Remove access to the output directory in build scripts

With mkosi -t none, we can rerun the build script without cleaning
the output directory. This creates an awkward situation, as the build
script might create new outputs but is unable to remove previous ones,
which could lead to weird situations where the output directory contains
artifacts from multiple builds.

Let's tighten this up by disallowing access to the output directory in
build scripts. Users can still copy from the build script to the output
directory by doing the copy from a post-installation script which is not
invoked when we run mkosi -t none so it only runs when we've cleaned up
the output directory.

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 3c5418e994e9748dd44a1dd4772e80ab259a468d..6968b80ef25cb3da381457160bad02bc5214725c 100644 (file)
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -763,8 +763,6 @@ def run_build_scripts(context: Context) -> None:
         BUILDROOT="/buildroot",
         DESTDIR="/work/dest",
         CHROOT_DESTDIR="/work/dest",
-        OUTPUTDIR="/work/out",
-        CHROOT_OUTPUTDIR="/work/out",
         SRCDIR="/work/src",
         CHROOT_SRCDIR="/work/src",
         PACKAGEDIR="/work/packages",
@@ -804,7 +802,6 @@ def run_build_scripts(context: Context) -> None:
                     "--ro-bind", script, "/work/build-script",
                     "--ro-bind", json, "/work/config.json",
                     "--bind", context.install_dir, "/work/dest",
-                    "--bind", context.staging, "/work/out",
                     "--bind", context.artifacts, "/work/artifacts",
                     "--bind", context.package_dir, "/work/packages",
                     *(

diff --git a/mkosi/resources/man/mkosi.1.md b/mkosi/resources/man/mkosi.1.md
index 626eccb8ce5528778fcdb8d2b875097c32d09a9f..0ce926176f17b0fd2223fbbb1774ec5a38b3dc67 100644 (file)
--- a/mkosi/resources/man/mkosi.1.md
+++ b/mkosi/resources/man/mkosi.1.md
@@ -2408,8 +2408,8 @@ Consult this table for which script receives which environment variables:
 | `CHROOT_BUILDDIR`           |             |        |           | ✓       |            |            |              |         |
 | `DESTDIR`                   |             |        |           | ✓       |            |            |              |         |
 | `CHROOT_DESTDIR`            |             |        |           | ✓       |            |            |              |         |
-| `OUTPUTDIR`                 |             |        |           | ✓       | ✓          | ✓          | ✓            | ✓       |
-| `CHROOT_OUTPUTDIR`          |             |        |           | ✓       | ✓          | ✓          |              |         |
+| `OUTPUTDIR`                 |             |        |           |         | ✓          | ✓          | ✓            | ✓       |
+| `CHROOT_OUTPUTDIR`          |             |        |           |         | ✓          | ✓          |              |         |
 | `BUILDROOT`                 |             |        | ✓         | ✓       | ✓          | ✓          |              |         |
 | `PACKAGEDIR`                |             |        | ✓         | ✓       | ✓          | ✓          |              |         |
 | `ARTIFACTDIR`               |             |        | ✓         | ✓       | ✓          | ✓          |              |         |

diff --git a/mkosi/resources/man/mkosi.news.7.md b/mkosi/resources/man/mkosi.news.7.md
index bffaf366d8289fd82f3d96adb56f42b40e8af95c..7a00fef0e6f1231c17cd3268dde4fc2a2aab05f8 100644 (file)
--- a/mkosi/resources/man/mkosi.news.7.md
+++ b/mkosi/resources/man/mkosi.news.7.md
@@ -74,6 +74,10 @@
   tools tree when `ToolsTreeCertificates=` is set, since they aren't certificates, use a sandbox tree
   instead. This allows to override `SignedBy=` keys for APT repositories.
 - The `agetty.autologin` and `login.noauth` credentials are no longer set unconditionally.
+- Access to the output directory in build scripts was removed. To put artifacts
+  from the build directory into the output directory, copy them from the build directory
+  to the output directory in a post-installation script which does have access to the build
+  directory and the output directory.
 
 ## v24