Hi, all
I am testing a custom bazel build rule which call "go install pkg" which relies on a vendor directory. I found that when sandboxing is enabled (by default, to disable it I had to modify bazel source code), the build failed:
/home/user/.cache/bazel/_bazel_user/3b02491ddc53c52212e2a2141d5f6409/bazel-demo/
src/github.com/lib/pq(from $GOPATH)
Of course GO15VENDOREXPERIMENT has been set and the vendor code has been available in /home/user/.cache/bazel/_bazel_user/3b02491ddc53c52212e2a2141d5f6409/bazel-demo/
src/demo/vendor/github.com/lib/pq (which is a synlink to project directory)
And "go env" in the bazel run shows the correct env vars:
GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/user/.cache/bazel/_bazel_advisory/3b02491ddc53c52212e2a2141d5f6409/bazel-demo"
GORACE=""
GOROOT="/usr/local/go"
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GO15VENDOREXPERIMENT="1"
CC="gcc"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0"
CXX="g++"
CGO_ENABLED="1"
The same code passes if sandboxing was disabled.
I found it's caused by sandboxing because the same code compiles well under a machine which has an older linux kernel so sandboxing is not available, but failed on a machine with newer kernel. It also passed on newer kernel machine when sandboxing was manually disabled.
Any suggestions?
Thanks!