Fix CI for error unshare: write failed /proc/self/uid_map: Operation not permitted with Ubuntu >=24.04
#708
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| schedule: | |
| - cron: '0 16 * * 5' # Every Friday 4pm | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: | |
| - "3.9" | |
| - "3.10" | |
| - "3.11" | |
| - "3.12" | |
| - "3.13" | |
| - "pypy-3.9" | |
| - "pypy-3.10" | |
| urllib3-requirement: | |
| - "urllib3>=2" | |
| - "urllib3<2" | |
| exclude: | |
| - python-version: "3.9" | |
| urllib3-requirement: "urllib3>=2" | |
| - python-version: "pypy-3.9" | |
| urllib3-requirement: "urllib3>=2" | |
| - python-version: "pypy-3.10" | |
| urllib3-requirement: "urllib3>=2" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| cache: pip | |
| allow-prereleases: true | |
| - name: Install project dependencies | |
| run: | | |
| pip install --upgrade pip setuptools | |
| pip install codecov '.[tests]' '${{ matrix.urllib3-requirement }}' | |
| pip check | |
| - name: Allow creation of user namespaces (e.g. to the unshare command) | |
| run: | | |
| # .. so that we don't get error: | |
| # unshare: write failed /proc/self/uid_map: Operation not permitted | |
| # Idea from https://github.com/YoYoGames/GameMaker-Bugs/issues/6015#issuecomment-2135552784 . | |
| sudo sysctl kernel.apparmor_restrict_unprivileged_userns=0 | |
| - name: Run online tests | |
| run: ./runtests.sh --cov=./vcr --cov-branch --cov-report=xml --cov-append -m online | |
| - name: Run offline tests with no access to the Internet | |
| run: | | |
| # We're using unshare to take Internet access | |
| # away so that we'll notice whenever some new test | |
| # is missing @pytest.mark.online decoration in the future | |
| unshare --map-root-user --net -- \ | |
| sh -c 'ip link set lo up; ./runtests.sh --cov=./vcr --cov-branch --cov-report=xml --cov-append -m "not online"' | |
| - name: Run coverage | |
| run: codecov |