "https://github.com/containers/podman-compose")
+ (synopsis "Implementation of @url{https://compose-spec.io/,,Compose Spec}
+with @code{podman} backend")
+ (description "Provides an implementation of
+@url{https://compose-spec.io/,,Compose Spec} for @code{podman} focused on
+being rootless and not requiring any daemon to be running.")
+ (license license:gpl2)))
+
(define-public buildah
(package
(name "buildah")
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 08/11] gnu: gvisor-tap-vsock: Remove references to go.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
9588f1b48e3b48040b4eabd51649893ada913955.1715293394.git.~@wolfsden.cz
This is handled automatically by go-build-system, but (obviously) not by the
gnu-build-system, so add the phase manually.

* gnu/packages/containers.scm (gvisor-tap-vsock)[arguments]<#:phases>: Add
'remove-go-references phase.

Change-Id: I5cef0bc03dfa7f219bdfec4226d0e7772401a5a5
---
gnu/packages/containers.scm | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)

Toggle diff (35 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index dadef35d6d..517eba45d9 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -26,6 +26,7 @@
(define-module (gnu packages containers)
#:use-module (guix gexp)
#:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix modules)
#:use-module (gnu packages)
#:use-module (guix packages)
#:use-module (guix download)
@@ -387,6 +388,9 @@ (define-public gvisor-tap-vsock
(list
#:make-flags `(list ,(string-append "GIT_VERSION=v" version))
#:test-target "test"
+ #:imported-modules
+ (source-module-closure `(,@%gnu-build-system-modules
+ (guix build go-build-system)))
#:phases
#~(modify-phases %standard-phases
(delete 'configure)
@@ -400,7 +404,9 @@ (define-public gvisor-tap-vsock
(invoke "rm" "-r" "test")))
(replace 'install
(lambda _
- (install-file "bin/gvproxy" (string-append #$output "/bin")))))))
+ (install-file "bin/gvproxy" (string-append #$output "/bin"))))
+ (add-after 'install 'remove-go-references
+ (@@ (guix build go-build-system) remove-go-references)))))
(native-inputs (list go-1.20))
(home-page "https://github.com/containers/gvisor-tap-vsock")
(synopsis "Network stack for virtualization based on gVisor")
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 10/11] gnu: buildah: Update to 1.35.3.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
df81c462ee985b39adb8aaf750011668568d3878.1715293394.git.~@wolfsden.cz
* gnu/packages/containers.scm (buildah): Update to 1.35.3.

Change-Id: I0a00d6a73079ddaa38a454856781adfc2d7f158f
---
gnu/packages/containers.scm | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)

Toggle diff (34 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index d0bec87fe8..494777cd28 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -600,16 +600,17 @@ (define-public podman-compose
(define-public buildah
(package
(name "buildah")
- (version "1.29.1")
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/containers/buildah")
- (commit (string-append "v" version))))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "1mcqkz68fjccdla1bgxw57w268a586brm6x28fcm6x425ah0w07h"))))
+ (version "1.35.3")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/containers/buildah")
+ (commit (string-append "v" version))))
+ (sha256
+ (base32
+ "07hr2cfp4kblnmva02ap97id5nzhbqigdfvx7c8nyrkfzw0340n0"))
+ (file-name (git-file-name name version))))
(build-system go-build-system)
(arguments
(list #:import-path "github.com/containers/buildah/cmd/buildah"
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 09/11] gnu: podman: Revamp the package.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
05152041d295556cb113eb4462252795005e10a6.1715293394.git.~@wolfsden.cz
Substantial rework of the podman package. The source is no longer patched (at
all) and all necessary modifications were moved into wrap-program and phases.

Not everything is supported out of the box, but description mentions what
packages to install to get additional functionality working.

