On Wed, Jun 26, 2024 at 1:11 PM Simon McVittie <s...@debian.org> wrote:
> > I don't think podman can do this within a single run. It might be feasible > to do the setup (installing build-dependencies) with networking enabled; > leave the root filesystem of that container intact; and reuse it as the > root filesystem of the container in which the actual build runs, this time > with --network=none? > > Or the "install build-dependencies" step (and other setup) could perhaps > even be represented as a `podman build` (with a Dockerfile/Containerfile, > FROM the image you had as your starting point), outputting a temporary > container image, in which the actual dpkg-buildpackage step can be invoked > by `podman run --network=none --rmi`? > > Lot's of things to catch up on for me, but I remember writing an article a few years ago related to this topic. I imagine that one could whip up some kind of wrapper that is building a container either from a tarball created via mmboostrap or similar using buildah, have it install all necessary build dependencies, and then use podman to run the actual build: https://tauware.blogspot.com/2020/04/building-packages-with-buildah-in-debian.html I also briefly started playing with debcraft, which I really like from a usability perspective. It clearly doesn't have all the bells and whistles that come with schroot, but I do like the fact that I can very easily enter into a container with the build results to play around and debug stuff. https://salsa.debian.org/otto/debcraft -- regards, Reinhard
