Merge pull request #19830 from lsm5/copr-rpm-fcos-followup

[CI:BUILD] followup PR for fcos with podman-next

.cirrus.yml

@@ -944,22 +944,6 @@ upgrade_test_task:
     always: *logs_artifacts
 
 
-      #fcos_image_build_task:
-    # Only a test. Does not push built images.
-    # Image push to quay will be handled by GHA in
-    # .github/workflows/fcos-podman-next-build.yml
-    #name: "Test Build FCOS image $CTXDIR"
-    #alias: fcos_image_build
-    #only_if: $CIRRUS_PR != '' && $CIRRUS_BASE_BRANCH == 'main' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*'
-    #env:
-    #    <<: *stdenvars
-    #    CTXDIR: contrib/podman-next/fcos-podmanimage
-    #    TEST_FLAVOR: "fcos_image_build"
-    #gce_instance: *standardvm
-    #setup_script: *setup
-    #main_script: *main
-
-
 # This task is critical.  It updates the "last-used by" timestamp stored
 # in metadata for all VM images.  This mechanism functions in tandem with
 # an out-of-band pruning operation to remove disused VM images.
@@ -1031,7 +1015,6 @@ success_task:
         - buildah_bud_test
         - rootless_buildah_bud_test
         - upgrade_test
-          #- fcos_image_build
         - meta
     container: &smallcontainer
         image: ${CTR_FQIN}

.github/workflows/fcos-podman-next-build-prepush-test.yml

@@ -0,0 +1,31 @@
+# This workflow only runs a build test to check for buildability issues before
+# PR merge. No registry push occurs here.
+name: Build FCOS image with podman-next
+
+on:
+  pull_request:
+    branches:
+      - main
+
+env:
+  IMAGE_NAME: fcos
+  IMAGE_REGISTRY: quay.io/podman
+  COPR_OWNER: rhcontainerbot
+  COPR_PROJECT: podman-next
+
+jobs:
+  fcos-podman-next-image-build-prepush-test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v4
+
+    - name: Build FCOS Image
+      id: build_image_test
+      # Ref: https://github.com/redhat-actions/buildah-build
+      uses: redhat-actions/buildah-build@v2
+      with:
+        image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: ${{ github.sha }}
+        containerfiles: ./contrib/podman-next/fcos-podmanimage/Containerfile

.github/workflows/fcos-podman-next-build.yml

@@ -7,7 +7,8 @@ on:
 
 env:
   IMAGE_NAME: fcos
-  IMAGE_TAGS: latest next podman-next ${{ github.sha }}
+  # IMAGE_ARCHS has to be comma separated
+  IMAGE_ARCHS: amd64, arm64
   IMAGE_REGISTRY: quay.io/podman
   COPR_OWNER: rhcontainerbot
   COPR_PROJECT: podman-next
@@ -17,36 +18,73 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+    - name: Install qemu dependency
+      run: |
+        sudo apt update
+        sudo apt -y install qemu-user-static
+
     - name: Set up wait-for-copr
       run: |
         pip3 install git+https://github.com/packit/wait-for-copr.git@main
 
+    - name: Check out code
+      uses: actions/checkout@v4
+
+    - name: Get short SHA from HEAD
+      run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
+      id: short_sha
+
     - name: Wait for successful podman-next build with the latest commit
       run: |
         # TODO: add this in the Containerfile itself or as a --build-arg
-        wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman $(git rev-parse --short ${{ github.sha }})
+        wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman ${{ env.SHORT_SHA }}
         echo "podman-next build successful."
 
