I have a bazel test that docker build
and docker push
to google artifact registry a docker image. It fails, because "cannot create private file:
/home/bill/.config/gcloud/credentials.db".
I can turn off bazel sandboxing by either using local=True
in bazel rule or avoid docker push
(i.e. test with local image). Is there some better work-around?
You can use Bazel's --sandbox_writable_path
flag to explicitly specify the path. As mentioned in this Bazel's doc
For sandboxed actions, make an existing directory writable in the sandbox (if supported by the sandboxing implementation, ignored otherwise).
--sandbox_writable_path
, which asks the sandbox to make an existing directory writable when running actions.
Seems the flag --sandbox_writable_path
applies to the entire build process, Not possible to specify on a per test rule basis.