From 89a3510d9299ec99ec1cdd43c279e9cc824b6d0a Mon Sep 17 00:00:00 2001
From: Dan Nicholson <dbn@endlessos.org>
Date: Wed, 12 Jan 2022 17:10:56 -0700
Subject: [PATCH] github: Workaround glib/seccomp issue on Ubuntu impish

add more info...

Fixes: #2495
---
 .github/workflows/tests.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 5fd14bde9c..03c1eff110 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -22,6 +22,8 @@ jobs:
     #
     # image: The Docker image to use.
     #
+    # container-options: Additional Docker command line options.
+    #
     # pre-checkout-setup: Commands to run before the git repo checkout.
     #   If git is not in the Docker image, it must be installed here.
     #   Otherwise, the checkout action uses the GitHub REST API, which
@@ -100,6 +102,14 @@ jobs:
 
           - name: Ubuntu Latest Release
             image: ubuntu:rolling
+            # FIXME: libseccomp2 in impish doesn't know about
+            # close_range, which causes some tests to hang because
+            # g_spawn_sync doesn't get the ENOSYS it's expecting. Remove
+            # this when libseccomp2 is updated.
+            #
+            # https://github.com/ostreedev/ostree/issues/2495
+            # https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1944436
+            container-options: --security-opt=seccomp=unconfined
             pre-checkout-setup: |
               apt-get update
               apt-get install -y git
@@ -108,6 +118,7 @@ jobs:
     runs-on: ubuntu-latest
     container:
       image: ${{ matrix.image }}
+      options: ${{ matrix.container-options }}
 
     steps:
       - name: Pre-checkout setup