* gnu/packages/containers.scm (podman)[source]: Remove snippet and patches.
[arguments]<#:make-flags>: Add HELPER_BINARIES_DIR. Add GOMD2MAN to actually
use go-github-com-go-md2man package instead of the bundled version.
<#:imported-modules>: Add (guix build go-build-system).
<#:phases>{'set-env}: Set `CC' as an environment variable due to bug in make
before 4.4.
{'fix-hardcoded-paths}: Remove everything except patching `libexec' and `lib'
locations.
{'symlink-helpers}: New phase symlinking tools not discoverable via $PATH into
one directory (`HELPER_BINARIES_DIR').
{'wrap-podman}: New phase wrapping `podman' to set correct $PATH.
{'remove-go-references}: New phase stripping references to the golang
toolchain from the binaries.
[inputs]: Remove no longer needed cni-plugins, slirp4netns. Remove referenced
in 'wrap-podman conmon, crun, iptables, passt. Move go-github-com-go-md2man
into native-inputs. Add bash-minimal.
[native-inputs]: Add custom grep with supported -P. Use newer go. Add
mandoc.
[description]: Explain how to get `podman compose' and `podman machine'
working.
* gnu/packages/patches/podman-program-lookup.patch: Delete file.

Change-Id: Ifc28971a68751831d781517b041eec951a617087
---
gnu/local.mk | 1 -
gnu/packages/containers.scm | 119 ++++++++++-------
.../patches/podman-program-lookup.patch | 120 ------------------
3 files changed, 74 insertions(+), 166 deletions(-)
delete mode 100644 gnu/packages/patches/podman-program-lookup.patch

