diff --git a/.cirrus.yml b/.cirrus.yml index 3b4b24dfd51f..e90862879157 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -930,6 +930,22 @@ upgrade_test_task: always: *logs_artifacts +fcos_image_build_task: + # Only a test. Does not push built images. + # Image push to quay will be handled by GHA in + # .github/workflows/fcos-podman-next-build.yml + name: "Test Build FCOS image $CTXDIR" + alias: fcos_image_build + only_if: $CIRRUS_PR != '' && $CIRRUS_BASE_BRANCH == 'main' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' + env: + <<: *stdenvars + CTXDIR: contrib/podman-next/fcos-podmanimage + TEST_FLAVOR: "fcos_image_build" + gce_instance: *standardvm + setup_script: *setup + main_script: *main + + # This task is critical. It updates the "last-used by" timestamp stored # in metadata for all VM images. This mechanism functions in tandem with # an out-of-band pruning operation to remove disused VM images. @@ -1001,6 +1017,7 @@ success_task: - buildah_bud_test - rootless_buildah_bud_test - upgrade_test + - fcos_image_build - meta container: &smallcontainer image: ${CTR_FQIN} diff --git a/.github/workflows/fcos-podman-next-build.yml b/.github/workflows/fcos-podman-next-build.yml new file mode 100644 index 000000000000..ecb62ef5ea32 --- /dev/null +++ b/.github/workflows/fcos-podman-next-build.yml @@ -0,0 +1,52 @@ +name: Build FCOS image with packages from rhcontainerbot/podman-next + +on: + push: + branches: + - main + +env: + IMAGE_NAME: fcos + IMAGE_TAGS: latest next podman-next ${{ github.sha }} + IMAGE_REGISTRY: quay.io/podman + COPR_OWNER: rhcontainerbot + COPR_PROJECT: podman-next + +jobs: + fcos-podman-next-image-build: + runs-on: ubuntu-latest + + steps: + - name: Set up wait-for-copr + run: | + pip3 install git+https://github.com/packit/wait-for-copr.git@main + + - name: Wait for successful podman-next build with the latest commit + run: | + # TODO: add this in the Containerfile itself or as a --build-arg + wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman $(git rev-parse --short ${{ github.sha }}) + echo "podman-next build successful." + + - name: Check out code + uses: actions/checkout@v3 + + - name: Build FCOS Image + id: build_image + # Ref: https://github.com/redhat-actions/buildah-build + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }} + tags: ${{env.IMAGE_TAGS }} + containerfiles: | + ./contrib/podman-next/fcos-podmanimage/Containerfile . + + - name: Push to Quay + id: push-to-quay + # Ref: https://github.com/redhat-actions/push-to-registry + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ env.IMAGE_REGISTRY }} + username: ${{ secrets.QUAY_PODMAN_USERNAME }} + password: ${{ secrets.QUAY_PODMAN_PASSWORD }} diff --git a/.packit.sh b/.packit.sh new file mode 100644 index 000000000000..85a0d6f52014 --- /dev/null +++ b/.packit.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +# This script handles any custom processing of the spec file using the `fix-spec-file` +# action in .packit.yaml. + +set -eox pipefail + +PACKAGE=podman + +# Set path to rpm spec file +SPEC_FILE=rpm/$PACKAGE.spec + +# Get Version from HEAD +VERSION=$(grep '^const RawVersion' version/rawversion/version.go | cut -d\" -f2) + +# RPM Version can't take "-" +RPM_VERSION=$(echo $VERSION | sed -e 's/-/~/') + +# Generate source tarball from HEAD +git-archive-all -C $(git rev-parse --show-toplevel) --prefix=$PACKAGE-$VERSION/ rpm/$PACKAGE-$VERSION.tar.gz + +# RPM Spec modifications + +# Use the Version from HEAD in rpm spec +sed -i "s/^Version:.*/Version: $RPM_VERSION/" $SPEC_FILE + +# Use Packit's supplied variable in the Release field in rpm spec. +sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" $SPEC_FILE + +# Ensure last part of the release string is the git shortcommit without a +# prepended "g" +sed -i "/^Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/ s/\(.*\)g/\1/" $SPEC_FILE + +# Use above generated tarball as Source in rpm spec +sed -i "s/^Source0:.*.tar.gz/Source0: $PACKAGE-$VERSION.tar.gz/" $SPEC_FILE + +# Update setup macro to use the correct build dir +sed -i "s/^%autosetup.*/%autosetup -Sgit -n %{name}-$VERSION/" $SPEC_FILE diff --git a/.packit.yaml b/.packit.yaml index 5194695518d9..796ba07ea1b1 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -6,8 +6,13 @@ specfile_path: rpm/podman.spec upstream_tag_template: v{version} srpm_build_deps: + - git-archive-all - make +actions: + fix-spec-file: + - "bash .packit.sh" + jobs: - job: copr_build trigger: pull_request diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh index e25779325ae2..9d6d41aa8e3f 100755 --- a/contrib/cirrus/runner.sh +++ b/contrib/cirrus/runner.sh @@ -338,6 +338,10 @@ function _run_gitlab() { return $ret } +function _run_fcos_image_build() { + podman build -t quay.io/podman/fcos:podman-next $CTXDIR +} + # Name pattern for logformatter output file, derived from environment function output_name() { # .cirrus.yml defines this as a short readable string for web UI diff --git a/contrib/podman-next/fcos-podmanimage/Containerfile b/contrib/podman-next/fcos-podmanimage/Containerfile new file mode 100644 index 000000000000..99584e071205 --- /dev/null +++ b/contrib/podman-next/fcos-podmanimage/Containerfile @@ -0,0 +1,19 @@ +FROM quay.io/fedora/fedora-coreos:stable + +# Setup the podman-next copr repo +# The source file for the dnf repo may say `rawhide` but it's release +# agnostic and `rawhide` in the name is unlikely to change compared +# with URLs containing fedora release numbers. +ADD https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-rawhide/rhcontainerbot-podman-next-fedora-rawhide.repos /etc/yum.repos.d/rhcontainerbot-podman-next-fedora.repo +ADD https://download.copr.fedorainfracloud.org/results/rhcontainerbot/podman-next/pubkey.gpg /etc/pki/rpm-gpg/rhcontainerbot-podman-next-fedora.gpg + +# Replace aardvark-dns, conmon, crun, netavark, podman, containers-common +# Remove moby-engine, containerd, runc +# Note: Currently does not result in a size reduction for the container image +RUN rpm-ostree override replace --experimental --freeze \ + --from repo="copr:copr.fedorainfracloud.org:rhcontainerbot:podman-next" \ + aardvark-dns crun netavark podman containers-common containers-common-extra && \ + rpm-ostree override remove moby-engine containerd runc && \ + ostree container commit + +LABEL quay.expires-after=30d