Merge pull request #411 from mtrmac/podman-sequoia

WIP: Install podman-sequoia in rawhide images
Install podman-sequoia in rawhide images
2025-08-19 20:31:41 +02:00 · 2025-08-12 19:33:06 +02:00 · 2025-07-30 20:55:44 +02:00 · 2025-07-23 19:08:48 +02:00 · 2025-07-21 14:11:23 -04:00 · 2025-07-01 10:14:23 +02:00
22 changed files with 67 additions and 184 deletions
--- a/.cirrus.yml
+++ b/.cirrus.yml
@ -233,9 +233,6 @@ cache_images_task:
        - <<: *cache_image
          env:
            PACKER_BUILDS: "fedora-netavark"
-        - <<: *cache_image
-          env:
-            PACKER_BUILDS: "fedora-podman-py"
        - <<: *cache_image
          env:
            PACKER_BUILDS: "fedora-aws"
@ -340,7 +337,6 @@ test_imgts_task: &imgts
            fedora-c${IMG_SFX}
            prior-fedora-c${IMG_SFX}
            fedora-netavark-c${IMG_SFX}
-            fedora-podman-py-c${IMG_SFX}
            rawhide-c${IMG_SFX}
            debian-c${IMG_SFX}
            build-push-c${IMG_SFX}
--- a/.github/workflows/check_cirrus_cron.yml
+++ b/.github/workflows/check_cirrus_cron.yml
@ -14,4 +14,9 @@ jobs:
  # Ref: https://docs.github.com/en/actions/using-workflows/reusing-workflows
  call_cron_failures:
    uses: containers/podman/.github/workflows/check_cirrus_cron.yml@main
-    secrets: inherit
+    secrets:
+      SECRET_CIRRUS_API_KEY: ${{secrets.SECRET_CIRRUS_API_KEY}}
+      ACTION_MAIL_SERVER: ${{secrets.ACTION_MAIL_SERVER}}
+      ACTION_MAIL_USERNAME: ${{secrets.ACTION_MAIL_USERNAME}}
+      ACTION_MAIL_PASSWORD: ${{secrets.ACTION_MAIL_PASSWORD}}
+      ACTION_MAIL_SENDER: ${{secrets.ACTION_MAIL_SENDER}}
--- a/.github/workflows/pr_image_id.yml
+++ b/.github/workflows/pr_image_id.yml
@ -132,12 +132,10 @@ jobs:

            - if: steps.manifests.outputs.count > 0
              name: Post PR comment with image name/id table
-              uses: jungwinter/comment@v1.1.0
+              uses: thollander/actions-comment-pull-request@v3
              with:
-                  issue_number: '${{ steps.retro.outputs.prn }}'
-                  type: 'create'
-                  token: '${{ secrets.GITHUB_TOKEN }}'
-                  body: |
+                  pr-number: '${{ steps.retro.outputs.prn }}'
+                  message: |
                    ${{ env.IMAGE_TABLE }}

            # Ref: https://github.com/marketplace/actions/deploy-to-gist
--- a/2
+++ b/2
@ -1 +1 @@
-20241107t210000z-f41f40d13
+20250812t173301z-f42f41d13
--- a/16
+++ b/16
@ -22,11 +22,11 @@ export CENTOS_STREAM_RELEASE = 9

 # Warning: Beta Fedora releases are not supported.  Verifiy EC2 AMI availability
 # here: https://fedoraproject.org/cloud/download
-export FEDORA_RELEASE = 41
-export PRIOR_FEDORA_RELEASE = 40
+export FEDORA_RELEASE = 42
+export PRIOR_FEDORA_RELEASE = 41

 # This should always be one-greater than $FEDORA_RELEASE (assuming it's actually the latest)
-export RAWHIDE_RELEASE = 42
+export RAWHIDE_RELEASE = 43

