The Z/z mount option tells podman how to handle SELinux labels on the host system. In this case, the ccache mount is meant to be shared across containers, so we use the lowercase z flag. This is the "shared" mode, which lets all containers access the files.

It's explained in the Podman docs here: https://docs.podman.io/en/latest/markdown/podman-run.1.html#volume-v-source-volume-host-dir-container-dir-options


On Thu, Jun 22, 2023 at 11:40 AM Ali Alnubani <alialnu@nvidia.com> wrote:
> -----Original Message-----
> From: Adam Hassick <ahassick@iol.unh.edu>
> Sent: Thursday, May 25, 2023 8:15 PM
> To: ci@dpdk.org
> Cc: aconole@redhat.com; Ali Alnubani <alialnu@nvidia.com>; Owen Hilyard
> <ohilyard@iol.unh.edu>; Adam Hassick <ahassick@iol.unh.edu>
> Subject: [PATCH v6 4/6] containers/templates: Templates for Dockerfiles
>
> From: Owen Hilyard <ohilyard@iol.unh.edu>
>
> Adds a variety of extensible templates used to create the Dockerfiles
> for each target. All templates inherit from base, and most distros and
> distro families have their own templates that are used to define common
> functionality. Multiple versions of a distro may use a single template
> if they are similar enough (ex: fedora).
>

[..]

> diff --git
> a/containers/template_engine/templates/containers/base.dockerfile.j2
> b/containers/template_engine/templates/containers/base.dockerfile.j2
> new file mode 100644
> index 0000000..92f5cb5
> --- /dev/null
> +++ b/containers/template_engine/templates/containers/base.dockerfile.j2
> @@ -0,0 +1,120 @@
> +{#- SPDX-License-Identifier: BSD-3-Clause -#}
> +{#- Copyright (c) 2022 University of New Hampshire -#}
> +# ------------------------ Begin {{ target.name }} --------------------------------------
> ----------
> +
> +{%- set build_base_img = target.name + "_base" %}
> +FROM {{ target.base_image }} as {% if build_abi and not
> target.force_disable_abi -%}
> +{{ build_base_img }}
> +{%- else -%}
> +{{ target.name }}
> +{%- endif %}
> +
> +ENV CCACHE_DIR=/ccache/
> +ENV CCACHE_COMPILERCHECK=content
> +ENV CCACHE_NAMESPACE="{{ target.name }}-{{ build_timestamp }}"
> +ENV BUILD_TIMESTAMP="{{ build_timestamp }}"
> +
> +{% block extra_env_vars -%}{%- endblock extra_env_vars %}
> +
> +{% block pre_package_manager -%}{%- endblock pre_package_manager %}
> +
> +# Install packages
> +RUN {{ target.package_manager_command }} {{ target.packages | join(" ") }}
> +
> +# Installs from pip
> +{% block pip_installs -%}{%- endblock pip_installs %}
> +
> +# Extra setup after python libs are installed
> +{% block before_meson_after_pip -%}{%- endblock %}
> +
> +# install libabigail
> +{% block install_libabigail %}
> +{% if build_libabigail and build_abi and (not "force_disable_abi" in target or
> not target.force_disable_abi) %}
> +COPY libabigail /libabigail
> +RUN --mount=type=cache,target=/ccache,z cd /libabigail
> +{%- if "libabigail_revision" in target %} && git checkout {{
> target.libabigail_revision }} {%- endif %} && mkdir build && autoreconf -i &&
> cd build && ../configure --prefix=/usr/local && make all install && \
> +    ldconfig && cd / && rm -rf /libabigail
> +{% else %}
> +#   libabigail build is disabled
> +{% endif %}
> +{% endblock install_libabigail %}
> +
> +# cross compilation setup
> +{% block cross_compilation_setup %}
> +{% endblock cross_compilation_setup %}
> +
> +# Copy externally pulled DPDK into the container
> +RUN mkdir /dpdk
> +COPY dpdk-stable /dpdk-stable
> +
> +# Install meson
> +{% block install_meson %}
> +# Install meson from dpdk main
> +# Writes to the mount are discarded once the container is built and is not
> shared with other containers or the host
> +COPY dpdk /dpdk
> +RUN --mount=type=cache,target=/ccache,z cd /dpdk && chown -R root
> /dpdk && git checkout main && sh .ci/linux-setup.sh

What is the 'z' mount option? I can't find it in podman's mount command documentation:
https://docs.podman.io/en/latest/markdown/options/mount.html


--
Adam Hassick
Senior Developer
UNH InterOperability Lab
ahassick@iol.unh.edu
iol.unh.edu
+1 (603) 475-8248