https://gcc.gnu.org/g:97daf31a4ab8b213e7c8d4d805f693f239e3d3f3
commit 97daf31a4ab8b213e7c8d4d805f693f239e3d3f3
Author: Sam James <s...@gentoo.org>
Date: Mon Mar 17 17:17:43 2025 +0000
ci: disable network
Disable network access via 'unshare' in two CI workflows to catch issues
like PR119333 where importing polonius meant bootstrap tried to pull crates
from the internet.
ChangeLog:
PR rust/119333
* .github/workflows/bootstrap.yml: Disable network via 'unshare'.
* .github/workflows/ccpp.yml: Ditto.
Diff:
---
.github/workflows/bootstrap.yml | 3 ++-
.github/workflows/ccpp.yml | 5 +++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/bootstrap.yml b/.github/workflows/bootstrap.yml
index f01dc2ad8365..4bf042a0be99 100644
--- a/.github/workflows/bootstrap.yml
+++ b/.github/workflows/bootstrap.yml
@@ -42,7 +42,8 @@ jobs:
- name: Build
run: |
cd gccrs-build; \
- make -j $(nproc)
+ # Build without network access
+ unshare --net --ipc -r /bin/bash -c "make -j $(nproc)"
- name: Run Tests
run: |
diff --git a/.github/workflows/ccpp.yml b/.github/workflows/ccpp.yml
index bdc2d8df3e5e..9762a0a1acd6 100644
--- a/.github/workflows/ccpp.yml
+++ b/.github/workflows/ccpp.yml
@@ -61,8 +61,9 @@ jobs:
run: |
cd gccrs-build; \
# Add cargo to our path quickly
- . "$HOME/.cargo/env";
- make -Otarget -j $(nproc) 2>&1 | tee log
+ . "$HOME/.cargo/env"; \
+ # Build without network access
+ unshare --net --ipc -r /bin/bash -c "make -Otarget -j $(nproc) 2>&1
| tee log ; exit \${PIPESTATUS[0]}"
- name: Check for new warnings
run: |
