mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-01-18 02:39:30 +00:00
ci: disable seccomp when running podman with GitHub Actions
Fedora 40 builds seems to require disabling seccomp. When enabled,
installing Golang inside the container fails.
See-also: containers/podman#21012
Signed-off-by: Niels de Vos <ndevos@ibm.com>
(cherry picked from commit db6f54f75d
)
This commit is contained in:
parent
4115eec7a0
commit
31a90b4cb5
7
Makefile
7
Makefile
@ -32,6 +32,11 @@ ifeq ($(HAVE_CPUSET),1)
|
|||||||
CPUSET ?= --cpuset-cpus=0-${CPUS}
|
CPUSET ?= --cpuset-cpus=0-${CPUS}
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
ifneq ($(GITHUB_ACTION),)
|
||||||
|
# see https://github.com/containers/podman/issues/21012
|
||||||
|
SECURITY_OPT ?= --security-opt seccomp=unconfined
|
||||||
|
endif
|
||||||
|
|
||||||
CSI_IMAGE_NAME=$(if $(ENV_CSI_IMAGE_NAME),$(ENV_CSI_IMAGE_NAME),quay.io/cephcsi/cephcsi)
|
CSI_IMAGE_NAME=$(if $(ENV_CSI_IMAGE_NAME),$(ENV_CSI_IMAGE_NAME),quay.io/cephcsi/cephcsi)
|
||||||
CSI_IMAGE_VERSION=$(shell . $(CURDIR)/build.env ; echo $${CSI_IMAGE_VERSION})
|
CSI_IMAGE_VERSION=$(shell . $(CURDIR)/build.env ; echo $${CSI_IMAGE_VERSION})
|
||||||
CSI_IMAGE=$(CSI_IMAGE_NAME):$(CSI_IMAGE_VERSION)
|
CSI_IMAGE=$(CSI_IMAGE_NAME):$(CSI_IMAGE_VERSION)
|
||||||
@ -222,7 +227,7 @@ ifeq ($(USE_PULLED_IMAGE),no)
|
|||||||
.test-container-id: .container-cmd build.env scripts/Dockerfile.test
|
.test-container-id: .container-cmd build.env scripts/Dockerfile.test
|
||||||
[ ! -f .test-container-id ] || $(CONTAINER_CMD) rmi $(CSI_IMAGE_NAME):test
|
[ ! -f .test-container-id ] || $(CONTAINER_CMD) rmi $(CSI_IMAGE_NAME):test
|
||||||
$(RM) .test-container-id
|
$(RM) .test-container-id
|
||||||
$(CONTAINER_CMD) build $(CPUSET) --build-arg GOARCH=$(GOARCH) -t $(CSI_IMAGE_NAME):test -f ./scripts/Dockerfile.test .
|
$(CONTAINER_CMD) build $(CPUSET) $(SECURITY_OPT) --build-arg GOARCH=$(GOARCH) -t $(CSI_IMAGE_NAME):test -f ./scripts/Dockerfile.test .
|
||||||
$(CONTAINER_CMD) inspect -f '{{.Id}}' $(CSI_IMAGE_NAME):test > .test-container-id
|
$(CONTAINER_CMD) inspect -f '{{.Id}}' $(CSI_IMAGE_NAME):test > .test-container-id
|
||||||
else
|
else
|
||||||
# create the .test-container-id file based on the pulled image
|
# create the .test-container-id file based on the pulled image
|
||||||
|
Loading…
Reference in New Issue
Block a user