Hi Justin, > I've been mucking with using Buildstream for Apache Serf - I have a > repos here of the effort so far: > > https://github.com/jerenkrantz/serf-bst
Thanks for trying BuildStream :) > One of the items I ran into is that fuse requires elevated perms when using > Docker. However, the error message is extremely cryptic and deep inside > the buildbox fusehelper. (For the GitHub Actions POC, Chandan has done the > hack to have it be priv'd.) > > I think that it'd be very helpful to add a more descriptive error message - > but, I could probably use a pointer as to where the error message should > land? Should it be in Buildstream? Buildbox? Or? I am not 100% sure what is the best place for this error message in general. I'm tempted to say BuildBox, mainly because BuildStream itself doesn't know what `buildbox-run` will be doing, and different runners may fail in different ways. It's also possible that there are some buildbox runners that don't require escalated privileges (buildbox-run-hosttools perhaps). In this case specifically, we can potentially improve the error messaging in our Docker images. Since we own the Docker images, and know the requirements of the buildbox runners we are installing, we can add some warnings there. Maybe a check at entrypoint to see if we can execute buildbox-run correctly. This is not foolproof though, as the entrypoint won't get executed during `docker build` which is what you have in the example. As a slightly tangential point, we also have a bst-here [0] helper that should handle this flag (and some others) for you. This may not always be useful (like if you are in a `docker build` context) but should work as a replacement for `docker run buildstream/buildstream`. Cheers, Chandan [0]: https://gitlab.com/BuildStream/buildstream/-/blob/master/contrib/bst-here
