From df317a9000f61065ce55244b1f7ea05408cf45d8 Mon Sep 17 00:00:00 2001 From: joncrall Date: Thu, 16 Jun 2022 18:11:59 -0400 Subject: [PATCH 01/32] Flattened podman support commits --- .github/install_latest_podman.sh | 12 ++ .github/workflows/test.yml | 7 + cibuildwheel/docker_container.py | 132 +++++++++++++++-- cibuildwheel/linux.py | 9 +- cibuildwheel/options.py | 3 + cibuildwheel/resources/defaults.toml | 2 + setup.py | 1 + unit_test/conftest.py | 2 +- unit_test/docker_container_test.py | 214 ++++++++++++++++++++++++--- 9 files changed, 339 insertions(+), 43 deletions(-) create mode 100755 .github/install_latest_podman.sh diff --git a/.github/install_latest_podman.sh b/.github/install_latest_podman.sh new file mode 100755 index 000000000..42eca8b9f --- /dev/null +++ b/.github/install_latest_podman.sh @@ -0,0 +1,12 @@ +#!/bin/bash +__doc__=" +Based on code in: https://github.com/redhat-actions/podman-login/blob/main/.github/install_latest_podman.sh +" +# https://podman.io/getting-started/installation +# shellcheck source=/dev/null +. /etc/os-release +echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list +curl -sSfL "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/Release.key" | sudo apt-key add - +sudo apt-get update +sudo apt-get -y upgrade +sudo apt-get -y install podman diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a588b5268..63f3f5d45 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -45,6 +45,13 @@ jobs: with: python-version: ${{ matrix.python_version }} + # Install podman on this CI instance for podman tests on linux + # Snippet from: https://github.com/redhat-actions/podman-login/blob/main/.github/workflows/example.yml + - name: Install latest podman + if: runner.os == 'Linux' + run: | + bash .github/install_latest_podman.sh + - name: Install dependencies run: | python -m pip install ".[test]" diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index 9dc3ab70d..ff57b78dd 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -1,4 +1,5 @@ import io +import os import json import platform import shlex @@ -25,6 +26,18 @@ class DockerContainer: A bash shell is running in the remote container. When `call()` is invoked, the command is relayed to the remote shell, and the results are streamed back to cibuildwheel. + + TODO: + - [ ] Rename to Container as this now generalizes docker and podman? + + Example: + >>> from cibuildwheel.docker_container import * # NOQA + >>> docker_image = "quay.io/pypa/manylinux2014_x86_64:2020-05-17-2f8ac3b" + >>> # Test the default container + >>> with DockerContainer(docker_image=docker_image) as self: + ... self.call(["echo", "hello world"]) + ... self.call(["cat", "/proc/1/cgroup"]) + ... print(self.get_environment()) """ UTILITY_PYTHON = "/opt/python/cp38-cp38/bin/python" @@ -34,7 +47,13 @@ class DockerContainer: bash_stdout: IO[bytes] def __init__( - self, *, docker_image: str, simulate_32_bit: bool = False, cwd: Optional[PathOrStr] = None + self, + *, + docker_image: str, + simulate_32_bit: bool = False, + cwd: Optional[PathOrStr] = None, + container_engine: str = "docker", + env: Optional[Dict[str, str]] = None, ): if not docker_image: raise ValueError("Must have a non-empty docker image to run.") @@ -43,10 +62,12 @@ def __init__( self.simulate_32_bit = simulate_32_bit self.cwd = cwd self.name: Optional[str] = None + self.container_engine = container_engine + self.env = env # If specified, overwrite environment variables def __enter__(self) -> "DockerContainer": + self.name = f"cibuildwheel-{uuid.uuid4()}" - cwd_args = ["-w", str(self.cwd)] if self.cwd else [] # work-around for Travis-CI PPC64le Docker runs since 2021: # this avoids network splits @@ -57,24 +78,27 @@ def __enter__(self) -> "DockerContainer": network_args = ["--network=host"] shell_args = ["linux32", "/bin/bash"] if self.simulate_32_bit else ["/bin/bash"] + subprocess.run( [ - "docker", + self.container_engine, "create", "--env=CIBUILDWHEEL", f"--name={self.name}", "--interactive", - "--volume=/:/host", # ignored on CircleCI *network_args, - *cwd_args, + # Z-flags is for SELinux + "--volume=/:/host:Z", # ignored on CircleCI self.docker_image, *shell_args, ], + env=self.env, check=True, ) + self.process = subprocess.Popen( [ - "docker", + self.container_engine, "start", "--attach", "--interactive", @@ -82,6 +106,7 @@ def __enter__(self) -> "DockerContainer": ], stdin=subprocess.PIPE, stdout=subprocess.PIPE, + env=self.env, ) assert self.process.stdin and self.process.stdout @@ -89,7 +114,13 @@ def __enter__(self) -> "DockerContainer": self.bash_stdout = self.process.stdout # run a noop command to block until the container is responding - self.call(["/bin/true"]) + self.call(["/bin/true"], cwd="") + + if self.cwd: + # Although `docker create -w` does create the working dir if it + # does not exist, podman does not. There does not seem to be a way + # to setup a workdir for a container running in podman. + self.call(["mkdir", "-p", str(self.cwd)], cwd="") return self @@ -106,10 +137,20 @@ def __exit__( self.bash_stdin.close() self.bash_stdout.close() + if self.container_engine == "podman": + # This works around what seems to be a race condition in the podman + # backend. The full reason is not understood. See PR #966 for a + # discussion on possible causes and attempts to remove this line. + # For now, this seems to work "well enough". + self.process.wait() + assert isinstance(self.name, str) subprocess.run( - ["docker", "rm", "--force", "-v", self.name], stdout=subprocess.DEVNULL, check=False + [self.container_engine, "rm", "--force", "-v", self.name], + stdout=subprocess.DEVNULL, + env=self.env, + check=False, ) self.name = None @@ -122,15 +163,16 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: if from_path.is_dir(): self.call(["mkdir", "-p", to_path]) subprocess.run( - f"tar cf - . | docker exec -i {self.name} tar --no-same-owner -xC {shell_quote(to_path)} -f -", + f"tar cf - . | {self.container_engine} exec -i {self.name} tar --no-same-owner -xC {shell_quote(to_path)} -f -", shell=True, check=True, cwd=from_path, + env=self.env, ) else: with subprocess.Popen( [ - "docker", + "{self.container_engine}", "exec", "-i", str(self.name), @@ -138,6 +180,7 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: "-c", f"cat > {shell_quote(to_path)}", ], + env=self.env, stdin=subprocess.PIPE, ) as docker: docker.stdin = cast(IO[bytes], docker.stdin) @@ -155,12 +198,47 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: # note: we assume from_path is a dir to_path.mkdir(parents=True, exist_ok=True) - subprocess.run( - f"docker exec -i {self.name} tar -cC {shell_quote(from_path)} -f - . | tar -xf -", - shell=True, - check=True, - cwd=to_path, - ) + if self.container_engine == "podman": + # The copy out logic that works for docker does not seem to + # translate to podman, which seems to need the steps spelled out + # more explicitly. + command = f"{self.container_engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f /tmp/output-{self.name}.tar ." + subprocess.run( + command, + shell=True, + check=True, + cwd=to_path, + env=self.env, + ) + + command = f"{self.container_engine} cp {self.name}:/tmp/output-{self.name}.tar output-{self.name}.tar" + subprocess.run( + command, + shell=True, + check=True, + cwd=to_path, + env=self.env, + ) + command = f"tar -xvf output-{self.name}.tar" + subprocess.run( + command, + shell=True, + check=True, + cwd=to_path, + env=self.env, + ) + os.unlink(to_path / f"output-{self.name}.tar") + elif self.container_engine == "docker": + command = f"{self.container_engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f - . | tar -xf -" + subprocess.run( + command, + shell=True, + check=True, + cwd=to_path, + env=self.env, + ) + else: + raise KeyError(self.container_engine) def glob(self, path: PurePosixPath, pattern: str) -> List[PurePosixPath]: glob_pattern = path.joinpath(pattern) @@ -186,6 +264,11 @@ def call( cwd: Optional[PathOrStr] = None, ) -> str: + if cwd is None: + # Podman does not start the a container in a specific working dir + # so we always need to specify it when making calls. + cwd = self.cwd + chdir = f"cd {cwd}" if cwd else "" env_assignments = ( " ".join(f"{shlex.quote(k)}={shlex.quote(v)}" for k, v in env.items()) @@ -271,6 +354,23 @@ def environment_executor(self, command: List[str], environment: Dict[str, str]) # used as an EnvironmentExecutor to evaluate commands and capture output return self.call(command, env=environment, capture_output=True) + def debug_info(self) -> str: + if self.container_engine == "podman": + command = f"{self.container_engine} info --debug" + else: + command = f"{self.container_engine} info" + completed = subprocess.run( + command, + shell=True, + check=True, + cwd=self.cwd, + env=self.env, + stdin=subprocess.PIPE, + stdout=subprocess.PIPE, + ) + output = str(completed.stdout, encoding="utf8", errors="surrogateescape") + return output + def shell_quote(path: PurePath) -> str: return shlex.quote(str(path)) diff --git a/cibuildwheel/linux.py b/cibuildwheel/linux.py index 93225c21b..e89a35b6b 100644 --- a/cibuildwheel/linux.py +++ b/cibuildwheel/linux.py @@ -320,12 +320,16 @@ def build_on_docker( def build(options: Options, tmp_path: Path) -> None: # pylint: disable=unused-argument + + build_opts = options.build_options(None) try: # check docker is installed - subprocess.run(["docker", "--version"], check=True, stdout=subprocess.DEVNULL) + subprocess.run( + [build_opts.container_engine, "--version"], check=True, stdout=subprocess.DEVNULL + ) except subprocess.CalledProcessError: print( - "cibuildwheel: Docker not found. Docker is required to run Linux builds. " + f"cibuildwheel: {build_opts.container_engine} not found. An OCI exe like Docker or Podman is required to run Linux builds " "If you're building on Travis CI, add `services: [docker]` to your .travis.yml." "If you're building on Circle CI in Linux, add a `setup_remote_docker` step to your .circleci/config.yml", file=sys.stderr, @@ -355,6 +359,7 @@ def build(options: Options, tmp_path: Path) -> None: # pylint: disable=unused-a docker_image=build_step.docker_image, simulate_32_bit=build_step.platform_tag.endswith("i686"), cwd=container_project_path, + container_engine=build_opts.container_engine, ) as docker: build_on_docker( diff --git a/cibuildwheel/options.py b/cibuildwheel/options.py index 5d9744af1..80ee53277 100644 --- a/cibuildwheel/options.py +++ b/cibuildwheel/options.py @@ -79,6 +79,7 @@ class BuildOptions(NamedTuple): test_extras: str build_verbosity: int build_frontend: BuildFrontend + container_engine: str @property def package_dir(self) -> Path: @@ -422,6 +423,7 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: test_requires = self.reader.get("test-requires", sep=" ").split() test_extras = self.reader.get("test-extras", sep=",") build_verbosity_str = self.reader.get("build-verbosity") + container_engine = self.reader.get("container-engine") build_frontend: BuildFrontend if build_frontend_str == "build": @@ -520,6 +522,7 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: manylinux_images=manylinux_images or None, musllinux_images=musllinux_images or None, build_frontend=build_frontend, + container_engine=container_engine, ) def check_for_invalid_configuration(self, identifiers: List[str]) -> None: diff --git a/cibuildwheel/resources/defaults.toml b/cibuildwheel/resources/defaults.toml index 5890c8edf..5e0bdacfd 100644 --- a/cibuildwheel/resources/defaults.toml +++ b/cibuildwheel/resources/defaults.toml @@ -19,6 +19,8 @@ before-test = "" test-requires = [] test-extras = [] +container-engine = "docker" + manylinux-x86_64-image = "manylinux2014" manylinux-i686-image = "manylinux2014" manylinux-aarch64-image = "manylinux2014" diff --git a/setup.py b/setup.py index 7a9eee688..ad32d3f3a 100644 --- a/setup.py +++ b/setup.py @@ -14,6 +14,7 @@ "pytest-timeout", "pytest-xdist", "build", + "toml", ], "bin": [ "click", diff --git a/unit_test/conftest.py b/unit_test/conftest.py index 2f794a213..4e22853aa 100644 --- a/unit_test/conftest.py +++ b/unit_test/conftest.py @@ -16,7 +16,7 @@ def pytest_configure(config): def pytest_collection_modifyitems(config, items): if config.getoption("--run-docker"): - # --run-docker given in cli: do not skip docker tests + # --run-docker given in cli: do not skip container tests return skip_docker = pytest.mark.skip(reason="need --run-docker option to run") for item in items: diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index e9c43e776..dd317ee20 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -1,11 +1,15 @@ +import atexit +import os import platform import random import shutil import subprocess +import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath import pytest +import toml # type: ignore[import] from cibuildwheel.docker_container import DockerContainer from cibuildwheel.environment import EnvironmentAssignmentBash @@ -21,23 +25,178 @@ DEFAULT_IMAGE = "quay.io/pypa/manylinux2014_ppc64le:2020-05-17-2f8ac3b" elif pm == "s390x": DEFAULT_IMAGE = "quay.io/pypa/manylinux2014_s390x:2020-05-17-2f8ac3b" +else: + DEFAULT_IMAGE = "" + + +temp_test_dir = None + + +@atexit.register +def _cleanup_tempdir(): + """ + Cleans up any configuration written by :func:`basis_container_kwargs`. + + For podman tests, the user is not given write permissions by default in new + directories. As a workaround chown them before trying to delete them. + + It may be possible to handle this more cleanly in pytest itself, but using + atexit works well enough for now. + """ + import stat + + global temp_test_dir + if temp_test_dir is not None: + print(f"CLEANUP temp_test_dir = {temp_test_dir!r}") # type: ignore[unreachable] + for r, ds, fs in os.walk(temp_test_dir.name): + for d in ds: + dpath = os.path.join(r, d) + if not os.path.islink(dpath): + perms = os.lstat(dpath).st_mode + try: + os.chmod(dpath, stat.S_IWUSR | perms) + except Exception as ex: + print(f"issue with dpath = {dpath!r}, {ex!r}") + + for f in fs: + fpath = os.path.join(r, f) + if not os.path.islink(fpath): + perms = os.lstat(fpath).st_mode + try: + os.chmod(fpath, stat.S_IWUSR | perms) + except Exception as ex: + print(f"issue with fpath = {fpath!r}, {ex!r}") + else: + os.unlink(fpath) + try: + temp_test_dir.cleanup() + except Exception as ex: + print(f"Issue cleaning up ex = {ex!r}") + temp_test_dir = None + + +def basis_container_kwargs(): + """ + Generate keyword args that can be passed to to :class:`DockerContainer`. + + This is used with :func:`pytest.mark.parametrize` to run each test with + different configuraions of each supported containers engine. + + For docker we test the default configuration. + + For podman we test the default configuration and a configuration with VFS + (virtual file system) enabled as the storage driver. + """ + + global temp_test_dir + if temp_test_dir is None: + # Only setup the temp directory once for all tests + temp_test_dir = tempfile.TemporaryDirectory(prefix="cibw_test_") + + HAVE_DOCKER = bool(shutil.which("docker")) + HAVE_PODMAN = bool(shutil.which("podman")) + + if HAVE_DOCKER: + # Basic podman configuration + yield {"container_engine": "docker", "docker_image": DEFAULT_IMAGE} + + if HAVE_PODMAN: + # Basic podman usage + yield {"container_engine": "podman", "docker_image": DEFAULT_IMAGE} + + # VFS Podman usage (for the podman in docker use-case) + dpath = Path(temp_test_dir.name) + + # This requires that we write configuration files and point to them + # with environment variables before we run podman + # https://github.com/containers/common/blob/main/docs/containers.conf.5.md + vfs_containers_conf_data = { + "containers": { + "default_capabilities": [ + "CHOWN", + "DAC_OVERRIDE", + "FOWNER", + "FSETID", + "KILL", + "NET_BIND_SERVICE", + "SETFCAP", + "SETGID", + "SETPCAP", + "SETUID", + "SYS_CHROOT", + ] + }, + "engine": {"cgroup_manager": "cgroupfs", "events_logger": "file"}, + } + # https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md + storage_root = dpath / ".local/share/containers/vfs-storage" + run_root = dpath / ".local/share/containers/vfs-runroot" + storage_root.mkdir(parents=True, exist_ok=True) + run_root.mkdir(parents=True, exist_ok=True) + vfs_containers_storage_conf_data = { + "storage": { + "driver": "vfs", + "graphroot": str(storage_root), + "runroot": str(run_root), + "rootless_storage_path": str(storage_root), + "options": { + # "remap-user": "containers", + "aufs": {"mountopt": "rw"}, + "overlay": {"mountopt": "rw", "force_mask": "shared"}, + # "vfs": {"ignore_chown_errors": "true"}, + }, + } + } + vfs_containers_conf_fpath = dpath / "temp_vfs_containers.conf" + vfs_containers_storage_conf_fpath = dpath / "temp_vfs_containers_storage.conf" + with open(vfs_containers_conf_fpath, "w") as file: + toml.dump(vfs_containers_conf_data, file) + + with open(vfs_containers_storage_conf_fpath, "w") as file: + toml.dump(vfs_containers_storage_conf_data, file) + + oci_environ = os.environ.copy() + oci_environ.update( + { + "CONTAINERS_CONF": str(vfs_containers_conf_fpath), + "CONTAINERS_STORAGE_CONF": str(vfs_containers_storage_conf_fpath), + } + ) + + yield { + "container_engine": "podman", + "docker_image": DEFAULT_IMAGE, + "env": oci_environ, + } @pytest.mark.docker -def test_simple(): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_simple(container_kwargs): + with DockerContainer(**container_kwargs) as container: assert container.call(["echo", "hello"], capture_output=True) == "hello\n" @pytest.mark.docker -def test_no_lf(): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_no_lf(container_kwargs): + with DockerContainer(**container_kwargs) as container: assert container.call(["printf", "hello"], capture_output=True) == "hello" @pytest.mark.docker -def test_environment(): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_debug_info(container_kwargs): + container = DockerContainer(**container_kwargs) + print(container.debug_info()) + with container: + pass + + +@pytest.mark.docker +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_environment(container_kwargs): + with DockerContainer(**container_kwargs) as container: assert ( container.call( ["sh", "-c", "echo $TEST_VAR"], env={"TEST_VAR": "1"}, capture_output=True @@ -47,40 +206,43 @@ def test_environment(): @pytest.mark.docker -def test_cwd(): - with DockerContainer( - docker_image=DEFAULT_IMAGE, cwd="/cibuildwheel/working_directory" - ) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_cwd(container_kwargs): + with DockerContainer(cwd="/cibuildwheel/working_directory", **container_kwargs) as container: assert container.call(["pwd"], capture_output=True) == "/cibuildwheel/working_directory\n" assert container.call(["pwd"], capture_output=True, cwd="/opt") == "/opt\n" @pytest.mark.docker -def test_container_removed(): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_container_removed(container_kwargs): + with DockerContainer(**container_kwargs) as container: docker_containers_listing = subprocess.run( - "docker container ls", + f"{container.container_engine} container ls", shell=True, check=True, stdout=subprocess.PIPE, universal_newlines=True, + env=container.env, ).stdout assert container.name is not None assert container.name in docker_containers_listing old_container_name = container.name docker_containers_listing = subprocess.run( - "docker container ls", + f"{container.container_engine} container ls", shell=True, check=True, stdout=subprocess.PIPE, universal_newlines=True, + env=container.env, ).stdout assert old_container_name not in docker_containers_listing @pytest.mark.docker -def test_large_environment(): +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_large_environment(container_kwargs): # max environment variable size is 128kB long_env_var_length = 127 * 1024 large_environment = { @@ -90,7 +252,7 @@ def test_large_environment(): "d": "0" * long_env_var_length, } - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: + with DockerContainer(**container_kwargs) as container: # check the length of d assert ( container.call(["sh", "-c", "echo ${#d}"], env=large_environment, capture_output=True) @@ -99,8 +261,9 @@ def test_large_environment(): @pytest.mark.docker -def test_binary_output(): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_binary_output(container_kwargs): + with DockerContainer(**container_kwargs) as container: # note: the below embedded snippets are in python2 # check that we can pass though arbitrary binary data without erroring @@ -150,8 +313,9 @@ def test_binary_output(): @pytest.mark.docker -def test_file_operations(tmp_path: Path): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_file_operation(tmp_path: Path, container_kwargs): + with DockerContainer(**container_kwargs) as container: # test copying a file in test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" @@ -166,8 +330,9 @@ def test_file_operations(tmp_path: Path): @pytest.mark.docker -def test_dir_operations(tmp_path: Path): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_dir_operations(tmp_path: Path, container_kwargs): + with DockerContainer(**container_kwargs) as container: test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" original_test_file.write_bytes(test_binary_data) @@ -196,7 +361,8 @@ def test_dir_operations(tmp_path: Path): @pytest.mark.docker -def test_environment_executor(): - with DockerContainer(docker_image=DEFAULT_IMAGE) as container: +@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) +def test_environment_executor(container_kwargs): + with DockerContainer(**container_kwargs) as container: assignment = EnvironmentAssignmentBash("TEST=$(echo 42)") assert assignment.evaluated_value({}, container.environment_executor) == "42" From 8dd76aaad7f722d5180db89f0b0a899194a3b43e Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Thu, 23 Jun 2022 15:01:00 +0000 Subject: [PATCH 02/32] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- cibuildwheel/docker_container.