FaSTTUBe/GST-Tensordecoder-ov_ep
37
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
GST-Tensordecoder-ov_ep/ci
History
Jordan Petridis d4b7066060 ci: Run the jobs as an unprivileged non-root user 
Docker/oci and thus gitlab-runner, default to a root
user inside the namespace, even if its an unprivileged
one.

This can cause issues and let permission bugs sneak in,
as we are functionally root when running the build.

Switch the build jobs to run with our new "containeruser"
so we avoid much of it.

Our user is still in the wheel/sudo group but that's fine
as long we don't elevate the privileges unintentionally.

Noticeably for the time being, we will need to chown the
CI_PROJECT_DIR checkout as the gitlab runner might try
to reuse pre-existing and cached volumes of the project
checkout.

Additionally we need to change the ccache path, so we
will avoid the existing cache owned by "root".

Close https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2433

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8763>
2025-07-02 12:18:01 +00:00
..
docker
ci: Run the jobs as an unprivileged non-root user
2025-07-02 12:18:01 +00:00
fluster/visl_references/test_suites
ci: Update fluster VP8 result
2024-10-29 20:19:15 +00:00
fuzzing
gstreamer-vaapi: remove subproject
2025-06-10 17:32:46 +00:00
gitlab
ci: Stop assuming that MR CI runs in a user namespace
2025-05-05 11:53:47 +00:00
meson
gstreamer-vaapi: remove subproject
2025-06-10 17:32:46 +00:00
scripts
ci: Run the jobs as an unprivileged non-root user
2025-07-02 12:18:01 +00:00
README.txt
ci/README: basic instructions for running locally
2023-01-09 22:26:52 +00:00
run_retry.ps1
ci: Add scripts to retry windows builds on spurious errors
2024-10-23 14:38:20 +00:00

README.txt 

GStreamer Continuous Integration
================================

This repository contains all material relevant to the GStreamer
Continuous Integration system.

* Docker images

* Build scripts and code

Basic instructions for reproducing CI issues locally
====================================================

Note the URL of the image in the job logs, for instance:

```
Using docker image sha256:ac097589af0f486321adf7e512f2237c55533b9b08dabb49164a521a374d406d for registry.freedesktop.org/ocrete/gstreamer/amd64/fedora:2022-12-10.0-main with digest registry.freedesktop.org/ocrete/gstreamer/amd64/fedora@sha256:a2f7be944964a115ada2b3675c190bc9a094a5b35eba64a1ac38d52d55d13663
```

Pull the image:

```
docker pull registry.freedesktop.org/ocrete/gstreamer/amd64/fedora:2022-12-10.0-main
```

Run it:

```
docker run -it fedora:2022-12-10.0-main
```

At this point, you want to clone the relevant branch, eg if the issue occurs with main:

```
git clone https://gitlab.freedesktop.org/gstreamer/gstreamer.git
cd gstreamer
```

Adapt the above to your situation.

Now, export the relevant variables by observing the job logs and `.gitlab-ci.yml` at
he root of the GStreamer repository, then run the steps listed in the script section.