Merge branch 'gitlab-ci' into 'master'

CI: Avoid changing uid, except when running installed-tests Closes #447 See merge request dbus/dbus!392
author: Simon McVittie <smcv@collabora.com> 2023-02-06 13:36:43 +0000
committer: Simon McVittie <smcv@collabora.com> 2023-02-06 13:36:43 +0000
commit: 7501a0440166e609789b98c0bb98f29bdce43774 (patch)
tree: 63611302cbc9c5f474e42123996e6613794fc33c
parent: cca6c046374a2e6a849cc73c809b17b32a26dd30 (diff)
parent: 25e1512c17be88b3dfdfd576969dcc5503495b68 (diff)
download: dbus-7501a0440166e609789b98c0bb98f29bdce43774.tar.gz
3 files changed, 30 insertions, 59 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2fd5a04e..5982829d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -40,6 +40,9 @@ variables:
   ci_local_packages: "yes"
   ci_parallel: "2"
   ci_sudo: "yes"
+  # Temporarily needed to clean up after dbus/dbus#447
+  GIT_STRATEGY: clone
+
   ###
   # IMPORTANT
   # These are the version tags for the docker images the CI runs against.
@@ -142,8 +145,7 @@ windows amd64 image:
     # compilers
     - export PATH="/usr/lib/ccache:$PATH"
   script:
-    - chown -R user .
-    - runuser -u user ./tools/ci-build.sh
+    - ./tools/ci-build.sh
 
 debian image:
   extends:
diff --git a/tools/ci-build.sh b/tools/ci-build.sh
index 287b170e..df22b8ba 100755
--- a/tools/ci-build.sh
+++ b/tools/ci-build.sh
@@ -86,15 +86,6 @@ init_wine() {
 # Typical values: auto (detect at runtime), ubuntu, debian; maybe fedora in future
 : "${ci_distro:=auto}"
 
-# ci_docker:
-# If non-empty, this is the name of a Docker image. ci-install.sh will
-# fetch it with "docker pull" and use it as a base for a new Docker image
-# named "ci-image" in which we will do our testing.
-#
-# If empty, we test on "bare metal".
-# Typical values: ubuntu:xenial, debian:jessie-slim
-: "${ci_docker:=}"
-
 # ci_host:
 # See ci-install.sh
 : "${ci_host:=native}"
@@ -138,7 +129,7 @@ init_wine() {
 # One of static, shared; used for windows cross builds
 : "${ci_runtime:=static}"
 
-echo "ci_buildsys=$ci_buildsys ci_distro=$ci_distro ci_docker=$ci_docker ci_host=$ci_host ci_local_packages=$ci_local_packages ci_parallel=$ci_parallel ci_suite=$ci_suite ci_test=$ci_test ci_test_fatal=$ci_test_fatal ci_variant=$ci_variant ci_runtime=$ci_runtime $0"
+echo "ci_buildsys=$ci_buildsys ci_distro=$ci_distro ci_host=$ci_host ci_local_packages=$ci_local_packages ci_parallel=$ci_parallel ci_suite=$ci_suite ci_test=$ci_test ci_test_fatal=$ci_test_fatal ci_variant=$ci_variant ci_runtime=$ci_runtime $0"
 
 # choose distribution
 if [ "$ci_distro" = "auto" ]; then
@@ -152,22 +143,6 @@ if [ "$ci_suite" = "auto" ]; then
     echo "detected ci_suite as '${ci_suite}'"
 fi
 
-if [ -n "$ci_docker" ]; then
-    exec docker run \
-        --env=ci_buildsys="${ci_buildsys}" \
-        --env=ci_docker="" \
-        --env=ci_host="${ci_host}" \
-        --env=ci_parallel="${ci_parallel}" \
-        --env=ci_sudo=yes \
-        --env=ci_test="${ci_test}" \
-        --env=ci_test_fatal="${ci_test_fatal}" \
-        --env=ci_variant="${ci_variant}" \
-        --env=ci_runtime="${ci_runtime}" \
-        --privileged \
-        ci-image \
-        tools/ci-build.sh
-fi
-
 maybe_fail_tests () {
     if [ "$ci_test_fatal" = yes ]; then
         exit 1
@@ -396,19 +371,34 @@ case "$ci_buildsys" in
                 maybe_fail_tests
             cat test/test-suite.log || :
 
-            # re-run them with gnome-desktop-testing
+            # Re-run them with gnome-desktop-testing.
+            # Also, one test needs a finite fd limit to be useful, so we
+            # can set that here.
             env LD_LIBRARY_PATH=/usr/local/lib \
+            bash -c 'ulimit -S -n 1024; ulimit -H -n 4096; exec "$@"' bash \
             gnome-desktop-testing-runner -d /usr/local/share dbus/ || \
                 maybe_fail_tests
 
-            # these tests benefit from being re-run as root, and one
-            # test needs a finite fd limit to be useful
-            sudo env LD_LIBRARY_PATH=/usr/local/lib \
-            bash -c 'ulimit -S -n 1024; ulimit -H -n 4096; exec "$@"' bash \
+            # Some tests benefit from being re-run as non-root, if we were
+            # not already...
+            if [ "$(id -u)" = 0 ] && [ "$ci_in_docker" = yes ]; then
+                sudo -u user \
+                env LD_LIBRARY_PATH=/usr/local/lib \
                 gnome-desktop-testing-runner -d /usr/local/share \
-                dbus/test-dbus-daemon_with_config.test \
-                dbus/test-uid-permissions_with_config.test || \
-                maybe_fail_tests
+                    dbus/test-dbus-daemon_with_config.test \
+                    || maybe_fail_tests
+            fi
+
+            # ... while other tests benefit from being re-run as root, if
+            # we were not already
+            if [ "$(id -u)" != 0 ]; then
+                sudo env LD_LIBRARY_PATH=/usr/local/lib \
+                bash -c 'ulimit -S -n 1024; ulimit -H -n 4096; exec "$@"' bash \
+                    gnome-desktop-testing-runner -d /usr/local/share \
+                    dbus/test-dbus-daemon_with_config.test \
+                    dbus/test-uid-permissions_with_config.test || \
+                    maybe_fail_tests
+            fi
         fi
         ;;
 
diff --git a/tools/ci-install.sh b/tools/ci-install.sh
index b259a58e..0637ea87 100755
--- a/tools/ci-install.sh
+++ b/tools/ci-install.sh
@@ -32,20 +32,13 @@ NULL=
 # Typical values: auto, ubuntu, debian, ; maybe fedora in future
 : "${ci_distro:=auto}"
 
-# ci_docker:
-# If non-empty, this is the name of a Docker image. ci-install.sh will
-# fetch it with "docker pull" and use it as a base for a new Docker image
-# named "ci-image" in which we will do our testing.
-: "${ci_docker:=}"
-
 # ci_host:
 # Either "native", or an Autoconf --host argument to cross-compile
 # the package
 : "${ci_host:=native}"
 
 # ci_in_docker:
-# Used internally by ci-install.sh. If yes, we are inside the Docker image
-# (ci_docker is empty in this case).
+# "yes" if we are running inside a Docker image.
 : "${ci_in_docker:=no}"
 
 # ci_local_packages:
@@ -61,7 +54,7 @@ NULL=
 # One of debug, reduced, legacy, production
 : "${ci_variant:=production}"
 
-echo "ci_distro=$ci_distro ci_docker=$ci_docker ci_in_docker=$ci_in_docker ci_host=$ci_host ci_local_packages=$ci_local_packages ci_suite=$ci_suite ci_variant=$ci_variant $0"
+echo "ci_distro=$ci_distro ci_in_docker=$ci_in_docker ci_host=$ci_host ci_local_packages=$ci_local_packages ci_suite=$ci_suite ci_variant=$ci_variant $0"
 
 if [ $(id -u) = 0 ]; then
     sudo=
@@ -82,15 +75,6 @@ if [ "$ci_suite" = "auto" ]; then
     echo "detected ci_suite as '${ci_suite}'"
 fi
 
-if [ -n "$ci_docker" ]; then
-    sed \
-        -e "s/@ci_distro@/${ci_distro}/" \
-        -e "s/@ci_docker@/${ci_docker}/" \
-        -e "s/@ci_suite@/${ci_suite}/" \
-        < tools/ci-Dockerfile.in > Dockerfile
-    exec docker build -t ci-image .
-fi
-
 case "$ci_distro" in
     (debian*|ubuntu*)
         # Don't ask questions, just do it
@@ -406,11 +390,6 @@ if [ "$ci_local_packages" = yes ]; then
                 wget ${mirror}/${filename}
                 tar -C ${dep_prefix} --strip-components=1 -xvf ${filename}
             done
-
-            # limit access rights
-            if [ "$ci_in_docker" = yes ]; then
-                chown -R user "${dep_prefix}"
-            fi
             ;;
     esac
 fi
author	Simon McVittie <smcv@collabora.com>	2023-02-06 13:36:43 +0000
committer	Simon McVittie <smcv@collabora.com>	2023-02-06 13:36:43 +0000
commit	7501a0440166e609789b98c0bb98f29bdce43774 (patch)
tree	63611302cbc9c5f474e42123996e6613794fc33c
parent	cca6c046374a2e6a849cc73c809b17b32a26dd30 (diff)
parent	25e1512c17be88b3dfdfd576969dcc5503495b68 (diff)
download	dbus-7501a0440166e609789b98c0bb98f29bdce43774.tar.gz