Skip to content

Commit

Permalink
CI: Use a privileged docker container to support FUSE tests
Browse files Browse the repository at this point in the history
In order to run various tests, we need a working /dev/fuse, and this is
currently only possible in a privileged container.
Github actions workflow doesn't suppport it natively, so we need to
initialize a new one ourself, we just keep it running and execute the
commands when we need them, not to depend on a static image, so that the
github workflow can still be followed as atomic operations.

[1] docker/for-linux#321
  • Loading branch information
3v1n0 committed Nov 29, 2021
1 parent 3a762d4 commit 3b17b5b
Showing 1 changed file with 27 additions and 13 deletions.
40 changes: 27 additions & 13 deletions .github/workflows/check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,52 +8,66 @@ env:

jobs:
check:
name: Ubuntu 21.04 build
name: Ubuntu 21.10 build
runs-on: ubuntu-latest
container: ubuntu:21.04
strategy:
matrix:
compiler: ['gcc', 'clang']

env:
UBUNTU_VERSION: impish
CC: ${{ matrix.compiler }}
CFLAGS: -fsanitize=undefined -fsanitize-undefined-trap-on-error -fsanitize=address -Wp,-D_FORTIFY_SOURCE=2
BUILD_CONTAINER: ${{ matrix.compiler }}-build-container
RUN_CMD: docker exec -t -w /src -e TEST_IN_CI -e ASAN_OPTIONS -e G_MESSAGES_DEBUG -e XDG_DATA_DIRS ${{ matrix.compiler }}-build-container

steps:
- name: Prepare container
run: |
docker run --name $BUILD_CONTAINER \
--tty --device /dev/fuse --cap-add SYS_ADMIN \
--security-opt apparmor:unconfined \
-v $(pwd):/src \
-e DEBIAN_FRONTEND \
-e DEBCONF_NONINTERACTIVE_SEEN=true \
-e TERM=dumb \
-e CC -e CFLAGS \
-d ubuntu:$UBUNTU_VERSION sleep infinity
- name: Install dependencies
run: |
apt-get update
apt-get upgrade -y
apt-get install -y -y --no-install-recommends \
$RUN_CMD apt-get update
$RUN_CMD apt-get upgrade -y
$RUN_CMD apt-get install -y --no-install-recommends \
make automake autoconf libtool gettext autopoint ${{ matrix.compiler }} \
gtk-doc-tools shared-mime-info desktop-file-utils gnome-desktop-testing xmlto \
gtk-doc-tools shared-mime-info desktop-file-utils gnome-desktop-testing xmlto fuse \
libglib2.0-dev libgeoclue-2-dev libjson-glib-dev libfontconfig1-dev libfuse-dev libportal-dev libpipewire-0.3-dev
- name: Check out xdg-desktop-portal
uses: actions/checkout@v2

- name: Configure xdg-desktop-portal
run: ./autogen.sh --disable-dependency-tracking --enable-installed-tests
run: $RUN_CMD ./autogen.sh --disable-dependency-tracking --enable-installed-tests

- name: Build xdg-desktop-portal
run: make -j $(getconf _NPROCESSORS_ONLN)
run: $RUN_CMD make -j $(getconf _NPROCESSORS_ONLN)

- name: Run xdg-desktop-portal tests
# TODO: Build with -j (currently ends up with hangs in the tests)
run: timeout ${TESTS_TIMEOUT}m make check
run: $RUN_CMD timeout ${TESTS_TIMEOUT}m make check
env:
TEST_IN_CI: 1
ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc

- name: Install xdg-desktop-portal
run: make install
run: $RUN_CMD make install

- name: Run xdg-desktop-portal installed-tests
run: |
test -n "$(gnome-desktop-testing-runner -l xdg-desktop-portal)"
env XDG_DATA_DIRS=$PWD/tests/share/:$XDG_DATA_DIRS \
test -n "$($RUN_CMD gnome-desktop-testing-runner -l xdg-desktop-portal)"
$RUN_CMD env TEST_INSTALLED_IN_CI=1 XDG_DATA_DIRS=/src/tests/share/:$XDG_DATA_DIRS \
gnome-desktop-testing-runner --report-directory installed-test-logs/ \
-t $((TESTS_TIMEOUT * 60)) xdg-desktop-portal
-t $((TESTS_TIMEOUT * 60)) xdg-desktop-portal
env:
G_MESSAGES_DEBUG: all
TEST_IN_CI: 1
Expand Down

0 comments on commit 3b17b5b

Please sign in to comment.