[antlir2][isolate] break into a few separate crates

Summary:
I'm about to add some code to this crate and refactor the public interface to
enable unprivileged image builds.

Breaking `antlir2_isolate` into a number of crates instead of modules within
the same crate will make that refactoring a little cleaner.

Test Plan: waitforsandcastle

Reviewed By: epilatow

Differential Revision: D49646479

fbshipit-source-id: e8f2d16d498b73e09763a6fdefb5c1ffb231e54c

antlir/antlir2/antlir2_isolate/BUCK

@@ -6,12 +6,11 @@ rust_library(
     name = "antlir2_isolate",
     srcs = glob(["src/**/*.rs"]),
     deps = [
-        "nix",
+        "derive_more",
         "thiserror",
-        "tracing",
-        "uuid",
-        "//antlir/antlir2/antlir2_btrfs:antlir2_btrfs",
-        "//antlir/antlir2/antlir2_rootless:antlir2_rootless",
+        "//antlir/antlir2/antlir2_isolate/isolate_bwrap:isolate_bwrap",
+        "//antlir/antlir2/antlir2_isolate/isolate_cfg:isolate_cfg",
+        "//antlir/antlir2/antlir2_isolate/isolate_nspawn:isolate_nspawn",
     ],
 )
 

antlir/antlir2/antlir2_isolate/isolate_bwrap/BUCK

@@ -0,0 +1,18 @@
+load("//antlir/bzl:build_defs.bzl", "rust_library")
+
+oncall("twimage")
+
+rust_library(
+    name = "isolate_bwrap",
+    srcs = glob(["src/**/*.rs"]),
+    visibility = ["//antlir/antlir2/antlir2_isolate:"],
+    deps = [
+        "nix",
+        "thiserror",
+        "tracing",
+        "uuid",
+        "//antlir/antlir2/antlir2_btrfs:antlir2_btrfs",
+        "//antlir/antlir2/antlir2_isolate/isolate_cfg:isolate_cfg",
+        "//antlir/antlir2/antlir2_rootless:antlir2_rootless",
+    ],
+)

antlir/antlir2/antlir2_isolate/src/sys/bwrap/mod.rs → antlir/antlir2/antlir2_isolate/isolate_bwrap/src/lib.rs

@@ -5,25 +5,59 @@
  * LICENSE file in the root directory of this source tree.
  */
 
+#[cfg(not(target_os = "linux"))]
+compile_error!("only supported on linux");
+
+use std::collections::HashMap;
 use std::ffi::OsStr;
 use std::ffi::OsString;
+use std::process::Command;
 
 use antlir2_btrfs::DeleteFlags;
 use antlir2_btrfs::SnapshotFlags;
 use antlir2_btrfs::Subvolume;
+use isolate_cfg::InvocationType;
+use isolate_cfg::IsolationContext;
 use nix::unistd::Uid;
 use tracing::error;
 use tracing::trace;
 use uuid::Uuid;
 
-use super::IsolatedContext;
-use crate::InvocationType;
-use crate::IsolationContext;
-use crate::Result;
-
 mod bind;
 use bind::canonicalized_bind;
 
+#[derive(Debug, thiserror::Error)]
+pub enum Error {
+    #[error(transparent)]
+    IO(#[from] std::io::Error),
+    #[error(transparent)]
+    Btrfs(#[from] antlir2_btrfs::Error),
+    #[error(transparent)]
+    Rootless(#[from] antlir2_rootless::Error),
+}
+
+pub type Result<T> = std::result::Result<T, Error>;
+
+#[derive(Debug)]
+pub struct IsolatedContext {
+    program: OsString,
+    args: Vec<OsString>,
+    env: HashMap<OsString, OsString>,
+    #[allow(dead_code)]
+    ephemeral_subvol: Option<EphemeralSubvolume>,
+}
+
+impl IsolatedContext {
+    pub fn command<S: AsRef<OsStr>>(&self, program: S) -> Command {
+        let mut cmd = Command::new(&self.program);
+        cmd.args(&self.args).arg("--").arg(program);
+        for (k, v) in &self.env {
+            cmd.env(k, v);
+        }
+        cmd
+    }
+}
+
 /// Isolate the compiler process using `bwrap`.
 #[deny(unused_variables)]
 pub fn bwrap(ctx: IsolationContext, bwrap: Option<&OsStr>) -> Result<IsolatedContext> {

antlir/antlir2/antlir2_isolate/isolate_cfg/BUCK

@@ -0,0 +1,12 @@
+load("//antlir/bzl:build_defs.bzl", "rust_library")
+
+oncall("twimage")
+
+rust_library(
+    name = "isolate_cfg",
+    srcs = glob(["src/**/*.rs"]),
+    visibility = ["//antlir/antlir2/antlir2_isolate/..."],
+    deps = [
+        "serde",
+    ],
+)