diff options
| author | MarcoFalke <falke.marco@gmail.com> | 2019-11-09 09:20:41 -0500 |
|---|---|---|
| committer | MarcoFalke <falke.marco@gmail.com> | 2019-11-09 09:13:41 -0500 |
| commit | fa493ef08830efe493150d07411af85518959804 (patch) | |
| tree | 2a86533d2c5f332482b6c764af42f3267faeb263 /ci/test/04_install.sh | |
| parent | fab133329281cdaa3804585a2cdadd0478fefa4f (diff) | |
| download | bitcoin-fa493ef08830efe493150d07411af85518959804.tar.xz | |
ci: Make ci system read-only on the git work tree
Diffstat (limited to 'ci/test/04_install.sh')
| -rwxr-xr-x | ci/test/04_install.sh | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/ci/test/04_install.sh b/ci/test/04_install.sh index 109f9c0b27..8f8317f93d 100755 --- a/ci/test/04_install.sh +++ b/ci/test/04_install.sh @@ -50,7 +50,13 @@ if [ -z "$RUN_CI_ON_HOST" ]; then echo "Creating $DOCKER_NAME_TAG container to run in" ${CI_RETRY_EXE} docker pull "$DOCKER_NAME_TAG" - DOCKER_ID=$(docker run $DOCKER_ADMIN -idt --mount type=bind,src=$BASE_BUILD_DIR,dst=$BASE_BUILD_DIR --mount type=bind,src=$CCACHE_DIR,dst=$CCACHE_DIR -w $BASE_BUILD_DIR --env-file /tmp/env $DOCKER_NAME_TAG) + DOCKER_ID=$(docker run $DOCKER_ADMIN -idt \ + --mount type=bind,src=$BASE_BUILD_DIR,dst=/ro_base,readonly \ + --mount type=bind,src=$CCACHE_DIR,dst=$CCACHE_DIR \ + --mount type=bind,src=$BASE_BUILD_DIR/depends,dst=$BASE_BUILD_DIR/depends \ + -w $BASE_BUILD_DIR \ + --env-file /tmp/env \ + $DOCKER_NAME_TAG) DOCKER_EXEC () { docker exec $DOCKER_ID bash -c "export PATH=$BASE_SCRATCH_DIR/bins/:\$PATH && cd $PWD && $*" @@ -86,6 +92,11 @@ export DIR_FUZZ_IN=${DIR_QA_ASSETS}/fuzz_seed_corpus/ DOCKER_EXEC mkdir -p "${BASE_BUILD_DIR}/sanitizer-output/" +if [ -z "$RUN_CI_ON_HOST" ]; then + echo "Create $BASE_BUILD_DIR" + DOCKER_EXEC rsync -a /ro_base/ $BASE_BUILD_DIR +fi + if [ "$USE_BUSY_BOX" = "true" ]; then echo "Setup to use BusyBox utils" DOCKER_EXEC mkdir -p $BASE_SCRATCH_DIR/bins/ |