ci: nightly ci now uses ubuntu 24.04+ (#2886)

which needs user namespaces to be re-enabled so that stacker can build/run Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
2025-02-03 23:09:41 -05:00 · 2025-01-17 09:48:23 -08:00 · 2025-01-17 09:48:23 -08:00 · d6b38c0767
commit d6b38c0767
parent 002ac62d8a
2 changed files with 12 additions and 0 deletions
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@ -196,6 +196,7 @@ jobs:
          password: ${{ github.token }}
      - name: Run tests
        run: |
+            sudo ./scripts/enable_userns.sh
            ./examples/kind/kind-ci.sh

  cloud-scale-out:
--- a/scripts/enable_userns.sh
+++ b/scripts/enable_userns.sh
@ -0,0 +1,11 @@
+#!/bin/sh -xe
+
+# enable user namespaces
+sysctl -w kernel.apparmor_restrict_unprivileged_io_uring=0
+sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0
+sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+sysctl -w kernel.apparmor_restrict_unprivileged_userns_complain=0
+sysctl -w kernel.apparmor_restrict_unprivileged_userns_force=0
+sysctl -w kernel.unprivileged_bpf_disabled=2
+sysctl -w kernel.unprivileged_userns_apparmor_policy=0
+sysctl -w kernel.unprivileged_userns_clone=1