[CI:BUILD] followup PR for fcos with podman-next

Followup on #19477 Remove commented out cirrus task for fcos image build with podman-next and add 2 github actions: 1 for running a simple uni-arch image build on every PR and another to actually build multiarch images and push to quay after merge. `podman --version` will also include git short sha for clarity. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2026-03-08 00:40:15 -05:00 · 2023-09-19 10:19:53 -04:00
parent 63219d617e
commit fa71504518
6 changed files with 90 additions and 37 deletions
--- a/.github/workflows/fcos-podman-next-build-prepush-test.yml
+++ b/.github/workflows/fcos-podman-next-build-prepush-test.yml
@@ -0,0 +1,31 @@
+# This workflow only runs a build test to check for buildability issues before
+# PR merge. No registry push occurs here.
+name: Build FCOS image with podman-next
+
+on:
+  pull_request:
+    branches:
+      - main
+
+env:
+  IMAGE_NAME: fcos
+  IMAGE_REGISTRY: quay.io/podman
+  COPR_OWNER: rhcontainerbot
+  COPR_PROJECT: podman-next
+
+jobs:
+  fcos-podman-next-image-build-prepush-test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v4
+
+    - name: Build FCOS Image
+      id: build_image_test
+      # Ref: https://github.com/redhat-actions/buildah-build
+      uses: redhat-actions/buildah-build@v2
+      with:
+        image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
+        tags: ${{ github.sha }}
+        containerfiles: ./contrib/podman-next/fcos-podmanimage/Containerfile
--- a/.github/workflows/fcos-podman-next-build.yml
+++ b/.github/workflows/fcos-podman-next-build.yml
@@ -7,7 +7,8 @@ on:

 env:
  IMAGE_NAME: fcos
-  IMAGE_TAGS: latest next podman-next ${{ github.sha }}
+  # IMAGE_ARCHS has to be comma separated
+  IMAGE_ARCHS: amd64, arm64
  IMAGE_REGISTRY: quay.io/podman
  COPR_OWNER: rhcontainerbot
  COPR_PROJECT: podman-next
@@ -17,36 +18,73 @@ jobs:
    runs-on: ubuntu-latest

    steps:
+    - name: Install qemu dependency
+      run: |
+        sudo apt update
+        sudo apt -y install qemu-user-static
+
    - name: Set up wait-for-copr
      run: |
        pip3 install git+https://github.com/packit/wait-for-copr.git@main

+    - name: Check out code
+      uses: actions/checkout@v4
+
+    - name: Get short SHA from HEAD
+      run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
+      id: short_sha
+
    - name: Wait for successful podman-next build with the latest commit
      run: |
        # TODO: add this in the Containerfile itself or as a --build-arg
-        wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman $(git rev-parse --short ${{ github.sha }})
+        wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman ${{ env.SHORT_SHA }}
        echo "podman-next build successful."

-    - name: Check out code
-      uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
-
    - name: Build FCOS Image
-      id: build_image
+      id: build_image_multiarch
      # Ref: https://github.com/redhat-actions/buildah-build
      uses: redhat-actions/buildah-build@v2
      with:
-        image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
-        tags: ${{env.IMAGE_TAGS }}
-        containerfiles: |
-          ./contrib/podman-next/fcos-podmanimage/Containerfile .
+        image: ${{ env.IMAGE_NAME }}
+        tags: ${{ env.COPR_PROJECT }} podman-${{ env.SHORT_SHA }}
+        archs: ${{ env.IMAGE_ARCHS }}
+        containerfiles: ./contrib/podman-next/fcos-podmanimage/Containerfile
+        labels: |
+          org.opencontainers.image.title=fcos-podman-next image
+          org.opencontainers.image.source=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/contrib/podman-next/fcos-podmanimage/Containerfile
+          org.opencontainers.image.url=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
+          org.opencontainers.image.description=FCOS image with rpms from rhcontainerbot/podman-next copr
+          org.opencontainers.image.revision=${{ github.sha }}
+
+
+    - name: Echo Outputs
+      run: |
+        echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
+        echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
+        echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
+
+    - name: Check images created
+      run: buildah images | grep '${{ env.IMAGE_NAME }}'
+
+    - name: Check image metadata
+      run: |
+        set -x
+        # COPR_PROJECT envvar is used for the `podman-next` floating tag
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.COPR_PROJECT }} | jq ".OCIv1.architecture"
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.COPR_PROJECT }} | jq ".Docker.architecture"
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:podman-${{ env.SHORT_SHA }} | jq ".OCIv1.architecture"
+        buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:podman-${{ env.SHORT_SHA }} | jq ".Docker.architecture"
+
+    - name: Run image
+      run: podman run --privileged --rm ${{ steps.build_image_multiarch.outputs.image-with-tag }} podman system info

    - name: Push to Quay
      id: push-to-quay
      # Ref: https://github.com/redhat-actions/push-to-registry
      uses: redhat-actions/push-to-registry@v2
      with:
-        image: ${{ steps.build-image.outputs.image }}
-        tags: ${{ steps.build-image.outputs.tags }}
+        image: ${{ env.IMAGE_NAME }}
+        tags: ${{ steps.build_image_multiarch.outputs.tags }}
        registry: ${{ env.IMAGE_REGISTRY }}
        username: ${{ secrets.QUAY_PODMAN_USERNAME }}
        password: ${{ secrets.QUAY_PODMAN_PASSWORD }}