blob: a66c370072c8e48f27cc8adf98e9e2b5b896abe0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
image: registry.gitlab.com/buildstream/buildstream-docker-images/testsuite-debian:10-${DOCKER_IMAGE_VERSION}
cache:
key: "$CI_JOB_NAME-"
paths:
- cache/
stages:
- test
- post
- publish
variables:
# SAST related variables
SAST_DISABLE_DIND: "true"
SAST_GOSEC_LEVEL: 2
CI_PROJECT_REPOSITORY_LANGUAGES: "python"
# Our own variables
# Version of the docker images we should use for all the images.
# This is taken from buildstream/buildstream-docker-images
DOCKER_IMAGE_VERSION: master-114538533
PYTEST_ADDOPTS: "--color=yes"
INTEGRATION_CACHE: "${CI_PROJECT_DIR}/cache/integration-cache"
PYTEST_ARGS: "--color=yes --integration -n 2 -k umask"
TEST_COMMAND: "tox -- ${PYTEST_ARGS}"
TOXENV: py35-plugins, py36-plugins, py37-plugins, py38-plugins
COVERAGE_PREFIX: "${CI_JOB_NAME}."
BST_PLUGINS_EXPERIMENTAL_VERSION: juerg/tar-master
#####################################################
# Test stage #
#####################################################
# Run premerge commits
#
.tests-template: &tests
stage: test
before_script:
# Diagnostics
- mount
- df -h
- tox --version
script:
- mkdir -p "${INTEGRATION_CACHE}"
- useradd -Um buildstream
- chown -R buildstream:buildstream .
# Run the tests as a simple user to test for permission issues
- su buildstream -c "${TEST_COMMAND}"
after_script:
except:
- schedules
artifacts:
paths:
- .coverage-reports
tests-userchroot:
image: registry.gitlab.com/buildstream/buildstream-docker-images/testsuite-fedora:31-${DOCKER_IMAGE_VERSION}
<<: *tests
variables:
BST_FORCE_SANDBOX: "buildbox-run"
BST_CAS_STAGING_ROOT: "/builds/userchroot"
script:
- mkdir -p "${INTEGRATION_CACHE}"
- useradd -Um buildstream
# Use buildbox-run-userchroot and hardlinking
- ln -svf buildbox-run-userchroot /usr/local/bin/buildbox-run
- rm -vf /usr/local/bin/buildbox-fuse
# When using userchroot, buildbox-casd must run as a separate user
- useradd -g buildstream buildbox-casd
- chown buildbox-casd:buildstream /usr/local/bin/buildbox-casd
- chmod u+s /usr/local/bin/buildbox-casd
# Set up staging root with permissions required by userchroot,
# must be on same filesystem as current directory to support hardlinks
- mkdir -p "${BST_CAS_STAGING_ROOT}"
- chown -R buildbox-casd:buildstream "${BST_CAS_STAGING_ROOT}"
# userchroot doesn't allow group/world-writable base directory
- chmod go-w /builds
- echo buildbox-casd:${BST_CAS_STAGING_ROOT} > /etc/userchroot.conf
- chown -R buildstream:buildstream .
# Run the tests as a simple user to test for permission issues
- su buildstream -c "umask 002 && ${TEST_COMMAND}"
|