 # Automation assumes the actual release number (after SID upgrade)
 # is always one-greater than the latest DEBIAN_BASE_FAMILY (GCE image).
@ -132,17 +132,17 @@ help: ## Default target, parses special in-line comments as documentation.
 # names and a max-length of 63.
 .PHONY: IMG_SFX
 IMG_SFX:  timebomb-check ## Generate a new date-based image suffix, store in the file IMG_SFX
-	$(file >$@,$(shell date --utc +%Y%m%dt%H%M%Sz)-f$(FEDORA_RELEASE)f$(PRIOR_FEDORA_RELEASE)d$(subst .,,$(DEBIAN_RELEASE)))
-	@echo "$(file <IMG_SFX)"
+	@echo "$$(date -u +%Y%m%dt%H%M%Sz)-f$(FEDORA_RELEASE)f$(PRIOR_FEDORA_RELEASE)d$(subst .,,$(DEBIAN_RELEASE))" > "$@"
+	@cat IMG_SFX

 # Prevent us from wasting CI time when we have expired timebombs
 .PHONY: timebomb-check
 timebomb-check:
-	@now=$$(date --utc +%Y%m%d); \
+	@now=$$(date -u +%Y%m%d); \
 	    found=; \
 	    while read -r bomb; do \
-	        when=$$(echo "$$bomb" | sed -e 's/^.*timebomb \([0-9]\+\).*/\1/'); \
-	        if [ $$when -le $$now ]; then \
+	        when=$$(echo "$$bomb" | sed -E -e 's/^.*timebomb ([0-9]+).*/\1/'); \
+	        if [ "$$when" -le "$$now" ]; then \
 	            echo "$$bomb"; \
 	            found=found; \
 	        fi; \
--- a/README-simplified.md
+++ b/README-simplified.md
@ -70,8 +70,8 @@ cases,
 [crun](https://github.com/containers/automation_images/pull/386/files) and
 [pasta](https://github.com/containers/automation_images/pull/383/files).
 Note the `timebomb` directives. Please use these: the time you save
-may be your own, one future day. And please use 2-6 week times. A
-timebomb that expires in a year is going to be hard to understand
+may be your own, one future day. And please use 2-6 week times.
+A timebomb that expires in a year is going to be hard to understand
 when it goes off.

 Bumping Distros
--- a/base_images/debian_base-setup.sh
+++ b/base_images/debian_base-setup.sh
@ -52,19 +52,6 @@ install_automation_tooling
 # Ensure automation library is loaded
 source "$REPO_DIRPATH/lib.sh"

-# 2024-01-02 found debian 13 tar 1.35+dfsg-2
-# which has the horrible duplicate-path bug:
-#     https://github.com/containers/podman/issues/19407
-#     https://bugzilla.redhat.com/show_bug.cgi?id=2230127
-# 2024-01-25 dfsg-3 also has the bug
-# 2024-09-06 trixy still has 1.35+dfsg-3 (https://packages.debian.org/trixie/tar)
-timebomb 20241201 "prevent us from getting broken tar-1.35+dfsg-3"
-$SUDO tee /etc/apt/preferences.d/$(date +%Y%m%d)-tar <<EOF
-Package: tar
-Pin: version 1.35+dfsg-[23]
-Pin-Priority: -1
-EOF
-
 # Workaround 12->13 forward-incompatible change in grub scripts.
 # Without this, updating to the SID kernel may fail.
 echo "Upgrading grub-common"
--- a/base_images/fedora_base-setup.sh
+++ b/base_images/fedora_base-setup.sh
@ -90,7 +90,9 @@ if ! ((CONTAINER)); then
        # This is necessary to prevent permission-denied errors on service-start
        # and also on the off-chance the package gets updated and context reset.
        $SUDO semanage fcontext --add --type bin_t /usr/bin/cloud-init
-        $SUDO restorecon -v /usr/bin/cloud-init
+        # This used restorecon before so we don't have to specify the file_contexts.local
+        # manually, however with f42 that stopped working: https://bugzilla.redhat.com/show_bug.cgi?id=2360183
+        $SUDO setfiles -v /etc/selinux/targeted/contexts/files/file_contexts.local /usr/bin/cloud-init
    else  # GCP Image
        echo "Setting GCP startup service (for Cirrus-CI agent) SELinux unconfined"
        # ref: https://cloud.google.com/compute/docs/startupscript
--- a/cache_images/cloud.yml
+++ b/cache_images/cloud.yml
@ -75,9 +75,6 @@ builders:
      source_image_family: 'fedora-base'
      labels: *fedora_gce_labels

