CI: Disable seccomp policy for Fedora stable distributions

GitHub Actions service has not yet updated its container seccomp policy to recognize a new clone3() syscall and openSUSE Tumbleweed upgraded glibc to a version which utilizes it. actions/runner-images#3812
ppisar · Nov 23, 2021 · 4b370a1 · 4b370a1
1 parent d05ac80
commit 4b370a1
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -24,6 +24,10 @@ jobs:
         release: ${{ fromJson(needs.get_fedora_releases.outputs.stable) }}
     container:
       image: quay.io/fedora/fedora:${{ matrix.release }}-x86_64
+      # Disable seccomp until a container manager in GitHub recognizes
+      # clone3() syscall,
+      # <https://github.com/actions/virtual-environments/issues/3812>.
+      options: --security-opt seccomp=unconfined
 
     outputs:
         meson_version: ${{ steps.scanbuild.outputs.available }}
@@ -82,6 +86,10 @@ jobs:
         release: ${{ fromJson(needs.get_fedora_releases.outputs.stable) }}
     container:
       image: quay.io/fedora/fedora:${{ matrix.release }}-x86_64
+      # Disable seccomp until a container manager in GitHub recognizes
+      # clone3() syscall,
+      # <https://github.com/actions/virtual-environments/issues/3812>.
+      options: --security-opt seccomp=unconfined
 
     steps:
       - name: Install git