Toggle diff (323 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 439fe587b0..fc14c98197 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1810,7 +1810,6 @@ dist_patch_DATA = \
%D%/packages/patches/plasp-fix-normalization.patch \
%D%/packages/patches/plasp-include-iostream.patch \
%D%/packages/patches/pocketfft-cpp-prefer-preprocessor-if.patch \
- %D%/packages/patches/podman-program-lookup.patch \
%D%/packages/patches/pokerth-boost.patch \
%D%/packages/patches/ppsspp-disable-upgrade-and-gold.patch \
%D%/packages/patches/procps-strtod-test.patch \
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 517eba45d9..d0bec87fe8 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -44,10 +44,13 @@ (define-module (gnu packages containers)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages glib)
+ #:use-module (gnu packages gcc)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages golang)
#:use-module (gnu packages guile)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages man)
+ #:use-module (gnu packages pcre)
#:use-module (gnu packages python)
#:use-module (gnu packages networking)
#:use-module (gnu packages pkg-config)
@@ -449,84 +452,104 @@ (define-public podman
(uri (git-reference
(url "https://github.com/containers/podman")
(commit (string-append "v" version))))
- (modules '((guix build utils)))
- ;; FIXME: Btrfs libraries not detected by these scripts.
- (snippet '(substitute* "Makefile"
- ((".*hack/btrfs.*") "")))
- (patches
- (search-patches
- "podman-program-lookup.patch"))
(sha256
(base32 "0x8npz0i3dyiaw30vdlb5n8kiaflgjqnrdbdk0yn5zgf5k1jlb7i"))
(file-name (git-file-name name version))))
-
(build-system gnu-build-system)
(arguments
(list
#:make-flags
- #~(list #$(string-append "CC=" (cc-for-target))
- (string-append "PREFIX=" #$output))
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "PREFIX=" #$output)
+ (string-append "HELPER_BINARIES_DIR=" #$output "/_guix")
+ (string-append "GOMD2MAN="
+ #$go-github-com-go-md2man "/bin/go-md2man"))
#:tests? #f ; /sys/fs/cgroup not set up in guix sandbox
#:test-target "test"
+ #:imported-modules
+ (source-module-closure `(,@%gnu-build-system-modules
+ (guix build go-build-system)))
#:phases
#~(modify-phases %standard-phases
(delete 'configure)
(add-after 'unpack 'set-env
- (lambda* (#:key inputs #:allow-other-keys)
- ;; when running go, things fail because
- ;; HOME=/homeless-shelter.
- (setenv "HOME" "/tmp")))
+ (lambda _
+ ;; When running go, things fail because HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")
+ ;; Required for detecting btrfs in hack/btrfs* due to bug in GNU
+ ;; Make <4.4 causing CC not to be propagated into $(shell ...)
+ ;; calls. Can be removed once we update to >4.3.
+ (setenv "CC" #$(cc-for-target))))
(replace 'check
(lambda* (#:key tests? #:allow-other-keys)
(when tests?
- ;; (invoke "strace" "-f" "bin/podman" "version")
(invoke "make" "localsystem")
(invoke "make" "remotesystem"))))
(add-after 'unpack 'fix-hardcoded-paths
(lambda _
- (substitute* "vendor/github.com/containers/common/pkg/config/config.go"
- (("@SLIRP4NETNS_DIR@")
- (string-append #$slirp4netns "/bin"))
- (("@PASST_DIR@")
- (string-append #$passt "/bin"))
- (("@NETAVARK_DIR@")
- (string-append #$netavark "/bin")))
- (substitute* "hack/install_catatonit.sh"
- (("CATATONIT_PATH=\"[^\"]+\"")
- (string-append "CATATONIT_PATH=" (which "true"))))
(substitute* "vendor/github.com/containers/common/pkg/config/config_linux.go"
(("/usr/local/libexec/podman")
(string-append #$output "/libexec/podman"))
(("/usr/local/lib/podman")
- (string-append #$output "/bin")))
- (substitute* "vendor/github.com/containers/common/pkg/config/default.go"
- (("/usr/libexec/podman/conmon") (which "conmon"))
- (("/usr/local/libexec/cni")
- (string-append #$(this-package-input "cni-plugins")
- "/bin"))
- (("/usr/bin/crun") (which "crun")))))
+ (string-append #$output "/bin")))))
