Changeset 262057 in webkit


Ignore:
Timestamp:
May 22, 2020 7:58:41 AM (4 years ago)
Author:
commit-queue@webkit.org
Message:

[Flatpak SDK] Add bubblewrap ... wrapper
https://bugs.webkit.org/show_bug.cgi?id=212077

Patch by Philippe Normand <pnormand@igalia.com> on 2020-05-22
Reviewed by Carlos Alberto Lopez Perez.

The bind-mounts are now handled through webkit-bwrap.

  • flatpak/flatpakutils.py:

(WebkitFlatpak.execute_command):
(WebkitFlatpak.run_in_sandbox):

  • flatpak/webkit-bwrap: Added.
Location:
trunk/Tools
Files:
1 added
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Tools/ChangeLog

    r262052 r262057  
     12020-05-22  Philippe Normand  <pnormand@igalia.com>
     2
     3        [Flatpak SDK] Add bubblewrap ... wrapper
     4        https://bugs.webkit.org/show_bug.cgi?id=212077
     5
     6        Reviewed by Carlos Alberto Lopez Perez.
     7
     8        The bind-mounts are now handled through webkit-bwrap.
     9
     10        * flatpak/flatpakutils.py:
     11        (WebkitFlatpak.execute_command):
     12        (WebkitFlatpak.run_in_sandbox):
     13        * flatpak/webkit-bwrap: Added.
     14
    1152020-05-22  Javier Fernandez  <jfernandez@igalia.com>
    216

  • trunk/Tools/flatpak/flatpakutils.py

    r262052 r262057  
    488488        self.sccache_scheduler = DEFAULT_SCCACHE_SCHEDULER
    489489
    490     def execute_command(self, args, stdout=None, stderr=None):
     490    def execute_command(self, args, stdout=None, stderr=None, env=None):
    491491        _log.debug('Running in sandbox: %s\n' % ' '.join(args))
    492492        result = 0
    493493        try:
    494             result = subprocess.check_call(args, stdout=stdout, stderr=stderr)
     494            result = subprocess.check_call(args, stdout=stdout, stderr=stderr, env=env)
    495495        except subprocess.CalledProcessError as err:
    496496            if self.verbose:
     
    639639        }
    640640
     641        if not args:
     642            args.append("bash")
     643
    641644        if args:
    642645            if os.path.exists(args[0]):
     
    652655            building = False
    653656
    654         # FIXME: Using the `run` flatpak command would be better, but it doesn't
    655         # have a --bind-mount option.
    656         flatpak_command = ["flatpak", "build",
     657        flatpak_command = ["flatpak", "run",
    657658                           "--die-with-parent",
     659                           "--allow=devel",
    658660                           "--talk-name=org.a11y.Bus",
    659661                           "--talk-name=org.gtk.vfs",
    660                            "--talk-name=org.gtk.vfs.*",
    661                            "--bind-mount=/run/shm=/dev/shm",
    662                            # Access to /run/host is required by the crash log reporter.
    663                            "--bind-mount=/run/host/%s=%s" % (tempfile.gettempdir(), tempfile.gettempdir()),
    664                            # flatpak build doesn't expose a --socket option for
    665                            # white-listing the systemd journal socket. So
    666                            # white-list it in /run, hoping this is the right
    667                            # path.
    668                            "--bind-mount=/run/systemd/journal=/run/systemd/journal",
    669                            "--bind-mount=%s=%s" % (self.sandbox_source_root, self.source_root)]
     662                           "--talk-name=org.gtk.vfs.*"]
    670663
    671664        if args and args[0].endswith("build-webkit") and not self.is_branch_build():
     
    676669                if e.errno != errno.EEXIST:
    677670                    raise e
    678 
    679         # We mount WebKitBuild/PORTNAME/BuildType to /app/webkit/WebKitBuild/BuildType
    680         # so we can build WPE and GTK in a same source tree.
    681         # The bind-mount is always needed, excepted during the initial setup (SDK install/updates).
    682         if os.path.isdir(self.build_path):
    683             flatpak_command.append("--bind-mount=%s=%s" % (sandbox_build_path, self.build_path))
    684671
    685672        if not building:
     
    696683                "--system-talk-name=org.a11y.Bus",
    697684                "--system-talk-name=org.freedesktop.GeoClue2",
    698                 "--talk-name=org.a11y.Bus",
    699685                "--talk-name=org.freedesktop.Flatpak"
    700686            ])
    701 
    702             xdg_runtime_dir = os.environ.get('XDG_RUNTIME_DIR', None)
    703             if not xdg_runtime_dir:
    704                 _log.debug('XDG_RUNTIME_DIR not set. Trying default location.')
    705                 try:
    706                     with open(os.devnull, 'w') as devnull:
    707                         uid = subprocess.check_output(("id", "-u"), stderr=devnull).decode().strip()
    708                         xdg_runtime_dir = '/run/user/{uid}'.format(uid=uid)
    709                 except subprocess.CalledProcessError:
    710                     _log.debug("Could not determine XDG_RUNIME_DIR. This may cause bubblewrap to fail.")
    711 
    712             if xdg_runtime_dir:
    713                 uid_doc_path = os.path.join(xdg_runtime_dir, 'doc')
    714                 if os.path.exists(uid_doc_path):
    715                     flatpak_command.append("--bind-mount={uid_doc_path}={uid_doc_path}".format(uid_doc_path=uid_doc_path))
    716                 else:
    717                     _log.debug("Can't find user document path at '{uid_doc_path}'. Not mounting it.".format(uid_doc_path=uid_doc_path))
    718 
    719             coredumps_dir = os.environ.get("WEBKIT_CORE_DUMPS_DIRECTORY")
    720             if coredumps_dir and os.path.isdir(coredumps_dir):
    721                 flatpak_command.append("--bind-mount={coredumps_dir}={coredumps_dir}".format(coredumps_dir=coredumps_dir))
    722687
    723688            sandbox_environment.update({
     
    798763            if share_network_option not in flatpak_command:
    799764                flatpak_command.append(share_network_option)
    800             flatpak_command.append("--bind-mount=/var/run/icecc=/var/run/icecc")
    801765
    802766            n_cores = multiprocessing.cpu_count() * 3
     
    809773            sandbox_environment.update({
    810774                "CCACHE_PREFIX": "icecc",
     775                "ICECC_TEST_SOCKET": "/run/icecc/iceccd.socket",
    811776                "ICECC_VERSION": toolchain_path,
    812777                "NUMBER_OF_PROCESSORS": n_cores,
     
    820785            gst_env = self.setup_gstbuild(building)
    821786
    822         flatpak_command += extra_flatpak_args + [self.flatpak_build_path] + gst_env + args
     787        flatpak_command += extra_flatpak_args + gst_env + ['--command=%s' % args[0], "org.webkit.Sdk"] + args[1:]
     788
     789        flatpak_env = os.environ
     790        flatpak_env.update({
     791            "FLATPAK_BWRAP": os.path.join(scriptdir, "webkit-bwrap"),
     792            "WEBKIT_BUILD_DIR_BIND_MOUNT": "%s:%s" % (sandbox_build_path, self.build_path)
     793        })
    823794
    824795        try:
    825             return self.execute_command(flatpak_command, stdout=stdout)
     796            return self.execute_command(flatpak_command, stdout=stdout, env=flatpak_env)
    826797        except KeyboardInterrupt:
    827798            return 0
Note: See TracChangeset for help on using the changeset viewer.