-    - <<: *aux_fed_img
-      name: 'fedora-podman-py'
-
    - <<: *aux_fed_img
      name: 'fedora-netavark'

--- a/cache_images/debian_packaging.sh
+++ b/cache_images/debian_packaging.sh
@ -44,7 +44,7 @@ INSTALL_PACKAGES=(\
    fuse-overlayfs
    gcc
    gettext
-    git-daemon-run
+    git
    gnupg2
    go-md2man
    golang
@ -103,6 +103,8 @@ INSTALL_PACKAGES=(\
    skopeo
    slirp4netns
    socat
+    libsqlite3-0
+    libsqlite3-dev
    systemd-container
    sudo
    time
--- a/cache_images/debian_setup.sh
+++ b/cache_images/debian_setup.sh
@ -47,6 +47,11 @@ req_env_vars PACKER_BUILD_NAME

 bash $SCRIPT_DIRPATH/debian_packaging.sh

+# dnsmasq is set to bind 0.0.0.0:53, that will conflict with our dns tests.
+# We don't need a local resolver.
+$SUDO systemctl disable dnsmasq.service
+$SUDO systemctl mask dnsmasq.service
+
 if ! ((CONTAINER)); then
    warn "Making Debian kernel enable cgroup swap accounting"
    SEDCMD='s/^GRUB_CMDLINE_LINUX="(.*)"/GRUB_CMDLINE_LINUX="\1 cgroup_enable=memory swapaccount=1"/'
--- a/cache_images/fedora-podman-py_packaging.sh
+++ b/cache_images/fedora-podman-py_packaging.sh
@ -1,100 +0,0 @@
-#!/bin/bash
-
-# This script is called from fedora_setup.sh and various Dockerfiles.
-# It's not intended to be used outside of those contexts.  It assumes the lib.sh
-# library has already been sourced, and that all "ground-up" package-related activity
-# needs to be done, including repository setup and initial update.
-
-set -e
-
-SCRIPT_FILEPATH=$(realpath "${BASH_SOURCE[0]}")
-SCRIPT_DIRPATH=$(dirname "$SCRIPT_FILEPATH")
-REPO_DIRPATH=$(realpath "$SCRIPT_DIRPATH/../")
-
-# shellcheck source=./lib.sh
-source "$REPO_DIRPATH/lib.sh"
-
-# shellcheck disable=SC2154
-warn "Enabling updates-testing repository for $PACKER_BUILD_NAME"
-lilto ooe.sh $SUDO dnf install -y 'dnf-command(config-manager)'
-lilto ooe.sh $SUDO dnf config-manager setopt updates-testing.enabled=1
-
-msg "Updating/Installing repos and packages for $OS_REL_VER"
-
-bigto ooe.sh $SUDO dnf update -y
-
-INSTALL_PACKAGES=(\
-    bash-completion
-    bridge-utils
-    buildah
-    bzip2
-    curl
-    findutils
-    fuse3
-    gcc
-    git
-    git-daemon
-    glib2-devel
-    glibc-devel
-    hostname
-    httpd-tools
-    iproute
-    iptables
-    jq
-    libtool
-    lsof
-    make
-    nmap-ncat
-    openssl
-    openssl-devel
-    pkgconfig
-    podman
-    policycoreutils
-    protobuf
-    protobuf-devel
-    python-pip-wheel
-    python-setuptools-wheel
-    python-toml
-    python-wheel-wheel
-    python3-PyYAML
-    python3-coverage