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index ff57b78dd..e4543815e 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -1,6 +1,6 @@ import io -import os import json +import os import platform import shlex import shutil From 08bf6bfc8b5cbada3ac1132725a2dce2339dc6e2 Mon Sep 17 00:00:00 2001 From: joncrall Date: Thu, 23 Jun 2022 11:03:09 -0400 Subject: [PATCH 03/32] Fix bad fmtstring --- cibuildwheel/docker_container.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index ff57b78dd..02636061b 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -172,7 +172,7 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: else: with subprocess.Popen( [ - "{self.container_engine}", + self.container_engine, "exec", "-i", str(self.name), From 65d70682afe31ca92b26c9fd376f043f9b17df47 Mon Sep 17 00:00:00 2001 From: joncrall Date: Thu, 23 Jun 2022 11:08:09 -0400 Subject: [PATCH 04/32] have doctest use a pinned docker images --- cibuildwheel/docker_container.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index 8da13d7e8..55372be15 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -32,12 +32,14 @@ class DockerContainer: Example: >>> from cibuildwheel.docker_container import * # NOQA - >>> docker_image = "quay.io/pypa/manylinux2014_x86_64:2020-05-17-2f8ac3b" + >>> from cibuildwheel.options import _get_pinned_docker_images + >>> docker_image = _get_pinned_docker_images()['x86_64']['manylinux2014'] >>> # Test the default container >>> with DockerContainer(docker_image=docker_image) as self: ... self.call(["echo", "hello world"]) ... self.call(["cat", "/proc/1/cgroup"]) ... print(self.get_environment()) + ... print(self.debug_info()) """ UTILITY_PYTHON = "/opt/python/cp38-cp38/bin/python" From 90945a38d2fc3ee8d2ad155baeafb951cd624b2e Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 15:53:44 -0400 Subject: [PATCH 05/32] reworks --- cibuildwheel/docker_container.py | 24 +++- unit_test/docker_container_test.py | 186 +++++++++++++++-------------- 2 files changed, 115 insertions(+), 95 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index 55372be15..4fd1b4716 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -80,7 +80,6 @@ def __enter__(self) -> "DockerContainer": network_args = ["--network=host"] shell_args = ["linux32", "/bin/bash"] if self.simulate_32_bit else ["/bin/bash"] - subprocess.run( [ self.container_engine, @@ -89,8 +88,10 @@ def __enter__(self) -> "DockerContainer": f"--name={self.name}", "--interactive", *network_args, + # Do we need the hostmout? # Z-flags is for SELinux - "--volume=/:/host:Z", # ignored on CircleCI + # "--volume=/:/host:Z", # ignored on CircleCI + # "--volume=/:/host", self.docker_image, *shell_args, ], @@ -116,13 +117,13 @@ def __enter__(self) -> "DockerContainer": self.bash_stdout = self.process.stdout # run a noop command to block until the container is responding - self.call(["/bin/true"], cwd="") + self.call(["/bin/true"], cwd="/") if self.cwd: # Although `docker create -w` does create the working dir if it # does not exist, podman does not. There does not seem to be a way # to setup a workdir for a container running in podman. - self.call(["mkdir", "-p", str(self.cwd)], cwd="") + self.call(["mkdir", "-p", str(self.cwd)], cwd="/") return self @@ -200,7 +201,20 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: # note: we assume from_path is a dir to_path.mkdir(parents=True, exist_ok=True) - if self.container_engine == "podman": + TRY_SIMPLE_CP = 0 + if TRY_SIMPLE_CP: + # There is a bug in docker that prevents this simple implementation + # from working https://github.com/moby/moby/issues/38995 + # It seems to also not workin podman as well + command = f"{self.container_engine} cp {self.name}:{shell_quote(from_path)} {shell_quote(to_path)}" + subprocess.run( + command, + shell=True, + check=True, + cwd=to_path, + env=self.env, + ) + elif self.container_engine == "podman": # The copy out logic that works for docker does not seem to # translate to podman, which seems to need the steps spelled out # more explicitly. diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index dd317ee20..a52279e85 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -28,11 +28,14 @@ else: DEFAULT_IMAGE = "" +# A dictionary to make it easier to manipulate globals +_STATE = { + 'temp_test_dir': None, + 'using_podman': False, +} -temp_test_dir = None - -@atexit.register +# @atexit.register def _cleanup_tempdir(): """ Cleans up any configuration written by :func:`basis_container_kwargs`. @@ -42,37 +45,24 @@ def _cleanup_tempdir(): It may be possible to handle this more cleanly in pytest itself, but using atexit works well enough for now. - """ - import stat - global temp_test_dir + The reason why permission errors occur on podman is documented in + [PodmanStoragePerms]_. + + References: + .. [PodmanStoragePerms] https://podman.io/blogs/2018/10/03/podman-remove-content-homedir.html + """ + temp_test_dir = _STATE['temp_test_dir'] if temp_test_dir is not None: - print(f"CLEANUP temp_test_dir = {temp_test_dir!r}") # type: ignore[unreachable] - for r, ds, fs in os.walk(temp_test_dir.name): - for d in ds: - dpath = os.path.join(r, d) - if not os.path.islink(dpath): - perms = os.lstat(dpath).st_mode - try: - os.chmod(dpath, stat.S_IWUSR | perms) - except Exception as ex: - print(f"issue with dpath = {dpath!r}, {ex!r}") - - for f in fs: - fpath = os.path.join(r, f) - if not os.path.islink(fpath): - perms = os.lstat(fpath).st_mode - try: - os.chmod(fpath, stat.S_IWUSR | perms) - except Exception as ex: - print(f"issue with fpath = {fpath!r}, {ex!r}") - else: - os.unlink(fpath) + # When podman creates special directories, they cant be cleaned up + # unless you fake a UID of 0. The package rootlesskit helps with that. + if _STATE['using_podman']: + subprocess.call(['podman', 'unshare', 'rm', '-rf', temp_test_dir.name]) try: temp_test_dir.cleanup() except Exception as ex: print(f"Issue cleaning up ex = {ex!r}") - temp_test_dir = None + _STATE['temp_test_dir'] = None def basis_container_kwargs(): @@ -80,18 +70,27 @@ def basis_container_kwargs(): Generate keyword args that can be passed to to :class:`DockerContainer`. This is used with :func:`pytest.mark.parametrize` to run each test with - different configuraions of each supported containers engine. + different configurations of each supported containers engine. For docker we test the default configuration. For podman we test the default configuration and a configuration with VFS (virtual file system) enabled as the storage driver. + + Yields: + Dict: a configuration passed as ``container_kwargs`` to each + parameterized test. """ - global temp_test_dir - if temp_test_dir is None: + if _STATE['temp_test_dir'] is None: # Only setup the temp directory once for all tests - temp_test_dir = tempfile.TemporaryDirectory(prefix="cibw_test_") + _STATE['temp_test_dir'] = tempfile.TemporaryDirectory(prefix="cibw_test_") + # Register the special cleanup hook after the temp directory is created + # to ensure that it runs before the temp directory logic runs (which + # will not handle cases where there is a fake root UID). + atexit.register(_cleanup_tempdir) + + temp_test_dir = _STATE['temp_test_dir'] HAVE_DOCKER = bool(shutil.which("docker")) HAVE_PODMAN = bool(shutil.which("podman")) @@ -102,67 +101,11 @@ def basis_container_kwargs(): if HAVE_PODMAN: # Basic podman usage + _STATE['using_podman'] = True yield {"container_engine": "podman", "docker_image": DEFAULT_IMAGE} # VFS Podman usage (for the podman in docker use-case) - dpath = Path(temp_test_dir.name) - - # This requires that we write configuration files and point to them - # with environment variables before we run podman - # https://github.com/containers/common/blob/main/docs/containers.conf.5.md - vfs_containers_conf_data = { - "containers": { - "default_capabilities": [ - "CHOWN", - "DAC_OVERRIDE", - "FOWNER", - "FSETID", - "KILL", - "NET_BIND_SERVICE", - "SETFCAP", - "SETGID", - "SETPCAP", - "SETUID", - "SYS_CHROOT", - ] - }, - "engine": {"cgroup_manager": "cgroupfs", "events_logger": "file"}, - } - # https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md - storage_root = dpath / ".local/share/containers/vfs-storage" - run_root = dpath / ".local/share/containers/vfs-runroot" - storage_root.mkdir(parents=True, exist_ok=True) - run_root.mkdir(parents=True, exist_ok=True) - vfs_containers_storage_conf_data = { - "storage": { - "driver": "vfs", - "graphroot": str(storage_root), - "runroot": str(run_root), - "rootless_storage_path": str(storage_root), - "options": { - # "remap-user": "containers", - "aufs": {"mountopt": "rw"}, - "overlay": {"mountopt": "rw", "force_mask": "shared"}, - # "vfs": {"ignore_chown_errors": "true"}, - }, - } - } - vfs_containers_conf_fpath = dpath / "temp_vfs_containers.conf" - vfs_containers_storage_conf_fpath = dpath / "temp_vfs_containers_storage.conf" - with open(vfs_containers_conf_fpath, "w") as file: - toml.dump(vfs_containers_conf_data, file) - - with open(vfs_containers_storage_conf_fpath, "w") as file: - toml.dump(vfs_containers_storage_conf_data, file) - - oci_environ = os.environ.copy() - oci_environ.update( - { - "CONTAINERS_CONF": str(vfs_containers_conf_fpath), - "CONTAINERS_STORAGE_CONF": str(vfs_containers_storage_conf_fpath), - } - ) - + oci_environ = _setup_podman_vfs(temp_test_dir.name) yield { "container_engine": "podman", "docker_image": DEFAULT_IMAGE, @@ -170,6 +113,69 @@ def basis_container_kwargs(): } +def _setup_podman_vfs(dpath): + """ + Setup the filesystem and environment variables for the VFS podman test + """ + dpath = Path(dpath) + # This requires that we write configuration files and point to them + # with environment variables before we run podman + # https://github.com/containers/common/blob/main/docs/containers.conf.5.md + vfs_containers_conf_data = { + "containers": { + "default_capabilities": [ + "CHOWN", + "DAC_OVERRIDE", + "FOWNER", + "FSETID", + "KILL", + "NET_BIND_SERVICE", + "SETFCAP", + "SETGID", + "SETPCAP", + "SETUID", + "SYS_CHROOT", + ] + }, + "engine": {"cgroup_manager": "cgroupfs", "events_logger": "file"}, + } + # https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md + storage_root = dpath / ".local/share/containers/vfs-storage" + run_root = dpath / ".local/share/containers/vfs-runroot" + storage_root.mkdir(parents=True, exist_ok=True) + run_root.mkdir(parents=True, exist_ok=True) + vfs_containers_storage_conf_data = { + "storage": { + "driver": "vfs", + "graphroot": os.fspath(storage_root), + "runroot": os.fspath(run_root), + "rootless_storage_path": os.fspath(storage_root), + "options": { + # "remap-user": "containers", + "aufs": {"mountopt": "rw"}, + "overlay": {"mountopt": "rw", "force_mask": "shared"}, + # "vfs": {"ignore_chown_errors": "true"}, + }, + } + } + vfs_containers_conf_fpath = dpath / "temp_vfs_containers.conf" + vfs_containers_storage_conf_fpath = dpath / "temp_vfs_containers_storage.conf" + with open(vfs_containers_conf_fpath, "w") as file: + toml.dump(vfs_containers_conf_data, file) + + with open(vfs_containers_storage_conf_fpath, "w") as file: + toml.dump(vfs_containers_storage_conf_data, file) + + oci_environ = os.environ.copy() + oci_environ.update( + { + "CONTAINERS_CONF": os.fspath(vfs_containers_conf_fpath), + "CONTAINERS_STORAGE_CONF": os.fspath(vfs_containers_storage_conf_fpath), + } + ) + return oci_environ + + @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_simple(container_kwargs): From 4a7d89b3c8882441ae01de502a93d43b9a71985e Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 16:57:26 -0400 Subject: [PATCH 06/32] Does podman work with the original host args --- cibuildwheel/docker_container.py | 32 +++++++++++------------ unit_test/docker_container_test.py | 42 +++++++++++++++++++++--------- 2 files changed, 46 insertions(+), 28 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index 4fd1b4716..0d010aee9 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -65,7 +65,6 @@ def __init__( self.cwd = cwd self.name: Optional[str] = None self.container_engine = container_engine - self.env = env # If specified, overwrite environment variables def __enter__(self) -> "DockerContainer": @@ -80,6 +79,21 @@ def __enter__(self) -> "DockerContainer": network_args = ["--network=host"] shell_args = ["linux32", "/bin/bash"] if self.simulate_32_bit else ["/bin/bash"] + + # volume args are ignored on CircleCI + # For a discussion of if :Z should be included or not: + # https://github.com/pypa/cibuildwheel/pull/966#discussion_r906707824 + # https://stackoverflow.com/questions/35218194/what-is-z-flag-in-docker-containers-volumes-from-option/35222815#35222815 + # https://github.com/moby/moby/issues/30934 + # The Z option indicates that the bind mount content is private and + # unshared. Use extreme caution with these options. Bind-mounting a + # system directory such as /home or /usr with the Z option renders your + # host machine inoperable and you may need to relabel the host machine + # files by hand. + volume_args = ['--volume=/:/host'] + # volume_args = ['--volume=/:/host:Z'] + # volume_args = [] + subprocess.run( [ self.container_engine, @@ -88,14 +102,10 @@ def __enter__(self) -> "DockerContainer": f"--name={self.name}", "--interactive", *network_args, - # Do we need the hostmout? - # Z-flags is for SELinux - # "--volume=/:/host:Z", # ignored on CircleCI - # "--volume=/:/host", + *volume_args, self.docker_image, *shell_args, ], - env=self.env, check=True, ) @@ -109,7 +119,6 @@ def __enter__(self) -> "DockerContainer": ], stdin=subprocess.PIPE, stdout=subprocess.PIPE, - env=self.env, ) assert self.process.stdin and self.process.stdout @@ -152,7 +161,6 @@ def __exit__( subprocess.run( [self.container_engine, "rm", "--force", "-v", self.name], stdout=subprocess.DEVNULL, - env=self.env, check=False, ) self.name = None @@ -170,7 +178,6 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: shell=True, check=True, cwd=from_path, - env=self.env, ) else: with subprocess.Popen( @@ -183,7 +190,6 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: "-c", f"cat > {shell_quote(to_path)}", ], - env=self.env, stdin=subprocess.PIPE, ) as docker: docker.stdin = cast(IO[bytes], docker.stdin) @@ -212,7 +218,6 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: shell=True, check=True, cwd=to_path, - env=self.env, ) elif self.container_engine == "podman": # The copy out logic that works for docker does not seem to @@ -224,7 +229,6 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: shell=True, check=True, cwd=to_path, - env=self.env, ) command = f"{self.container_engine} cp {self.name}:/tmp/output-{self.name}.tar output-{self.name}.tar" @@ -233,7 +237,6 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: shell=True, check=True, cwd=to_path, - env=self.env, ) command = f"tar -xvf output-{self.name}.tar" subprocess.run( @@ -241,7 +244,6 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: shell=True, check=True, cwd=to_path, - env=self.env, ) os.unlink(to_path / f"output-{self.name}.tar") elif self.container_engine == "docker": @@ -251,7 +253,6 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: shell=True, check=True, cwd=to_path, - env=self.env, ) else: raise KeyError(self.container_engine) @@ -380,7 +381,6 @@ def debug_info(self) -> str: shell=True, check=True, cwd=self.cwd, - env=self.env, stdin=subprocess.PIPE, stdout=subprocess.PIPE, ) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index a52279e85..52603b5ae 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -178,21 +178,27 @@ def _setup_podman_vfs(dpath): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_simple(container_kwargs): +def test_simple(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assert container.call(["echo", "hello"], capture_output=True) == "hello\n" @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_no_lf(container_kwargs): +def test_no_lf(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assert container.call(["printf", "hello"], capture_output=True) == "hello" @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_debug_info(container_kwargs): +def test_debug_info(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) container = DockerContainer(**container_kwargs) print(container.debug_info()) with container: @@ -201,7 +207,9 @@ def test_debug_info(container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_environment(container_kwargs): +def test_environment(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assert ( container.call( @@ -221,7 +229,9 @@ def test_cwd(container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_container_removed(container_kwargs): +def test_container_removed(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: docker_containers_listing = subprocess.run( f"{container.container_engine} container ls", @@ -229,7 +239,6 @@ def test_container_removed(container_kwargs): check=True, stdout=subprocess.PIPE, universal_newlines=True, - env=container.env, ).stdout assert container.name is not None assert container.name in docker_containers_listing @@ -241,14 +250,15 @@ def test_container_removed(container_kwargs): check=True, stdout=subprocess.PIPE, universal_newlines=True, - env=container.env, ).stdout assert old_container_name not in docker_containers_listing @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_large_environment(container_kwargs): +def