@@ -21,6 +21,7 @@ RUN apt update && \
git \
iproute2 \
iputils-ping \
+ iptables \
libacl1 \
libcairo2 \
liblz4-tool \
@@ -33,6 +34,7 @@ RUN apt update && \
python3-pip \
python3-subunit \
socat \
+ sudo \
texinfo \
unzip \
virtualenv \
@@ -45,6 +47,8 @@ ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8
+RUN echo "pokybuild ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/pokybuild
+
RUN npm install -g yarn
RUN pip3 install --break-system-packages \
@@ -27,6 +27,15 @@ services:
command: worker
cpus: 8
mem_limit: 16gb
+ devices:
+ - /dev/net/tun:/dev/net/tun:rwm
+ - /dev/kvm:/dev/kvm:rwm
+ cap_add:
+ - NET_ADMIN
+ - SYS_ADMIN
+ security_opt:
+ - systempaths=unconfined
+ - apparmor=unconfined
extraworker:
<<: *base-worker
command: extraworker
@@ -1,5 +1,7 @@
#!/bin/sh
+chmod 666 /dev/kvm
+
chown pokybuild:nogroup /sharedrepo
chown pokybuild:nogroup /publish
chown pokybuild:nogroup /home/pokybuild/git/mirror
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> --- docker/Dockerfile | 4 ++++ docker/compose.yaml | 9 +++++++++ docker/entry.sh | 2 ++ 3 files changed, 15 insertions(+)