-    - name: Check out code
-      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
-
     - name: Build FCOS Image
-      id: build_image
+      id: build_image_multiarch
       # Ref: https://github.com/redhat-actions/buildah-build
       uses: redhat-actions/buildah-build@v2
       with:
-        image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
-        tags: ${{env.IMAGE_TAGS }}
-        containerfiles: |
-          ./contrib/podman-next/fcos-podmanimage/Containerfile .
+        image: ${{ env.IMAGE_NAME }}
+        tags: ${{ env.COPR_PROJECT }} podman-${{ env.SHORT_SHA }}
+        archs: ${{ env.IMAGE_ARCHS }}
+        containerfiles: ./contrib/podman-next/fcos-podmanimage/Containerfile
+        labels: |
+          org.opencontainers.image.title=fcos-podman-next image
+          org.opencontainers.image.source=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/contrib/podman-next/fcos-podmanimage/Containerfile
+          org.opencontainers.image.url=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
+          org.opencontainers.image.description=FCOS image with rpms from rhcontainerbot/podman-next copr
+          org.opencontainers.image.revision=${{ github.sha }}
+
+
+    - name: Echo Outputs
+      run: |
+        echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
+        echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
+        echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
+
+    - name: Check images created
+      run: buildah images | grep '${{ env.IMAGE_NAME }}'
+
+    - name: Check image metadata
+      run: |
+        set -x
+        # COPR_PROJECT envvar is used for the `podman-next` floating tag
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.COPR_PROJECT }} | jq ".OCIv1.architecture"
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.COPR_PROJECT }} | jq ".Docker.architecture"
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:podman-${{ env.SHORT_SHA }} | jq ".OCIv1.architecture"
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:podman-${{ env.SHORT_SHA }} | jq ".Docker.architecture"
+
+    - name: Run image
+      run: podman run --privileged --rm ${{ steps.build_image_multiarch.outputs.image-with-tag }} podman system info
 
     - name: Push to Quay
       id: push-to-quay
       # Ref: https://github.com/redhat-actions/push-to-registry
       uses: redhat-actions/push-to-registry@v2
       with:
-        image: ${{ steps.build-image.outputs.image }}
-        tags: ${{ steps.build-image.outputs.tags }}
+        image: ${{ env.IMAGE_NAME }}
+        tags: ${{ steps.build_image_multiarch.outputs.tags }}
         registry: ${{ env.IMAGE_REGISTRY }}
         username: ${{ secrets.QUAY_PODMAN_USERNAME }}
         password: ${{ secrets.QUAY_PODMAN_PASSWORD }}

.packit.sh

@@ -10,6 +10,9 @@ PACKAGE=podman
 # Set path to rpm spec file
 SPEC_FILE=rpm/$PACKAGE.spec
 
+# Get short sha
+SHORT_SHA=$(git rev-parse --short HEAD)
+
 # Get Version from HEAD
 VERSION=$(grep '^const RawVersion' version/rawversion/version.go | cut -d\" -f2)
 
@@ -36,3 +39,9 @@ sed -i "s/^Source0:.*.tar.gz/Source0: $PACKAGE-$VERSION.tar.gz/" $SPEC_FILE
 
 # Update setup macro to use the correct build dir
 sed -i "s/^%autosetup.*/%autosetup -Sgit -n %{name}-$VERSION/" $SPEC_FILE
+
+# podman --version should show short sha
+sed -i "s/^const RawVersion = \"$VERSION\"/const RawVersion = \"$VERSION-$SHORT_SHA\"/" version/rawversion/version.go
+
+# use ParseTolerant to allow short sha in version
+sed -i "s/^var Version.*/var Version, err = semver.ParseTolerant(rawversion.RawVersion)/" version/version.go

contrib/cirrus/runner.sh

@@ -360,12 +360,6 @@ function _run_gitlab() {
     return $ret
 }
 
-# TODO: enable fcos_image_build task in cirrus
-#function _run_fcos_image_build() {
-#    # FIXME: Doesn't seem to grab CTXDIR from .cirrus.yml
-#    CTXDIR="contrib/podman-next/fcos-podmanimage"
-#    podman build -t quay.io/podman/fcos:podman-next $CTXDIR
-#}
 
 # Name pattern for logformatter output file, derived from environment
 function output_name() {

contrib/cirrus/setup_environment.sh

@@ -427,8 +427,6 @@ case "$TEST_FLAVOR" in
     swagger)
         showrun make .install.swagger
         ;;
-    #fcos_image_build)
-    #    ;;
     release) ;;
     *) die_unknown TEST_FLAVOR
 esac