[skip-ci] machine images

[NO NEW TESTS NEEDED]

Signed-off-by: Lokesh Mandvekar <[email protected]>

.github/workflows/fcos-podman-next-build.yml

@@ -9,7 +9,8 @@ on:
     - cron: '0 0 * * *'
 
 env:
-  IMAGE_NAME: fcos
+  FCOS_IMAGE_NAME: fcos
+  MACHINE_IMAGE_NAME: machine-images
   # IMAGE_ARCHS has to be comma separated
   IMAGE_ARCHS: amd64, arm64
   IMAGE_REGISTRY: quay.io/podman
@@ -32,6 +33,10 @@ jobs:
       run: |
         pip3 install git+https://github.com/packit/wait-for-copr.git@main
 
+    - name: Set up cosa
+      run: |
+        # TBD
+
     - name: Check out code
       uses: actions/checkout@v4
 
@@ -63,6 +68,12 @@ jobs:
           org.opencontainers.image.description=FCOS image with rpms from rhcontainerbot/podman-next copr
           org.opencontainers.image.revision=${{ github.sha }}
 
+    - name: Build Machine images
+      run: |
+      # TBD
+
+    - name: Add Machine images to Manifest
+      # TBD
 
     - name: Echo Outputs
       run: |

.github/workflows/machine-images.yml

@@ -0,0 +1,101 @@
+name: MACHINE IMAGE TRIAL
+
+on:
+  pull_request:
+    branches:
+      - main
+
+env:
+  MANIFEST_ADD_ARGS: --artifact --artifact-type="" --artifact-config-type="application/vnd.oci.image.config.v1+json" --artifact-layer-type=application/vnd.oci.image.layer.v1.tar --os=linux --arch=x86_64
+
+defaults:
+  run: 
+    shell: bash -l {0}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Install qemu dependency
+      run: |
+        sudo apt update
+        sudo apt -y install qemu-user-static
+
+    - name: Delete hostedtoolcache
+      run: rm -rf /opt/hostedtoolcache
+
+    - name: Check out code
+      uses: actions/checkout@v4
+
+    - name: Pull coreos-assembler image
+      run: podman pull quay.io/coreos-assembler/coreos-assembler
+
+    - name: create fcos work dir
+      run: mkdir ./fcos
+
+    - name: Cosa init
+      run: |
+        source ./contrib/podman-next/fcos-podmanimage/cosa-snippet
+        cd fcos
+        cosa init --branch podman-next https://github.com/lsm5/fedora-coreos-config
+
+    - name: Cosa Fetch
+      run: |
+        source ./contrib/podman-next/fcos-podmanimage/cosa-snippet
+        cd fcos
+        cosa fetch --update-lockfile
+
+    - name: Cosa Build Qcow2
+      run: |
+        source ./contrib/podman-next/fcos-podmanimage/cosa-snippet
+        cd fcos
+        cosa build
+
+    - name: Cosa Build Hyperv
+      run: |
+        source ./contrib/podman-next/fcos-podmanimage/cosa-snippet
+        cd fcos
+        cosa buildextend-hyperv
+
+    - name: Cosa Build Applehv
+      run: |
+        source ./contrib/podman-next/fcos-podmanimage/cosa-snippet
+        cd fcos
+        cosa buildextend-applehv
+
+    - name: Cosa Compress Qcow2
+      run: |
+        source ./contrib/podman-next/fcos-podmanimage/cosa-snippet
+        cd fcos
+        cosa compress
+
+    - name: Create manifest
+      run: buildah manifest create quay.io/podman/machine-images:5.0
+
+    - name: Add Qcow2 to manifest
+      run: |
+        cd ./fcos/builds/latest/x86_64
+        echo "QCOW_IMAGE_X86_64=$(ls | grep qcow2.xz)" >> $GITHUB_ENV
+        buildah manifest add --artifact --artifact-type="" --artifact-config-type="application/vnd.oci.image.config.v1+json" --artifact-layer-type=application/vnd.oci.image.layer.v1.tar --os=linux --arch=x86_64 --annotation "disktype=qemu" quay.io/podman/machine-images:5.0 ${{ env.QCOW_IMAGE }}
+
+    - name: Add Applehv to manifest
+      run: |
+        cd ./fcos/builds/latest/x86_64
+        echo "APPLEHV_IMAGE=$(ls | grep applehv.x86_64.raw.gz)" >> $GITHUB_ENV
+        buildah manifest add --artifact --artifact-type="" --artifact-config-type="application/vnd.oci.image.config.v1+json" --artifact-layer-type=application/vnd.oci.image.layer.v1.tar --os=linux --arch=x86_64 --annotation "disktype=applehv" quay.io/podman/machine-images:5.0 ${{ env.APPLEHV_IMAGE }}
+
+    - name: Add Hyperv to manifest
+      run: |
+        cd ./fcos/builds/latest/x86_64
+        echo "HYPERV_IMAGE=$(ls | grep hyperv.x86_64.vhdx.zip)" >> $GITHUB_ENV
+        buildah manifest add --artifact --artifact-type="" --artifact-config-type="application/vnd.oci.image.config.v1+json" --artifact-layer-type=application/vnd.oci.image.layer.v1.tar --os=linux --arch=x86_64  --annotation "disktype=hyperv" quay.io/podman/machine-images:5.0 ${{ env.HYPERV_IMAGE }}
+
+    - name: Push to Quay
+      uses: redhat-actions/push-to-registry@v2
+      with:
+        image: machine-images
+        tags: 5.0
+        registry: quay.io/podman
+        username: ${{ secrets.QUAY_PODMAN_USERNAME }}
+        password: ${{ secrets.QUAY_PODMAN_PASSWORD }}

