feat: use native podman build for linux #684
Conversation
|
Before reviewing there was a lengthy discussion on the issue regarding why we need to run The main reasoning being that:
This is a short-term solution until podman-bootc CLI is developed more / krun support is in, or when bootc-image-builder supports krun itself. This PR will unblock the currently broken (and cumbersome) Linux support by solving issue osbuild/bootc-image-builder#540 as well as removing the podman machine restriction which has been causing issues for users (specifically users running Fedora Silverblue). See referenced issues and discussions:
|
cdrage
force-pushed
the
linux-support-local-cli
branch
5 times, most recently
from
f78cffb to
6692200
Compare
cdrage
force-pushed
the
linux-support-local-cli
branch
from
6692200 to
a7bcf63
Compare
|
|
cdrage
force-pushed
the
linux-support-local-cli
branch
3 times, most recently
from
cf6826c to
5de5222
Compare
| build.buildContainerId = containerId; | ||
| await history.addOrUpdateBuildInfo(build); | ||
| // Step 2. Check if there are any previous builds and remove them | ||
| progress.report({ increment: 5 }); |
There was a problem hiding this comment.
It feels a bit weird as I had the progress stuck on 50 for most of the time, I feel like an indeterminate would be more appropriate maybe ?
There was a problem hiding this comment.
yeah :( I will open up another issue for this.
the best path will probably open the image-build.log in a different synchronous process and do continuous reading of it similar to how we stream the container logs.
i'll follow this up in a different PR so this one isn't as big with issue: #698
Thank you so much for testing and happy it works as well on your side. Having to delete with Your testing made me realize that's why they added that feature haha! I was wondering why it wasn't working on macOS or Windows. |
| @@ -35,6 +35,7 @@ export abstract class BootcApi { | |||
| abstract openFolder(folder: string): Promise<boolean>; | |||
| abstract generateUniqueBuildID(name: string): Promise<string>; | |||
| abstract openLink(link: string): Promise<void>; | |||
| abstract isLinux(): Promise<boolean>; | |||
There was a problem hiding this comment.
Will node:os not work in frontend? It feels odd for our API to need to expose a method for the front end to know this.
There was a problem hiding this comment.
It doesn't and unfortunatley causes issues (can't detect "in time" before onMount), so using it here was best
| @@ -140,7 +140,9 @@ export async function buildDiskImage(build: BootcBuildInfo, history: History, ov | |||
| const buildImageContainer = createBuilderImageOptions(containerName, build, builder); | |||
| logData += JSON.stringify(buildImageContainer, undefined, 2); | |||
| logData += '\n----------\n'; | |||
| logData += createPodmanRunCommand(buildImageContainer); | |||
| // Output new line with `\` added at end for each in the array. | |||
| // logData += createPodmanCLIRunCommand(buildImageContainer); | |||
There was a problem hiding this comment.
Earlier code commented out but not deleted?
| return 'Podman v5.0 or higher is required to build disk images.'; | ||
| } | ||
| // Podman Machine checks are applicable to non-Linux platforms only | ||
| if (!isLinux()) { |
There was a problem hiding this comment.
It's pretty unlikely someone gets to the bootc extension on a Linux machine without podman install, but maybe we should still have a basic check?
There was a problem hiding this comment.
should still have this check here since we use checkPrereqs() from the frontend.
the reason why this is in the backend rather than frontend is that we do too much loading in onMount() in build.svelte, specifically with the update() function which causes issues trying to pre-detect Linux.
So it's better to check when executing the backend commands instead if we are on Linux
There was a problem hiding this comment.
I meant even on Linux shouldn't we confirm podman is installed? (vs this code which has no prereq checking for linux)
There was a problem hiding this comment.
Ohhh! There's no check anyways because the Build page will already error out with no Podman installed / never reach this point.
We should actually add this to the dashboard / have this higher up?
I opened up: #701
But wouldn't it make more sense to help with that? |
I investigated and tried a few different ways, including pulling the podman-bootc project and seeing what I could do in Go, but hit a bit of a wall fighting I also opened up osbuild/bootc-image-builder#569 to see if we could even get it working via non-root. The solution in this PR mimics the exact CLI commands which are being ran currently by https://github.com/osbuild/bootc-image-builder so it's been quite reliable testing it the past week. When containers/podman-bootc#9 is complete we can integrate that into the podman desktop bootc extension? |
cdrage
force-pushed
the
linux-support-local-cli
branch
from
5de5222 to
8c01f4c
Compare
### What does this PR do? * Switches to using native podman building for Linux rather than using podman machine * Tested against using a manifest as well as a normal image. * Uses CLI commands the equivalant of doing `sudo podman run`. PD does not support running / viewing / using sudo root connections. So we use the CLI instead * Uses CLI commands for saving the image / importing as well. The reasoning is that importing requires `sudo` / privileged and retrieving via image ID does not work for saving via the API. ### Screenshot / video of UI <!-- If this PR is changing UI, please include screenshots or screencasts showing the difference --> ### What issues does this PR fix or reference? <!-- Include any related issues from Podman Desktop repository (or from another issue tracker). --> Closes podman-desktop#623 ### How to test this PR? <!-- Please explain steps to reproduce --> 1. Try on Linux (Fedora 40 or above) 2. Go to build and it should ask for credentials after a few moments of building 3. Successful image build Signed-off-by: Charlie Drage <[email protected]>
Signed-off-by: Charlie Drage <[email protected]>
cdrage
force-pushed
the
linux-support-local-cli
branch
from
8c01f4c to
7899d91
Compare
feat: use native podman build for linux
What does this PR do?
podman machine
sudo podman run. PD doesnot support running / viewing / using sudo root connections. So we use
the CLI instead
reasoning is that importing requires
sudo/ privileged andretrieving via image ID does not work for saving via the API.
Screenshot / video of UI
What issues does this PR fix or reference?
Closes #623
How to test this PR?
building
Signed-off-by: Charlie Drage [email protected]