Google Git
Sign in
android / platform / tools / treble / 45940bd8bdd20c6ec4813629bb7f7c366f9ad1ce^! / .
commit45940bd8bdd20c6ec4813629bb7f7c366f9ad1ce[log] [tgz]
authorPo-Chien Hsueh <pchsueh@google.com>Wed Jul 14 14:34:39 2021 +0800
committerPo-Chien Hsueh <pchsueh@google.com>Wed Jul 14 15:41:07 2021 +0800
treea7d9f4a32ed1dcc1088312b92f831e8f165ea079
parent96cc20c87abcc5644b85fd2f7a6dbd0ef8365485 [diff]
build_android_sandboxed.py to allow multiple --readonly_bind_mount

Add action='append' to the argument readonly_bind_mount so that we can
specify multiple readonly bind mount paths for the builds. Interface
build_android_sandboxed.build() is also changed:
- readonly_bind_mount: A string path
+ readonly_bind_mounts: A list of string paths

Bug: 186381711
Test: Built on AB
Change-Id: I587c6b6e68edee6163391d6e155213b3d993098a

diff --git a/build/sandbox/build_android_sandboxed.py b/build/sandbox/build_android_sandboxed.py
index e43aa0e..8518074 100644
--- a/build/sandbox/build_android_sandboxed.py
+++ b/build/sandbox/build_android_sandboxed.py

@@ -34,7 +34,7 @@
           config_file=None,
           command_wrapper=_DEFAULT_COMMAND_WRAPPER,
           use_rbe=False,
-          readonly_bind_mount=None,
+          readonly_bind_mounts=[],
           env=[]):
   """Builds an Android target in a secure sandbox.
 
@@ -51,7 +51,7 @@
     config_file: A string path to an overlay configuration file.
     command_wrapper: A string path to the command wrapper.
     use_rbe: If true, will attempt to use RBE for the build.
-    readonly_bind_mount: A string path to a path to be mounted as read-only.
+    readonly_bind_mounts: A list of string paths to be mounted as read-only.
     env: An array of environment variables to define in the NsJail sandbox in
       the `var=val` syntax.
 
@@ -79,10 +79,6 @@
       '-j',
   ] + build_goals
 
-  readonly_bind_mounts = []
-  if readonly_bind_mount:
-    readonly_bind_mounts = [readonly_bind_mount]
-
   extra_nsjail_args = []
   cleanup = lambda: None
   nsjail_wrapper = []
@@ -140,8 +136,11 @@
       'Defaults to \'%s\'.' % _DEFAULT_COMMAND_WRAPPER)
   parser.add_argument(
       '--readonly_bind_mount',
+      type=str,
+      default=[],
+      action='append',
       help='Path to the a path to be mounted as readonly inside the secure '
-      'build sandbox.')
+      'build sandbox. Can be specified multiple times')
   parser.add_argument(
       '--env',
       '-e',
@@ -205,7 +204,7 @@
       chroot=args['chroot'],
       config_file=args['config_file'],
       command_wrapper=args['command_wrapper'],
-      readonly_bind_mount=args['readonly_bind_mount'],
+      readonly_bind_mounts=args['readonly_bind_mount'],
       env=args['env'],
       dist_dir=args['dist_dir'],
       build_id=args['build_id'],