Switch back to static container environment

We have moved all variables to task arguments, so only the very basics
are left in the container environment.

2 files changed, 7 insertions, 8 deletions

diff --git a/src/runner/runc/run.rs b/src/runner/runc/run.rs
index b81f8f1..7351849 100644
--- a/src/runner/runc/run.rs
+++ b/src/runner/runc/run.rs
@@ -218,7 +218,7 @@ pub fn handle_task(task: runner::Task) -> Result<HashMap<String, ArchiveHash>> {
 
 	let task_tmp_dir = paths::task_tmp_dir(&task.input_hash);
 
-	spec::generate_spec(task.command.as_str(), &task.env)
+	spec::generate_spec(task.command.as_str())
 		.save(paths::join(&[&task_tmp_dir, "config.json"]))
 		.map_err(Error::new)
 		.context("Failed to save runtime config")?;
diff --git a/src/runner/runc/spec.rs b/src/runner/runc/spec.rs
index aa1d7d6..8afeaeb 100644
--- a/src/runner/runc/spec.rs
+++ b/src/runner/runc/spec.rs
@@ -1,14 +1,10 @@
-use std::collections::HashMap;
-
 use oci_spec::runtime;
-use serde::Deserialize;
 use serde_json::json;
 
 use crate::{paths, unshare};
 
-pub fn generate_spec(command: &str, env: &HashMap<String, String>) -> runtime::Spec {
-	let env_entries: Vec<String> = env.iter().map(|(k, v)| format!("{}={}", k, v)).collect();
-	runtime::Spec::deserialize(json!({
+pub fn generate_spec(command: &str) -> runtime::Spec {
+	serde_json::from_value(json!({
 		"ociVersion": "1.0.2",
 		"process": {
 			"terminal": false,
@@ -21,7 +17,10 @@ pub fn generate_spec(command: &str, env: &HashMap<String, String>) -> runtime::S
 				"-ec",
 				command
 			],
-			"env": env_entries,
+			"env": [
+				"PATH=/usr/sbin:/usr/bin:/sbin:/bin",
+				"HOME=/build",
+			],
 			"cwd": paths::abs(paths::WORKDIR_PREFIX),
 			"noNewPrivileges": true
 		},