+ (add-after 'install 'symlink-helpers
+ (lambda _
+ (mkdir-p (string-append #$output "/_guix"))
+ (for-each
+ (lambda (what)
+ (symlink (string-append (car what) "/bin/" (cdr what))
+ (string-append #$output "/_guix/" (cdr what))))
+ ;; Only tools that cannot be discovered via $PATH are
+ ;; symlinked. Rest is handled in the 'wrap-podman phase.
+ `((#$aardvark-dns . "aardvark-dns")
+ ;; Required for podman-machine, which is *not* supported out
+ ;; of the box. But it cannot be discovered via $PATH, so
+ ;; there is no other way for the user to install it. It
+ ;; costs ~10MB, so let's leave it here.
+ (#$gvisor-tap-vsock . "gvproxy")
+ (#$netavark . "netavark")))))
+ (add-after 'install 'wrap-podman
+ (lambda _
+ (wrap-program (string-append #$output "/bin/podman")
+ `("PATH" suffix
+ (,(string-append #$catatonit "/bin")
+ ,(string-append #$conmon "/bin")
+ ,(string-append #$crun "/bin")
+ ,(string-append #$gcc "/bin") ; cpp
+ ,(string-append #$iptables "/sbin")
+ ,(string-append #$passt "/bin")
+ ,(string-append #$procps "/bin") ; ps
+ "/run/setuid-programs")))))
+ (add-after 'install 'remove-go-references
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((go (assoc-ref inputs "go")))
+ (for-each
+ (lambda (file)
+ (when (executable-file? file)
+ ((@@ (guix build go-build-system) remove-store-reference)
+ file go)))
+ (append (find-files (string-append #$output "/bin"))
+ (find-files (string-append #$output "/libexec"))
+ (find-files (string-append #$output "/lib")))))))
(add-after 'install 'install-completions
(lambda _
(invoke "make" "install.completions"
(string-append "PREFIX=" #$output)))))))
(inputs
- (list btrfs-progs
- cni-plugins
- conmon
- crun
+ (list bash-minimal
+ btrfs-progs
gpgme
- go-github-com-go-md2man
- iptables
libassuan
libseccomp
- libselinux
- passt
- slirp4netns))
+ libselinux))
(native-inputs
- (list bats
+ (list (package/inherit grep
+ (inputs (list pcre2))) ; Drop once grep on master supports -P
+ bats
git
go-1.21
- ; strace ; XXX debug
+ go-github-com-go-md2man
+ mandoc
pkg-config
python))
(home-page "https://podman.io")
@@ -536,8 +559,14 @@ (define-public podman
volumes mounted into those containers, and pods made from groups of
containers.
-The @code{machine} subcommand is not supported due to gvproxy not being
-packaged.")
+Not all commands are working out of the box due to requiring additional
+binaries to be present in the $PATH.
+
+To get @code{podman compose} working, install either @code{podman-compose} or
+@code{docker-compose} packages.
+
+To get @code{podman machine} working, install @code{qemu-minimal}, and
+@code{openssh} packages.")
(license license:asl2.0)))
(define-public podman-compose
diff --git a/gnu/packages/patches/podman-program-lookup.patch b/gnu/packages/patches/podman-program-lookup.patch
deleted file mode 100644
index 27a9421285..0000000000
--- a/gnu/packages/patches/podman-program-lookup.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From 914aed3e04f71453fbdc30f4287e13ca3ce63a36 Mon Sep 17 00:00:00 2001
-From: Tomas Volf <~@wolfsden.cz>
-Date: Wed, 14 Feb 2024 20:02:03 +0100
-Subject: [PATCH] Modify search for binaries to fit Guix model
-
-Podman basically looked into the $PATH and into its libexec. That does not fit
-Guix's model very well, to an additional option to specify additional
-directories during compilation was added.
-
-* pkg/rootless/rootless_linux.go
-(tryMappingTool): Also check /run/setuid-programs.
-* vendor/github.com/containers/common/pkg/config/config.go
-(extraGuixDir): New function.
-(FindHelperBinary): Use it.
-* vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-(guixLookupSetuidPath): New function.
-(Start): Use it.
----
- pkg/rootless/rootless_linux.go | 3 +++
- .../containers/common/pkg/config/config.go | 23 +++++++++++++++++++
- .../storage/pkg/unshare/unshare_linux.go | 14 +++++++++--
- 3 files changed, 38 insertions(+), 2 deletions(-)
