LADI
/
dbus
1
Fork 0
Code Issues 1 Wiki Activity

Merge branch 'gitlab-ci' into 'master' 

CI: Avoid changing uid, except when running installed-tests

Closes #447

See merge request dbus/dbus!392
This commit is contained in:
Simon McVittie 2023-02-06 13:36:43 +00:00
parent cca6c04637 25e1512c17
commit 7501a04401
3 changed files with 30 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitlab-ci.yml
View File

@ -40,6 +40,9 @@ variables:
ci_local_packages: "yes"
ci_parallel: "2"
ci_sudo: "yes"
# Temporarily needed to clean up after dbus/dbus#447
GIT_STRATEGY: clone
###
# IMPORTANT
# These are the version tags for the docker images the CI runs against.
@ -142,8 +145,7 @@ windows amd64 image:
# compilers
- export PATH="/usr/lib/ccache:$PATH"
script:
- chown -R user .
- runuser -u user ./tools/ci-build.sh
- ./tools/ci-build.sh
debian image:
extends:

58
tools/ci-build.sh
View File

@ -86,15 +86,6 @@ init_wine() {
# Typical values: auto (detect at runtime), ubuntu, debian; maybe fedora in future
: "${ci_distro:=auto}"
# ci_docker:
# If non-empty, this is the name of a Docker image. ci-install.sh will
# fetch it with "docker pull" and use it as a base for a new Docker image
# named "ci-image" in which we will do our testing.
#
# If empty, we test on "bare metal".
# Typical values: ubuntu:xenial, debian:jessie-slim
: "${ci_docker:=}"
# ci_host:
# See ci-install.sh
: "${ci_host:=native}"
@ -138,7 +129,7 @@ init_wine() {
# One of static, shared; used for windows cross builds
: "${ci_runtime:=static}"
echo "ci_buildsys=$ci_buildsys ci_distro=$ci_distro ci_docker=$ci_docker ci_host=$ci_host ci_local_packages=$ci_local_packages ci_parallel=$ci_parallel ci_suite=$ci_suite ci_test=$ci_test ci_test_fatal=$ci_test_fatal ci_variant=$ci_variant ci_runtime=$ci_runtime $0"
echo "ci_buildsys=$ci_buildsys ci_distro=$ci_distro ci_host=$ci_host ci_local_packages=$ci_local_packages ci_parallel=$ci_parallel ci_suite=$ci_suite ci_test=$ci_test ci_test_fatal=$ci_test_fatal ci_variant=$ci_variant ci_runtime=$ci_runtime $0"
# choose distribution
if [ "$ci_distro" = "auto" ]; then
@ -152,22 +143,6 @@ if [ "$ci_suite" = "auto" ]; then
echo "detected ci_suite as '${ci_suite}'"
fi
if [ -n "$ci_docker" ]; then
exec docker run \
--env=ci_buildsys="${ci_buildsys}" \
--env=ci_docker="" \
--env=ci_host="${ci_host}" \
--env=ci_parallel="${ci_parallel}" \
--env=ci_sudo=yes \
--env=ci_test="${ci_test}" \
--env=ci_test_fatal="${ci_test_fatal}" \
--env=ci_variant="${ci_variant}" \
--env=ci_runtime="${ci_runtime}" \
--privileged \
ci-image \
tools/ci-build.sh
fi
maybe_fail_tests () {
if [ "$ci_test_fatal" = yes ]; then
exit 1
@ -396,19 +371,34 @@ case "$ci_buildsys" in
maybe_fail_tests
cat test/test-suite.log || :
# re-run them with gnome-desktop-testing
# Re-run them with gnome-desktop-testing.
# Also, one test needs a finite fd limit to be useful, so we
# can set that here.
env LD_LIBRARY_PATH=/usr/local/lib \
bash -c 'ulimit -S -n 1024; ulimit -H -n 4096; exec "$@"' bash \
gnome-desktop-testing-runner -d /usr/local/share dbus/ || \
maybe_fail_tests
# these tests benefit from being re-run as root, and one
# test needs a finite fd limit to be useful
sudo env LD_LIBRARY_PATH=/usr/local/lib \
bash -c 'ulimit -S -n 1024; ulimit -H -n 4096; exec "$@"' bash \
# Some tests benefit from being re-run as non-root, if we were
# not already...
if [ "$(id -u)" = 0 ] && [ "$ci_in_docker" = yes ]; then
sudo -u user \
env LD_LIBRARY_PATH=/usr/local/lib \
gnome-desktop-testing-runner -d /usr/local/share \
dbus/test-dbus-daemon_with_config.test \
dbus/test-uid-permissions_with_config.test || \
maybe_fail_tests
dbus/test-dbus-daemon_with_config.test \
|| maybe_fail_tests
fi
# ... while other tests benefit from being re-run as root, if
# we were not already
if [ "$(id -u)" != 0 ]; then
sudo env LD_LIBRARY_PATH=/usr/local/lib \
bash -c 'ulimit -S -n 1024; ulimit -H -n 4096; exec "$@"' bash \
gnome-desktop-testing-runner -d /usr/local/share \
dbus/test-dbus-daemon_with_config.test \
dbus/test-uid-permissions_with_config.test || \
maybe_fail_tests
fi
fi
;;

25
tools/ci-install.sh
View File

@ -32,20 +32,13 @@ NULL=
# Typical values: auto, ubuntu, debian, ; maybe fedora in future
: "${ci_distro:=auto}"
# ci_docker:
# If non-empty, this is the name of a Docker image. ci-install.sh will
# fetch it with "docker pull" and use it as a base for a new Docker image
# named "ci-image" in which we will do our testing.
: "${ci_docker:=}"
# ci_host:
# Either "native", or an Autoconf --host argument to cross-compile
# the package
: "${ci_host:=native}"
# ci_in_docker:
# Used internally by ci-install.sh. If yes, we are inside the Docker image
# (ci_docker is empty in this case).
# "yes" if we are running inside a Docker image.
: "${ci_in_docker:=no}"
# ci_local_packages:
@ -61,7 +54,7 @@ NULL=
# One of debug, reduced, legacy, production
: "${ci_variant:=production}"
echo "ci_distro=$ci_distro ci_docker=$ci_docker ci_in_docker=$ci_in_docker ci_host=$ci_host ci_local_packages=$ci_local_packages ci_suite=$ci_suite ci_variant=$ci_variant $0"
echo "ci_distro=$ci_distro ci_in_docker=$ci_in_docker ci_host=$ci_host ci_local_packages=$ci_local_packages ci_suite=$ci_suite ci_variant=$ci_variant $0"
if [ $(id -u) = 0 ]; then
sudo=
@ -82,15 +75,6 @@ if [ "$ci_suite" = "auto" ]; then
echo "detected ci_suite as '${ci_suite}'"
fi
if [ -n "$ci_docker" ]; then
sed \
-e "s/@ci_distro@/${ci_distro}/" \
-e "s/@ci_docker@/${ci_docker}/" \
-e "s/@ci_suite@/${ci_suite}/" \
< tools/ci-Dockerfile.in > Dockerfile
exec docker build -t ci-image .
fi
case "$ci_distro" in
(debian*|ubuntu*)
# Don't ask questions, just do it
@ -406,11 +390,6 @@ if [ "$ci_local_packages" = yes ]; then
wget ${mirror}/${filename}
tar -C ${dep_prefix} --strip-components=1 -xvf ${filename}
done
# limit access rights
if [ "$ci_in_docker" = yes ]; then
chown -R user "${dep_prefix}"
fi
;;
esac
fi