ci: Enable unpriv user namespaces for claude-review

author Daan De Meyer <daan@amutable.com>

Wed, 18 Mar 2026 11:24:34 +0000 (12:24 +0100)

committer Daan De Meyer <daan.j.demeyer@gmail.com>

Wed, 18 Mar 2026 11:44:48 +0000 (12:44 +0100)
author Daan De Meyer <daan@amutable.com>
Wed, 18 Mar 2026 11:24:34 +0000 (12:24 +0100)
committer Daan De Meyer <daan.j.demeyer@gmail.com>
Wed, 18 Mar 2026 11:44:48 +0000 (12:44 +0100)
diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml

index 168e658e8a36865101f1807370106db507a11e15..926f28dd356af95b22b530d91fab5382f2429d60 100644 (file)
--- a/.github/workflows/claude-review.yml
+++ b/.github/workflows/claude-review.yml
@@ -163,7 +163,9 @@ jobs:
            name: pr-context.json
  
        - name: Install sandbox dependencies
-        run: sudo apt-get update && sudo apt-get install -y bubblewrap socat
+        run: |
+          sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+          sudo apt-get update && sudo apt-get install -y bubblewrap socat
  
        - name: Configure AWS credentials
          uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7
author	Daan De Meyer <daan@amutable.com>
	Wed, 18 Mar 2026 11:24:34 +0000 (12:24 +0100)
committer	Daan De Meyer <daan.j.demeyer@gmail.com>
	Wed, 18 Mar 2026 11:44:48 +0000 (12:44 +0100)