Skip to content

Commit

Permalink
GHA: Fix CI by disabling apparmor
Browse files Browse the repository at this point in the history 
See actions/runner-images#10015 and ocaml#5968
  • Loading branch information
@kit-ty-kate
kit-ty-kate committed Dec 17, 2024
1 parent 30827b0 commit 9002d47
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/ci.ml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -333,6 +333,7 @@ let main_build_job ~analyse_job ~cygwin_job ?section runner start_version ~oc ~w
let host = host_of_platform platform in
job ~oc ~workflow ~runs_on:(Runner [runner]) ?shell ?section ~needs ~matrix ("Build-" ^ name_of_platform platform)
++ only_on Linux (run "Install bubblewrap" ["sudo apt install bubblewrap"])
++ only_on Linux (run "Disable AppArmor" ["echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns"])
++ only_on Windows (git_lf_checkouts ~cond:(Predicate(true, EndsWith("matrix.host", "-pc-cygwin"))) ~shell:"cmd" ~title:"Configure LF checkout for Cygwin" ())
++ checkout ()
++ only_on Windows (cache ~cond:(Predicate(true, Compare("matrix.build", "x86_64-pc-cygwin"))) Cygwin)
Expand Down Expand Up @@ -384,6 +385,7 @@ let main_test_job ~analyse_job ~build_linux_job ~build_windows_job:_ ~build_macO
++ only_on MacOS (install_sys_packages ["coreutils"; "gpatch"] ~descr:"Install gnu coreutils" [MacOS])
++ checkout ()
++ only_on Linux (run "Install bubblewrap" ["sudo apt install bubblewrap"])
++ only_on Linux (run "Disable AppArmor" ["echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns"])
++ cache Archives
++ cache OCaml platform ocamlv host
++ build_cache OCaml platform ocamlv host
Expand All @@ -402,6 +404,7 @@ let cold_job ~analyse_job ~build_linux_job ~build_windows_job ~build_macOS_job ?
let needs = [analyse_job; (match platform with Linux -> build_linux_job | Windows -> build_windows_job | MacOS -> build_macOS_job)] in
job ~oc ~workflow ?section ~runs_on:(Runner [runner]) ~env:[("OPAM_COLD", "1")] ~needs ("Cold-" ^ name_of_platform platform)
++ only_on Linux (run "Install bubblewrap" ["sudo apt install bubblewrap"])
++ only_on Linux (run "Disable AppArmor" ["echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns"])
++ checkout ()
++ cache Archives
++ run "Cold" [
Expand All @@ -420,6 +423,7 @@ let doc_job ~analyse_job ~build_linux_job ~build_windows_job ~build_macOS_job ?s
let ocamlv = "${{ matrix.ocamlv }}" in
job ~oc ~workflow ?section ~runs_on:(Runner [platform]) ~env ~needs ~matrix ("Doc-" ^ name_of_platform platform)
++ only_on Linux (run "Install bubblewrap" ["sudo apt install bubblewrap"])
++ only_on Linux (run "Disable AppArmor" ["echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns"])
++ run "Install man2html" ["sudo apt install man2html"]
++ checkout ()
++ cache Archives
Expand All @@ -444,6 +448,7 @@ let solvers_job ~analyse_job ~build_linux_job ~build_windows_job ~build_macOS_jo
let ocamlv = "${{ matrix.ocamlv }}" in
job ~oc ~workflow ?section ~runs_on:(Runner [runner]) ~env ~needs ~matrix ("Solvers-" ^ name_of_platform platform)
++ only_on Linux (run "Install bubblewrap" ["sudo apt install bubblewrap"])
++ only_on Linux (run "Disable AppArmor" ["echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns"])
++ checkout ()
++ cache Archives
++ cache OCaml platform ocamlv host
Expand All @@ -463,6 +468,7 @@ let upgrade_job ~analyse_job ~build_linux_job ~build_windows_job ~build_macOS_jo
let ocamlv = "${{ matrix.ocamlv }}" in
job ~oc ~workflow ?section ~runs_on:(Runner [runner]) ~needs ~matrix ("Upgrade-" ^ name_of_platform platform)
++ only_on Linux (run "Install bubblewrap" ["sudo apt install bubblewrap"])
++ only_on Linux (run "Disable AppArmor" ["echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns"])
++ checkout ()
++ cache Opam12Root
++ cache OCaml platform ocamlv host
Expand Down
12 changes: 12 additions & 0 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,8 @@ jobs:
steps:
- name: Install bubblewrap
run: sudo apt install bubblewrap
- name: Disable AppArmor
run: echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- name: Checkout tree
uses: actions/checkout@v4
- name: src_ext/archives and opam-repository Cache
Expand Down Expand Up @@ -288,6 +290,8 @@ jobs:
uses: actions/checkout@v4
- name: Install bubblewrap
run: sudo apt install bubblewrap
- name: Disable AppArmor
run: echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- name: src_ext/archives and opam-repository Cache
id: archives
uses: actions/cache@v4
Expand Down Expand Up @@ -394,6 +398,8 @@ jobs:
steps:
- name: Install bubblewrap
run: sudo apt install bubblewrap
- name: Disable AppArmor
run: echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- name: Checkout tree
uses: actions/checkout@v4
- name: src_ext/archives and opam-repository Cache
Expand Down Expand Up @@ -427,6 +433,8 @@ jobs:
steps:
- name: Install bubblewrap
run: sudo apt install bubblewrap
- name: Disable AppArmor
run: echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- name: Install man2html
run: sudo apt install man2html
- name: Checkout tree
Expand Down Expand Up @@ -483,6 +491,8 @@ jobs:
steps:
- name: Install bubblewrap
run: sudo apt install bubblewrap
- name: Disable AppArmor
run: echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- name: Checkout tree
uses: actions/checkout@v4
- name: src_ext/archives and opam-repository Cache
Expand Down Expand Up @@ -576,6 +586,8 @@ jobs:
steps:
- name: Install bubblewrap
run: sudo apt install bubblewrap
- name: Disable AppArmor
run: echo 0 | sudo tee /proc/sys/kernel/apparmor_restrict_unprivileged_userns
- name: Checkout tree
uses: actions/checkout@v4
- name: opam 1.2 root Cache
Expand Down

0 comments on commit 9002d47

Please sign in to comment.