Skip to content

Dev: behave: add CAP_SYS_ADMIN to container for systemd hardening #364

Dev: behave: add CAP_SYS_ADMIN to container for systemd hardening

Dev: behave: add CAP_SYS_ADMIN to container for systemd hardening #364

Workflow file for this run

# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
# For more information about secrets see: https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets
name: crmsh CD
on: push
env:
PACKAGE_NAME: crmsh
CONTAINER_IMAGE: nyang23/obs-continuous-delivery:latest
OBS_USER: ${{ secrets.OBS_USER }}
OBS_PASS: ${{ secrets.OBS_PASS }}
OBS_PROJECT: network:ha-clustering:Unstable
TARGET_PROJECT: network:ha-clustering:Factory
jobs:
integration:
if: github.repository == 'ClusterLabs/crmsh' && github.ref_name == 'master'
uses: ./.github/workflows/crmsh-ci.yml
secrets: inherit
delivery:
needs: integration
runs-on: ubuntu-24.04
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: delivery process
run: |
docker pull "${CONTAINER_IMAGE}"
docker run -t -v "$(pwd)":/package:ro \
-e OBS_USER=$OBS_USER \
-e OBS_PASS=$OBS_PASS \
-e OBS_PROJECT=$OBS_PROJECT \
-e PACKAGE_NAME=$PACKAGE_NAME \
"${CONTAINER_IMAGE}" \
/bin/bash -c "cp -r /package ~/package && cd ~/package && /scripts/upload.sh"
submit:
needs: delivery
runs-on: ubuntu-24.04
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: submit process
run: |
docker pull "${CONTAINER_IMAGE}"
docker run -t \
-e OBS_USER=$OBS_USER \
-e OBS_PASS=$OBS_PASS \
-e OBS_PROJECT=$OBS_PROJECT \
-e PACKAGE_NAME=$PACKAGE_NAME \
-e TARGET_PROJECT=$TARGET_PROJECT \
"${CONTAINER_IMAGE}" \
/bin/bash -c "cd ~ && /scripts/submit.sh"