-
-diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go
-index d303c8b..0191d90 100644
---- a/pkg/rootless/rootless_linux.go
-+++ b/pkg/rootless/rootless_linux.go
-@@ -102,6 +102,9 @@ func tryMappingTool(uid bool, pid int, hostID int, mappings []idtools.IDMap) err
- idtype = "setgid"
- }
- path, err := exec.LookPath(tool)
-+ if err != nil {
-+ path, err = exec.LookPath("/run/setuid-programs/" + tool)
-+ }
- if err != nil {
- return fmt.Errorf("command required for rootless mode with multiple IDs: %w", err)
- }
-diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
-index 75b917f..ed2f131 100644
---- a/vendor/github.com/containers/common/pkg/config/config.go
-+++ b/vendor/github.com/containers/common/pkg/config/config.go
-@@ -1102,6 +1102,24 @@ func findBindir() string {
- return bindirCached
- }
-
-+func extraGuixDir(bin_name string) string {
-+ if (bin_name == "slirp4netns") {
-+ return "@SLIRP4NETNS_DIR@";
-+ } else if (bin_name == "pasta") {
-+ return "@PASST_DIR@";
-+ } else if (strings.HasPrefix(bin_name, "qemu-")) {
-+ return "@QEMU_DIR@";
-+ } else if (bin_name == "gvproxy") {
-+ return "@GVPROXY_DIR@";
-+ } else if (bin_name == "netavark") {
-+ return "@NETAVARK_DIR@";
-+ } else if (bin_name == "aardvark-dns") {
-+ return "@AARDVARK_DNS_DIR@";
-+ } else {
-+ return "";
-+ }
-+}
-+
- // FindHelperBinary will search the given binary name in the configured directories.
- // If searchPATH is set to true it will also search in $PATH.
- func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error) {
-@@ -1109,6 +1127,11 @@ func (c *Config) FindHelperBinary(name string, searchPATH bool) (string, error)
- bindirPath := ""
- bindirSearched := false
-
-+ if dir := extraGuixDir(name); dir != "" {
-+ /* If there is a Guix dir, skip the PATH search. */
-+ dirList = append([]string{dir}, dirList...)
-+ }
-+
- // If set, search this directory first. This is used in testing.
- if dir, found := os.LookupEnv("CONTAINERS_HELPER_BINARY_DIR"); found {
- dirList = append([]string{dir}, dirList...)
-diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-index a8dc1ba..0b0d755 100644
---- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-+++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go
-@@ -26,6 +26,16 @@ import (
- "github.com/syndtr/gocapability/capability"
- )
-
-+func guixLookupSetuidPath(prog string) (string, error) {
-+ path, err := exec.LookPath(prog)
-+ if err != nil {
-+ path, err = exec.LookPath("/run/setuid-programs/" + prog)
-+ }
-+ return path, err
-+}
-+
-+
-+
- // Cmd wraps an exec.Cmd created by the reexec package in unshare(), and
- // handles setting ID maps and other related settings by triggering
- // initialization code in the child.
-@@ -237,7 +247,7 @@ func (c *Cmd) Start() error {
- gidmapSet := false
- // Set the GID map.
- if c.UseNewgidmap {
-- path, err := exec.LookPath("newgidmap")
-+ path, err := guixLookupSetuidPath("newgidmap")
- if err != nil {
- return fmt.Errorf("finding newgidmap: %w", err)
- }
-@@ -297,7 +307,7 @@ func (c *Cmd) Start() error {
- uidmapSet := false
- // Set the UID map.
- if c.UseNewuidmap {
-- path, err := exec.LookPath("newuidmap")
-+ path, err := guixLookupSetuidPath("newuidmap")
- if err != nil {
- return fmt.Errorf("finding newuidmap: %w", err)
- }
---
-2.41.0
-
--
2.41.0
T
T
Tomas Volf wrote on 10 May 00:23 +0200
[PATCH v2 11/11] gnu: buildah: Switch to gnu-build-system.
(address . 70112@debbugs.gnu.org)(name . Tomas Volf)(address . ~@wolfsden.cz)
f07fac52f3899af7abd10308c20394559952ca04.1715293394.git.~@wolfsden.cz
Buildah is fundamentally similar to podman and provides its own Makefile.
This commit switches from go-build-system to gnu-build-system so that the
build can be done using `make' instead of reinvention some parts (like
documentation) in the guile. The package pretty much follows how podman
package looks like.