test_large_environment(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) # max environment variable size is 128kB long_env_var_length = 127 * 1024 large_environment = { @@ -268,7 +278,9 @@ def test_large_environment(container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_binary_output(container_kwargs): +def test_binary_output(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: # note: the below embedded snippets are in python2 @@ -320,7 +332,9 @@ def test_binary_output(container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_file_operation(tmp_path: Path, container_kwargs): +def test_file_operation(tmp_path: Path, container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: # test copying a file in test_binary_data = bytes(random.randrange(256) for _ in range(1000)) @@ -337,7 +351,9 @@ def test_file_operation(tmp_path: Path, container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_dir_operations(tmp_path: Path, container_kwargs): +def test_dir_operations(tmp_path: Path, container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" @@ -368,7 +384,9 @@ def test_dir_operations(tmp_path: Path, container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_environment_executor(container_kwargs): +def test_environment_executor(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop('env', {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assignment = EnvironmentAssignmentBash("TEST=$(echo 42)") assert assignment.evaluated_value({}, container.environment_executor) == "42" From 15993834293f91fe27033b31edd520fc8eabdd5c Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 17:10:02 -0400 Subject: [PATCH 07/32] Cleanup --- cibuildwheel/docker_container.py | 23 ++++------------------ unit_test/docker_container_test.py | 31 ++++++++++++++++-------------- 2 files changed, 21 insertions(+), 33 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index 0d010aee9..cad594d80 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -55,7 +55,6 @@ def __init__( simulate_32_bit: bool = False, cwd: Optional[PathOrStr] = None, container_engine: str = "docker", - env: Optional[Dict[str, str]] = None, ): if not docker_image: raise ValueError("Must have a non-empty docker image to run.") @@ -80,20 +79,6 @@ def __enter__(self) -> "DockerContainer": shell_args = ["linux32", "/bin/bash"] if self.simulate_32_bit else ["/bin/bash"] - # volume args are ignored on CircleCI - # For a discussion of if :Z should be included or not: - # https://github.com/pypa/cibuildwheel/pull/966#discussion_r906707824 - # https://stackoverflow.com/questions/35218194/what-is-z-flag-in-docker-containers-volumes-from-option/35222815#35222815 - # https://github.com/moby/moby/issues/30934 - # The Z option indicates that the bind mount content is private and - # unshared. Use extreme caution with these options. Bind-mounting a - # system directory such as /home or /usr with the Z option renders your - # host machine inoperable and you may need to relabel the host machine - # files by hand. - volume_args = ['--volume=/:/host'] - # volume_args = ['--volume=/:/host:Z'] - # volume_args = [] - subprocess.run( [ self.container_engine, @@ -101,8 +86,8 @@ def __enter__(self) -> "DockerContainer": "--env=CIBUILDWHEEL", f"--name={self.name}", "--interactive", + "--volume=/:/host", # ignored on CircleCI *network_args, - *volume_args, self.docker_image, *shell_args, ], @@ -126,13 +111,13 @@ def __enter__(self) -> "DockerContainer": self.bash_stdout = self.process.stdout # run a noop command to block until the container is responding - self.call(["/bin/true"], cwd="/") + self.call(["/bin/true"]) if self.cwd: # Although `docker create -w` does create the working dir if it # does not exist, podman does not. There does not seem to be a way # to setup a workdir for a container running in podman. - self.call(["mkdir", "-p", str(self.cwd)], cwd="/") + self.call(["mkdir", "-p", os.fspath(self.cwd)]) return self @@ -389,4 +374,4 @@ def debug_info(self) -> str: def shell_quote(path: PurePath) -> str: - return shlex.quote(str(path)) + return shlex.quote(os.fspath(path)) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index 52603b5ae..fac3dfdf5 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -36,7 +36,7 @@ # @atexit.register -def _cleanup_tempdir(): +def _cleanup_podman_vfs_tempdir(): """ Cleans up any configuration written by :func:`basis_container_kwargs`. @@ -58,10 +58,6 @@ def _cleanup_tempdir(): # unless you fake a UID of 0. The package rootlesskit helps with that. if _STATE['using_podman']: subprocess.call(['podman', 'unshare', 'rm', '-rf', temp_test_dir.name]) - try: - temp_test_dir.cleanup() - except Exception as ex: - print(f"Issue cleaning up ex = {ex!r}") _STATE['temp_test_dir'] = None @@ -82,24 +78,31 @@ def basis_container_kwargs(): parameterized test. """ + # TODO: Pytest should be aware of if we are trying to test docker / podman + # or not + HAVE_DOCKER = bool(shutil.which("docker")) + HAVE_PODMAN = bool(shutil.which("podman")) + + REQUESTED_DOCKER = HAVE_DOCKER + REQUESTED_PODMAN = HAVE_PODMAN + if _STATE['temp_test_dir'] is None: # Only setup the temp directory once for all tests _STATE['temp_test_dir'] = tempfile.TemporaryDirectory(prefix="cibw_test_") - # Register the special cleanup hook after the temp directory is created - # to ensure that it runs before the temp directory logic runs (which - # will not handle cases where there is a fake root UID). - atexit.register(_cleanup_tempdir) + if REQUESTED_PODMAN: + # Register the special cleanup hook after the temp directory is + # created to ensure that it runs before the temp directory logic + # runs (which will not handle cases where there is a fake root + # UID). + atexit.register(_cleanup_podman_vfs_tempdir) temp_test_dir = _STATE['temp_test_dir'] - HAVE_DOCKER = bool(shutil.which("docker")) - HAVE_PODMAN = bool(shutil.which("podman")) - - if HAVE_DOCKER: + if REQUESTED_DOCKER: # Basic podman configuration yield {"container_engine": "docker", "docker_image": DEFAULT_IMAGE} - if HAVE_PODMAN: + if REQUESTED_PODMAN: # Basic podman usage _STATE['using_podman'] = True yield {"container_engine": "podman", "docker_image": DEFAULT_IMAGE} From 9401c90ddb06a5ef4b513c1011084c74e3076fe6 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Sun, 26 Jun 2022 21:10:51 +0000 Subject: [PATCH 08/32] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- unit_test/docker_container_test.py | 40 +++++++++++++++--------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index fac3dfdf5..0854af5ee 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -30,8 +30,8 @@ # A dictionary to make it easier to manipulate globals _STATE = { - 'temp_test_dir': None, - 'using_podman': False, + "temp_test_dir": None, + "using_podman": False, } @@ -52,13 +52,13 @@ def _cleanup_podman_vfs_tempdir(): References: .. [PodmanStoragePerms] https://podman.io/blogs/2018/10/03/podman-remove-content-homedir.html """ - temp_test_dir = _STATE['temp_test_dir'] + temp_test_dir = _STATE["temp_test_dir"] if temp_test_dir is not None: # When podman creates special directories, they cant be cleaned up # unless you fake a UID of 0. The package rootlesskit helps with that. - if _STATE['using_podman']: - subprocess.call(['podman', 'unshare', 'rm', '-rf', temp_test_dir.name]) - _STATE['temp_test_dir'] = None + if _STATE["using_podman"]: + subprocess.call(["podman", "unshare", "rm", "-rf", temp_test_dir.name]) + _STATE["temp_test_dir"] = None def basis_container_kwargs(): @@ -86,9 +86,9 @@ def basis_container_kwargs(): REQUESTED_DOCKER = HAVE_DOCKER REQUESTED_PODMAN = HAVE_PODMAN - if _STATE['temp_test_dir'] is None: + if _STATE["temp_test_dir"] is None: # Only setup the temp directory once for all tests - _STATE['temp_test_dir'] = tempfile.TemporaryDirectory(prefix="cibw_test_") + _STATE["temp_test_dir"] = tempfile.TemporaryDirectory(prefix="cibw_test_") if REQUESTED_PODMAN: # Register the special cleanup hook after the temp directory is # created to ensure that it runs before the temp directory logic @@ -96,7 +96,7 @@ def basis_container_kwargs(): # UID). atexit.register(_cleanup_podman_vfs_tempdir) - temp_test_dir = _STATE['temp_test_dir'] + temp_test_dir = _STATE["temp_test_dir"] if REQUESTED_DOCKER: # Basic podman configuration @@ -104,7 +104,7 @@ def basis_container_kwargs(): if REQUESTED_PODMAN: # Basic podman usage - _STATE['using_podman'] = True + _STATE["using_podman"] = True yield {"container_engine": "podman", "docker_image": DEFAULT_IMAGE} # VFS Podman usage (for the podman in docker use-case) @@ -182,7 +182,7 @@ def _setup_podman_vfs(dpath): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_simple(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assert container.call(["echo", "hello"], capture_output=True) == "hello\n" @@ -191,7 +191,7 @@ def test_simple(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_no_lf(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assert container.call(["printf", "hello"], capture_output=True) == "hello" @@ -200,7 +200,7 @@ def test_no_lf(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_debug_info(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) container = DockerContainer(**container_kwargs) print(container.debug_info()) @@ -211,7 +211,7 @@ def test_debug_info(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_environment(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assert ( @@ -233,7 +233,7 @@ def test_cwd(container_kwargs): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_container_removed(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: docker_containers_listing = subprocess.run( @@ -260,7 +260,7 @@ def test_container_removed(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_large_environment(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) # max environment variable size is 128kB long_env_var_length = 127 * 1024 @@ -282,7 +282,7 @@ def test_large_environment(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_binary_output(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: # note: the below embedded snippets are in python2 @@ -336,7 +336,7 @@ def test_binary_output(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_file_operation(tmp_path: Path, container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: # test copying a file in @@ -355,7 +355,7 @@ def test_file_operation(tmp_path: Path, container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_dir_operations(tmp_path: Path, container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: test_binary_data = bytes(random.randrange(256) for _ in range(1000)) @@ -388,7 +388,7 @@ def test_dir_operations(tmp_path: Path, container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) def test_environment_executor(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop('env', {}).items(): + for k, v in container_kwargs.pop("env", {}).items(): monkeypatch.setenv(k, v) with DockerContainer(**container_kwargs) as container: assignment = EnvironmentAssignmentBash("TEST=$(echo 42)") From c68223b172a149617d0ed72f2cb771784107b8b4 Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 17:21:59 -0400 Subject: [PATCH 09/32] Make mypy happy --- unit_test/docker_container_test.py | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index 0854af5ee..de14ea382 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -7,9 +7,10 @@ import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath +from typing import Dict, Optional, Union import pytest -import toml # type: ignore[import] +import toml from cibuildwheel.docker_container import DockerContainer from cibuildwheel.environment import EnvironmentAssignmentBash @@ -28,11 +29,9 @@ else: DEFAULT_IMAGE = "" -# A dictionary to make it easier to manipulate globals -_STATE = { - "temp_test_dir": None, - "using_podman": False, -} +# These globals will be manipulated +temp_test_dir: Optional[tempfile.TemporaryDirectory[str]] = None +using_podman = False # @atexit.register @@ -52,13 +51,14 @@ def _cleanup_podman_vfs_tempdir(): References: .. [PodmanStoragePerms] https://podman.io/blogs/2018/10/03/podman-remove-content-homedir.html """ - temp_test_dir = _STATE["temp_test_dir"] + global temp_test_dir + global using_podman if temp_test_dir is not None: - # When podman creates special directories, they cant be cleaned up + # When podman creates special directories, they can't be cleaned up # unless you fake a UID of 0. The package rootlesskit helps with that. - if _STATE["using_podman"]: + if using_podman: subprocess.call(["podman", "unshare", "rm", "-rf", temp_test_dir.name]) - _STATE["temp_test_dir"] = None + temp_test_dir = None def basis_container_kwargs(): @@ -77,6 +77,8 @@ def basis_container_kwargs(): Dict: a configuration passed as ``container_kwargs`` to each parameterized test. """ + global temp_test_dir + global using_podman # TODO: Pytest should be aware of if we are trying to test docker / podman # or not @@ -86,9 +88,9 @@ def basis_container_kwargs(): REQUESTED_DOCKER = HAVE_DOCKER REQUESTED_PODMAN = HAVE_PODMAN - if _STATE["temp_test_dir"] is None: + if temp_test_dir is None: # Only setup the temp directory once for all tests - _STATE["temp_test_dir"] = tempfile.TemporaryDirectory(prefix="cibw_test_") + temp_test_dir = tempfile.TemporaryDirectory(prefix="cibw_test_") if REQUESTED_PODMAN: # Register the special cleanup hook after the temp directory is # created to ensure that it runs before the temp directory logic @@ -96,15 +98,13 @@ def basis_container_kwargs(): # UID). atexit.register(_cleanup_podman_vfs_tempdir) - temp_test_dir = _STATE["temp_test_dir"] - if REQUESTED_DOCKER: # Basic podman configuration yield {"container_engine": "docker", "docker_image": DEFAULT_IMAGE} if REQUESTED_PODMAN: # Basic podman usage - _STATE["using_podman"] = True + using_podman = True yield {"container_engine": "podman", "docker_image": DEFAULT_IMAGE} # VFS Podman usage (for the podman in docker use-case) From 086ead0d6bc6a378d221dc217e8beadd56a43f82 Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 17:22:44 -0400 Subject: [PATCH 10/32] remove missing imports --- unit_test/docker_container_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index de14ea382..b4c1d3909 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -7,7 +7,7 @@ import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath -from typing import Dict, Optional, Union +from typing import Optional import pytest import toml From a86cabc71617d7fad65f0f9f8a46c71d8b5c74a7 Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 17:23:52 -0400 Subject: [PATCH 11/32] forgot to monkeypatch a test --- unit_test/docker_container_test.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index b4c1d3909..e9629382f 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -224,7 +224,9 @@ def test_environment(container_kwargs, monkeypatch): @pytest.mark.docker @pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_cwd(container_kwargs): +def test_cwd(container_kwargs, monkeypatch): + for k, v in container_kwargs.pop("env", {}).items(): + monkeypatch.setenv(k, v) with DockerContainer(cwd="/cibuildwheel/working_directory", **container_kwargs) as container: assert container.call(["pwd"], capture_output=True) == "/cibuildwheel/working_directory\n" assert container.call(["pwd"], capture_output=True, cwd="/opt") == "/opt\n" From fc0db9519855c158267a55bde9efdc767b0f3e18 Mon Sep 17 00:00:00 2001 From: joncrall Date: Sun, 26 Jun 2022 17:35:53 -0400 Subject: [PATCH 12/32] more mypy fixes --- .pre-commit-config.yaml | 1 + unit_test/docker_container_test.py | 5 ++--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 679254fd9..e54c6d3bb 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -67,6 +67,7 @@ repos: - types-jinja2 - types-pyyaml - types-requests + - types-toml - bracex - dataclasses - id: mypy diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index e9629382f..c6ac944f5 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -7,7 +7,6 @@ import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath -from typing import Optional import pytest import toml @@ -30,7 +29,7 @@ DEFAULT_IMAGE = "" # These globals will be manipulated -temp_test_dir: Optional[tempfile.TemporaryDirectory[str]] = None +temp_test_dir = None using_podman = False @@ -56,7 +55,7 @@ def _cleanup_podman_vfs_tempdir(): if temp_test_dir is not None: # When podman creates special directories, they can't be cleaned up # unless you fake a UID of 0. The package rootlesskit helps with that. - if using_podman: + if using_podman: # type: ignore[unreachable] subprocess.call(["podman", "unshare", "rm", "-rf", temp_test_dir.name]) temp_test_dir = None From 8d389467be139f4b0493f8371625c62344cc6ee6 Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 14:48:33 +0100 Subject: [PATCH 13/32] Switch to the simpler podman cp implementation The trick is "{src_path}/.". See https://docs.podman.io/en/latest/markdown/podman-cp.1.html#description --- cibuildwheel/docker_container.py | 33 ++------------------------------ 1 file changed, 2 insertions(+), 31 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index cad594d80..f62ee5572 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -192,45 +192,16 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: # note: we assume from_path is a dir to_path.mkdir(parents=True, exist_ok=True) - TRY_SIMPLE_CP = 0 - if TRY_SIMPLE_CP: + if self.container_engine == "podman": # There is a bug in docker that prevents this simple implementation # from working https://github.com/moby/moby/issues/38995 - # It seems to also not workin podman as well - command = f"{self.container_engine} cp {self.name}:{shell_quote(from_path)} {shell_quote(to_path)}" - subprocess.run( - command, - shell=True, - check=True, - cwd=to_path, - ) - elif self.container_engine == "podman": - # The copy out logic that works for docker does not seem to - # translate to podman, which seems to need the steps spelled out - # more explicitly. - command = f"{self.container_engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f /tmp/output-{self.name}.tar ." - subprocess.run( - command, - shell=True, - check=True, - cwd=to_path, - ) - - command = f"{self.container_engine} cp {self.name}:/tmp/output-{self.name}.tar output-{self.name}.tar" - subprocess.run( - command, - shell=True, - check=True, - cwd=to_path, - ) - command = f"tar -xvf output-{self.name}.tar" + command = f"{self.container_engine} cp {self.name}:{shell_quote(from_path)}/. {shell_quote(to_path)}" subprocess.run( command, shell=True, check=True, cwd=to_path, ) - os.unlink(to_path / f"output-{self.name}.tar") elif self.container_engine == "docker": command = f"{self.container_engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f - . | tar -xf -" subprocess.run( From d9b4644286a9b41172b15fcd2a8b40f16c851dd6 Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 15:23:50 +0100 Subject: [PATCH 14/32] Don't need shell for this command --- cibuildwheel/docker_container.