ci: fix apparmor for 24.04

author tobtoht <tob@featherwallet.org>

Fri, 9 Aug 2024 11:10:26 +0000 (13:10 +0200)

committer tobtoht <tob@featherwallet.org>

Fri, 9 Aug 2024 11:10:26 +0000 (13:10 +0200)
author tobtoht <tob@featherwallet.org>
Fri, 9 Aug 2024 11:10:26 +0000 (13:10 +0200)
committer tobtoht <tob@featherwallet.org>
Fri, 9 Aug 2024 11:10:26 +0000 (13:10 +0200)
diff --git a/.github/workflows/guix b/.github/workflows/guix

new file mode 100644 (file)

index 0000000..1d07710
--- /dev/null
+++ b/.github/workflows/guix
@@ -0,0 +1,11 @@
+abi <abi/4.0>,
+include <tunables/global>
+
+# https://bugs.launchpad.net/ubuntu/+source/guix/+bug/2064115
+
+profile guix /usr/bin/guix flags=(unconfined) {
+  userns,
+
+  # Site-specific additions and overrides. See local/README for details.
+  include if exists <local/guix>
+}
diff --git a/.github/workflows/guix.yml b/.github/workflows/guix.yml

index d7c102b0b2a58acb85e72c4c422019cb2990c734..c43ed37063d020337e6375d4ec0ad8b8fa9d0521 100644 (file)
--- a/.github/workflows/guix.yml
+++ b/.github/workflows/guix.yml
@@ -53,6 +53,8 @@ jobs:
            key: sources-${{ hashFiles('contrib/depends/packages/*') }}
        - name: install dependencies
          run: sudo apt update; sudo apt -y install guix git ca-certificates
+      - name: fix apparmor
+        run: sudo cp .github/workflows/guix /etc/apparmor.d/guix; sudo /etc/init.d/apparmor reload; sudo aa-enforce guix
        - name: build
          run: SUBSTITUTE_URLS='http://bordeaux.guix.gnu.org http://ci.guix.gnu.org' HOSTS="${{ matrix.toolchain.target }}" ./contrib/guix/guix-build
        - uses: actions/upload-artifact@v4
author	tobtoht <tob@featherwallet.org>
	Fri, 9 Aug 2024 11:10:26 +0000 (13:10 +0200)
committer	tobtoht <tob@featherwallet.org>
	Fri, 9 Aug 2024 11:10:26 +0000 (13:10 +0200)
.github/workflows/guix	[new file with mode: 0644]	patch \| blob
.github/workflows/guix.yml		patch \| blob \| history