Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build website locally with rootless podman #207

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Build website locally with rootless podman #207

wants to merge 6 commits into from

Conversation

NitrogenPointBlue
Copy link

This change is a minor optimization for local builds.

The end result is similar to the current podman-compose instructions for the user.

Tested in a qube based on the default fedora-36.

Creates make target 'rootless' based on docker-compose.yml

The 'rootless' target:

  • Eliminates the podman-compose dependency.
  • Eliminates the need to run make with sudo to build the website locally.

You may still need to add gem 'webrick' to the Gemfile for the website to build based on this pull request.

@andrewdavidwong
Copy link
Member

andrewdavidwong commented Oct 7, 2022
edited
Loading

Thank you for your contribution.

If anyone else reading this is able to test the new instructions and confirm they work (for the purpose of independent verification), then we can probably consider this as having passed review and merge it.

@UndeadDevel UndeadDevel mentioned this pull request Nov 14, 2023
Open
@marmarek
Copy link
Member

This currently fails for me with this error:

Gem::Ext::BuildError: ERROR: Failed to build gem native extension.

    current directory: /usr/gem/gems/bigdecimal-3.1.3/ext/bigdecimal
/usr/local/bin/ruby -I /usr/local/lib/ruby/site_ruby/3.1.0 extconf.rb
checking RUBY_BIGDECIMAL_VERSION... 3.1.3
checking for __builtin_clz()... *** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
	--with-opt-dir
	--without-opt-dir
	--with-opt-include
	--without-opt-include=${opt-dir}/include
	--with-opt-lib
	--without-opt-lib=${opt-dir}/lib
	--with-make-prog
	--without-make-prog
	--srcdir=.
	--curdir
	--ruby=/usr/local/bin/$(RUBY_BASE_NAME)
/usr/local/lib/ruby/3.1.0/mkmf.rb:498:in `try_do': The compiler failed to generate an executable
file. (RuntimeError)
You have to install development tools first.
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:624:in `block in try_compile'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:573:in `with_werror'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:624:in `try_compile'
	from extconf.rb:18:in `block in have_builtin_func'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:1007:in `block in checking_for'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:362:in `block (2 levels) in postpone'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:332:in `open'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:362:in `block in postpone'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:332:in `open'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:358:in `postpone'
	from /usr/local/lib/ruby/3.1.0/mkmf.rb:1006:in `checking_for'
	from extconf.rb:17:in `have_builtin_func'
	from extconf.rb:42:in `<main>'

To see why this extension failed to compile, please check the mkmf.log which can be found here:

  /usr/gem/extensions/x86_64-linux-musl/3.1.0/bigdecimal-3.1.3/mkmf.log

extconf failed, exit code 1

Gem files will remain installed in /usr/gem/gems/bigdecimal-3.1.3 for inspection.
Results logged to /usr/gem/extensions/x86_64-linux-musl/3.1.0/bigdecimal-3.1.3/gem_make.out

  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/ext/builder.rb:102:in `run'
  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/ext/ext_conf_builder.rb:28:in `build'
  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/ext/builder.rb:171:in `build_extension'
  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/ext/builder.rb:205:in `block in build_extensions'
  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/ext/builder.rb:202:in `each'
  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/ext/builder.rb:202:in `build_extensions'
  /usr/local/lib/ruby/site_ruby/3.1.0/rubygems/installer.rb:843:in `build_extensions'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/rubygems_gem_installer.rb:72:in `build_extensions'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/rubygems_gem_installer.rb:28:in `install'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/source/rubygems.rb:200:in `install'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/installer/gem_installer.rb:54:in `install'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/installer/gem_installer.rb:16:in `install_from_spec'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/installer/parallel_installer.rb:156:in `do_install'
/usr/gem/gems/bundler-2.4.10/lib/bundler/installer/parallel_installer.rb:147:in `block in
worker_pool'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/worker.rb:62:in `apply_func'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/worker.rb:57:in `block in process_queue'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/worker.rb:54:in `loop'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/worker.rb:54:in `process_queue'
  /usr/gem/gems/bundler-2.4.10/lib/bundler/worker.rb:90:in `block (2 levels) in create_threads'

An error occurred while installing bigdecimal (3.1.3), and Bundler cannot continue.

In Gemfile:
  github-pages was resolved to 228, which depends on
    jekyll-mentions was resolved to 1.6.0, which depends on
      html-pipeline was resolved to 2.14.3, which depends on
        activesupport was resolved to 7.1.2, which depends on
          bigdecimal

@NitrogenPointBlue
Install build requirements for Jekyll
390f577 
Jekyll will attempt to compile native extensions for certain
dependencies. These will fail without the necessary packages
installed. The jekyll/jekyll container can install additional packages
located in a '.apk' file.

The 'bigdecimal' Ruby dependency requires 'gcc' and 'musl-dev' be available.

The 'json' Ruby dependency requires 'make' be available.

The 'unf_ext' Ruby dependency requires 'g++' be available.

The 'ffi' Ruby dependency requires 'linux-headers' be available.
@NitrogenPointBlue
Add 'rootless' Make target
0360ecc 
Creates a new Make target 'rootless' that seeks to avoid the need for
routine use of elevated privileges.

Initial installation of podman, git, and other tools into the
template as root is necessary. Running the development loop
as an unprivileged user in the app qube avoids unneeded access.

An additional benefit is seen with standard app qubes. Running the
process with 'sudo' will write files such as the container images to
the volatile parts of storage. The user would need to re-download the
container images after each qube restart.
@NitrogenPointBlue
Instruct podman to relabel volume with a private unshared label
2537a5a 
SELinux may deny permissions to the Jekyll container preventing it
from reading the website files. The 'Z' option instructs podman to
apply a private unshared label to the files on the host allowing the
container access.
@NitrogenPointBlue
Have podman remove the container after 'jekyll serve' finishes
b14331e 
The '--rm' flag removes the container when it exits.

If the intention of using containers is to create a more consistent
development environment, explicitly removing the container between
runs will help prevent inconsistencies due to a container's internal
state.

The image upon which the container is based is untouched by this flag.
@NitrogenPointBlue
Add 'webrick' gem if website is being built locally
b4e14f1 
Webrick used to be part of the Ruby standard library in version 2. It
was removed in Ruby version 3.

Jekyll lists webrick as a dependency. It does not install it by
default, however. Jekyll can be used to simply build a website and
then a different program can serve it. Webrick is only needed if
Jekyll will need to serve files. The command run in the podman
container is 'jekyll serve' and will require webrick.

As webrick is not needed if Jekyll is only building the website, the
gem statement is conditional upon an environment variable set by the
podman command.
@NitrogenPointBlue
Update README.md with rootless podman instructions
1bf9eed
@NitrogenPointBlue
Copy link
Author

I see a workflow without using containers was approved in #237. I would rather avoid the extra complexity of containers if there is not a significant benefit from it.

Irregardless, here is the solution to getting the podman workflow functioning on Fedora 38 XFCE. Permission denied problems were resolved by having podman label the website repository with a SELinux label. Webrick was added as a conditional dependency. The bigdecimal error (among others) was resolved by installing additional build tools with a '.apk' file.

This was tested in a disposableVM based on the fedora-38-xfce template with only updates applied.

One shortcoming of this current patch vs the 'bare-metal' Ruby approach is this patch requires network access each time the container is started. The ephemeral container needs to download packages from the Alpine repositories and then the Ruby gems as these are not in the base image. If there is strong interest in maintaining the container-based workflow, these steps could be baked into the image to allow offline use.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
reviewer needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@NitrogenPointBlue @andrewdavidwong @marmarek