.packit.yaml

@@ -14,54 +14,54 @@ actions:
     - "bash .packit.sh"
 
 jobs:
-  - job: copr_build
-    trigger: pull_request
-    notifications:
-      failure_comment:
-        message: "Ephemeral COPR build failed. @containers/packit-build please check."
-    enable_net: true
-    targets:
-      - fedora-all-x86_64
-      - fedora-all-aarch64
-      - fedora-eln-x86_64
-      - fedora-eln-aarch64
-      - centos-stream+epel-next-8-x86_64
-      - centos-stream+epel-next-8-aarch64
-      - centos-stream+epel-next-9-x86_64
-      - centos-stream+epel-next-9-aarch64
-    additional_repos:
-      - "copr://rhcontainerbot/podman-next"
+  # - job: copr_build
+  #  trigger: pull_request
+  #    #notifications:
+      #failure_comment:
+      #  message: "Ephemeral COPR build failed. @containers/packit-build please check."
+      #   enable_net: true
+      #targets:
+      #- fedora-all-x86_64
+      #- fedora-all-aarch64
+      #- fedora-eln-x86_64
+      #      - fedora-eln-aarch64
+      #- centos-stream+epel-next-8-x86_64
+      #- centos-stream+epel-next-8-aarch64
+      #    - centos-stream+epel-next-9-x86_64
+      #- centos-stream+epel-next-9-aarch64
+      #additional_repos:
+      #    - "copr://rhcontainerbot/podman-next"
 
   # Run on commit to main branch
   - job: copr_build
     trigger: commit
-    notifications:
-      failure_comment:
-        message: "podman-next COPR build failed. @containers/packit-build please check."
+      #notifications:
+      #failure_comment:
+      #  message: "podman-next COPR build failed. @containers/packit-build please check."
     branch: main
     owner: rhcontainerbot
     project: podman-next
     enable_net: true
 
-  - job: tests
-    identifier: cockpit-revdeps
-    trigger: pull_request
-    notifications:
-      failure_comment:
-        message: "Cockpit tests failed for commit {commit_sha}. @martinpitt, @jelly, @mvollmer please check."
-    targets:
-      - fedora-latest-stable
-      - fedora-development
-    tf_extra_params:
-      environments:
-        - artifacts:
-          - type: repository-file
-            id: https://copr.fedorainfracloud.org/coprs/g/cockpit/main-builds/repo/fedora-$releasever/group_cockpit-main-builds-fedora-$releasever.repo
-          - type: repository-file
-            id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo
-          tmt:
-            context:
-              revdeps: "yes"
+      #  - job: tests
+      #identifier: cockpit-revdeps
+      #trigger: pull_request
+      #notifications:
+      #failure_comment:
+      #  message: "Cockpit tests failed for commit {commit_sha}. @martinpitt, @jelly, @mvollmer please check."
+      #targets:
+      #- fedora-latest-stable
+      #- fedora-development
+      #tf_extra_params:
+      #  environments:
+      #  - artifacts:
+      #    - type: repository-file
+      #      id: https://copr.fedorainfracloud.org/coprs/g/cockpit/main-builds/repo/fedora-$releasever/group_cockpit-main-builds-fedora-$releasever.repo
+      #    - type: repository-file
+            #id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo
+              #tmt:
+            #context:
+              #            revdeps: "yes"
 
   - job: propose_downstream
     trigger: release

contrib/podman-next/fcos-podmanimage/cosa-snippet

@@ -0,0 +1,28 @@
+
+cosa() {
+   env | grep COREOS_ASSEMBLER
+   local -r COREOS_ASSEMBLER_CONTAINER_LATEST="quay.io/coreos-assembler/coreos-assembler:latest"
+   if [[ -z ${COREOS_ASSEMBLER_CONTAINER} ]] && $(podman image exists ${COREOS_ASSEMBLER_CONTAINER_LATEST}); then
+       local -r cosa_build_date_str="$(podman inspect -f "{{.Created}}" ${COREOS_ASSEMBLER_CONTAINER_LATEST} | awk '{print $1}')"
+       local -r cosa_build_date="$(date -d ${cosa_build_date_str} +%s)"
+       if [[ $(date +%s) -ge $((cosa_build_date + 60*60*24*7)) ]] ; then
+         echo -e "\e[0;33m----" >&2
+         echo "The COSA container image is more that a week old and likely outdated." >&2
+         echo "You should pull the latest version with:" >&2
+         echo "podman pull ${COREOS_ASSEMBLER_CONTAINER_LATEST}" >&2
+         echo -e "----\e[0m" >&2
+         sleep 10
+       fi
+   fi
+   set -x
+   podman run --rm --security-opt=label=disable --privileged                                    \
+              --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap=1001:1001:64536                          \
+              -v=${PWD}:/srv/ -e COSA_NO_KVM=1 --device=/dev/fuse                                  \
+              --tmpfs=/tmp -v=/var/tmp:/var/tmp --name=cosa                                         \
+              ${COREOS_ASSEMBLER_CONFIG_GIT:+-v=$COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro}   \
+              ${COREOS_ASSEMBLER_GIT:+-v=$COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro}  \
+              ${COREOS_ASSEMBLER_ADD_CERTS:+-v=/etc/pki/ca-trust:/etc/pki/ca-trust:ro}              \
+              ${COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS}                                            \
+              ${COREOS_ASSEMBLER_CONTAINER:-$COREOS_ASSEMBLER_CONTAINER_LATEST} "$@"
+   rc=$?; set +x; return $rc
+}