-
Notifications
You must be signed in to change notification settings - Fork 46
92 lines (81 loc) · 3.28 KB
/
Copy pathBuild.Linux.Job.yml
File metadata and controls
92 lines (81 loc) · 3.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
name: Linux Build
on:
workflow_call:
jobs:
build:
name: ${{ matrix.arch }}
strategy:
fail-fast: false
matrix:
include:
- arch: x64
runner: ubuntu-latest
target: x86_64-unknown-linux-gnu
- arch: arm64
runner: ubuntu-24.04-arm
target: aarch64-unknown-linux-gnu
runs-on: ${{ matrix.runner }}
defaults:
run:
working-directory: src/core/lxc
steps:
- uses: actions/checkout@v4
# actions-rust-lang/setup-rust-toolchain auto-reads rust-toolchain.toml
# from the repo root only. Surface src/rust-toolchain.toml there so the
# 1.93 pin is honored without duplicating the version in this workflow.
- name: Surface toolchain file at repo root
shell: bash
working-directory: ${{ github.workspace }}
run: cp src/rust-toolchain.toml rust-toolchain.toml
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
target: ${{ matrix.target }}
components: rustfmt, clippy
override: false
rustflags: ''
- uses: Swatinem/rust-cache@v2
with:
workspaces: |
src -> target
src/core/lxc -> target
key: ${{ matrix.target }}-v2
cache-on-failure: false
- name: Build lxc
run: cargo build --locked --release --target ${{ matrix.target }}
--no-default-features --features hyperlight
- name: Test lxc
run: cargo test --locked --release --target ${{ matrix.target }}
--no-default-features --features hyperlight
# Bubblewrap is required to run the executor characterization tests in
# wxc_e2e_tests (they skip via has_bwrap() when it is absent). lxc-exec
# always includes the Bubblewrap backend (bwrap_common is a non-optional
# dependency), so the binary built above can drive it.
- name: Install Bubblewrap
working-directory: ${{ github.workspace }}
run: |
sudo apt-get update
sudo apt-get install -y bubblewrap
# Ubuntu 24.04 runners restrict unprivileged user namespaces via
# AppArmor, which blocks `bwrap --unshare-user`. Relax it so the
# sandbox can start (no-op on kernels without this knob).
sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 || true
# Runs the Bubblewrap executor characterization tests. lxc-exec was built
# into src/target/<triple>/release above, where find_binary() locates it.
- name: Test executor characterization (wxc_e2e_tests)
working-directory: src
run: cargo test --locked --release --target ${{ matrix.target }}
-p wxc_e2e_tests
# linux_test_proxy is a separate workspace member, not a dep of lxc.
- name: Build linux-test-proxy
working-directory: src
run: cargo build --locked --release --target ${{ matrix.target }}
-p linux_test_proxy
- name: Upload binaries
uses: actions/upload-artifact@v4
with:
name: lxc-binaries-${{ matrix.target }}
path: |
src/target/${{ matrix.target }}/release/lxc-exec
src/target/${{ matrix.target }}/release/linux-test-proxy
if-no-files-found: error
retention-days: 1