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index f62ee5572..de41ded9c 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -195,10 +195,13 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: if self.container_engine == "podman": # There is a bug in docker that prevents this simple implementation # from working https://github.com/moby/moby/issues/38995 - command = f"{self.container_engine} cp {self.name}:{shell_quote(from_path)}/. {shell_quote(to_path)}" subprocess.run( - command, - shell=True, + [ + self.container_engine, + "cp", + f"{self.name}:{from_path}/.", + str(to_path), + ], check=True, cwd=to_path, ) From 6a371aca73bba6bf37099917a8e0551b8c4f7869 Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 16:45:27 +0100 Subject: [PATCH 15/32] Refactor the tests to use --run-docker and --run-podman Simplified test setup using a parameterised fixture. The VFS test is now just a single test that handles its own clean up. --- unit_test/conftest.py | 15 +- unit_test/docker_container_test.py | 347 +++++++++++------------------ 2 files changed, 137 insertions(+), 225 deletions(-) diff --git a/unit_test/conftest.py b/unit_test/conftest.py index 4e22853aa..cbfdbb723 100644 --- a/unit_test/conftest.py +++ b/unit_test/conftest.py @@ -8,20 +8,7 @@ def pytest_addoption(parser): parser.addoption("--run-docker", action="store_true", default=False, help="run docker tests") - - -def pytest_configure(config): - config.addinivalue_line("markers", "docker: mark test requiring docker to run") - - -def pytest_collection_modifyitems(config, items): - if config.getoption("--run-docker"): - # --run-docker given in cli: do not skip container tests - return - skip_docker = pytest.mark.skip(reason="need --run-docker option to run") - for item in items: - if "docker" in item.keywords: - item.add_marker(skip_docker) + parser.addoption("--run-podman", action="store_true", default=False, help="run podman tests") @pytest.fixture diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index c6ac944f5..d8d1f7fbb 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -4,6 +4,7 @@ import random import shutil import subprocess +from tabnanny import check import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath @@ -14,6 +15,8 @@ from cibuildwheel.docker_container import DockerContainer from cibuildwheel.environment import EnvironmentAssignmentBash +# Test utilities + # for these tests we use manylinux2014 images, because they're available on # multi architectures and include python3.8 pm = platform.machine() @@ -28,191 +31,44 @@ else: DEFAULT_IMAGE = "" -# These globals will be manipulated -temp_test_dir = None -using_podman = False - - -# @atexit.register -def _cleanup_podman_vfs_tempdir(): - """ - Cleans up any configuration written by :func:`basis_container_kwargs`. - - For podman tests, the user is not given write permissions by default in new - directories. As a workaround chown them before trying to delete them. - - It may be possible to handle this more cleanly in pytest itself, but using - atexit works well enough for now. - - The reason why permission errors occur on podman is documented in - [PodmanStoragePerms]_. - - References: - .. [PodmanStoragePerms] https://podman.io/blogs/2018/10/03/podman-remove-content-homedir.html - """ - global temp_test_dir - global using_podman - if temp_test_dir is not None: - # When podman creates special directories, they can't be cleaned up - # unless you fake a UID of 0. The package rootlesskit helps with that. - if using_podman: # type: ignore[unreachable] - subprocess.call(["podman", "unshare", "rm", "-rf", temp_test_dir.name]) - temp_test_dir = None - - -def basis_container_kwargs(): - """ - Generate keyword args that can be passed to to :class:`DockerContainer`. - - This is used with :func:`pytest.mark.parametrize` to run each test with - different configurations of each supported containers engine. - - For docker we test the default configuration. - - For podman we test the default configuration and a configuration with VFS - (virtual file system) enabled as the storage driver. - - Yields: - Dict: a configuration passed as ``container_kwargs`` to each - parameterized test. - """ - global temp_test_dir - global using_podman - - # TODO: Pytest should be aware of if we are trying to test docker / podman - # or not - HAVE_DOCKER = bool(shutil.which("docker")) - HAVE_PODMAN = bool(shutil.which("podman")) - - REQUESTED_DOCKER = HAVE_DOCKER - REQUESTED_PODMAN = HAVE_PODMAN - - if temp_test_dir is None: - # Only setup the temp directory once for all tests - temp_test_dir = tempfile.TemporaryDirectory(prefix="cibw_test_") - if REQUESTED_PODMAN: - # Register the special cleanup hook after the temp directory is - # created to ensure that it runs before the temp directory logic - # runs (which will not handle cases where there is a fake root - # UID). - atexit.register(_cleanup_podman_vfs_tempdir) - - if REQUESTED_DOCKER: - # Basic podman configuration - yield {"container_engine": "docker", "docker_image": DEFAULT_IMAGE} - - if REQUESTED_PODMAN: - # Basic podman usage - using_podman = True - yield {"container_engine": "podman", "docker_image": DEFAULT_IMAGE} - - # VFS Podman usage (for the podman in docker use-case) - oci_environ = _setup_podman_vfs(temp_test_dir.name) - yield { - "container_engine": "podman", - "docker_image": DEFAULT_IMAGE, - "env": oci_environ, - } - -def _setup_podman_vfs(dpath): - """ - Setup the filesystem and environment variables for the VFS podman test - """ - dpath = Path(dpath) - # This requires that we write configuration files and point to them - # with environment variables before we run podman - # https://github.com/containers/common/blob/main/docs/containers.conf.5.md - vfs_containers_conf_data = { - "containers": { - "default_capabilities": [ - "CHOWN", - "DAC_OVERRIDE", - "FOWNER", - "FSETID", - "KILL", - "NET_BIND_SERVICE", - "SETFCAP", - "SETGID", - "SETPCAP", - "SETUID", - "SYS_CHROOT", - ] - }, - "engine": {"cgroup_manager": "cgroupfs", "events_logger": "file"}, - } - # https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md - storage_root = dpath / ".local/share/containers/vfs-storage" - run_root = dpath / ".local/share/containers/vfs-runroot" - storage_root.mkdir(parents=True, exist_ok=True) - run_root.mkdir(parents=True, exist_ok=True) - vfs_containers_storage_conf_data = { - "storage": { - "driver": "vfs", - "graphroot": os.fspath(storage_root), - "runroot": os.fspath(run_root), - "rootless_storage_path": os.fspath(storage_root), - "options": { - # "remap-user": "containers", - "aufs": {"mountopt": "rw"}, - "overlay": {"mountopt": "rw", "force_mask": "shared"}, - # "vfs": {"ignore_chown_errors": "true"}, - }, - } - } - vfs_containers_conf_fpath = dpath / "temp_vfs_containers.conf" - vfs_containers_storage_conf_fpath = dpath / "temp_vfs_containers_storage.conf" - with open(vfs_containers_conf_fpath, "w") as file: - toml.dump(vfs_containers_conf_data, file) +@pytest.fixture(params=["docker", "podman"]) +def container_engine(request): + if request.param == "docker" and not request.config.getoption("--run-docker"): + pytest.skip("need --run-docker option to run") + if request.param == "podman" and not request.config.getoption("--run-podman"): + pytest.skip("need --run-podman option to run") + return request.param - with open(vfs_containers_storage_conf_fpath, "w") as file: - toml.dump(vfs_containers_storage_conf_data, file) - oci_environ = os.environ.copy() - oci_environ.update( - { - "CONTAINERS_CONF": os.fspath(vfs_containers_conf_fpath), - "CONTAINERS_STORAGE_CONF": os.fspath(vfs_containers_storage_conf_fpath), - } - ) - return oci_environ +# Tests -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_simple(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_simple(container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: assert container.call(["echo", "hello"], capture_output=True) == "hello\n" -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_no_lf(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_no_lf(container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: assert container.call(["printf", "hello"], capture_output=True) == "hello" -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_debug_info(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - container = DockerContainer(**container_kwargs) +def test_debug_info(container_engine): + container = DockerContainer(container_engine=container_engine, docker_image=DEFAULT_IMAGE) print(container.debug_info()) with container: pass -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_environment(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_environment(container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: assert ( container.call( ["sh", "-c", "echo $TEST_VAR"], env={"TEST_VAR": "1"}, capture_output=True @@ -221,22 +77,20 @@ def test_environment(container_kwargs, monkeypatch): ) -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_cwd(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(cwd="/cibuildwheel/working_directory", **container_kwargs) as container: +def test_cwd(container_engine): + with DockerContainer( + container_engine=container_engine, + docker_image=DEFAULT_IMAGE, + cwd="/cibuildwheel/working_directory", + ) as container: assert container.call(["pwd"], capture_output=True) == "/cibuildwheel/working_directory\n" assert container.call(["pwd"], capture_output=True, cwd="/opt") == "/opt\n" -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_container_removed(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_container_removed(container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: docker_containers_listing = subprocess.run( f"{container.container_engine} container ls", shell=True, @@ -258,11 +112,7 @@ def test_container_removed(container_kwargs, monkeypatch): assert old_container_name not in docker_containers_listing -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_large_environment(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) +def test_large_environment(container_engine): # max environment variable size is 128kB long_env_var_length = 127 * 1024 large_environment = { @@ -272,7 +122,9 @@ def test_large_environment(container_kwargs, monkeypatch): "d": "0" * long_env_var_length, } - with DockerContainer(**container_kwargs) as container: + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: # check the length of d assert ( container.call(["sh", "-c", "echo ${#d}"], env=large_environment, capture_output=True) @@ -280,12 +132,10 @@ def test_large_environment(container_kwargs, monkeypatch): ) -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_binary_output(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_binary_output(container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: # note: the below embedded snippets are in python2 # check that we can pass though arbitrary binary data without erroring @@ -334,12 +184,10 @@ def test_binary_output(container_kwargs, monkeypatch): assert output == binary_data_string -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_file_operation(tmp_path: Path, container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_file_operation(tmp_path: Path, container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: # test copying a file in test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" @@ -353,12 +201,10 @@ def test_file_operation(tmp_path: Path, container_kwargs, monkeypatch): assert test_binary_data == bytes(output, encoding="utf8", errors="surrogateescape") -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_dir_operations(tmp_path: Path, container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_dir_operations(tmp_path: Path, container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" original_test_file.write_bytes(test_binary_data) @@ -386,11 +232,90 @@ def test_dir_operations(tmp_path: Path, container_kwargs, monkeypatch): assert test_binary_data == (new_test_dir / "test.dat").read_bytes() -@pytest.mark.docker -@pytest.mark.parametrize("container_kwargs", basis_container_kwargs()) -def test_environment_executor(container_kwargs, monkeypatch): - for k, v in container_kwargs.pop("env", {}).items(): - monkeypatch.setenv(k, v) - with DockerContainer(**container_kwargs) as container: +def test_environment_executor(container_engine): + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: assignment = EnvironmentAssignmentBash("TEST=$(echo 42)") assert assignment.evaluated_value({}, container.environment_executor) == "42" + + +def test_podman_vfs(container_engine, tmp_path: Path, monkeypatch): + # Tests podman VFS, for the podman in docker use-case + if container_engine != "podman": + pytest.skip("podman is the only supported container engine for this test") + + # create the VFS configuration + vfs_path = tmp_path / "podman_vfs" + vfs_path.mkdir() + + # This requires that we write configuration files and point to them + # with environment variables before we run podman + # https://github.com/containers/common/blob/main/docs/containers.conf.5.md + vfs_containers_conf_data = { + "containers": { + "default_capabilities": [ + "CHOWN", + "DAC_OVERRIDE", + "FOWNER", + "FSETID", + "KILL", + "NET_BIND_SERVICE", + "SETFCAP", + "SETGID", + "SETPCAP", + "SETUID", + "SYS_CHROOT", + ] + }, + "engine": {"cgroup_manager": "cgroupfs", "events_logger": "file"}, + } + # https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md + storage_root = vfs_path / ".local/share/containers/vfs-storage" + run_root = vfs_path / ".local/share/containers/vfs-runroot" + storage_root.mkdir(parents=True, exist_ok=True) + run_root.mkdir(parents=True, exist_ok=True) + vfs_containers_storage_conf_data = { + "storage": { + "driver": "vfs", + "graphroot": os.fspath(storage_root), + "runroot": os.fspath(run_root), + "rootless_storage_path": os.fspath(storage_root), + "options": { + # "remap-user": "containers", + "aufs": {"mountopt": "rw"}, + "overlay": {"mountopt": "rw", "force_mask": "shared"}, + # "vfs": {"ignore_chown_errors": "true"}, + }, + } + } + + vfs_containers_conf_fpath = vfs_path / "temp_vfs_containers.conf" + vfs_containers_storage_conf_fpath = vfs_path / "temp_vfs_containers_storage.conf" + with open(vfs_containers_conf_fpath, "w") as file: + toml.dump(vfs_containers_conf_data, file) + + with open(vfs_containers_storage_conf_fpath, "w") as file: + toml.dump(vfs_containers_storage_conf_data, file) + + monkeypatch.setenv("CONTAINERS_CONF", str(vfs_containers_conf_fpath)) + monkeypatch.setenv("CONTAINERS_STORAGE_CONF", str(vfs_containers_storage_conf_fpath)) + + with DockerContainer( + container_engine=container_engine, docker_image=DEFAULT_IMAGE + ) as container: + # test running a command + assert container.call(["echo", "hello"], capture_output=True) == "hello\n" + + # test copying a file into the container + (tmp_path / "some_file.txt").write_text("1234") + container.copy_into(tmp_path / "some_file.txt", PurePosixPath("some_file.txt")) + assert container.call(["cat", "some_file.txt"], capture_output=True) == "1234" + + # Clean up + + # When using the VFS, user is not given write permissions by default in + # new directories. As a workaround we use 'podman unshare' to delete them + # as UID 0. The reason why permission errors occur on podman is documented + # in https://podman.io/blogs/2018/10/03/podman-remove-content-homedir.html + subprocess.run(["podman", "unshare", "rm", "-rf", vfs_path], check=True) From 38faa279433f8b1bec0a82edf9293505ab9cf505 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 27 Jun 2022 15:47:31 +0000 Subject: [PATCH 16/32] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- unit_test/docker_container_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index d8d1f7fbb..adbc4b558 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -4,10 +4,10 @@ import random import shutil import subprocess -from tabnanny import check import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath +from tabnanny import check import pytest import toml From de3144a947575da0a13eee4cff82592a35d94c8a Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 16:51:45 +0100 Subject: [PATCH 17/32] Remove unused imports --- unit_test/docker_container_test.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index adbc4b558..59c9fe5e1 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -1,13 +1,10 @@ -import atexit import os import platform import random import shutil import subprocess -import tempfile import textwrap from pathlib import Path, PurePath, PurePosixPath -from tabnanny import check import pytest import toml From 3bd759f50c9f0aa3fcfcf51c6720a202d42d2469 Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 17:26:31 +0100 Subject: [PATCH 18/32] Add some type safety to the container_engine option --- cibuildwheel/docker_container.py | 10 ++++++---- cibuildwheel/options.py | 13 +++++++++++-- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index de41ded9c..7f01b2fe3 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -13,7 +13,9 @@ from cibuildwheel.util import CIProvider, detect_ci_provider -from .typing import PathOrStr, PopenBytes +from .typing import Literal, PathOrStr, PopenBytes + +ContainerEngine = Literal["docker", "podman"] class DockerContainer: @@ -54,7 +56,7 @@ def __init__( docker_image: str, simulate_32_bit: bool = False, cwd: Optional[PathOrStr] = None, - container_engine: str = "docker", + container_engine: ContainerEngine = "docker", ): if not docker_image: raise ValueError("Must have a non-empty docker image to run.") @@ -193,8 +195,6 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: to_path.mkdir(parents=True, exist_ok=True) if self.container_engine == "podman": - # There is a bug in docker that prevents this simple implementation - # from working https://github.com/moby/moby/issues/38995 subprocess.run( [ self.container_engine, @@ -206,6 +206,8 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: cwd=to_path, ) elif self.container_engine == "docker": + # There is a bug in docker that prevents a simple 'cp' invocation + # from working https://github.com/moby/moby/issues/38995 command = f"{self.container_engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f - . | tar -xf -" subprocess.run( command, diff --git a/cibuildwheel/options.py b/cibuildwheel/options.py index 80ee53277..e30cd47f9 100644 --- a/cibuildwheel/options.py +++ b/cibuildwheel/options.py @@ -16,6 +16,7 @@ Set, Tuple, Union, + cast, ) if sys.version_info >= (3, 11): @@ -26,6 +27,7 @@ from packaging.specifiers import SpecifierSet from .architecture import Architecture +from .docker_container import ContainerEngine from .environment import EnvironmentParseError, ParsedEnvironment, parse_environment from .projectfiles import get_requires_python_str from .typing import PLATFORMS, Literal, PlatformName, TypedDict @@ -79,7 +81,7 @@ class BuildOptions(NamedTuple): test_extras: str build_verbosity: int build_frontend: BuildFrontend - container_engine: str + container_engine: ContainerEngine @property def package_dir(self) -> Path: @@ -423,7 +425,14 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: test_requires = self.reader.get("test-requires", sep=" ").split() test_extras = self.reader.get("test-extras", sep=",") build_verbosity_str = self.reader.get("build-verbosity") - container_engine = self.reader.get("container-engine") + container_engine_str = self.reader.get("container-engine") + + if container_engine_str not in ["docker", "podman"]: + msg = f"cibuildwheel: Unrecognised container_engine '{container_engine_str}', only 'docker' and 'podman' are supported" + print(msg, file=sys.stderr) + sys.exit(2) + + container_engine = cast(ContainerEngine, container_engine_str) build_frontend: BuildFrontend if build_frontend_str == "build": From 2457006796a8dec7fe92b51075c237109d2e348b Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 17:32:40 +0100 Subject: [PATCH 19/32] Make container-engine a global option, since that's how its being used --- cibuildwheel/linux.py | 21 +++++++++++++-------- cibuildwheel/options.py | 21 +++++++++++---------- 2 files changed, 24 insertions(+), 18 deletions(-) diff --git a/cibuildwheel/linux.py b/cibuildwheel/linux.py index e89a35b6b..2939bd182 100644 --- a/cibuildwheel/linux.py +++ b/cibuildwheel/linux.py @@ -16,6 +16,7 @@ get_build_verbosity_extra_flags, prepare_command, read_python_configs, + unwrap, ) @@ -320,18 +321,22 @@ def build_on_docker( def build(options: Options, tmp_path: Path) -> None: # pylint: disable=unused-argument - - build_opts = options.build_options(None) try: - # check docker is installed + # check the container engine is installed subprocess.run( - [build_opts.container_engine, "--version"], check=True, stdout=subprocess.DEVNULL + [options.globals.container_engine, "--version"], check=True, stdout=subprocess.DEVNULL ) except subprocess.CalledProcessError: print( - f"cibuildwheel: {build_opts.container_engine} not found. An OCI exe like Docker or Podman is required to run Linux builds " - "If you're building on Travis CI, add `services: [docker]` to your .travis.yml." - "If you're building on Circle CI in Linux, add a `setup_remote_docker` step to your .circleci/config.yml", + unwrap( + f""" + cibuildwheel: {options.globals.container_engine} not found. An + OCI exe like Docker or Podman is required to run Linux builds. + If you're building on Travis CI, add `services: [docker]` to + your .travis.yml. If you're building on Circle CI in Linux, + add a `setup_remote_docker` step to your .circleci/config.yml. + """ + ), file=sys.stderr, ) sys.exit(2) @@ -359,7 +364,7 @@ def build(options: Options, tmp_path: Path) -> None: # pylint: disable=unused-a docker_image=build_step.docker_image, simulate_32_bit=build_step.platform_tag.endswith("i686"), cwd=container_project_path, - container_engine=build_opts.container_engine, + container_engine=options.globals.container_engine, ) as docker: build_on_docker( diff --git a/cibuildwheel/options.py b/cibuildwheel/options.py index e30cd47f9..4bed523d7 100644 --- a/cibuildwheel/options.py +++ b/cibuildwheel/options.py @@ -64,6 +64,7 @@ class GlobalOptions(NamedTuple): build_selector: BuildSelector test_selector: TestSelector architectures: Set[Architecture] + container_engine: ContainerEngine class BuildOptions(NamedTuple): @@ -81,7 +82,6 @@ class BuildOptions(NamedTuple): test_extras: str build_verbosity: int build_frontend: BuildFrontend - container_engine: ContainerEngine @property def package_dir(self) -> Path: @@ -395,12 +395,22 @@ def globals(self) -> GlobalOptions: archs_config_str = args.archs or self.reader.get("archs", sep=" ") architectures = Architecture.parse_config(archs_config_str, platform=self.platform) + container_engine_str = self.reader.get("container-engine") + + if container_engine_str not in ["docker", "podman"]: + msg = f"cibuildwheel: Unrecognised container_engine '{container_engine_str}', only 'docker' and 'podman' are supported" + print(msg, file=sys.stderr) + sys.exit(2) + + container_engine = cast(ContainerEngine, container_engine_str) + return GlobalOptions( package_dir=package_dir, output_dir=output_dir, build_selector=build_selector, test_selector=test_selector, architectures=architectures, + container_engine=container_engine, ) def build_options(self, identifier: Optional[str]) -> BuildOptions: @@ -425,14 +435,6 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: test_requires = self.reader.get("test-requires", sep=" ").split() test_extras = self.reader.get("test-extras", sep=",") build_verbosity_str = self.reader.get("build-verbosity") - container_engine_str = self.reader.get("container-engine") - - if container_engine_str not in ["docker", "podman"]: - msg = f"cibuildwheel: Unrecognised container_engine '{container_engine_str}', only 'docker' and 'podman' are supported" - print(msg, file=sys.stderr) - sys.exit(2) - - container_engine = cast(ContainerEngine, container_engine_str) build_frontend: BuildFrontend if build_frontend_str == "build": @@ -531,7 +533,6 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: manylinux_images=manylinux_images or None, musllinux_images=musllinux_images or None, build_frontend=build_frontend, - container_engine=container_engine, ) def check_for_invalid_configuration(self, identifiers: List[str]) -> None: From 1d2e5d5d8ff5aba545aa582d22221272be934abf Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 17:46:22 +0100 Subject: [PATCH 20/32] Rename DockerContainer -> OCIContainer, and a few other things OCIContainer.container_engine -> OCIContainer.engine OCIContainer.docker_image -> OCIContainer.image Variables that refer to 'docker_images' have been renamed to 'container_images' --- cibuildwheel/docker_container.py | 57 +++++++++++------------ cibuildwheel/linux.py | 24 +++++----- cibuildwheel/options.py | 16 +++---- unit_test/docker_container_test.py | 54 +++++++-------------- unit_test/linux_build_steps_test.py | 14 +++--- unit_test/main_tests/main_options_test.py | 4 +- unit_test/option_prepare_test.py | 22 ++++----- unit_test/options_test.py | 10 ++-- 8 files changed, 89 insertions(+), 112 deletions(-) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/docker_container.py index 7f01b2fe3..b910c4972 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/docker_container.py @@ -18,26 +18,23 @@ ContainerEngine = Literal["docker", "podman"] -class DockerContainer: +class OCIContainer: """ - An object that represents a running Docker container. + An object that represents a running OCI (e.g. Docker) container. Intended for use as a context manager e.g. - `with DockerContainer(docker_image = 'ubuntu') as docker:` + `with OCIContainer(image = 'ubuntu') as docker:` A bash shell is running in the remote container. When `call()` is invoked, the command is relayed to the remote shell, and the results are streamed back to cibuildwheel. - TODO: - - [ ] Rename to Container as this now generalizes docker and podman? - Example: >>> from cibuildwheel.docker_container import * # NOQA - >>> from cibuildwheel.options import _get_pinned_docker_images - >>> docker_image = _get_pinned_docker_images()['x86_64']['manylinux2014'] + >>> from cibuildwheel.options import _get_pinned_container_images + >>> image = _get_pinned_container_images()['x86_64']['manylinux2014'] >>> # Test the default container - >>> with DockerContainer(docker_image=docker_image) as self: + >>> with OCIContainer(image=image) as self: ... self.call(["echo", "hello world"]) ... self.call(["cat", "/proc/1/cgroup"]) ... print(self.get_environment()) @@ -53,21 +50,21 @@ class DockerContainer: def __init__( self, *, - docker_image: str, + image: str, simulate_32_bit: bool = False, cwd: Optional[PathOrStr] = None, - container_engine: ContainerEngine = "docker", + engine: ContainerEngine = "docker", ): - if not docker_image: + if not image: raise ValueError("Must have a non-empty docker image to run.") - self.docker_image = docker_image + self.image = image self.simulate_32_bit = simulate_32_bit self.cwd = cwd self.name: Optional[str] = None - self.container_engine = container_engine + self.engine = engine - def __enter__(self) -> "DockerContainer": + def __enter__(self) -> "OCIContainer": self.name = f"cibuildwheel-{uuid.uuid4()}" @@ -83,14 +80,14 @@ def __enter__(self) -> "DockerContainer": subprocess.run( [ - self.container_engine, + self.engine, "create", "--env=CIBUILDWHEEL", f"--name={self.name}", "--interactive", "--volume=/:/host", # ignored on CircleCI *network_args, - self.docker_image, + self.image, *shell_args, ], check=True, @@ -98,7 +95,7 @@ def __enter__(self) -> "DockerContainer": self.process = subprocess.Popen( [ - self.container_engine, + self.engine, "start", "--attach", "--interactive", @@ -136,7 +133,7 @@ def __exit__( self.bash_stdin.close() self.bash_stdout.close() - if self.container_engine == "podman": + if self.engine == "podman": # This works around what seems to be a race condition in the podman # backend. The full reason is not understood. See PR #966 for a # discussion on possible causes and attempts to remove this line. @@ -146,7 +143,7 @@ def __exit__( assert isinstance(self.name, str) subprocess.run( - [self.container_engine, "rm", "--force", "-v", self.name], + [self.engine, "rm", "--force", "-v", self.name], stdout=subprocess.DEVNULL, check=False, ) @@ -161,7 +158,7 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: if from_path.is_dir(): self.call(["mkdir", "-p", to_path]) subprocess.run( - f"tar cf - . | {self.container_engine} exec -i {self.name} tar --no-same-owner -xC {shell_quote(to_path)} -f -", + f"tar cf - . | {self.engine} exec -i {self.name} tar --no-same-owner -xC {shell_quote(to_path)} -f -", shell=True, check=True, cwd=from_path, @@ -169,7 +166,7 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: else: with subprocess.Popen( [ - self.container_engine, + self.engine, "exec", "-i", str(self.name), @@ -194,10 +191,10 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: # note: we assume from_path is a dir to_path.mkdir(parents=True, exist_ok=True) - if self.container_engine == "podman": + if self.engine == "podman": subprocess.run( [ - self.container_engine, + self.engine, "cp", f"{self.name}:{from_path}/.", str(to_path), @@ -205,10 +202,10 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: check=True, cwd=to_path, ) - elif self.container_engine == "docker": + elif self.engine == "docker": # There is a bug in docker that prevents a simple 'cp' invocation # from working https://github.com/moby/moby/issues/38995 - command = f"{self.container_engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f - . | tar -xf -" + command = f"{self.engine} exec -i {self.name} tar -cC {shell_quote(from_path)} -f - . | tar -xf -" subprocess.run( command, shell=True, @@ -216,7 +213,7 @@ def copy_out(self, from_path: PurePath, to_path: Path) -> None: cwd=to_path, ) else: - raise KeyError(self.container_engine) + raise KeyError(self.engine) def glob(self, path: PurePosixPath, pattern: str) -> List[PurePosixPath]: glob_pattern = path.joinpath(pattern) @@ -333,10 +330,10 @@ def environment_executor(self, command: List[str], environment: Dict[str, str]) return self.call(command, env=environment, capture_output=True) def debug_info(self) -> str: - if self.container_engine == "podman": - command = f"{self.container_engine} info --debug" + if self.engine == "podman": + command = f"{self.engine} info --debug" else: - command = f"{self.container_engine} info" + command = f"{self.engine} info" completed = subprocess.run( command, shell=True, diff --git a/cibuildwheel/linux.py b/cibuildwheel/linux.py index 2939bd182..d4eacaef8 100644 --- a/cibuildwheel/linux.py +++ b/cibuildwheel/linux.py @@ -5,7 +5,7 @@ from typing import Iterator, List, NamedTuple, Set, Tuple from .architecture import Architecture -from .docker_container import DockerContainer +from .docker_container import OCIContainer from .logger import log from .options import Options from .typing import OrderedDict, PathOrStr, assert_never @@ -33,7 +33,7 @@ def path(self) -> PurePosixPath: class BuildStep(NamedTuple): platform_configs: List[PythonConfiguration] platform_tag: str - docker_image: str + container_image: str def get_python_configurations( @@ -55,7 +55,7 @@ def get_python_configurations( ] -def docker_image_for_python_configuration(config: PythonConfiguration, options: Options) -> str: +def container_image_for_python_configuration(config: PythonConfiguration, options: Options) -> str: build_options = options.build_options(config.identifier) # e.g # identifier is 'cp310-manylinux_x86_64' @@ -87,15 +87,17 @@ def get_build_steps( _, platform_tag = config.identifier.split("-", 1) before_all = options.build_options(config.identifier).before_all - docker_image = docker_image_for_python_configuration(config, options) + container_image = container_image_for_python_configuration(config, options) - step_key = (platform_tag, docker_image, before_all) + step_key = (platform_tag, container_image, before_all) if step_key in steps: steps[step_key].platform_configs.append(config) else: steps[step_key] = BuildStep( - platform_configs=[config], platform_tag=platform_tag, docker_image=docker_image + platform_configs=[config], + platform_tag=platform_tag, + container_image=container_image, ) yield from steps.values() @@ -105,7 +107,7 @@ def build_on_docker( *, options: Options, platform_configs: List[PythonConfiguration], - docker: DockerContainer, + docker: OCIContainer, container_project_path: PurePath, container_package_dir: PurePath, ) -> None: @@ -357,14 +359,14 @@ def build(options: Options, tmp_path: Path) -> None: # pylint: disable=unused-a try: ids_to_build = [x.identifier for x in build_step.platform_configs] log.step( - f"Starting Docker image {build_step.docker_image} for {', '.join(ids_to_build)}..." + f"Starting Docker image {build_step.container_image} for {', '.join(ids_to_build)}..." ) - with DockerContainer( - docker_image=build_step.docker_image, + with OCIContainer( + image=build_step.container_image, simulate_32_bit=build_step.platform_tag.endswith("i686"), cwd=container_project_path, - container_engine=options.globals.container_engine, + engine=options.globals.container_engine, ) as docker: build_on_docker( diff --git a/cibuildwheel/options.py b/cibuildwheel/options.py index 4bed523d7..df4114e22 100644 --- a/cibuildwheel/options.py +++ b/cibuildwheel/options.py @@ -485,10 +485,10 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: manylinux_images: Dict[str, str] = {} musllinux_images: Dict[str, str] = {} if self.platform == "linux": - all_pinned_docker_images = _get_pinned_docker_images() + all_pinned_container_images = _get_pinned_container_images() for build_platform in MANYLINUX_ARCHS: - pinned_images = all_pinned_docker_images[build_platform] + pinned_images = all_pinned_container_images[build_platform] config_value = self.reader.get( f"manylinux-{build_platform}-image", ignore_empty=True @@ -505,7 +505,7 @@ def build_options(self, identifier: Optional[str]) -> BuildOptions: manylinux_images[build_platform] = image for build_platform in MUSLLINUX_ARCHS: - pinned_images = all_pinned_docker_images[build_platform] + pinned_images = all_pinned_container_images[build_platform] config_value = self.reader.get(f"musllinux-{build_platform}-image") @@ -591,7 +591,7 @@ def compute_options( @functools.lru_cache(maxsize=None) -def _get_pinned_docker_images() -> Mapping[str, Mapping[str, str]]: +def _get_pinned_container_images() -> Mapping[str, Mapping[str, str]]: """ This looks like a dict of dicts, e.g. { 'x86_64': {'manylinux1': '...', 'manylinux2010': '...', 'manylinux2014': '...'}, @@ -600,10 +600,10 @@ def _get_pinned_docker_images() -> Mapping[str, Mapping[str, str]]: ... } """ - pinned_docker_images_file = resources_dir / "pinned_docker_images.cfg" - all_pinned_docker_images = ConfigParser() - all_pinned_docker_images.read(pinned_docker_images_file) - return all_pinned_docker_images + pinned_images_file = resources_dir / "pinned_docker_images.cfg" + all_pinned_images = ConfigParser() + all_pinned_images.read(pinned_images_file) + return all_pinned_images def deprecated_selectors(name: str, selector: str, *, error: bool = False) -> None: diff --git a/unit_test/docker_container_test.py b/unit_test/docker_container_test.py index 59c9fe5e1..e4252b03e 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/docker_container_test.py @@ -9,7 +9,7 @@ import pytest import toml -from cibuildwheel.docker_container import DockerContainer +from cibuildwheel.docker_container import OCIContainer from cibuildwheel.environment import EnvironmentAssignmentBash # Test utilities @@ -42,30 +42,24 @@ def container_engine(request): def test_simple(container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: assert container.call(["echo", "hello"], capture_output=True) == "hello\n" def test_no_lf(container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: assert container.call(["printf", "hello"], capture_output=True) == "hello" def test_debug_info(container_engine): - container = DockerContainer(container_engine=container_engine, docker_image=DEFAULT_IMAGE) + container = OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) print(container.debug_info()) with container: pass def test_environment(container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: assert ( container.call( ["sh", "-c", "echo $TEST_VAR"], env={"TEST_VAR": "1"}, capture_output=True @@ -75,21 +69,17 @@ def test_environment(container_engine): def test_cwd(container_engine): - with DockerContainer( - container_engine=container_engine, - docker_image=DEFAULT_IMAGE, - cwd="/cibuildwheel/working_directory", + with OCIContainer( + engine=container_engine, image=DEFAULT_IMAGE, cwd="/cibuildwheel/working_directory" ) as container: assert container.call(["pwd"], capture_output=True) == "/cibuildwheel/working_directory\n" assert container.call(["pwd"], capture_output=True, cwd="/opt") == "/opt\n" def test_container_removed(container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: docker_containers_listing = subprocess.run( - f"{container.container_engine} container ls", + f"{container.engine} container ls", shell=True, check=True, stdout=subprocess.PIPE, @@ -100,7 +90,7 @@ def test_container_removed(container_engine): old_container_name = container.name docker_containers_listing = subprocess.run( - f"{container.container_engine} container ls", + f"{container.engine} container ls", shell=True, check=True, stdout=subprocess.PIPE, @@ -119,9 +109,7 @@ def test_large_environment(container_engine): "d": "0" * long_env_var_length, } - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: # check the length of d assert ( container.call(["sh", "-c", "echo ${#d}"], env=large_environment, capture_output=True) @@ -130,9 +118,7 @@ def test_large_environment(container_engine): def test_binary_output(container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: # note: the below embedded snippets are in python2 # check that we can pass though arbitrary binary data without erroring @@ -182,9 +168,7 @@ def test_binary_output(container_engine): def test_file_operation(tmp_path: Path, container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: # test copying a file in test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" @@ -199,9 +183,7 @@ def test_file_operation(tmp_path: Path, container_engine): def test_dir_operations(tmp_path: Path, container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: test_binary_data = bytes(random.randrange(256) for _ in range(1000)) original_test_file = tmp_path / "test.dat" original_test_file.write_bytes(test_binary_data) @@ -230,9 +212,7 @@ def test_dir_operations(tmp_path: Path, container_engine): def test_environment_executor(container_engine): - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: assignment = EnvironmentAssignmentBash("TEST=$(echo 42)") assert assignment.evaluated_value({}, container.environment_executor) == "42" @@ -298,9 +278,7 @@ def test_podman_vfs(container_engine, tmp_path: Path, monkeypatch): monkeypatch.setenv("CONTAINERS_CONF", str(vfs_containers_conf_fpath)) monkeypatch.setenv("CONTAINERS_STORAGE_CONF", str(vfs_containers_storage_conf_fpath)) - with DockerContainer( - container_engine=container_engine, docker_image=DEFAULT_IMAGE - ) as container: + with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: # test running a command assert container.call(["echo", "hello"], capture_output=True) == "hello\n" diff --git a/unit_test/linux_build_steps_test.py b/unit_test/linux_build_steps_test.py index 29bc65a4a..fd8f17884 100644 --- a/unit_test/linux_build_steps_test.py +++ b/unit_test/linux_build_steps_test.py @@ -21,16 +21,16 @@ def test_linux_container_split(tmp_path: Path, monkeypatch): textwrap.dedent( """ [tool.cibuildwheel] - manylinux-x86_64-image = "normal_docker_image" - manylinux-i686-image = "normal_docker_image" + manylinux-x86_64-image = "normal_container_image" + manylinux-i686-image = "normal_container_image" build = "*-manylinux_x86_64" skip = "pp*" archs = "x86_64 i686" [[tool.cibuildwheel.overrides]] select = "cp{38,39,310}-*" - manylinux-x86_64-image = "other_docker_image" - manylinux-i686-image = "other_docker_image" + manylinux-x86_64-image = "other_container_image" + manylinux-i686-image = "other_container_image" [[tool.cibuildwheel.overrides]] select = "cp39-*" @@ -57,14 +57,14 @@ def before_alls(step): pprint(build_steps) - assert build_steps[0].docker_image == "normal_docker_image" + assert build_steps[0].container_image == "normal_container_image" assert identifiers(build_steps[0]) == ["cp36-manylinux_x86_64", "cp37-manylinux_x86_64"] assert before_alls(build_steps[0]) == ["", ""] - assert build_steps[1].docker_image == "other_docker_image" + assert build_steps[1].container_image == "other_container_image" assert identifiers(build_steps[1]) == ["cp38-manylinux_x86_64", "cp310-manylinux_x86_64"] assert before_alls(build_steps[1]) == ["", ""] - assert build_steps[2].docker_image == "other_docker_image" + assert build_steps[2].container_image == "other_container_image" assert identifiers(build_steps[2]) == ["cp39-manylinux_x86_64"] assert before_alls(build_steps[2]) == ["echo 'a cp39-only command'"] diff --git a/unit_test/main_tests/main_options_test.py b/unit_test/main_tests/main_options_test.py index 27a97a2e8..59368de5b 100644 --- a/unit_test/main_tests/main_options_test.py +++ b/unit_test/main_tests/main_options_test.py @@ -11,7 +11,7 @@ from cibuildwheel.