mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-12-23 06:05:21 +00:00
ci: Don't run unit tests in a privileged container
The unit tests require some specific Linux capabilities and also to have
access to /dev/kvm device. This commit makes sure we enable only what's
necessary instead of blindly enable full priviliges with --privileged
option.
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
(cherry picked from commit 7fabca3548
)
This commit is contained in:
parent
548ef43ca2
commit
4a62821e07
@ -223,8 +223,9 @@ cmd_tests() {
|
|||||||
-ti \
|
-ti \
|
||||||
--workdir "$CTR_CLH_ROOT_DIR" \
|
--workdir "$CTR_CLH_ROOT_DIR" \
|
||||||
--rm \
|
--rm \
|
||||||
--privileged \
|
--device /dev/kvm \
|
||||||
--volume /dev:/dev \
|
--device /dev/net/tun \
|
||||||
|
--cap-add net_admin \
|
||||||
--volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
|
--volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
|
||||||
"$CTR_IMAGE" \
|
"$CTR_IMAGE" \
|
||||||
./scripts/run_unit_tests.sh "$@"
|
./scripts/run_unit_tests.sh "$@"
|
||||||
|
Loading…
Reference in New Issue
Block a user