Hello guys,
I try to use platformio in my ci-server. I use concourse as a ci and it uses docker/podman containers to run compile steps.
When trying to to generate a docker container form nix I encounter some problems. Consider the following file:
{ pkgs ? import <nixpkgs> {} }:
with pkgs;
dockerTools.buildImage {
name = "platformio";
tag = "lastest";
copyToRoot = buildEnv {
name = "image-root";
paths = with pkgs; [ platformio-core coreutils gcc bash ];
pathsToLink = [ "/bin" ];
};
runAsRoot = ''
#!${stdenv.shell}
${dockerTools.shadowSetup}
groupadd -r pio
useradd -r -g pio -d /data -M pio
mkdir /data
chown pio:pio /data
'';
config = {
Cmd = [ "${stdenv.shell}" ];
WorkingDir = "/data";
Volumes = {
"/data" = {};
};
};
}
When using this expression to create a docker container and then running pio run inside this container (of course inside a platformio project) platformio downloads the toolchain (in my case teensy) and later fails with:
...
sh: line 1: /root/.platformio/packages/toolchain-gccarmnoneeabi-teensy/bin/arm-none-eabi-g++: cannot execute: required file not found
...
I concluded that maybe platformio needs some hard-coded path which nix of course does not like. So I changed to the platformio package (instead of platformio-core) in the expression before. However then there is another error:
bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.
Does anybody know how to run platformio successfully inside an (unprivileged) container?