__main__ import main from cibuildwheel.environment import ParsedEnvironment -from cibuildwheel.options import BuildOptions, _get_pinned_docker_images +from cibuildwheel.options import BuildOptions, _get_pinned_container_images from cibuildwheel.util import BuildSelector, resources_dir # CIBW_PLATFORM is tested in main_platform_test.py @@ -339,6 +339,6 @@ def test_defaults(platform, intercepted_build_args): if platform == "linux": assert build_options.manylinux_images - pinned_images = _get_pinned_docker_images() + pinned_images = _get_pinned_container_images() default_x86_64_image = pinned_images["x86_64"][defaults["manylinux-x86_64-image"]] assert build_options.manylinux_images["x86_64"] == default_x86_64_image diff --git a/unit_test/option_prepare_test.py b/unit_test/option_prepare_test.py index 5f2fecfd7..903746d46 100644 --- a/unit_test/option_prepare_test.py +++ b/unit_test/option_prepare_test.py @@ -35,7 +35,7 @@ def ignore_context_call(*args, **kwargs): monkeypatch.setattr(subprocess, "Popen", fail_on_call) monkeypatch.setattr(subprocess, "run", ignore_call) monkeypatch.setattr(util, "download", fail_on_call) - monkeypatch.setattr("cibuildwheel.linux.DockerContainer", ignore_context_call) + monkeypatch.setattr("cibuildwheel.linux.OCIContainer", ignore_context_call) monkeypatch.setattr("cibuildwheel.linux.build_on_docker", mock.Mock(spec=linux.build_on_docker)) monkeypatch.setattr("cibuildwheel.util.print_new_wheels", ignore_context_call) @@ -52,7 +52,7 @@ def test_build_default_launches(mock_build_docker, fake_package_dir, monkeypatch # In Python 3.8+, this can be simplified to [0].kwargs kwargs = build_on_docker.call_args_list[0][1] - assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert not kwargs["docker"]["simulate_32_bit"] @@ -60,7 +60,7 @@ def test_build_default_launches(mock_build_docker, fake_package_dir, monkeypatch assert identifiers == {f"{x}-manylinux_x86_64" for x in ALL_IDS} kwargs = build_on_docker.call_args_list[1][1] - assert "quay.io/pypa/manylinux2014_i686" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/manylinux2014_i686" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert kwargs["docker"]["simulate_32_bit"] @@ -68,7 +68,7 @@ def test_build_default_launches(mock_build_docker, fake_package_dir, monkeypatch assert identifiers == {f"{x}-manylinux_i686" for x in ALL_IDS} kwargs = build_on_docker.call_args_list[2][1] - assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert not kwargs["docker"]["simulate_32_bit"] @@ -78,7 +78,7 @@ def test_build_default_launches(mock_build_docker, fake_package_dir, monkeypatch } kwargs = build_on_docker.call_args_list[3][1] - assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert kwargs["docker"]["simulate_32_bit"] @@ -118,7 +118,7 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): assert build_on_docker.call_count == 6 kwargs = build_on_docker.call_args_list[0][1] - assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert not kwargs["docker"]["simulate_32_bit"] @@ -127,7 +127,7 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): assert kwargs["options"].build_options("cp36-manylinux_x86_64").before_all == "true" kwargs = build_on_docker.call_args_list[1][1] - assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert not kwargs["docker"]["simulate_32_bit"] @@ -138,7 +138,7 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): assert kwargs["options"].build_options("cp37-manylinux_x86_64").before_all == "" kwargs = build_on_docker.call_args_list[2][1] - assert "quay.io/pypa/manylinux_2_24_x86_64" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/manylinux_2_24_x86_64" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert not kwargs["docker"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} @@ -150,7 +150,7 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): } kwargs = build_on_docker.call_args_list[3][1] - assert "quay.io/pypa/manylinux2014_i686" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/manylinux2014_i686" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert kwargs["docker"]["simulate_32_bit"] @@ -158,7 +158,7 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): assert identifiers == {f"{x}-manylinux_i686" for x in ALL_IDS} kwargs = build_on_docker.call_args_list[4][1] - assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert not kwargs["docker"]["simulate_32_bit"] @@ -168,7 +168,7 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): } kwargs = build_on_docker.call_args_list[5][1] - assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["docker"]["docker_image"] + assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["docker"]["image"] assert kwargs["docker"]["cwd"] == PurePosixPath("/project") assert kwargs["docker"]["simulate_32_bit"] diff --git a/unit_test/options_test.py b/unit_test/options_test.py index fd8a102f4..3ce8b2147 100644 --- a/unit_test/options_test.py +++ b/unit_test/options_test.py @@ -4,7 +4,7 @@ from cibuildwheel.__main__ import get_build_identifiers from cibuildwheel.environment import parse_environment -from cibuildwheel.options import Options, _get_pinned_docker_images +from cibuildwheel.options import Options, _get_pinned_container_images from .utils import get_default_command_line_arguments @@ -58,18 +58,18 @@ def test_options_1(tmp_path, monkeypatch): assert default_build_options.environment == parse_environment('FOO="BAR"') - all_pinned_docker_images = _get_pinned_docker_images() - pinned_x86_64_docker_image = all_pinned_docker_images["x86_64"] + all_pinned_container_images = _get_pinned_container_images() + pinned_x86_64_container_image = all_pinned_container_images["x86_64"] local = options.build_options("cp38-manylinux_x86_64") assert local.manylinux_images is not None assert local.test_command == "pyproject" - assert local.manylinux_images["x86_64"] == pinned_x86_64_docker_image["manylinux1"] + assert local.manylinux_images["x86_64"] == pinned_x86_64_container_image["manylinux1"] local = options.build_options("cp37-manylinux_x86_64") assert local.manylinux_images is not None assert local.test_command == "pyproject-override" - assert local.manylinux_images["x86_64"] == pinned_x86_64_docker_image["manylinux2014"] + assert local.manylinux_images["x86_64"] == pinned_x86_64_container_image["manylinux2014"] def test_passthrough(tmp_path, monkeypatch): From d66c1e92bfce01eddb245714c83948400fcbab3a Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 18:30:49 +0100 Subject: [PATCH 21/32] Lots more naming changes to reflect that containers are not necessarily 'docker' --- cibuildwheel/__main__.py | 5 +- cibuildwheel/architecture.py | 2 +- cibuildwheel/linux.py | 86 ++++++++-------- .../{docker_container.py => oci_container.py} | 18 ++-- cibuildwheel/options.py | 2 +- docs/diagram.md | 6 +- docs/faq.md | 10 +- docs/options.md | 18 ++-- ...ker_images.py => test_container_images.py} | 0 test/test_manylinuxXXXX_only.py | 2 +- unit_test/linux_build_steps_test.py | 4 +- ...ontainer_test.py => oci_container_test.py} | 2 +- unit_test/option_prepare_test.py | 98 ++++++++++--------- 13 files changed, 129 insertions(+), 124 deletions(-) rename cibuildwheel/{docker_container.py => oci_container.py} (95%) rename test/{test_docker_images.py => test_container_images.py} (100%) rename unit_test/{docker_container_test.py => oci_container_test.py} (99%) diff --git a/cibuildwheel/__main__.py b/cibuildwheel/__main__.py index f8158b313..03b18a202 100644 --- a/cibuildwheel/__main__.py +++ b/cibuildwheel/__main__.py @@ -46,7 +46,7 @@ def main() -> None: auto-detected platform or to run cibuildwheel on your development machine. Specifying "macos" or "windows" only works on that operating system, but "linux" works on all three, as long as - Docker is installed. Default: auto. + Docker/Podman is installed. Default: auto. """, ) @@ -91,7 +91,7 @@ def main() -> None: Path to the package that you want wheels for. Default: the working directory. Can be a directory inside the working directory, or an sdist. When set to a directory, the working directory is still - considered the 'project' and is copied into the Docker container + considered the 'project' and is copied into the build container on Linux. When set to a tar.gz sdist file, --config-file and --output-dir are relative to the current directory, and other paths are relative to the expanded SDist directory. @@ -208,7 +208,6 @@ def build_in_directory(args: CommandLineArguments) -> None: sys.exit(0) # Add CIBUILDWHEEL environment variable - # This needs to be passed on to the docker container in linux.py os.environ["CIBUILDWHEEL"] = "1" # Python is buffering by default when running on the CI platforms, giving problems interleaving subprocess call output with unflushed calls to 'print' diff --git a/cibuildwheel/architecture.py b/cibuildwheel/architecture.py index 437ff5e83..be87f3219 100644 --- a/cibuildwheel/architecture.py +++ b/cibuildwheel/architecture.py @@ -59,7 +59,7 @@ def auto_archs(platform: PlatformName) -> "Set[Architecture]": result = {native_architecture} if platform == "linux" and native_architecture == Architecture.x86_64: - # x86_64 machines can run i686 docker containers + # x86_64 machines can run i686 containers result.add(Architecture.i686) if platform == "windows" and native_architecture == Architecture.AMD64: diff --git a/cibuildwheel/linux.py b/cibuildwheel/linux.py index d4eacaef8..fe694a7fe 100644 --- a/cibuildwheel/linux.py +++ b/cibuildwheel/linux.py @@ -5,8 +5,8 @@ from typing import Iterator, List, NamedTuple, Set, Tuple from .architecture import Architecture -from .docker_container import OCIContainer from .logger import log +from .oci_container import OCIContainer from .options import Options from .typing import OrderedDict, PathOrStr, assert_never from .util import ( @@ -79,7 +79,7 @@ def get_build_steps( ) -> Iterator[BuildStep]: """ Groups PythonConfigurations into BuildSteps. Each BuildStep represents a - separate Docker container. + separate container instance. """ steps = OrderedDict[Tuple[str, str, str], BuildStep]() @@ -103,18 +103,18 @@ def get_build_steps( yield from steps.values() -def build_on_docker( +def build_in_container( *, options: Options, platform_configs: List[PythonConfiguration], - docker: OCIContainer, + container: OCIContainer, container_project_path: PurePath, container_package_dir: PurePath, ) -> None: container_output_dir = PurePosixPath("/output") - log.step("Copying project into Docker...") - docker.copy_into(Path.cwd(), container_project_path) + log.step("Copying project into container...") + container.copy_into(Path.cwd(), container_project_path) before_all_options_identifier = platform_configs[0].identifier before_all_options = options.build_options(before_all_options_identifier) @@ -122,11 +122,11 @@ def build_on_docker( if before_all_options.before_all: log.step("Running before_all...") - env = docker.get_environment() + env = container.get_environment() env["PATH"] = f'/opt/python/cp38-cp38/bin:{env["PATH"]}' env["PIP_DISABLE_PIP_VERSION_CHECK"] = "1" env = before_all_options.environment.as_dictionary( - env, executor=docker.environment_executor + env, executor=container.environment_executor ) before_all_prepared = prepare_command( @@ -134,7 +134,7 @@ def build_on_docker( project=container_project_path, package=container_package_dir, ) - docker.call(["sh", "-c", before_all_prepared], env=env) + container.call(["sh", "-c", before_all_prepared], env=env) built_wheels: List[PurePosixPath] = [] @@ -150,21 +150,21 @@ def build_on_docker( ) container_constraints_file = PurePath("/constraints.txt") - docker.copy_into(constraints_file, container_constraints_file) + container.copy_into(constraints_file, container_constraints_file) dependency_constraint_flags = ["-c", container_constraints_file] log.step("Setting up build environment...") - env = docker.get_environment() + env = container.get_environment() # put this config's python top of the list python_bin = config.path / "bin" env["PATH"] = f'{python_bin}:{env["PATH"]}' - env = build_options.environment.as_dictionary(env, executor=docker.environment_executor) + env = build_options.environment.as_dictionary(env, executor=container.environment_executor) # check config python is still on PATH - which_python = docker.call(["which", "python"], env=env, capture_output=True).strip() + which_python = container.call(["which", "python"], env=env, capture_output=True).strip() if PurePosixPath(which_python) != python_bin / "python": print( "cibuildwheel: python available on PATH doesn't match our installed instance. If you have modified PATH, ensure that you don't overwrite cibuildwheel's entry or insert python above it.", @@ -172,7 +172,7 @@ def build_on_docker( ) sys.exit(1) - which_pip = docker.call(["which", "pip"], env=env, capture_output=True).strip() + which_pip = container.call(["which", "pip"], env=env, capture_output=True).strip() if PurePosixPath(which_pip) != python_bin / "pip": print( "cibuildwheel: pip available on PATH doesn't match our installed instance. If you have modified PATH, ensure that you don't overwrite cibuildwheel's entry or insert pip above it.", @@ -196,19 +196,19 @@ def build_on_docker( project=container_project_path, package=container_package_dir, ) - docker.call(["sh", "-c", before_build_prepared], env=env) + container.call(["sh", "-c", before_build_prepared], env=env) log.step("Building wheel...") temp_dir = PurePosixPath("/tmp/cibuildwheel") built_wheel_dir = temp_dir / "built_wheel" - docker.call(["rm", "-rf", built_wheel_dir]) - docker.call(["mkdir", "-p", built_wheel_dir]) + container.call(["rm", "-rf", built_wheel_dir]) + container.call(["mkdir", "-p", built_wheel_dir]) verbosity_flags = get_build_verbosity_extra_flags(build_options.build_verbosity) if build_options.build_frontend == "pip": - docker.call( + container.call( [ "python", "-m", @@ -223,7 +223,7 @@ def build_on_docker( ) elif build_options.build_frontend == "build": config_setting = " ".join(verbosity_flags) - docker.call( + container.call( [ "python", "-m", @@ -238,11 +238,11 @@ def build_on_docker( else: assert_never(build_options.build_frontend) - built_wheel = docker.glob(built_wheel_dir, "*.whl")[0] + built_wheel = container.glob(built_wheel_dir, "*.whl")[0] repaired_wheel_dir = temp_dir / "repaired_wheel" - docker.call(["rm", "-rf", repaired_wheel_dir]) - docker.call(["mkdir", "-p", repaired_wheel_dir]) + container.call(["rm", "-rf", repaired_wheel_dir]) + container.call(["mkdir", "-p", repaired_wheel_dir]) if built_wheel.name.endswith("none-any.whl"): raise NonPlatformWheelError() @@ -252,21 +252,23 @@ def build_on_docker( repair_command_prepared = prepare_command( build_options.repair_command, wheel=built_wheel, dest_dir=repaired_wheel_dir ) - docker.call(["sh", "-c", repair_command_prepared], env=env) + container.call(["sh", "-c", repair_command_prepared], env=env) else: - docker.call(["mv", built_wheel, repaired_wheel_dir]) + container.call(["mv", built_wheel, repaired_wheel_dir]) - repaired_wheels = docker.glob(repaired_wheel_dir, "*.whl") + repaired_wheels = container.glob(repaired_wheel_dir, "*.whl") if build_options.test_command and build_options.test_selector(config.identifier): log.step("Testing wheel...") # set up a virtual environment to install and test from, to make sure # there are no dependencies that were pulled in at build time. - docker.call(["pip", "install", "virtualenv", *dependency_constraint_flags], env=env) - venv_dir = PurePath(docker.call(["mktemp", "-d"], capture_output=True).strip()) / "venv" + container.call(["pip", "install", "virtualenv", *dependency_constraint_flags], env=env) + venv_dir = ( + PurePath(container.call(["mktemp", "-d"], capture_output=True).strip()) / "venv" + ) - docker.call(["python", "-m", "virtualenv", "--no-download", venv_dir], env=env) + container.call(["python", "-m", "virtualenv", "--no-download", venv_dir], env=env) virtualenv_env = env.copy() virtualenv_env["PATH"] = f"{venv_dir / 'bin'}:{virtualenv_env['PATH']}" @@ -277,7 +279,7 @@ def build_on_docker( project=container_project_path, package=container_package_dir, ) - docker.call(["sh", "-c", before_test_prepared], env=virtualenv_env) + container.call(["sh", "-c", before_test_prepared], env=virtualenv_env) # Install the wheel we just built # Note: If auditwheel produced two wheels, it's because the earlier produced wheel @@ -286,14 +288,14 @@ def build_on_docker( # different external shared libraries. so it doesn't matter which one we run the tests on. # Let's just pick the first one. wheel_to_test = repaired_wheels[0] - docker.call( + container.call( ["pip", "install", str(wheel_to_test) + build_options.test_extras], env=virtualenv_env, ) # Install any requirements to run the tests if build_options.test_requires: - docker.call(["pip", "install", *build_options.test_requires], env=virtualenv_env) + container.call(["pip", "install", *build_options.test_requires], env=virtualenv_env) # Run the tests from a different directory test_command_prepared = prepare_command( @@ -301,15 +303,15 @@ def build_on_docker( project=container_project_path, package=container_package_dir, ) - docker.call(["sh", "-c", test_command_prepared], cwd="/root", env=virtualenv_env) + container.call(["sh", "-c", test_command_prepared], cwd="/root", env=virtualenv_env) # clean up test environment - docker.call(["rm", "-rf", venv_dir]) + container.call(["rm", "-rf", venv_dir]) # move repaired wheels to output if abi3_wheel is None: - docker.call(["mkdir", "-p", container_output_dir]) - docker.call(["mv", *repaired_wheels, container_output_dir]) + container.call(["mkdir", "-p", container_output_dir]) + container.call(["mv", *repaired_wheels, container_output_dir]) built_wheels.extend( container_output_dir / repaired_wheel.name for repaired_wheel in repaired_wheels ) @@ -318,7 +320,7 @@ def build_on_docker( log.step("Copying wheels back to host...") # copy the output back into the host - docker.copy_out(container_output_dir, options.globals.output_dir) + container.copy_out(container_output_dir, options.globals.output_dir) log.step_end() @@ -358,21 +360,21 @@ def build(options: Options, tmp_path: Path) -> None: # pylint: disable=unused-a for build_step in