From 9367193ed13142b3d63d3a860947af6dc10f3f24 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Mon, 13 Jan 2025 16:22:33 -0600
Subject: [PATCH] Workaround for Podman issue

The tests that use Podman inside Docker have been modified to
update the graph driver in the SQLite backend as a workaround
for a known issue in Podman on Ubuntu 24 or later.

https://github.com/containers/podman/issues/21683
---
 .../workflows/ca-container-migration-test.yml | 24 +++++++++++++++++--
 .../ca-container-system-service-test.yml      | 23 +++++++++++++++++-
 .../ca-container-user-service-test.yml        | 19 +++++++++++----
 3 files changed, 59 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ca-container-migration-test.yml b/.github/workflows/ca-container-migration-test.yml
index 38facf2ee3b..f5fd2dd1779 100644
--- a/.github/workflows/ca-container-migration-test.yml
+++ b/.github/workflows/ca-container-migration-test.yml
@@ -97,8 +97,28 @@ jobs:
 
       - name: Install Podman
         run: |
-          docker exec pki dnf install -y podman
-          docker exec pki podman info
+          docker exec pki dnf install -y podman sqlite
+          docker exec pki cat /usr/share/containers/storage.conf
+
+      - name: Configure Podman
+        run: |
+          OS_VERSION=$(lsb_release -r -s | sed 's/^\(.*\)\..*$/\1/')
+          echo "OS_VERSION: $OS_VERSION"
+
+          if [ "$OS_VERSION" -ge "24" ]; then
+              # workaround for Ubuntu 24 or later
+              # https://github.com/containers/podman/issues/21683
+              docker exec -i pki sqlite3 /var/lib/containers/storage/db.sql << EOF
+          update DBConfig set GraphDriver = 'overlay' where GraphDriver = '';
+          EOF
+          fi
+
+          docker exec pki podman info --format=json | tee output
+
+          # rootless should be disabled
+          echo "false" > expected
+          jq -r '.host.security.rootless' output > actual
+          diff expected actual
 
       - name: Load PKI images into root user's space
         run: |
diff --git a/.github/workflows/ca-container-system-service-test.yml b/.github/workflows/ca-container-system-service-test.yml
index 2d11461de89..04937498853 100644
--- a/.github/workflows/ca-container-system-service-test.yml
+++ b/.github/workflows/ca-container-system-service-test.yml
@@ -46,7 +46,28 @@ jobs:
 
       - name: Install Podman
         run: |
-          docker exec pki dnf install -y podman
+          docker exec pki dnf install -y podman sqlite
+          docker exec pki cat /usr/share/containers/storage.conf
+
+      - name: Configure Podman
+        run: |
+          OS_VERSION=$(lsb_release -r -s | sed 's/^\(.*\)\..*$/\1/')
+          echo "OS_VERSION: $OS_VERSION"
+
+          if [ "$OS_VERSION" -ge "24" ]; then
+              # workaround for Ubuntu 24 or later
+              # https://github.com/containers/podman/issues/21683
+              docker exec -i pki sqlite3 /var/lib/containers/storage/db.sql << EOF
+          update DBConfig set GraphDriver = 'overlay' where GraphDriver = '';
+          EOF
+          fi
+
+          docker exec pki podman info --format=json | tee output
+
+          # rootless should be disabled
+          echo "false" > expected
+          jq -r '.host.security.rootless' output > actual
+          diff expected actual
 
       - name: Load PKI images into root user's space
         run: |
diff --git a/.github/workflows/ca-container-user-service-test.yml b/.github/workflows/ca-container-user-service-test.yml
index 004938d7456..1cd03eeb4f4 100644
--- a/.github/workflows/ca-container-user-service-test.yml
+++ b/.github/workflows/ca-container-user-service-test.yml
@@ -51,10 +51,10 @@ jobs:
 
       - name: Install Podman
         run: |
-          docker exec pki dnf install -y podman fuse-overlayfs
-          docker exec pki podman info
+          docker exec pki dnf install -y podman sqlite fuse-overlayfs
+          docker exec pki cat /usr/share/containers/storage.conf
 
-      - name: Configure rootless container
+      - name: Configure Podman
         run: |
           # enable SETUID and SETGID capabilities
           # https://github.com/containers/podman/discussions/21739
@@ -86,7 +86,18 @@ jobs:
           mount_program = "/usr/bin/fuse-overlayfs"
           EOF
 
-          docker exec -u pkiuser pki podman system info --format=json | tee output
+          OS_VERSION=$(lsb_release -r -s | sed 's/^\(.*\)\..*$/\1/')
+          echo "OS_VERSION: $OS_VERSION"
+
+          if [ "$OS_VERSION" -ge "24" ]; then
+              # workaround for Ubuntu 24 or later
+              # https://github.com/containers/podman/issues/21683
+              docker exec -i pki sqlite3 /var/lib/containers/storage/db.sql << EOF
+          update DBConfig set GraphDriver = 'overlay' where GraphDriver = '';
+          EOF
+          fi
+
+          docker exec -u pkiuser pki podman info --format=json | tee output
 
           # rootless should be enabled
           echo "true" > expected