-    python3-dateutil
-    python3-docker
-    python3-fixtures
-    python3-libselinux
-    python3-libsemanage
-    python3-libvirt
-    python3-pip
-    python3-psutil
-    python3-pylint
-    python3-pytest
-    python3-requests
-    python3-requests-mock
-    python3-virtualenv
-    python3.6
-    python3.8
-    python3.9
-    python3.10
-    python3.11
-    python3.12
-    redhat-rpm-config
-    rsync
-    sed
-    skopeo
-    socat
-    tar
-    time
-    tox
-    unzip
-    vim
-    wget
-    xz
-    zip
-    zstd
-)
-
-echo "Installing general build/test dependencies"
-bigto $SUDO dnf install -y "${INSTALL_PACKAGES[@]}"
-
-# It was observed in F33, dnf install doesn't always get you the latest/greatest
-lilto $SUDO dnf update -y
--- a/cache_images/fedora_packaging.sh
+++ b/cache_images/fedora_packaging.sh
@ -56,6 +56,7 @@ INSTALL_PACKAGES=(\
    curl
    device-mapper-devel
    dnsmasq
+    docker-distribution
    e2fsprogs-devel
    emacs-nox
    fakeroot
@ -64,6 +65,7 @@ INSTALL_PACKAGES=(\
    fuse3
    fuse3-devel
    gcc
+    gh
    git
    git-daemon
    glib2-devel
@ -81,6 +83,7 @@ INSTALL_PACKAGES=(\
    iproute
    iptables
    jq
+    koji
    krb5-workstation
    libassuan
    libassuan-devel
@ -115,12 +118,15 @@ INSTALL_PACKAGES=(\
    pigz
    pkgconfig
    podman
+    podman-remote
    pre-commit
    procps-ng
    protobuf
    protobuf-c
    protobuf-c-devel
    protobuf-devel
+    python3-fedora-distro-aliases
+    python3-koji-cli-plugins
    redhat-rpm-config
    rpcbind
    rsync
@ -130,6 +136,8 @@ INSTALL_PACKAGES=(\
    skopeo
    slirp4netns
    socat
+    sqlite-libs
+    sqlite-devel
    squashfs-tools
    tar
    time
@ -166,6 +174,11 @@ if [[ "$PACKER_BUILD_NAME" =~ fedora ]]; then
        python3-requests
        python3-requests-mock
    )
+else # podman-sequoia is only available in Rawhide
+    timebomb 20251101 "Also install the package in future Fedora releases, and enable Sequoia support in users of the images."
+    INSTALL_PACKAGES+=( \
+        podman-sequoia
+    )
 fi

 # When installing during a container-build, having this present
@ -183,6 +196,16 @@ if ! ((CONTAINER)); then
        selinux-policy-devel
        policycoreutils
    )
+
+    # Extra packages needed by podman-machine-os
+    INSTALL_PACKAGES+=( \
+        podman-machine
+        osbuild
+        osbuild-tools
+        osbuild-ostree
+        xfsprogs
+        e2fsprogs
+    )
 fi


@ -200,18 +223,6 @@ DOWNLOAD_PACKAGES=(\
 msg "Installing general build/test dependencies"
 bigto $SUDO dnf install -y "${INSTALL_PACKAGES[@]}"