get_build_steps(options, python_configurations): try: ids_to_build = [x.identifier for x in build_step.platform_configs] - log.step( - f"Starting Docker image {build_step.container_image} for {', '.join(ids_to_build)}..." - ) + log.step(f"Starting container image {build_step.container_image}...") + + print(f"info: This container will host the build for {', '.join(ids_to_build)}...") with OCIContainer( image=build_step.container_image, simulate_32_bit=build_step.platform_tag.endswith("i686"), cwd=container_project_path, engine=options.globals.container_engine, - ) as docker: + ) as container: - build_on_docker( + build_in_container( options=options, platform_configs=build_step.platform_configs, - docker=docker, + container=container, container_project_path=container_project_path, container_package_dir=container_package_dir, ) diff --git a/cibuildwheel/docker_container.py b/cibuildwheel/oci_container.py similarity index 95% rename from cibuildwheel/docker_container.py rename to cibuildwheel/oci_container.py index b910c4972..2d79720f8 100644 --- a/cibuildwheel/docker_container.py +++ b/cibuildwheel/oci_container.py @@ -56,7 +56,7 @@ def __init__( engine: ContainerEngine = "docker", ): if not image: - raise ValueError("Must have a non-empty docker image to run.") + raise ValueError("Must have a non-empty image to run.") self.image = image self.simulate_32_bit = simulate_32_bit @@ -175,17 +175,19 @@ def copy_into(self, from_path: Path, to_path: PurePath) -> None: f"cat > {shell_quote(to_path)}", ], stdin=subprocess.PIPE, - ) as docker: - docker.stdin = cast(IO[bytes], docker.stdin) + ) as exec_process: + exec_process.stdin = cast(IO[bytes], exec_process.stdin) with open(from_path, "rb") as from_file: - shutil.copyfileobj(from_file, docker.stdin) + shutil.copyfileobj(from_file, exec_process.stdin) - docker.stdin.close() - docker.wait() + exec_process.stdin.close() + exec_process.wait() - if docker.returncode: - raise subprocess.CalledProcessError(docker.returncode, docker.args, None, None) + if exec_process.returncode: + raise subprocess.CalledProcessError( + exec_process.returncode, exec_process.args, None, None + ) def copy_out(self, from_path: PurePath, to_path: Path) -> None: # note: we assume from_path is a dir diff --git a/cibuildwheel/options.py b/cibuildwheel/options.py index df4114e22..8a5e75c38 100644 --- a/cibuildwheel/options.py +++ b/cibuildwheel/options.py @@ -27,8 +27,8 @@ from packaging.specifiers import SpecifierSet from .architecture import Architecture -from .docker_container import ContainerEngine from .environment import EnvironmentParseError, ParsedEnvironment, parse_environment +from .oci_container import ContainerEngine from .projectfiles import get_requires_python_str from .typing import PLATFORMS, Literal, PlatformName, TypedDict from .util import ( diff --git a/docs/diagram.md b/docs/diagram.md index d0557b4fb..fe5429974 100644 --- a/docs/diagram.md +++ b/docs/diagram.md @@ -8,7 +8,7 @@
- Manylinux Docker container + Manylinux container
@@ -76,7 +76,7 @@ steps: [ [ { - label: 'copy project into docker', + label: 'copy project into container', platforms: ['linux'], style: 'block', width: 2, @@ -204,7 +204,7 @@ ], [ { - label: 'Copy wheels out of Docker', + label: 'Copy wheels out of container', platforms: ['linux'], style: 'block', width: 2, diff --git a/docs/faq.md b/docs/faq.md index 66c056185..fbbf4c67e 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -4,15 +4,15 @@ title: Tips and tricks ## Tips -### Linux builds on Docker +### Linux builds in containers -Linux wheels are built in the [`manylinux`/`musllinux` docker images](https://github.com/pypa/manylinux) to provide binary compatible wheels on Linux, according to [PEP 600](https://www.python.org/dev/peps/pep-0600/) / [PEP 656](https://www.python.org/dev/peps/pep-0656/). Because of this, when building with `cibuildwheel` on Linux, a few things should be taken into account: +Linux wheels are built in [`manylinux`/`musllinux` containers](https://github.com/pypa/manylinux) to provide binary compatible wheels on Linux, according to [PEP 600](https://www.python.org/dev/peps/pep-0600/) / [PEP 656](https://www.python.org/dev/peps/pep-0656/). Because of this, when building with `cibuildwheel` on Linux, a few things should be taken into account: -- Programs and libraries are not installed on the CI runner host, but rather should be installed inside of the Docker image - using `yum` for `manylinux2010` or `manylinux2014`, `apt-get` for `manylinux_2_24` and `apk` for `musllinux_1_1`, or manually. The same goes for environment variables that are potentially needed to customize the wheel building. +- Programs and libraries are not installed on the CI runner host, but rather should be installed inside the container - using `yum` for `manylinux2010` or `manylinux2014`, `apt-get` for `manylinux_2_24` and `apk` for `musllinux_1_1`, or manually. The same goes for environment variables that are potentially needed to customize the wheel building. - `cibuildwheel` supports this by providing the [`CIBW_ENVIRONMENT`](options.md#environment) and [`CIBW_BEFORE_ALL`](options.md#before-all) options to setup the build environment inside the running Docker image. + `cibuildwheel` supports this by providing the [`CIBW_ENVIRONMENT`](options.md#environment) and [`CIBW_BEFORE_ALL`](options.md#before-all) options to setup the build environment inside the running container. -- The project directory is mounted in the running Docker instance as `/project`, the output directory for the wheels as `/output`. In general, this is handled transparently by `cibuildwheel`. For a more finegrained level of control however, the root of the host file system is mounted as `/host`, allowing for example to access shared files, caches, etc. on the host file system. Note that `/host` is not available on CircleCI due to their Docker policies. +- The project directory is mounted inside the container as `/project`, the output directory for the wheels as `/output`. In general, this is handled transparently by `cibuildwheel`. For a more finegrained level of control however, the root of the host file system is mounted as `/host`, allowing for example to access shared files, caches, etc. on the host file system. Note that `/host` is not available on CircleCI due to their Docker policies. - Alternative Docker images can be specified with the `CIBW_MANYLINUX_*_IMAGE`/`CIBW_MUSLLINUX_*_IMAGE` options to allow for a custom, preconfigured build environment for the Linux builds. See [options](options.md#linux-image) for more details. diff --git a/docs/options.md b/docs/options.md index f72b388a3..fbd03796c 100644 --- a/docs/options.md +++ b/docs/options.md @@ -117,9 +117,9 @@ matches overriding earlier ones if multiple selectors match. Environment variables always override static configuration. A few of the options below have special handling in overrides. A different -`before-all` will trigger a new docker launch on Linux, and cannot be +`before-all` will trigger a new container to launch on Linux, and cannot be overridden on macOS or Windows. Overriding the image on linux will also -generate new docker launches, one per image. Some commands are not supported; +trigger new containers, one per image. Some commands are not supported; `output-dir`, build/skip/test_skip selectors, and architectures cannot be overridden. @@ -174,7 +174,7 @@ Default: `auto` `auto` will auto-detect platform using environment variables, such as `TRAVIS_OS_NAME`/`APPVEYOR`/`CIRCLECI`. -- For `linux`, you need Docker running, on Linux, macOS, or Windows. +- For `linux`, you need [Docker or Podman](#container-engine) running, on Linux, macOS, or Windows. - For `macos` and `windows`, you need to be running on the respective system, with a working compiler toolchain installed - Xcode Command Line tools for macOS, and MSVC for Windows. This option can also be set using the [command-line option](#command-line) `--platform`. This option is not available in the `pyproject.toml` config. @@ -523,7 +523,7 @@ Choose which build backend to use. Can either be "pip", which will run A list of environment variables to set during the build. Bash syntax should be used, even on Windows. -You must set this variable to pass variables to Linux builds (since they execute in a Docker container). It also works for the other platforms. +You must set this variable to pass variables to Linux builds (since they execute in a container). It also works for the other platforms. You can use `$PATH` syntax to insert other variables, or the `$(pwd)` syntax to insert the output of other shell commands. @@ -637,14 +637,14 @@ To specify more than one environment variable, separate the variable names by sp Shell command to prepare a common part of the project (e.g. build or install libraries which does not depend on the specific version of Python). -This option is very useful for the Linux build, where builds take place in isolated Docker containers managed by cibuildwheel. This command will run inside the container before the wheel builds start. Note, if you're building both `x86_64` and `i686` wheels (the default), your build uses two different Docker images. In that case, this command will execute twice - once per build container. +This option is very useful for the Linux build, where builds take place in isolated containers managed by cibuildwheel. This command will run inside the container before the wheel builds start. Note, if you're building both `x86_64` and `i686` wheels (the default), your build uses two different container images. In that case, this command will execute twice - once per build container. The placeholder `{package}` can be used here; it will be replaced by the path to the package being built by cibuildwheel. On Windows and macOS, the version of Python available inside `CIBW_BEFORE_ALL` is whatever is available on the host machine. On Linux, a modern Python version is available on PATH. This option has special behavior in the overrides section in `pyproject.toml`. -On linux, overriding it triggers a new docker launch. It cannot be overridden +On linux, overriding it triggers a new container launch. It cannot be overridden on macOS and Windows. Platform-specific environment variables also available:
@@ -866,7 +866,7 @@ Platform-specific environment variables are also available:
### `CIBW_MANYLINUX_*_IMAGE`, `CIBW_MUSLLINUX_*_IMAGE` {: #linux-image} -> Specify alternative manylinux / musllinux Docker images +> Specify alternative manylinux / musllinux container images The available options are (default value): @@ -893,9 +893,9 @@ For `CIBW_MUSLLINUX_*_IMAGE`, the value of this option can either be set to `mus If this option is blank, it will fall though to the next available definition (environment variable -> pyproject.toml -> default). -If setting a custom Docker image, you'll need to make sure it can be used in the same way as the official, default Docker images: all necessary Python and pip versions need to be present in `/opt/python/`, and the auditwheel tool needs to be present for cibuildwheel to work. Apart from that, the architecture and relevant shared system libraries need to be compatible to the relevant standard to produce valid manylinux1/manylinux2010/manylinux2014/manylinux_2_24/manylinux_2_28/musllinux_1_1 wheels (see [pypa/manylinux on GitHub](https://github.com/pypa/manylinux), [PEP 513](https://www.python.org/dev/peps/pep-0513/), [PEP 571](https://www.python.org/dev/peps/pep-0571/), [PEP 599](https://www.python.org/dev/peps/pep-0599/), [PEP 600](https://www.python.org/dev/peps/pep-0600/) and [PEP 656](https://www.python.org/dev/peps/pep-0656/) for more details). +If setting a custom image, you'll need to make sure it can be used in the same way as the default images: all necessary Python and pip versions need to be present in `/opt/python/`, and the auditwheel tool needs to be present for cibuildwheel to work. Apart from that, the architecture and relevant shared system libraries need to be compatible to the relevant standard to produce valid manylinux1/manylinux2010/manylinux2014/manylinux_2_24/manylinux_2_28/musllinux_1_1 wheels (see [pypa/manylinux on GitHub](https://github.com/pypa/manylinux), [PEP 513](https://www.python.org/dev/peps/pep-0513/), [PEP 571](https://www.python.org/dev/peps/pep-0571/), [PEP 599](https://www.python.org/dev/peps/pep-0599/), [PEP 600](https://www.python.org/dev/peps/pep-0600/) and [PEP 656](https://www.python.org/dev/peps/pep-0656/) for more details). -Auditwheel detects the version of the manylinux / musllinux standard in the Docker image through the `AUDITWHEEL_PLAT` environment variable, as cibuildwheel has no way of detecting the correct `--plat` command line argument to pass to auditwheel for a custom image. If a Docker image does not correctly set this `AUDITWHEEL_PLAT` environment variable, the `CIBW_ENVIRONMENT` option can be used to do so (e.g., `CIBW_ENVIRONMENT='AUDITWHEEL_PLAT="manylinux2010_$(uname -m)"'`). +Auditwheel detects the version of the manylinux / musllinux standard in the image through the `AUDITWHEEL_PLAT` environment variable, as cibuildwheel has no way of detecting the correct `--plat` command line argument to pass to auditwheel for a custom image. If a custom image does not correctly set this `AUDITWHEEL_PLAT` environment variable, the `CIBW_ENVIRONMENT` option can be used to do so (e.g., `CIBW_ENVIRONMENT='AUDITWHEEL_PLAT="manylinux2010_$(uname -m)"'`). #### Examples diff --git a/test/test_docker_images.py b/test/test_container_images.py similarity index 100% rename from test/test_docker_images.py rename to test/test_container_images.py diff --git a/test/test_manylinuxXXXX_only.py b/test/test_manylinuxXXXX_only.py index 2a80cbb34..935aa5925 100644 --- a/test/test_manylinuxXXXX_only.py +++ b/test/test_manylinuxXXXX_only.py @@ -53,7 +53,7 @@ ) def test(manylinux_image, tmp_path): if utils.platform != "linux": - pytest.skip("the docker test is only relevant to the linux build") + pytest.skip("the container image test is only relevant to the linux build") elif platform.machine() not in ["x86_64", "i686"]: if manylinux_image in ["manylinux1", "manylinux2010"]: pytest.skip("manylinux1 and 2010 doesn't exist for non-x86 architectures") diff --git a/unit_test/linux_build_steps_test.py b/unit_test/linux_build_steps_test.py index fd8f17884..36aaebb70 100644 --- a/unit_test/linux_build_steps_test.py +++ b/unit_test/linux_build_steps_test.py @@ -2,8 +2,8 @@ from pathlib import Path from pprint import pprint -import cibuildwheel.docker_container import cibuildwheel.linux +import cibuildwheel.oci_container from cibuildwheel.options import Options from .utils import get_default_command_line_arguments @@ -11,7 +11,7 @@ def test_linux_container_split(tmp_path: Path, monkeypatch): """ - Tests splitting linux builds by docker image and before_all + Tests splitting linux builds by container image and before_all """ args = get_default_command_line_arguments() diff --git a/unit_test/docker_container_test.py b/unit_test/oci_container_test.py similarity index 99% rename from unit_test/docker_container_test.py rename to unit_test/oci_container_test.py index e4252b03e..ca6291191 100644 --- a/unit_test/docker_container_test.py +++ b/unit_test/oci_container_test.py @@ -9,8 +9,8 @@ import pytest import toml -from cibuildwheel.docker_container import OCIContainer from cibuildwheel.environment import EnvironmentAssignmentBash +from cibuildwheel.oci_container import OCIContainer # Test utilities diff --git a/unit_test/option_prepare_test.py b/unit_test/option_prepare_test.py index 903746d46..10bca4329 100644 --- a/unit_test/option_prepare_test.py +++ b/unit_test/option_prepare_test.py @@ -15,7 +15,7 @@ @pytest.fixture -def mock_build_docker(monkeypatch): +def mock_build_container(monkeypatch): def fail_on_call(*args, **kwargs): raise RuntimeError("This should never be called") @@ -37,56 +37,58 @@ def ignore_context_call(*args, **kwargs): monkeypatch.setattr(util, "download", fail_on_call) monkeypatch.setattr("cibuildwheel.linux.OCIContainer", ignore_context_call) - monkeypatch.setattr("cibuildwheel.linux.build_on_docker", mock.Mock(spec=linux.build_on_docker)) + monkeypatch.setattr( + "cibuildwheel.linux.build_in_container", mock.Mock(spec=linux.build_in_container) + ) monkeypatch.setattr("cibuildwheel.util.print_new_wheels", ignore_context_call) -def test_build_default_launches(mock_build_docker, fake_package_dir, monkeypatch): +def test_build_default_launches(mock_build_container, fake_package_dir, monkeypatch): monkeypatch.setattr(sys, "argv", ["cibuildwheel", "--platform=linux"]) main() - build_on_docker = cast(mock.Mock, linux.build_on_docker) + build_in_container = cast(mock.Mock, linux.build_in_container) - assert build_on_docker.call_count == 4 + assert build_in_container.call_count == 4 # In Python 3.8+, this can be simplified to [0].kwargs - kwargs = build_on_docker.call_args_list[0][1] - assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert not kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[0][1] + assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert not kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == {f"{x}-manylinux_x86_64" for x in ALL_IDS} - kwargs = build_on_docker.call_args_list[1][1] - assert "quay.io/pypa/manylinux2014_i686" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[1][1] + assert "quay.io/pypa/manylinux2014_i686" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == {f"{x}-manylinux_i686" for x in ALL_IDS} - kwargs = build_on_docker.call_args_list[2][1] - assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert not kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[2][1] + assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert not kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == { f"{x}-musllinux_x86_64" for x in ALL_IDS for x in ALL_IDS if "pp" not in x } - kwargs = build_on_docker.call_args_list[3][1] - assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[3][1] + assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == {f"{x}-musllinux_i686" for x in ALL_IDS if "pp" not in x} -def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): +def test_build_with_override_launches(mock_build_container, monkeypatch, tmp_path): pkg_dir = tmp_path / "cibw_package" pkg_dir.mkdir() @@ -113,23 +115,23 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): main() - build_on_docker = cast(mock.Mock, linux.build_on_docker) + build_in_container = cast(mock.Mock, linux.build_in_container) - assert build_on_docker.call_count == 6 + assert build_in_container.call_count == 6 - kwargs = build_on_docker.call_args_list[0][1] - assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert not kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[0][1] + assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert not kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == {"cp36-manylinux_x86_64"} assert kwargs["options"].build_options("cp36-manylinux_x86_64").before_all == "true" - kwargs = build_on_docker.call_args_list[1][1] - assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert not kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[1][1] + assert "quay.io/pypa/manylinux2014_x86_64" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert not kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == { @@ -137,10 +139,10 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): } assert kwargs["options"].build_options("cp37-manylinux_x86_64").before_all == "" - kwargs = build_on_docker.call_args_list[2][1] - assert "quay.io/pypa/manylinux_2_24_x86_64" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert not kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[2][1] + assert "quay.io/pypa/manylinux_2_24_x86_64" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert not kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == { "cp310-manylinux_x86_64", @@ -149,28 +151,28 @@ def test_build_with_override_launches(mock_build_docker, monkeypatch, tmp_path): "pp39-manylinux_x86_64", } - kwargs = build_on_docker.call_args_list[3][1] - assert "quay.io/pypa/manylinux2014_i686" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[3][1] + assert "quay.io/pypa/manylinux2014_i686" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == {f"{x}-manylinux_i686" for x in ALL_IDS} - kwargs = build_on_docker.call_args_list[4][1] - assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert not kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[4][1] + assert "quay.io/pypa/musllinux_1_1_x86_64" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert not kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == { f"{x}-musllinux_x86_64" for x in ALL_IDS for x in ALL_IDS if "pp" not in x } - kwargs = build_on_docker.call_args_list[5][1] - assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["docker"]["image"] - assert kwargs["docker"]["cwd"] == PurePosixPath("/project") - assert kwargs["docker"]["simulate_32_bit"] + kwargs = build_in_container.call_args_list[5][1] + assert "quay.io/pypa/musllinux_1_1_i686" in kwargs["container"]["image"] + assert kwargs["container"]["cwd"] == PurePosixPath("/project") + assert kwargs["container"]["simulate_32_bit"] identifiers = {x.identifier for x in kwargs["platform_configs"]} assert identifiers == {f"{x}-musllinux_i686" for x in ALL_IDS if "pp" not in x} From e5ef3c1b7616446bbdeb8da2b0bbb203ccb582dd Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 18:35:28 +0100 Subject: [PATCH 22/32] Tweak test config to remove always-skipped test --- unit_test/oci_container_test.