Merge pull request #24655 from mheon/fix_volume_perms_cp #2402
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build FCOS image with packages from rhcontainerbot/podman-next | |
on: | |
push: | |
branches: | |
- main | |
# Run everyday at midnight and pull the latest packages from the copr | |
schedule: | |
- cron: '0 0 * * *' | |
env: | |
IMAGE_NAME: fcos | |
# IMAGE_ARCHS has to be comma separated | |
IMAGE_ARCHS: amd64, arm64 | |
IMAGE_REGISTRY: quay.io/podman | |
COPR_OWNER: rhcontainerbot | |
COPR_PROJECT: podman-next | |
jobs: | |
fcos-podman-next-image-build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install qemu dependency | |
run: | | |
sudo apt update | |
sudo apt -y install qemu-user-static | |
- name: Set up wait-for-copr | |
# Do not run on scheduled nightly builds | |
if: ${{ github.event_name != 'schedule' }} | |
run: | | |
pip3 install git+https://github.com/packit/wait-for-copr.git@main | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Get short SHA from HEAD | |
run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV" | |
id: short_sha | |
- name: Wait for successful podman-next build with the latest commit | |
# Do not run on scheduled nightly builds | |
if: ${{ github.event_name != 'schedule' }} | |
run: | | |
# TODO: add this in the Containerfile itself or as a --build-arg | |
wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman ${{ env.SHORT_SHA }} | |
echo "podman-next build successful." | |
- name: Build FCOS Image | |
id: build_image_multiarch | |
# Ref: https://github.com/redhat-actions/buildah-build | |
uses: redhat-actions/buildah-build@v2 | |
with: | |
image: ${{ env.IMAGE_NAME }} | |
tags: ${{ env.COPR_PROJECT }} podman-${{ env.SHORT_SHA }} | |
archs: ${{ env.IMAGE_ARCHS }} | |
containerfiles: ./contrib/podman-next/fcos-podmanimage/Containerfile | |
labels: | | |
org.opencontainers.image.title=fcos-podman-next image | |
org.opencontainers.image.source=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/contrib/podman-next/fcos-podmanimage/Containerfile | |
org.opencontainers.image.url=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
org.opencontainers.image.description=FCOS image with rpms from rhcontainerbot/podman-next copr | |
org.opencontainers.image.revision=${{ github.sha }} | |
- name: Echo Outputs | |
run: | | |
echo "Image: ${{ steps.build_image_multiarch.outputs.image }}" | |
echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}" | |
echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}" | |
- name: Check images created | |
run: buildah images | grep '${{ env.IMAGE_NAME }}' | |
- name: Check image metadata | |
run: | | |
set -x | |
# COPR_PROJECT envvar is used for the `podman-next` floating tag | |
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.COPR_PROJECT }} | jq ".OCIv1.architecture" | |
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.COPR_PROJECT }} | jq ".Docker.architecture" | |
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:podman-${{ env.SHORT_SHA }} | jq ".OCIv1.architecture" | |
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:podman-${{ env.SHORT_SHA }} | jq ".Docker.architecture" | |
- name: Run image | |
run: podman run --privileged --rm ${{ steps.build_image_multiarch.outputs.image-with-tag }} podman system info | |
- name: Push to Quay | |
id: push-to-quay | |
# Ref: https://github.com/redhat-actions/push-to-registry | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ env.IMAGE_NAME }} | |
tags: ${{ steps.build_image_multiarch.outputs.tags }} | |
registry: ${{ env.IMAGE_REGISTRY }} | |
username: ${{ secrets.QUAY_PODMAN_USERNAME }} | |
password: ${{ secrets.QUAY_PODMAN_PASSWORD }} |