-# 2024-11-07 not yet stable on f40
-timebomb 20241119 "pasta 20241030 desired for podman flake fix"
-if [[ "$OS_RELEASE_VER" -eq 40 ]]; then
-    arch=$(uname -m)
-    n=passt
-    v=0%5E20241030.gee7d0b6
-    r=1.fc$OS_RELEASE_VER
-    bigto $SUDO dnf install -y  \
-          https://kojipkgs.fedoraproject.org/packages/$n/$v/$r/$arch/$n-$v-$r.$arch.rpm \
-          https://kojipkgs.fedoraproject.org/packages/$n/$v/$r/noarch/$n-selinux-$v-$r.noarch.rpm
-fi
-
 msg "Downloading packages for optional installation at runtime, as needed."
 $SUDO mkdir -p "$PACKAGE_DOWNLOAD_DIR"
 cd "$PACKAGE_DOWNLOAD_DIR"
--- a/cache_images/fedora_setup.sh
+++ b/cache_images/fedora_setup.sh
@ -30,8 +30,6 @@ req_env_vars PACKER_BUILD_NAME
 # shellcheck disable=SC2154
 if [[ "$PACKER_BUILD_NAME" =~ "netavark" ]]; then
    bash $SCRIPT_DIRPATH/fedora-netavark_packaging.sh
-elif [[ "$PACKER_BUILD_NAME" =~ "podman-py" ]]; then
-    bash $SCRIPT_DIRPATH/fedora-podman-py_packaging.sh
 elif [[ "$PACKER_BUILD_NAME" =~ "build-push" ]]; then
    bash $SCRIPT_DIRPATH/build-push_packaging.sh
    # Registers qemu emulation for non-native execution
--- a/cache_images/local-cache-registry
+++ b/cache_images/local-cache-registry
@ -76,6 +76,10 @@ declare -a IMAGELIST=(
    registry:2.8.2
    registry:volume_omitted
    systemd-image:20240124
+    testartifact:20250206-single
+    testartifact:20250206-multi
+    testartifact:20250206-multi-no-title
+    testartifact:20250206-evil
    testdigest_v2s2
    testdigest_v2s2:20200210
    testimage:00000000
--- a/cache_images/rawhide_setup.sh
+++ b/cache_images/rawhide_setup.sh
@ -30,10 +30,6 @@ $SUDO sed -i -r -e 's/^gpgcheck=.+/gpgcheck=0/' /etc/yum.repos.d/*.repo
 $SUDO dnf5 -y distro-sync --releasever=rawhide --allowerasing
 $SUDO dnf5 upgrade -y

-# As of May 2024 composefs is heating up
-timebomb 20241231 "At some point, composefs should be available on all fedoras"
-$SUDO dnf5 -y install composefs
-
 # A shared fedora_packaging.sh script is called next that doesn't always support dnf5
 $SUDO ln -s $(type -P dnf5) /usr/local/bin/dnf

--- a/Image/manifest/cache_images/manifest.json
+++ b/Image/manifest/cache_images/manifest.json
@ -1,17 +0,0 @@
-{
-  "builds": [
-    {
-      "name": "fedora-podman-py",
-      "builder_type": "googlecompute",
-      "build_time": 1658176090,
-      "files": null,
-      "artifact_id": "fedora-podman-py-c5419329914142720",
-      "packer_run_uuid": "e5b1e6ab-37a5-a695-624d-47bf0060b272",
-      "custom_data": {
-        "IMG_SFX": "5419329914142720",
-        "STAGE": "cache"
-      }
-    }
-  ],
-  "last_run_uuid": "e5b1e6ab-37a5-a695-624d-47bf0060b272"
-}
--- a/ci/make.sh
+++ b/ci/make.sh
@ -35,6 +35,14 @@ if [[ -n "$AWS_INI" ]]; then
    set_aws_filepath
 fi

+id
+# FIXME: ssh-keygen seems to fail to create keys with Permission denied
+# in the base_images make target, I have no idea why but all CI jobs are
+# broken because of this. Let's try without selinux.
+if [[ "$(getenforce)" == "Enforcing" ]]; then
+    setenforce 0
+fi
+
 set -x
 cd "$REPO_DIRPATH"
 export IMG_SFX=$IMG_SFX
--- a/gcpprojects.txt
+++ b/gcpprojects.txt
@ -8,7 +8,6 @@ containers-build-source-image
 libpod-218412
 netavark-2021
 oci-seccomp-bpf-hook
-podman-py
 skopeo
 storage-240716
 udica-247612
--- a/skopeo_cidev/Containerfile
+++ b/skopeo_cidev/Containerfile
@ -12,7 +12,6 @@ RUN dnf -y update && \
    dnf clean all

 ENV REG_REPO="https://github.com/docker/distribution.git" \
-    REG_COMMIT="b5ca020cfbe998e5af3457fda087444cf5116496" \
    REG_COMMIT_SCHEMA1="ec87e9b6971d831f0eff752ddb54fb64693e51cd" \
    OSO_REPO="https://github.com/openshift/origin.git" \
    OSO_TAG="v1.5.0-alpha.3"
--- a/skopeo_cidev/setup.sh
+++ b/skopeo_cidev/setup.sh
@ -9,7 +9,6 @@ set -e
 declare -a req_vars
 req_vars=(\
    REG_REPO
-    REG_COMMIT
    REG_COMMIT_SCHEMA1
    OSO_REPO
    OSO_TAG
@ -43,12 +42,6 @@ cd "$REG_GOSRC"
 (
    # This is required to be set like this by the build system
    export GOPATH="$PWD/Godeps/_workspace:$GOPATH"
-    # This comes in from the Containerfile
-    # shellcheck disable=SC2154
-    git checkout -q "$REG_COMMIT"
-    go build -o /usr/local/bin/registry-v2 \
-        github.com/docker/distribution/cmd/registry
-
    # This comes in from the Containerfile
    # shellcheck disable=SC2154
    git checkout -q "$REG_COMMIT_SCHEMA1"
--- a/win_images/win_packaging.ps1
+++ b/win_images/win_packaging.ps1
@ -9,7 +9,7 @@ iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocola

 # Install basic required tooling.
 #   psexec needed to workaround session 0 WSL bug
-retryInstall git archiver psexec golang mingw StrawberryPerl zstandard; Check-Exit
+retryInstall 7zip git archiver psexec golang mingw StrawberryPerl zstandard; Check-Exit

 # Update service is required for dotnet
 Set-Service -Name wuauserv -StartupType "Manual"; Check-Exit
Author	SHA1	Message	Date
Paul Holzinger	a0b436c123	Merge pull request #411 from mtrmac/podman-sequoia WIP: Install podman-sequoia in rawhide images	2025-08-19 20:31:41 +02:00
Miloslav Trmač	d8d2fc4c90	Install podman-sequoia in rawhide images Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2025-08-12 19:33:06 +02:00
Miloslav Trmač	2c9f480248	Update the IMG_SFX rules to work on macOS - (date --utc) is not supported - The $(file ) make function is not supported - macOS sed has no \+ in basic regular expressions, use the extended format - (quote arguments to [ ] to avoid confusing error messages if an earlier sed fails) Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2025-07-30 20:55:44 +02:00
Miloslav Trmač	34add92ba5	Merge pull request #410 from lsm5/skopeo-registry skopeo_cidev: Depend on docker-distribution	2025-07-23 19:08:48 +02:00
Lokesh Mandvekar	3c73fc4fa8	skopeo / fedora cache_image: Install docker-distribution Having the registry binary named `registry-v2` causes trouble for `make test-integration-local`. The registry binary provided by the docker-distribution package is just `/usr/bin/registry`. Depending on docker-distribution should make things simpler, more consistent and usable regardles of CI / testing environment. In skopeo cirrus jobs, the integration tests are run on the host itself but a lot of the binaries are copied from the skopeo_cidev container. So, in this case docker-distribution is directly installed on the host environment and the registry-v2 build is removed from the skopeo_cidev image. Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>	2025-07-21 14:11:23 -04:00
Paul Holzinger	0e1497cd77	Merge pull request #408 from Luap99/podman-py-rm remove podman-py	2025-07-01 10:14:23 +02:00
Paul Holzinger	08a78fef72	new image build 2025-06-27 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-06-27 17:52:11 +02:00
Paul Holzinger	6489ad88d4	remove podman-py It only uses tmt now and not cirrus anymore. So delete all the image build infra for it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-06-27 17:51:05 +02:00
Paul Holzinger	6b776d0590	Merge pull request #407 from timcoding1988/feat/add-gh-to-fedora Feat/add gh to fedora	2025-06-24 11:57:40 +02:00
timcoding1988	5f27145d64	1. adding gh 2. remove 4.0 timebomb check Signed-off-by: Tim Zhou <tzhou@redhat.com>	2025-06-18 10:39:18 -04:00
Paul Holzinger	699dbfbcc1	Merge pull request #404 from Luap99/packages update to Fedora 42 and add some packages	2025-04-23 11:21:52 +02:00
Paul Holzinger	56b6c5c1f8	update IMG_SFX 2025-04-22 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-22 15:08:26 +02:00
Paul Holzinger	1a7005b4ea	ci: work around build issue All the base image jobs are failing with: ssh-keygen -f /tmp/cirrus-ci-build_tmp/cidata.ssh -P "" -q -t ed25519 Saving key "/tmp/cirrus-ci-build_tmp/cidata.ssh" failed: Permission denied make: *** [Makefile:216: /tmp/cirrus-ci-build_tmp/cidata.ssh] Error 1 I have no idea what happend but let's try without selinux in case selinux is blocking file access. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-22 15:08:20 +02:00
Paul Holzinger	e960222013	f42: force newer criu To fix broken checkpoint tests. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-22 11:58:46 +02:00
Paul Holzinger	087a6c4b24	AWS fedora: work around selinux bug On f42 restorecon no longer applies the new label: https://bugzilla.redhat.com/show_bug.cgi?id=2360183 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-16 16:35:42 +02:00
Paul Holzinger	12c503fb07	fedora: remove python3.8 The package has been removed in f42. https://fedoraproject.org/wiki/Changes/RetirePython3.8 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-15 20:11:14 +02:00
Paul Holzinger	96f688b0e3	update to Fedora 42 It has been released. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-15 18:13:53 +02:00
Paul Holzinger	632e4b16f8	.github: check_cirrus_cron work around github bug So I wondered why our email workflow only reported things for podman... It seems the secrets: inherit is broken and no longer working, I see all jobs on all repos failing with: Error when evaluating 'secrets'. .github/workflows/check_cirrus_cron.yml (Line: 19, Col: 11): Secret SECRET_CIRRUS_API_KEY is required, but not provided while calling. This makes no sense to me I doubled checked the names, nothing changed on our side and it is consistent for all projects. Interestingly this same thing passed on March 10 and 11 (on all repos) but failed before and after this as well. Per[1] we are not alone, anyway let's try to get this working again even if it means more duplication. [1] https://github.com/actions/runner/issues/2709 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-15 18:13:02 +02:00
Paul Holzinger	ea0295744e	github: use thollander/actions-comment-pull-request jungwinter/comment doesn't seem very much maintained and makes use of the deprecated set-output[1]. [1] https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-15 18:13:02 +02:00
Paul Holzinger	e073d1b16d	debian: disable dnsmasq service This conflicts with aardvark-dns which also binds this port. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-04-01 11:20:18 +02:00
Paul Holzinger	af87d70dce	add sqlite3 lib/dev packages I like to dynamically link sqlite3 in podman builds to make the binaries smaller. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-03-31 14:31:52 +02:00
Lokesh Mandvekar	879a69260c	Fedora cache image: install koji and fedora-distro-aliases Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2025-03-31 14:23:09 +02:00
Paul Holzinger	564840b6bc	Merge pull request #402 from Luap99/new-images new images 2025-03-24	2025-03-24 14:59:33 +01:00
Paul Holzinger	6c11ff7257	new images 2025-03-24 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-03-24 12:19:25 +01:00
Daniel J Walsh	fe4e4f3cd7	Merge pull request #401 from Luap99/new-images new images 20250312	2025-03-12 16:58:26 -04:00
Paul Holzinger	617fe85f37	new images 20250312 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-03-12 17:54:25 +01:00
Paul Holzinger	3319c260ad	Merge pull request #400 from Luap99/artifacts add new testartifacts in the cache registry	2025-02-11 20:33:21 +01:00
Paul Holzinger	1a185cfb81	new images Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-02-10 17:08:49 +01:00
Paul Holzinger	3f7b07de69	debian: remove tar work around Thanks to Reinhard for patching the debian package to no longer trigger the bug. https://salsa.debian.org/debian/tar/-/merge_requests/6 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-02-10 17:06:24 +01:00
Paul Holzinger	d2652b1135	add new testartifact to image cache This is needed by https://github.com/containers/podman/pull/25238 To avoid flakes we need to have the test artifacts in the cache registry. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-02-10 17:02:56 +01:00
Paul Holzinger	4b32b8267d	Merge pull request #399 from Luap99/new-images new images 2025-01-31	2025-02-03 16:04:16 +01:00
Paul Holzinger	4756da479a	new images 2025-01-31 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-01-31 13:19:19 +01:00
Paul Holzinger	ed0f37f1bd	Merge pull request #398 from Luap99/new-images new images	2025-01-07 18:46:23 +01:00
Paul Holzinger	e5a1016f08	new images Removed two timebombs that no longer apply, composefs is installed in the main package list and the pasta version is in stable now. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-01-07 14:24:36 +01:00
Paul Holzinger	8c6d4bb0bf	debian: remove git-daemon-run The package no longer exists[1] in sid. Per quick search it just contained a simple script not something we actually use. We need the git daemon command and that is already part of the main git package AFAICS. [1] `2de766588e` Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-01-07 14:04:39 +01:00
Paul Holzinger	21cebe3fec	Merge pull request #397 from baude/add7z Add 7zip Windows compression utility	2025-01-06 15:31:32 +01:00
Brent Baude	856110c78d	Add 7zip Windows compression utility The Fedora images used to test libhvee are now being shipped with xz compression. Because the golang xz decompression is extremely slow, I'm proposing to use this command line utility. Signed-off-by: Brent Baude <bbaude@redhat.com>	2024-12-18 09:52:12 -06:00
Paul Holzinger	46c3bf5c93	Merge pull request #396 from Luap99/podman-machine-os add packages needed by podman-machine-os	2024-12-13 15:23:22 +01:00
Paul Holzinger	d317246fd6	build new images - remove old pasta bump and add new bump for rawhide issue https://github.com/containers/podman/issues/24804 - bump debian tar timebomb, it still has the same broken version Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2024-12-12 13:25:24 +01:00
Paul Holzinger	006e5b1db8	add packages needed by podman-machine-os So that we do not have to deal with dnf install issues over there at runtime. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2024-12-05 13:45:56 +01:00
Ed Santiago	99e20928ad	Merge pull request #394 from edsantiago/bump-systemd Bump. Let's see if we pick up a new systemd.	2024-11-20 08:03:34 -07:00
Ed Santiago	7c285acaaa	Bump. Let's see if we pick up a new systemd. Desperate attempt to look into podman issue 24220, the missing-logs-and-events flake. I noticed on 1mt that rawhide is on systemd-257~rc1, which is what's on debian, and we haven't seen 24220 on debian. F41 is still on 256.7. Let's see what this PR brings in. If we get systemd-257 on rawhide, let's hammer at it on podman and see what happens with 24220. Also, fix a big duh on my part. My new README-simplified had a line beginning with the word "timebomb", which 'make timebomb-check' interpreted as an actual timebomb directive, which caused the check to fail. Workaround is to shuffle words; a more proper solution might be to exclude READMEs, or look only in *.sh files, or some other smart filter. Signed-off-by: Ed Santiago <santiago@redhat.com>	2024-11-18 06:06:17 -07:00