kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

build: Fix docker run when selinux is enabled (#21017) 

When mouting volumes we need to use :Z suffix to allow access to the
mounted directory. This fixes docker run when running on Fedora an other
distros using selinux by default.
pull/21050/head
Nir Soffer 2025-07-09 00:33:57 +03:00 committed by GitHub
parent 2478ab30ab
commit 11bf65dabf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Makefile
View File

@ -102,7 +102,7 @@ $(shell mkdir -p $(BUILD_DIR))
CURRENT_GIT_BRANCH ?= $(shell git branch | grep \* | cut -d ' ' -f2)
# Use system python if it exists, otherwise use Docker.
PYTHON := $(shell command -v python || echo "docker run --rm -it -v $(shell pwd):/minikube -w /minikube python python")
PYTHON := $(shell command -v python || echo "docker run --rm -it -v $(shell pwd):/minikube:Z -w /minikube python python")
BUILD_OS := $(shell uname -s)
SHA512SUM=$(shell command -v sha512sum || echo "shasum -a 512")
@ -188,7 +188,7 @@ endef
# $(call DOCKER, image, command)
define DOCKER
docker run --rm -e GOCACHE=/app/.cache -e IN_DOCKER=1 --user $(shell id -u):$(shell id -g) -w /app -v $(PWD):/app -v $(GOPATH):/go --init $(1) /bin/bash -c '$(2)'
docker run --rm -e GOCACHE=/app/.cache -e IN_DOCKER=1 --user $(shell id -u):$(shell id -g) -w /app -v $(PWD):/app:Z -v $(GOPATH):/go --init $(1) /bin/bash -c '$(2)'
endef
ifeq ($(BUILD_IN_DOCKER),y)
@ -346,13 +346,13 @@ out/minikube-%.iso: $(shell find "deploy/iso/minikube-iso" -type f)
ifeq ($(IN_DOCKER),1)
$(MAKE) minikube-iso-$*
else
docker run --rm --workdir /mnt --volume $(CURDIR):/mnt $(ISO_DOCKER_EXTRA_ARGS) \
docker run --rm --workdir /mnt --volume $(CURDIR):/mnt:Z $(ISO_DOCKER_EXTRA_ARGS) \
--user $(shell id -u):$(shell id -g) --env HOME=/tmp --env IN_DOCKER=1 \
$(ISO_BUILD_IMAGE) /bin/bash -lc '/usr/bin/make minikube-iso-$*'
endif
iso_in_docker:
docker run -it --rm --workdir /mnt --volume $(CURDIR):/mnt $(ISO_DOCKER_EXTRA_ARGS) \
docker run -it --rm --workdir /mnt --volume $(CURDIR):/mnt:Z $(ISO_DOCKER_EXTRA_ARGS) \
--user $(shell id -u):$(shell id -g) --env HOME=/tmp --env IN_DOCKER=1 \
$(ISO_BUILD_IMAGE) /bin/bash
@ -528,7 +528,7 @@ out/linters/golangci-lint-$(GOLINT_VERSION):
.PHONY: lint
ifeq ($(MINIKUBE_BUILD_IN_DOCKER),y)
lint:
docker run --rm -v `pwd`:/app -w /app golangci/golangci-lint:$(GOLINT_VERSION) \
docker run --rm -v `pwd`:/app:Z -w /app golangci/golangci-lint:$(GOLINT_VERSION) \
golangci-lint run ${GOLINT_OPTIONS} ./..."
# --skip-dirs "cmd/drivers/kvm|cmd/drivers/hyperkit|pkg/drivers/kvm|pkg/drivers/hyperkit"
# The "--skip-dirs" parameter is no longer supported in the V2 version. If you need to skip the directory,
@ -662,7 +662,7 @@ out/docker-machine-driver-hyperkit:
ifeq ($(MINIKUBE_BUILD_IN_DOCKER),y)
docker run --rm -e GOCACHE=/app/.cache -e IN_DOCKER=1 \
--user $(shell id -u):$(shell id -g) -w /app \
-v $(PWD):/app -v $(GOPATH):/go --init --entrypoint "" \
-v $(PWD):/app:Z -v $(GOPATH):/go:Z --init --entrypoint "" \
$(HYPERKIT_BUILD_IMAGE) /bin/bash -c 'CC=o64-clang CXX=o64-clang++ /usr/bin/make $@'
else
$(if $(quiet),@echo " GO $@")