Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[request] robust way to specify LD_LIBRARY_PATH for java/javac #12978

Closed
divanorama opened this issue Feb 8, 2021 · 6 comments
Closed

[request] robust way to specify LD_LIBRARY_PATH for java/javac #12978

divanorama opened this issue Feb 8, 2021 · 6 comments
Labels
P3 We're not considering working on this, but happy to review a PR. (No assignee) stale Issues or PRs that are stale (no activity for 30 days) team-Local-Exec Issues and PRs for the Execution (Local) team type: feature request

Comments

@divanorama
Copy link
Contributor

Description of the problem / feature request:

Bazel builds aren't fully hermetic in many cases

  • some build rules rely on #!/usr/bin/env bash + common utilities
  • repository rules rely on host commands (env, git, gcloud, go, tar, zip, python, grep, which, sed, bash, node,...)
  • compilers (like remote_jdk11 javac) may be dynamically linked and relying on host libraries (like libz.so.1)
  • dynamic linkers may rely on ld.so.cache in default locations, or shared libraries in default locations (in case executable doesn't specify search paths, which it usually doesn't for non-bundled dependencies)

But on the other hand bazel tries to cleanup environment variables and sandbox actions, which in turn may break non-hermetic cases, not always with an easy fix.

  • --action_env may not work for rules without use_default_shell_env=True including some built-in rules (like DumpPlatformClassPath
    executable = "%s/bin/javac" % host_javabase.java_home,
    )
  • --repo_env seems to cover repo rules
  • --run_under doesn't seem to work for build or repo rules (could try --run_under='env PATH=.. LD_LIBRARY_PATH=..')
  • --sandbox_add_mount_pair refuses to create paths, only overrides existing
  • supplying per-host toolchains feels non-hermetic and code-intrusive (can't just edit .bazelrc, also need to patch bzl code in the project)
  • --experimental_sandboxfs_path may be an option, but may not cover repository rules(?) and requires patching sandboxfs

As an initial crude fix, maybe being able to non-conditionally set/extend PATH&LD_LIBRARY_PATH for rules&actions would work.

Feature requests: what underlying problem are you trying to solve with this feature?

Be able to build bazel projects (on NixOS) without a lot of patching bazel or doing brittle host (or container) setup.

Starting with semi-hermetic solutions like --action_env sounds ok for a start

  • remote cache won't be easily reused, but local cache will work
  • in case with NixOS setting *PATH=/nix/store/looonghash-smth/{bin,lib} is actually safe to cache and should be reproducible, assuming other bits are

Ideally of course it would be nice to be able to specify all dependencies explicitly, at least in built-in and core rules. If not as build targets/bazel dependencies, then at least like a ./configure step with ability to always easily specify custom paths.

What operating system are you running Bazel on?

NixOS

What's the output of bazel info release?

3.3.1, but should apply to 4.0.0 too

If bazel info release returns "development version" or "(@non-git)", tell us how you built Bazel.

NixOS packages

Have you found anything relevant by searching the web?

NixPkgs already have few patches to bazel code like

There's a buildFHSUserEnv helper in NixPkgs to create FHS sandboxes/containers https://nixos.org/manual/nixpkgs/stable/#sec-fhs-environments . buildFHSUserEnv + ..._env=PATH=... + ..._env=LD_LIBRARY_PATH=... may be used to make most of rules work in NixOS, but FHS environment feels like an overkill

@divanorama divanorama changed the title [request] robust way to specify LD_LIBRARY_PATH [request] robust way to specify LD_LIBRARY_PATH for java/javac Feb 8, 2021
@divanorama
Copy link
Contributor Author

divanorama commented Feb 8, 2021

Another a bit involved case is https://github.com/bazelbuild/rules_nodejs/blob/stable/internal/providers/node_runtime_deps_info.bzl#L148 - here a rule does some env setup, so it can't(?) even apply use_default_shell_env=True or --action_env=.../--repo_env=.... When it is used to call typescript compiler wrapper tsc.sh which has #!/usr/bin/env bash the script uses tools like grep, which in turn assumes env - A=B C=D bash -c grep works on the host (which isn't necessarily true on NixOS with/without FHS wrapper)

@divanorama
Copy link
Contributor Author

One more thing that can negate fix attempts is that rules can disable sandboxing (I'd say an .bazelrc option to enforce sandboxing can be useful) via execution_requirements or tags, also not very clear if fixes via sandbox setup would apply to process workers when --worker_sandboxing isn't set

@oquenchil oquenchil added team-Local-Exec Issues and PRs for the Execution (Local) team type: feature request untriaged labels Feb 9, 2021
@meisterT
Copy link
Member

cc @larsrc-google

@larsrc-google
Copy link
Contributor

larsrc-google commented Feb 10, 2021

There's an implicit fallback from sandboxed to local that since recently can be controlled with the --[no]incompatible_legacy_local_fallback flag. I've not yet managed to switch the default due to some subtle test interactions with the local tag.

Workers without --worker_sandboxing would indeed not benefit from any fixes to the sandbox setup.

@meisterT meisterT added P3 We're not considering working on this, but happy to review a PR. (No assignee) and removed untriaged labels Jun 18, 2021
@github-actions
Copy link

Thank you for contributing to the Bazel repository! This issue has been marked as stale since it has not had any activity in the last 1+ years. It will be closed in the next 14 days unless any other activity occurs or one of the following labels is added: "not stale", "awaiting-bazeler". Please reach out to the triage team (@bazelbuild/triage) if you think this issue is still relevant or you are interested in getting the issue resolved.

@github-actions github-actions bot added the stale Issues or PRs that are stale (no activity for 30 days) label May 10, 2023
@github-actions
Copy link

This issue has been automatically closed due to inactivity. If you're still interested in pursuing this, please reach out to the triage team (@bazelbuild/triage). Thanks!

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale May 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
P3 We're not considering working on this, but happy to review a PR. (No assignee) stale Issues or PRs that are stale (no activity for 30 days) team-Local-Exec Issues and PRs for the Execution (Local) team type: feature request
Projects
None yet
Development

No branches or pull requests

4 participants