When runc 1.2.0 is released, it will expose support for userns and
therefore the critest suite will run those tests. The thing is, runc
needs to be able to traverse the path to mount the rootfs on itself.
Let's just mark the paths from the BDIR upwards with +x permissions, so
the tests run fine. Containerd already makes sure that the paths below
(the ones it creates) have the right permissions and for the right
group, etc.
I've tested with runc 1.2.0-rc.2 and CI fails without this path, with
this patch it works just fine.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Pulls in kubernetes-sigs/cri-tools PR 1344 (`KEP-3857: Recursive Read-only (RRO) mounts`)
to test PR 9787
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
It was assuming containerd was ready right after starting.
But it depends GitHub actions' performance.
In addition to that, this commit extracts the script from ci.yml.
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