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/unit_test/oci_container_test.py b/unit_test/oci_container_test.py index ca6291191..baee3c3d1 100644 --- a/unit_test/oci_container_test.py +++ b/unit_test/oci_container_test.py @@ -217,10 +217,10 @@ def test_environment_executor(container_engine): assert assignment.evaluated_value({}, container.environment_executor) == "42" -def test_podman_vfs(container_engine, tmp_path: Path, monkeypatch): +def test_podman_vfs(tmp_path: Path, monkeypatch, request): # Tests podman VFS, for the podman in docker use-case - if container_engine != "podman": - pytest.skip("podman is the only supported container engine for this test") + if not request.config.getoption("--run-podman"): + pytest.skip("need --run-podman option to run") # create the VFS configuration vfs_path = tmp_path / "podman_vfs" @@ -278,7 +278,7 @@ def test_podman_vfs(container_engine, tmp_path: Path, monkeypatch): monkeypatch.setenv("CONTAINERS_CONF", str(vfs_containers_conf_fpath)) monkeypatch.setenv("CONTAINERS_STORAGE_CONF", str(vfs_containers_storage_conf_fpath)) - with OCIContainer(engine=container_engine, image=DEFAULT_IMAGE) as container: + with OCIContainer(engine="podman", image=DEFAULT_IMAGE) as container: # test running a command assert container.call(["echo", "hello"], capture_output=True) == "hello\n" From f23d8aaae56a36dbb1b73e89757003804001794f Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 19:08:46 +0100 Subject: [PATCH 23/32] Add an integration test for a podman build --- .github/workflows/test.yml | 2 +- bin/run_tests.py | 44 +++++++++++++++++++++++--------------- test/conftest.py | 15 +------------ test/test_emulation.py | 6 ++++-- test/test_podman.py | 37 ++++++++++++++++++++++++++++++++ 5 files changed, 70 insertions(+), 34 deletions(-) create mode 100644 test/test_podman.py diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 63f3f5d45..8b565e368 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -75,7 +75,7 @@ jobs: - name: Test cibuildwheel run: | - python ./bin/run_tests.py + python ./bin/run_tests.py --run-podman test-emulated: name: Test emulated cibuildwheel using qemu diff --git a/bin/run_tests.py b/bin/run_tests.py index 44c6d3027..5f3a3606e 100755 --- a/bin/run_tests.py +++ b/bin/run_tests.py @@ -1,33 +1,43 @@ #!/usr/bin/env python3 +import argparse import os import subprocess import sys from pathlib import Path if __name__ == "__main__": + parser = argparse.ArgumentParser() + parser.add_argument("--run-podman", action="store_true", default=False, help="run podman tests") + args = parser.parse_args() + # move cwd to the project root os.chdir(Path(__file__).resolve().parents[1]) - # run the unit tests + # unit tests unit_test_args = [sys.executable, "-m", "pytest", "unit_test"] - # run the docker unit tests only on Linux + if sys.platform.startswith("linux"): + # run the docker unit tests only on Linux unit_test_args += ["--run-docker"] + if args.run_podman: + unit_test_args += ["--run-podman"] + subprocess.run(unit_test_args, check=True) - # run the integration tests - subprocess.run( - [ - sys.executable, - "-m", - "pytest", - "--numprocesses=2", - "-x", - "--durations", - "0", - "--timeout=2400", - "test", - ], - check=True, - ) + # integration tests + integration_test_args = [ + sys.executable, + "-m", + "pytest", + "--numprocesses=2", + "-x", + "--durations", + "0", + "--timeout=2400", + "test", + ] + if args.run_podman: + integration_test_args += ["--run-podman"] + + subprocess.run(integration_test_args, check=True) diff --git a/test/conftest.py b/test/conftest.py index d8ff2f626..e7c421123 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -7,20 +7,7 @@ def pytest_addoption(parser) -> None: parser.addoption( "--run-emulation", action="store_true", default=False, help="run emulation tests" ) - - -def pytest_configure(config): - config.addinivalue_line("markers", "emulation: mark test requiring qemu binfmt_misc to run") - - -def pytest_collection_modifyitems(config, items) -> None: - if config.getoption("--run-emulation"): - # --run-emulation given in cli: do not skip emulation tests - return - skip_emulation = pytest.mark.skip(reason="need --run-emulation option to run") - for item in items: - if "emulation" in item.keywords: - item.add_marker(skip_emulation) + parser.addoption("--run-podman", action="store_true", default=False, help="run podman tests") @pytest.fixture( diff --git a/test/test_emulation.py b/test/test_emulation.py index dd76ab36c..95b574dd7 100644 --- a/test/test_emulation.py +++ b/test/test_emulation.py @@ -17,8 +17,10 @@ def test_spam(): """ -@pytest.mark.emulation -def test(tmp_path): +def test(tmp_path, request): + if not request.config.getoption("--run-emulation"): + pytest.skip("needs --run-emulation option to run") + project_dir = tmp_path / "project" project_with_a_test.generate(project_dir) diff --git a/test/test_podman.py b/test/test_podman.py new file mode 100644 index 000000000..d4bdf5565 --- /dev/null +++ b/test/test_podman.py @@ -0,0 +1,37 @@ +import pytest + +from . import test_projects, utils + +basic_project = test_projects.new_c_project() + + +def test(tmp_path, capfd, request): + if utils.platform != "linux": + pytest.skip("the test is only relevant to the linux build") + + if not request.config.getoption("--run-podman"): + pytest.skip("needs --run-podman option to run") + + project_dir = tmp_path / "project" + basic_project.generate(project_dir) + + # build some musllinux and manylinux wheels (ensuring that we use two containers) + actual_wheels = utils.cibuildwheel_run( + project_dir, + add_env={ + "CIBW_BUILD": "cp310-*{manylinux,musllinux}_x86_64", + "CIBW_BEFORE_ALL": "echo 'test log statement from before-all'", + }, + ) + + # check that the expected wheels are produced + expected_wheels = [ + w + for w in utils.expected_wheels("spam", "0.1.0") + if ("-cp310-" in w) and ("x86_64" in w) and ("manylinux" in w or "musllinux" in w) + ] + assert set(actual_wheels) == set(expected_wheels) + + # check that stdout is bring passed-though from container correctly + captured = capfd.readouterr() + assert "test log statement from before-all" in captured.out From b612a6c9936161840bbf316dde6f51fb50781ece Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 19:19:00 +0100 Subject: [PATCH 24/32] Actually run the podman integration test on podman :) --- test/test_podman.py | 1 + 1 file changed, 1 insertion(+) diff --git a/test/test_podman.py b/test/test_podman.py index d4bdf5565..dd07572b7 100644 --- a/test/test_podman.py +++ b/test/test_podman.py @@ -21,6 +21,7 @@ def test(tmp_path, capfd, request): add_env={ "CIBW_BUILD": "cp310-*{manylinux,musllinux}_x86_64", "CIBW_BEFORE_ALL": "echo 'test log statement from before-all'", + "CIBW_CONTAINER_ENGINE": "podman", }, ) From 22ba00bb4619787fe2892dd89286a5052f44f821 Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Mon, 27 Jun 2022 19:32:35 +0100 Subject: [PATCH 25/32] Fix missing rename --- cibuildwheel/oci_container.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cibuildwheel/oci_container.py b/cibuildwheel/oci_container.py index 2d79720f8..3550a88cf 100644 --- a/cibuildwheel/oci_container.py +++ b/cibuildwheel/oci_container.py @@ -30,7 +30,7 @@ class OCIContainer: back to cibuildwheel. Example: - >>> from cibuildwheel.docker_container import * # NOQA + >>> from cibuildwheel.oci_container import * # NOQA >>> from cibuildwheel.options import _get_pinned_container_images >>> image = _get_pinned_container_images()['x86_64']['manylinux2014'] >>> # Test the default container From 12a3fa2d3e6e232b3114679730436df7d7add175 Mon Sep 17 00:00:00 2001 From: joncrall Date: Mon, 27 Jun 2022 16:23:02 -0400 Subject: [PATCH 26/32] Use tomli_w instead of toml --- setup.py | 2 +- unit_test/oci_container_test.py | 11 ++++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/setup.py b/setup.py index ad32d3f3a..2ceaa359b 100644 --- a/setup.py +++ b/setup.py @@ -14,7 +14,7 @@ "pytest-timeout", "pytest-xdist", "build", - "toml", + "toml_w", ], "bin": [ "click", diff --git a/unit_test/oci_container_test.py b/unit_test/oci_container_test.py index baee3c3d1..838c72bda 100644 --- a/unit_test/oci_container_test.py +++ b/unit_test/oci_container_test.py @@ -7,7 +7,8 @@ from pathlib import Path, PurePath, PurePosixPath import pytest -import toml + +import tomli_w from cibuildwheel.environment import EnvironmentAssignmentBash from cibuildwheel.oci_container import OCIContainer @@ -269,11 +270,11 @@ def test_podman_vfs(tmp_path: Path, monkeypatch, request): vfs_containers_conf_fpath = vfs_path / "temp_vfs_containers.conf" vfs_containers_storage_conf_fpath = vfs_path / "temp_vfs_containers_storage.conf" - with open(vfs_containers_conf_fpath, "w") as file: - toml.dump(vfs_containers_conf_data, file) + with open(vfs_containers_conf_fpath, "wb") as file: + tomli_w.dump(vfs_containers_conf_data, file) - with open(vfs_containers_storage_conf_fpath, "w") as file: - toml.dump(vfs_containers_storage_conf_data, file) + with open(vfs_containers_storage_conf_fpath, "wb") as file: + tomli_w.dump(vfs_containers_storage_conf_data, file) monkeypatch.setenv("CONTAINERS_CONF", str(vfs_containers_conf_fpath)) monkeypatch.setenv("CONTAINERS_STORAGE_CONF", str(vfs_containers_storage_conf_fpath)) From 46678e24e312ff75bd479bab53160172d0ebf6b9 Mon Sep 17 00:00:00 2001 From: joncrall Date: Mon, 27 Jun 2022 16:24:00 -0400 Subject: [PATCH 27/32] Inlined podman install --- .github/install_latest_podman.sh | 12 ------------ .github/workflows/test.yml | 7 ++++++- 2 files changed, 6 insertions(+), 13 deletions(-) delete mode 100755 .github/install_latest_podman.sh diff --git a/.github/install_latest_podman.sh b/.github/install_latest_podman.sh deleted file mode 100755 index 42eca8b9f..000000000 --- a/.github/install_latest_podman.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -__doc__=" -Based on code in: https://github.com/redhat-actions/podman-login/blob/main/.github/install_latest_podman.sh -" -# https://podman.io/getting-started/installation -# shellcheck source=/dev/null -. /etc/os-release -echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list -curl -sSfL "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/Release.key" | sudo apt-key add - -sudo apt-get update -sudo apt-get -y upgrade -sudo apt-get -y install podman diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8b565e368..20217b16c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -50,7 +50,12 @@ jobs: - name: Install latest podman if: runner.os == 'Linux' run: | - bash .github/install_latest_podman.sh + . /etc/os-release + echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list + curl -sSfL "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/Release.key" | sudo apt-key add - + sudo apt-get update + sudo apt-get -y upgrade + sudo apt-get -y install podman - name: Install dependencies run: | From 062ab6cb93e035cff13f7abc842effa11be16181 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 27 Jun 2022 20:24:14 +0000 Subject: [PATCH 28/32] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- unit_test/oci_container_test.py | 1 - 1 file changed, 1 deletion(-) diff --git a/unit_test/oci_container_test.py b/unit_test/oci_container_test.py index 838c72bda..2f425daf0 100644 --- a/unit_test/oci_container_test.py +++ b/unit_test/oci_container_test.py @@ -7,7 +7,6 @@ from pathlib import Path, PurePath, PurePosixPath import pytest - import tomli_w from cibuildwheel.environment import EnvironmentAssignmentBash From f182ed3cfaa13a2b90d1f9a21cfb59df8f2098be Mon Sep 17 00:00:00 2001 From: joncrall Date: Mon, 27 Jun 2022 23:40:41 -0400 Subject: [PATCH 29/32] Fix spelling --- .pre-commit-config.yaml | 2 +- setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e54c6d3bb..e93e3dc8e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -61,13 +61,13 @@ repos: - pygithub - rich - tomli + - tomli_w - types-certifi - types-click - types-dataclasses - types-jinja2 - types-pyyaml - types-requests - - types-toml - bracex - dataclasses - id: mypy diff --git a/setup.py b/setup.py index 2ceaa359b..cd4956e13 100644 --- a/setup.py +++ b/setup.py @@ -14,7 +14,7 @@ "pytest-timeout", "pytest-xdist", "build", - "toml_w", + "tomli_w", ], "bin": [ "click", From f69fa19d071e7429e1036fbbe26c1b9741a88a78 Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Wed, 29 Jun 2022 20:18:08 +0100 Subject: [PATCH 30/32] Run podman tests only on linux --- bin/run_tests.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/bin/run_tests.py b/bin/run_tests.py index 5f3a3606e..82e193c35 100755 --- a/bin/run_tests.py +++ b/bin/run_tests.py @@ -8,7 +8,9 @@ if __name__ == "__main__": parser = argparse.ArgumentParser() - parser.add_argument("--run-podman", action="store_true", default=False, help="run podman tests") + parser.add_argument( + "--run-podman", action="store_true", default=False, help="run podman tests (linux only)" + ) args = parser.parse_args() # move cwd to the project root @@ -20,8 +22,9 @@ if sys.platform.startswith("linux"): # run the docker unit tests only on Linux unit_test_args += ["--run-docker"] - if args.run_podman: - unit_test_args += ["--run-podman"] + + if args.run_podman: + unit_test_args += ["--run-podman"] subprocess.run(unit_test_args, check=True) @@ -37,7 +40,8 @@ "--timeout=2400", "test", ] - if args.run_podman: + + if sys.platform.startswith("linux") and args.run_podman: integration_test_args += ["--run-podman"] subprocess.run(integration_test_args, check=True) From c4bb04567baaba1c8b5ffd24cb08fc4442c968af Mon Sep 17 00:00:00 2001 From: Joe Rickerby Date: Wed, 29 Jun 2022 21:06:24 +0100 Subject: [PATCH 31/32] Add docs for CIBW_CONTAINER_ENGINE --- README.md | 1 + docs/options.md | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/README.md b/README.md index 74f2adf43..fb40fc7f4 100644 --- a/README.md +++ b/README.md @@ -130,6 +130,7 @@ Options | | [`CIBW_BEFORE_BUILD`](https://cibuildwheel.readthedocs.io/en/stable/options/#before-build) | Execute a shell command preparing each wheel's build | | | [`CIBW_REPAIR_WHEEL_COMMAND`](https://cibuildwheel.readthedocs.io/en/stable/options/#repair-wheel-command) | Execute a shell command to repair each built wheel | | | [`CIBW_MANYLINUX_*_IMAGE`
`CIBW_MUSLLINUX_*_IMAGE`](https://cibuildwheel.readthedocs.io/en/stable/options/#linux-image) | Specify alternative manylinux / musllinux Docker images | +| | [`CIBW_CONTAINER_ENGINE`](https://cibuildwheel.readthedocs.io/en/stable/options/#container-engine) | Specify which container engine to use when building Linux wheels | | | [`CIBW_DEPENDENCY_VERSIONS`](https://cibuildwheel.readthedocs.io/en/stable/options/#dependency-versions) | Specify how cibuildwheel controls the versions of the tools it uses | | **Testing** | [`CIBW_TEST_COMMAND`](https://cibuildwheel.readthedocs.io/en/stable/options/#test-command) | Execute a shell command to test each built wheel | | | [`CIBW_BEFORE_TEST`](https://cibuildwheel.readthedocs.io/en/stable/options/#before-test) | Execute a shell command before testing each wheel | diff --git a/docs/options.md b/docs/options.md index 01ac29b07..6b8996545 100644 --- a/docs/options.md +++ b/docs/options.md @@ -964,6 +964,44 @@ Auditwheel detects the version of the manylinux / musllinux standard in the imag Like any other option, these can be placed in `[tool.cibuildwheel.linux]` if you prefer; they have no effect on `macos` and `windows`. + +### `CIBW_CONTAINER_ENGINE` {: #container-engine} +> Specify which container engine to use when building Linux wheels + +Options: `docker` `podman` + +Default: `docker` + +Set the container engine to use. Docker is the default, or you can switch to +[Podman](https://podman.io/). To use Docker, you need to have a Docker daemon +running and `docker` available on PATH. To use Podman, it needs to be +installed and `podman` available on PATH. + +!!! tip + + While most users will stick with Docker, Podman is available in different + contexts - for example, it can be run inside a Docker container, or without + root access. Thanks to the [OCI], images are compatible between engines, so + you can still use the regular manylinux/musllinux containers. + +[OCI]: https://opencontainers.org/ + +#### Examples + +!!! tab examples "Environment variables" + + ```yaml + CIBW_CONTAINER_ENGINE: podman + ``` + +!!! tab examples "pyproject.toml" + + ```toml + [tool.cibuildwheel] + container-engine = "podman" + ``` + + ### `CIBW_DEPENDENCY_VERSIONS` {: #dependency-versions} > Specify how cibuildwheel controls the versions of the tools it uses @@ -1029,6 +1067,7 @@ Platform-specific environment variables are also available:
dependency-versions = "./constraints.txt" ``` + ## Testing ### `CIBW_TEST_COMMAND` {: #test-command} From a3616700f5246548220fab6afc19b44535520bdb Mon Sep 17 00:00:00 2001 From: joncrall Date: Wed, 29 Jun 2022 21:00:15 -0400 Subject: [PATCH 32/32] Pass cwd to first two calls --- cibuildwheel/oci_container.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cibuildwheel/oci_container.py b/cibuildwheel/oci_container.py index 3550a88cf..c02f76788 100644 --- a/cibuildwheel/oci_container.py +++ b/cibuildwheel/oci_container.py @@ -110,13 +110,13 @@ def __enter__(self) -> "OCIContainer": self.bash_stdout = self.process.stdout # run a noop command to block until the container is responding - self.call(["/bin/true"]) + self.call(["/bin/true"], cwd="/") if self.cwd: # Although `docker create -w` does create the working dir if it # does not exist, podman does not. There does not seem to be a way # to setup a workdir for a container running in podman. - self.call(["mkdir", "-p", os.fspath(self.cwd)]) + self.call(["mkdir", "-p", os.fspath(self.cwd)], cwd="/") return self