* gnu/packages/containers.scm (buildah)[source]: Reformat.
[build-system]: Use gnu-build-system.
[arguments]<#:import-path, #:unpack-path, #:go, #:install-source?>: Delete.
<#:make-flags>: Set make flags.
<#:test-target>: Set, even though the tests are disabled.
<#:imported-modules>: Also import (guix build go-build-system) for the
remove-go-references phase.
<#:phases>{'prepare-install-docs, 'build-docs, 'install-docs}: Delete.
{'configure}: Delete.
{'set-env, 'check, 'symlink-helpers, 'wrap-buildah, 'remove-go-references}
{'install-completions}: New phases.
[inputs]: Remove no longer used cni-plugins, conmon, runc. Add bash-minimal.
[native-inputs]: Remove gnu-make, add go-1.21 and bats.

Change-Id: I0ddd5febb0116a71a857e2a98a9951dbe8bd40d9
---
gnu/packages/containers.scm | 99 +++++++++++++++++++++++--------------
1 file changed, 62 insertions(+), 37 deletions(-)

Toggle diff (119 lines)
diff --git a/gnu/packages/containers.scm b/gnu/packages/containers.scm
index 494777cd28..286dc0491e 100644
--- a/gnu/packages/containers.scm
+++ b/gnu/packages/containers.scm
@@ -611,50 +611,75 @@ (define-public buildah
(base32
"07hr2cfp4kblnmva02ap97id5nzhbqigdfvx7c8nyrkfzw0340n0"))
(file-name (git-file-name name version))))
- (build-system go-build-system)
+ (build-system gnu-build-system)
(arguments
- (list #:import-path "github.com/containers/buildah/cmd/buildah"
- #:unpack-path "github.com/containers/buildah"
-
- ;; Some dependencies require go-1.18 to build.
- #:go go-1.18
-
- #:tests? #f
- #:install-source? #f
- #:phases
- #~(modify-phases %standard-phases
- (add-after 'unpack 'prepare-install-docs
- (lambda* (#:key unpack-path #:allow-other-keys)
- (substitute* (string-append "src/"
- unpack-path
- "/docs/Makefile")
- (("../tests/tools/build/go-md2man")
- (which "go-md2man")))
- (substitute* (string-append "src/"
- unpack-path
- "/docs/Makefile")
- (("/usr/local") (string-append #$output)))))
- (add-after 'build 'build-docs
- (lambda* (#:key unpack-path #:allow-other-keys)
- (let ((doc (string-append "src/" unpack-path "/docs")))
- (invoke "make" "-C" doc))))
- (add-after 'install 'install-docs
- (lambda* (#:key unpack-path #:allow-other-keys)
- (let ((doc (string-append "src/" unpack-path "/docs")))
- (invoke "make" "-C" doc "install")))))))
- (inputs (list btrfs-progs
- cni-plugins
- conmon
+ (list
+ #:make-flags
+ #~(list (string-append "CC=" #$(cc-for-target))
+ (string-append "PREFIX=" #$output)
+ (string-append "GOMD2MAN="
+ #$go-github-com-go-md2man "/bin/go-md2man"))
+ #:tests? #f ; /sys/fs/cgroup not set up in guix sandbox
+ #:test-target "test-unit"
+ #:imported-modules
+ (source-module-closure `(,@%gnu-build-system-modules
+ (guix build go-build-system)))
+ #:phases
+ #~(modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'unpack 'set-env
+ (lambda _
+ ;; When running go, things fail because HOME=/homeless-shelter.
+ (setenv "HOME" "/tmp")
+ ;; Required for detecting btrfs in hack/btrfs* due to bug in GNU
+ ;; Make <4.4 causing CC not to be propagated into $(shell ...)
+ ;; calls. Can be removed once we update to >4.3.
+ (setenv "CC" #$(cc-for-target))))
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (invoke "make" "test-unit")
+ (invoke "make" "test-conformance")
+ (invoke "make" "test-integration"))))
+ (add-after 'install 'symlink-helpers
+ (lambda _
+ (mkdir-p (string-append #$output "/_guix"))
+ (for-each
+ (lambda (what)
+ (symlink (string-append (car what) "/bin/" (cdr what))
+ (string-append #$output "/_guix/" (cdr what))))
+ ;; Only tools that cannot be discovered via $PATH are
+ ;; symlinked. Rest is handled in the 'wrap-buildah phase.
+ `((#$aardvark-dns . "aardvark-dns")
+ (#$netavark . "netavark")))))
+ (add-after 'install 'wrap-buildah
+ (lambda _
+ (wrap-program (string-append #$output "/bin/buildah")
+ `("CONTAINERS_HELPER_BINARY_DIR" =
+ (,(string-append #$output "/_guix")))
+ `("PATH" suffix
+ (,(string-append #$crun "/bin")
+ ,(string-append #$gcc "/bin") ; cpp
+ ,(string-append #$passt "/bin")
+ "/run/setuid-programs")))))
+ (add-after 'install 'remove-go-references
+ (@@ (guix build go-build-system) remove-go-references))
+ (add-after 'install 'install-completions
+ (lambda _
+ (invoke "make" "install.completions"
+ (string-append "PREFIX=" #$output)))))))
+ (inputs (list bash-minimal
+ btrfs-progs
eudev
glib
gpgme
libassuan
libseccomp
- lvm2
- runc))
+ lvm2))
(native-inputs
- (list go-github-com-go-md2man
- gnu-make
+ (list bats
+ go-1.21
+ go-github-com-go-md2man
pkg-config))
(synopsis "Build @acronym{OCI, Open Container Initiative} images")
(description
--
2.41.0
S
S
Sharlatan Hellseher wrote on 22 May 00:00 +0200
[PATCH 00/11] Update container tooling (podman, buildah)
(address . 70112-done@debbugs.gnu.org)
87plte966r.fsf@gmail.com
Hi,

