Open ZeroAurora opened 3 years ago
Thanks for the suggestion! We're definitely in favour of supporting anything that makes it easier for end-users to use Briefcase; dropping the root/sudo requirement definitely falls in that category.
Out of interest - have you tried setting alias docker=podman
before running briefcase? If podman is a truly drop-in replacement, I'm wondering if we might be lucky and require no changes at all (other that suggesting/recommending the use of podman in documentation).
have you tried setting alias docker=podman before running briefcase?
I'm currently unable to access my dev environment so I'm not able to test it. I may have a try when I'm free.
have you tried setting alias docker=podman before running briefcase?
Unfortunately that doesn't work.
> docker --version
podman version 2.2.1
> briefcase build linux
Briefcase requires Docker, but it is not installed (or is not on your PATH).
The problem seems to be this check: https://github.com/beeware/briefcase/blob/06e84e7b1c3af016c828a5a640d277809de6644b/src/briefcase/integrations/docker.py#L114
@moridius Ah ok; so podman
is not a complete drop in replacement for docker
. If you modify your local version to relax that specific version text check, does build process work? If so, I'd be happy to extend the version check to include podman
's version text.
If so, I'd be happy to extend the version check to include podman's version text.
Providing a config to specify "to use podman" seems a better option.
@ZeroAurora Sure - the difference being that adapting to allow podman's input is a 1 line change to a validation string, making podman a fully supported alternative is more complex - especially if there's any kind of flag required to enable it.
If you modify your local version to relax that specific version text check, does build process work?
Unfortunately not. Next I ran into this check: https://github.com/beeware/briefcase/blob/06e84e7b1c3af016c828a5a640d277809de6644b/src/briefcase/integrations/docker.py#L178
I removed that check too and got this error:
~/s/helloworld $ (ve) briefcase build linux
[helloworld] Building AppImage...
[helloworld] Entering Docker context...
Error: default OCI runtime "crun" not found: invalid argument
Error while building app helloworld.
So I installed crun. I don't know what exactly that is but it seems to be a container runtime needed by podman.
~/s/helloworld $ (ve) briefcase build linux
[helloworld] Building AppImage...
[helloworld] Entering Docker context...
Completed short name "briefcase/com.example.helloworld" with unqualified-search registries (origin: /etc/containers/registries.conf)
Trying to pull docker.io/briefcase/com.example.helloworld:py3.9...
denied: requested access to the resource is denied
Error: Error initializing source docker://briefcase/com.example.helloworld:py3.9: Error reading manifest py3.9 in docker.io/briefcase/com.example.helloworld: errors:
denied: requested access to the resource is denied
unauthorized: authentication required
Error while building app helloworld.
Now this looks like I failed to configure podman correctly. I'll do some more tests here later. Also I'm trying to use podman rootless. This error is probably not related to rootless podman but I wanted to mention it for the sake of completeness.
Is your feature request related to a problem? Please describe. Briefcase is currently using Docker as its building backend in Linux. This requires Docker to be installed and callable in non-root environment, which can be achieved by adding users to
docker
group. But as is mentioned in Docker's documentation, this operation grants privileges equivalent to the root user to normal user. Although Docker does provide an experimental rootless mode,podman
seems to be more stable, and is adopted by distributions like Fedora as the replacement to Docker.(However most developers don't use a multi-user machine so this issue seems to be superfluous lolol)
Describe the solution you'd like On the website of podman, it says
alias docker=podman
. I hope implementing it won't be difficult.Describe alternatives you've considered Rootless Docker