Reputation: 3535
Can Bazel hide host files completely from build actions?
I want to hide all irrelevant source files from build actions because there are some tools that explore host file system, for example, node searches node_modules directory from working directory to root /. But linux-sandbox doesn't seem to hide host files outside the sandboxes:
genrule(
name = "foo",
outs = ["x"],
cmd = "ls ~ | tee $@",
)
Outputs:
<my home files>
Target //:foo up-to-date:
bazel-bin/x
INFO: Elapsed time: 0.088s, Critical Path: 0.01s
INFO: 2 processes: 1 internal, 1 linux-sandbox.
According to the official doc, linux-sandbox makes host files read-only but doesn't hide them.
Is there any way to hide host files?
Upvotes: 1
Views: 325
Answers (1)
Reputation: 20530
One can make a host path inaccessible in the linux sandbox with --sandbox_block_path.
It's also possible to remove all host directories from the sandbox except ones explicitly added with --sandbox_add_mount_pair by employing the --experimental_use_hermetic_linux_sandbox flag.
Upvotes: 4
Related Questions
- Bazel Build Command - Is possible to skip "Test" Targets and Rules?
- How to avoid deleting cached files after build in Bazel
- How can I stop bazel from creating an entire copy of my project's source files?
- Bazel: Separate output directories for different build options
- Can I ignore some folder (containing bazel configuration) while building the project recursively?
- Bazel build file introspection
- read local file content in bazel build system
- Isolate Bazel C++ build from system include directories
- Bazel ignore subdirectory on full build
- Bazel BUILD files conflicts with a build/ folder