- patches [11/11]
1. [X] [PATCH v2 01/11] gnu: crun: Update to 1.15.
2. [X] [PATCH v2 02/11] gnu: podman: Drop obsolete comment.
3. [X] [PATCH v2 03/11] gnu: podman: Update to 5.0.2.
4. [X] [PATCH v2 04/11] gnu: conmon: Update to 2.1.11.
5. [X] [PATCH v2 05/11] gnu: passt: Update to 2024_03_20.71dd405.
6. [X] [PATCH v2 06/11] gnu: Add catatonit.
- Adjust description
- Shift homepage above synopsis
7. [X] [PATCH v2 07/11] gnu: Add podman-compose.
- Adjust description
- Enable tests
- Swapt to pyprject-build-system
8. [X] [PATCH v2 08/11] gnu: gvisor-tap-vsock: Remove references to go.
9. [X] [PATCH v2 09/11] gnu: podman: Revamp the package.
10. [X] [PATCH v2 10/11] gnu: buildah: Update to 1.35.3.
11. [X] [PATCH v2 11/11] gnu: buildah: Switch to gnu-build-system.

Pushed as 5c5e2a7491..abc62671e0 to master.

--
Oleg
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmEeB3micIcJkGAhndtcnv/Ys0rUFAmZNGW0ACgkQdtcnv/Ys
0rW56w//XC0PVVxs+1c8pRcpp1wpoD+SzBvCt/wFVKSdejcv1Bq2YBw1v8aLkLPt
/NPOj/GPLb66aYV7VDIMhz3W/030SqNHe1Ji7xzoeZawlMSkVIrNTf4ZgKJVGLC1
DkMpfvYxYTZ01RXzfa2bcux4dNLrXqlwbthgPmlJhXDVglRbuHMh2RNfJxyf7B1x
94DRHoAeHoSWgYJD229NG98mPmCNn3evIBIg6zv8qwuW6eVvIWGAnAEcJ8wJ4lHw
AwGONWgIJoXC+ae8/sJB9m8JxamDscw88VgqVcXfDB9WvTsttzF4/E4vYa6Vvh5t
PNlXex99zUS55jkj1mJhitSuc95Y4IMorptf35+ScR7V4ymitj9a8yn0fp2hS0VI
t055Cuw+WTBjMHo7bscu9a6t89157tCFy3gpq1Li6Ak7Imda7UpfoqazYdMvGas7
SMKOkV7B5EpVRof9H4K6Pmvx3xpbueXUWXdHB9ha4ctGstrhAigvOV3eNHnuaUbd
0w2/IOpHnNYwBUl+k/YCg22cYN00AWSlwwkrPTF1j1jOwiuaQY18+YXYVPzvH/II
pR4+WDAa2PATkH2v9EUFsMmH+qYSgdjm7dxCO6MTRB+q9M4c6R0s2oTd4e6mu6Jf
Y/psLY9cAxc24YpFFHmmDILgifEoYrVQnTz3JQubeJbuBYhrcXU=
=rDLX
-----END PGP SIGNATURE-----

Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 70112@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 70112
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch