Allow unprivileged user namespaces

and formatted workflows
exasol · Jan 13, 2025 · c091189 · c091189
1 parent 2084653
commit c091189
Show file tree

Hide file tree

Showing 8 changed files with 92 additions and 66 deletions.
diff --git a/.github/workflows/get_exasol_versions.yml b/.github/workflows/get_exasol_versions.yml
@@ -8,7 +8,9 @@ jobs:
   get_exasol_versions:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
       - name: Setup Python & Poetry Environment
         uses: exasol/python-toolbox/.github/actions/[email protected]
         with:
@@ -17,8 +19,8 @@ jobs:
 
       - name: Print matrix
         run: poetry run nox --non-interactive -s "get-all-db-versions"
+
       - id: set-matrix
-        run: |
-          echo "::set-output name=matrix::$(poetry run nox --non-interactive -s 'get-all-db-versions')"
-    outputs:
-      matrix: ${{ steps.set-matrix.outputs.matrix }}
+        run: echo "::set-output name=matrix::$(poetry run nox --non-interactive -s 'get-all-db-versions')"
+        outputs:
+          matrix: ${{ steps.set-matrix.outputs.matrix }}
diff --git a/.github/workflows/publish_docker_runner.yml b/.github/workflows/publish_docker_runner.yml
@@ -11,17 +11,23 @@ jobs:
     runs-on: ubuntu-latest
     environment: publish
     steps:
-    - uses: actions/checkout@v4
-    - name: Build new Docker image
-      run: bash ./starter_scripts/build_docker_runner_image.sh
-    - name: Docker login
-      run: echo "$SECRET_DOCKER_TOKEN" | docker login --username "$SECRET_DOCKER_USER_NAME" --password-stdin
-      env: # Set the secret as an input
-        SECRET_DOCKER_USER_NAME: ${{ secrets.DOCKER_USER_NAME }}
-        SECRET_DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
-    - name: Push new Docker image
-      if: github.ref == 'refs/heads/main'
-      run: bash ./starter_scripts/push_docker_runner_image.sh
-    - name: Push new ci-release-test Docker image
-      if: github.ref != 'refs/heads/main'
-      run: bash ./starter_scripts/push_docker_runner_image.sh "ci-release-test"
+
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
+      - name: Build new Docker image
+        run: bash ./starter_scripts/build_docker_runner_image.sh
+
+      - name: Docker login
+        run: echo "$SECRET_DOCKER_TOKEN" | docker login --username "$SECRET_DOCKER_USER_NAME" --password-stdin
+        env: # Set the secret as an input
+          SECRET_DOCKER_USER_NAME: ${{ secrets.DOCKER_USER_NAME }}
+          SECRET_DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
+
+      - name: Push new Docker image
+        if: github.ref == 'refs/heads/main'
+        run: bash ./starter_scripts/push_docker_runner_image.sh
+
+      - name: Push new ci-release-test Docker image
+        if: github.ref != 'refs/heads/main'
+        run: bash ./starter_scripts/push_docker_runner_image.sh "ci-release-test"
diff --git a/.github/workflows/shellcheck.yaml b/.github/workflows/shellcheck.yaml
@@ -6,6 +6,8 @@ jobs:
   shellcheck:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
+
       - name: Run shellcheck
         run: ./scripts/build/shellcheck.sh
diff --git a/.github/workflows/test_db_versions_all_tests.yml b/.github/workflows/test_db_versions_all_tests.yml
@@ -19,30 +19,34 @@ jobs:
     runs-on: ubuntu-latest
     name: Run all tests for Exasol ${{ matrix.exasol_version }}
     steps:
-    - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
 
-    - name: Setup Python & Poetry Environment
-      uses: exasol/python-toolbox/.github/actions/[email protected]
-      with:
-        python-version: "3.10"
-        poetry-version: '1.8.2'
+      - name: Allow Unprivileged User Namespaces
+        run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
 
-    - name: Fail, because not all tests are activated
-      run: |
-        git fetch
-        GIT_LOG="$(git log --pretty=oneline --abbrev-commit ${{ github.event.after }} | head -n 1)"
-        echo "$GIT_LOG"
-        if [[ "$GIT_LOG" == *"[run all tests]"* ]]; then
-          echo "All tests activated"
-          exit 0
-        else
-          echo "Fail, because not all tests are activated"
-          exit 1
-        fi
-      env:
-        EXASOL_VERSION: "${{ matrix.exasol_version }}"
-      # We want to deactivate running all tests only for pull_requests
-      if: ${{ github.event_name == 'pull_request' }}
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/[email protected]
+        with:
+          python-version: "3.10"
+          poetry-version: '1.8.2'
 
-    - name: Run all tests
-      run: poetry run nox -s "run-tests(db_version='${{ matrix.exasol_version }}')"
+      - name: Fail, because not all tests are activated
+        run: |
+          git fetch
+          GIT_LOG="$(git log --pretty=oneline --abbrev-commit ${{ github.event.after }} | head -n 1)"
+          echo "$GIT_LOG"
+          if [[ "$GIT_LOG" == *"[run all tests]"* ]]; then
+            echo "All tests activated"
+            exit 0
+          else
+            echo "Fail, because not all tests are activated"
+            exit 1
+          fi
+        env:
+          EXASOL_VERSION: "${{ matrix.exasol_version }}"
+        # We want to deactivate running all tests only for pull_requests
+        if: ${{ github.event_name == 'pull_request' }}
+
+      - name: Run all tests
+        run: poetry run nox -s "run-tests(db_version='${{ matrix.exasol_version }}')"
diff --git a/.github/workflows/test_db_versions_minimal.yml b/.github/workflows/test_db_versions_minimal.yml
@@ -12,21 +12,26 @@ jobs:
     uses: ./.github/workflows/get_exasol_versions.yml
 
   test-db-versions-minimal:
+    name: Run Minimal Tests for Exasol ${{ matrix.exasol_version }}
     needs: get_exasol_versions
     strategy:
       fail-fast: false
       matrix:
         exasol_version: ${{fromJson(needs.get_exasol_versions.outputs.matrix)}}
     runs-on: ubuntu-latest
-    name: Run minimum tests for Exasol ${{ matrix.exasol_version }}
     steps:
-    - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
 
-    - name: Setup Python & Poetry Environment
-      uses: exasol/python-toolbox/.github/actions/[email protected]
-      with:
-        python-version: "3.10"
-        poetry-version: '1.8.2'
+      - name: Allow Unprivileged User Namespaces
+        run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/[email protected]
+        with:
+          python-version: "3.10"
+          poetry-version: '1.8.2'
+
+      - name: Run Minimal Tests
+        run: poetry run nox -s "run-minimal-tests(db_version='${{ matrix.exasol_version }}')"
 
-    - name: Run minimal tests
-      run: poetry run nox -s "run-minimal-tests(db_version='${{ matrix.exasol_version }}')"
diff --git a/.github/workflows/test_docker_starter.yml b/.github/workflows/test_docker_starter.yml
@@ -10,7 +10,8 @@ jobs:
   test-docker-starter:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
 
-    - name: Test ./start-test-env
-      run: ./start-test-env health
+      - name: Test ./start-test-env
+        run: ./start-test-env health
diff --git a/.github/workflows/test_python_version.yml b/.github/workflows/test_python_version.yml
@@ -8,6 +8,7 @@ on:
 
 jobs:
   test-python-version-all-tests:
+    name: Run Tests with Python ${{ matrix.python_version }} and Exasol ${{ matrix.exasol_version }}
     strategy:
       fail-fast: false
       matrix:
@@ -16,15 +17,19 @@ jobs:
         python_version:
         - "3.9"
         - "3.10"
-    name: Run tests with Python ${{ matrix.python_version }} and Exasol ${{ matrix.exasol_version }}
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
 
-    - name: Setup Python & Poetry Environment
-      uses: exasol/python-toolbox/.github/actions/[email protected]
-      with:
-        python-version: ${{ matrix.python_version }}
-        poetry-version: '1.8.2'
-    - name: Run all tests
-      run: poetry run nox -s "run-tests(db_version='${{ matrix.exasol_version }}')"
+      - name: Allow Unprivileged User Namespaces
+        run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+
+      - name: Setup Python & Poetry Environment
+        uses: exasol/python-toolbox/.github/actions/[email protected]
+        with:
+          python-version: ${{ matrix.python_version }}
+          poetry-version: '1.8.2'
+
+      - name: Run all tests
+        run: poetry run nox -s "run-tests(db_version='${{ matrix.exasol_version }}')"
diff --git a/.github/workflows/test_shell_scripts.yml b/.github/workflows/test_shell_scripts.yml
@@ -7,7 +7,8 @@ jobs:
     name: Test Shell Scripts
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - name: SCM Checkout
+        uses: actions/checkout@v4
 
       - name: Install Test Dependencies
         run: |