From 51bd728bb4550ab18622d2a7a6f92a935cfc1fbd Mon Sep 17 00:00:00 2001 From: Pierre Tachoire Date: Tue, 18 Jun 2024 15:12:37 +0200 Subject: [PATCH 1/2] ci: run workflows on .github changes --- .github/workflows/zig-test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/zig-test.yml b/.github/workflows/zig-test.yml index c0767d9..3a0b807 100644 --- a/.github/workflows/zig-test.yml +++ b/.github/workflows/zig-test.yml @@ -11,6 +11,7 @@ on: - "src/**/*.zig" - "src/*.zig" - "*.zig" + - ".github/**" pull_request: # By default GH trigger on types opened, synchronize and reopened. @@ -26,6 +27,7 @@ on: - "src/**/*.zig" - "src/*.zig" - "*.zig" + - ".github/**" # Allows you to run this workflow manually from the Actions tab workflow_dispatch: From 69451d35f5945b77ef21b1ed9a58dd0be1e7bcc5 Mon Sep 17 00:00:00 2001 From: Pierre Tachoire Date: Tue, 18 Jun 2024 15:11:22 +0200 Subject: [PATCH 2/2] ci: add --security-opt seccomp=unconfined docker option With zig-test workflow. It seems docker blocks io_uring by default using seccomp. see https://github.com/tigerbeetle/tigerbeetle/pull/1995 and https://github.com/moby/moby/pull/46762 --- .github/workflows/benchmark.yml | 5 +++++ .github/workflows/zig-test.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index 93fed29..0bfb420 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -45,6 +45,11 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + # docker blocks io_uring syscalls by default now. + # see https://github.com/tigerbeetle/tigerbeetle/pull/1995 + # see https://github.com/moby/moby/pull/46762 + options: "--security-opt seccomp=unconfined" + steps: - uses: actions/checkout@v3 with: diff --git a/.github/workflows/zig-test.yml b/.github/workflows/zig-test.yml index 3a0b807..bb2f434 100644 --- a/.github/workflows/zig-test.yml +++ b/.github/workflows/zig-test.yml @@ -107,6 +107,11 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + # docker blocks io_uring syscalls by default now. + # see https://github.com/tigerbeetle/tigerbeetle/pull/1995 + # see https://github.com/moby/moby/pull/46762 + options: "--security-opt seccomp=unconfined" + steps: - uses: actions/checkout@v3 with: