mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
789c436a3e
This adds a first basic test to be run using GitHub Actions on push and pull request for the CMake build (internally we run everything on Bazel/Blaze). The Ubuntu runners are implemented as full VMs, so we can run tests directly. In order to run Sandboxed API/Sandbox2 tests inside a container, it must be started as privileged, unconfined and retain its capabilities. Since GitHub does not support modifying the Docker invocation for container based workflows, we need to manually run the `docker` command. Until #118 is fixed, this change makes GitHub ignore the test failure on Fedora. PiperOrigin-RevId: 428485354 Change-Id: I6b55c5441c4c27b018d19498d2296c7d3da65846
68 lines
1.9 KiB
YAML
68 lines
1.9 KiB
YAML
name: CMake Fedora
|
|
|
|
on: [push, pull_request]
|
|
|
|
env:
|
|
BUILD_TYPE: Release
|
|
|
|
jobs:
|
|
build:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- container: fedora:35
|
|
compiler: gcc # GCC 11
|
|
ignore-errors: true # Stack trace test fails on Fedora (issue #118)
|
|
runs-on: ubuntu-latest
|
|
continue-on-error: ${{ matrix.ignore-errors }}
|
|
|
|
env:
|
|
RUN_CMD: docker exec --tty ${{matrix.compiler}}-build-container
|
|
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
- name: Prepare container
|
|
# Note: For the sandbox tests to work, we need a privileged, unconfined
|
|
# container that retains its capabilities.
|
|
run: |
|
|
docker run --name ${{matrix.compiler}}-build-container \
|
|
--tty \
|
|
--privileged \
|
|
--cap-add ALL \
|
|
--security-opt apparmor:unconfined \
|
|
-v $GITHUB_WORKSPACE:$GITHUB_WORKSPACE \
|
|
-e TERM=dumb \
|
|
-e BUILD_TYPE \
|
|
-e GITHUB_WORKSPACE \
|
|
-d ${{matrix.container}} \
|
|
sleep infinity
|
|
|
|
- name: Install build tools
|
|
run: |
|
|
$RUN_CMD dnf update -y --quiet
|
|
$RUN_CMD dnf install -y --quiet git make automake patch glibc-static \
|
|
libstdc++-static cmake ninja-build python3 python3-pip clang-devel \
|
|
libcap-devel
|
|
|
|
- name: Create Build Environment
|
|
run: |
|
|
$RUN_CMD pip3 install --progress-bar=off absl-py clang
|
|
$RUN_CMD cmake -E make_directory $GITHUB_WORKSPACE/build
|
|
|
|
- name: Configure CMake
|
|
run: |
|
|
$RUN_CMD cmake -S $GITHUB_WORKSPACE -B $GITHUB_WORKSPACE/build \
|
|
-G Ninja -DCMAKE_BUILD_TYPE=$BUILD_TYPE
|
|
|
|
- name: Build
|
|
run: |
|
|
$RUN_CMD cmake --build $GITHUB_WORKSPACE/build --config $BUILD_TYPE
|
|
|
|
- name: Test
|
|
run: |
|
|
$RUN_CMD ctest --test-dir $GITHUB_WORKSPACE/build -C $BUILD_TYPE \
|
|
--output-on-failure \
|
|
-R SapiTest
|