lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1bed549b-8586-4108-a1fe-55a41916ac0c@gtucker.io>
Date: Wed, 17 Dec 2025 14:51:11 +0100
From: Guillaume Tucker <gtucker@...cker.io>
To: David Gow <davidgow@...gle.com>
Cc: Nathan Chancellor <nathan@...nel.org>, Miguel Ojeda <ojeda@...nel.org>,
 linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
 linux-kbuild@...r.kernel.org, automated-testing@...ts.yoctoproject.org,
 workflows@...r.kernel.org, llvm@...ts.linux.dev,
 Arnd Bergmann <arnd@...db.de>
Subject: Re: [Automated-testing] [PATCH v1 1/2] scripts: add tool to run
 containerized builds

Hello David,

On 17/12/2025 10:56 am, David Gow wrote:
> On Wed, 10 Dec 2025 at 21:58, Guillaume Tucker via
> lists.yoctoproject.org <gtucker=gtucker.io@...ts.yoctoproject.org>
> wrote:
>>
>> Add a 'scripts/container' tool written in Python to run any command in
>> the source tree from within a container.  This can typically be used
>> to call 'make' with a compiler toolchain image to run reproducible
>> builds but any arbitrary command can be run too.  Only Docker and
>> Podman are supported for this initial version.
>>
>> Cc: Nathan Chancellor <nathan@...nel.org>
>> Cc: Miguel Ojeda <ojeda@...nel.org>
>> Link: https://lore.kernel.org/all/affb7aff-dc9b-4263-bbd4-a7965c19ac4e@gtucker.io/
>> Signed-off-by: Guillaume Tucker <gtucker@...cker.io>
>> ---
> 
> I gave this a go, and am liking it so far. My only real complaints are
> that the defaults don't totally match my prejudices. :-)
> 
> Having a good default container, and perhaps falling back
> automatically to podman if docker isn't running (or just defaulting to
> podman) would make this very convenient for one-line
> tests/reproducers.

Many thanks for your feedback, I'm glad that worked for you.

Yes, the default 'gcc' image doesn't actually work in practice.  I've
proposed something else in another email to drop the default for now
but aim to provide "first-party" container images using kernel.org
toolchains which may give us some useful default later on.

Then good point about the default container runtime, I'll update the
logic to automatically look for Docker and Podman - basically iterate
through the supported runtimes - in the v2.

Cheers,
Guillaume

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