Skip to content

Commit

Permalink
Produce x86_64 & ARM64 fedora container images
Browse files Browse the repository at this point in the history
At the time of this commit, podman's Makefile has a target to allow
validating code changes locally.  However, it's based on a bespoke
container image which has no connection to the images used in CI.  This
can easily lead to a situation where validation passes in the local
environment passes fails in CI.  Support this validate target using
the `quay.io/libpod/*fedora_podman:latest` images instead across
all common developer architectures.

Signed-off-by: Chris Evich <[email protected]>
  • Loading branch information
cevich committed Aug 20, 2024
1 parent fc75a1a commit 4f9f677
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 7 deletions.
18 changes: 13 additions & 5 deletions .cirrus.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,13 +71,14 @@ container_images_task: &container_images
skip: *ci_docs_tooling
depends_on:
- image_builder
timeout_in: &cntr_timeout 40m
gce_instance: &ibi_vm
timeout_in: 90m # emulation is very slow
gce_instance:
image_project: "libpod-218412"
# Trust whatever was built most recently is functional
image_family: "image-builder"
zone: "us-central1-a"
disk: 200 # Must be 200, negatively affects performance otherwise.
type: "c2d-standard-4" # Extra muscle needed for multi-arch emulation
matrix:
- name: &name "Build ${TARGET_NAME} container"
env:
Expand All @@ -102,7 +103,9 @@ container_images_task: &container_images
# For $REGPFX namespace, select FQINs only.
REG_USERNAME: ENCRYPTED[df4efe530b9a6a731cfea19233e395a5206d24dfac25e84329de035393d191e94ead8c39b373a0391fa025cab15470f8]
REG_PASSWORD: ENCRYPTED[255ec05057707c20237a6c7d15b213422779c534f74fe019b8ca565f635dba0e11035a034e533a6f39e146e7435d87b5]
script: ci/make_container_images.sh;
script: |
podman run --rm --privileged mirror.gcr.io/multiarch/qemu-user-static:latest --reset -p yes
ci/make_container_images.sh
package_cache: &package_cache
folder: "/var/tmp/automation_images_tmp/.cache/**"
fingerprint_key: "${TARGET_NAME}-cache-version-1"
Expand All @@ -117,8 +120,13 @@ imgts_build_task:
skip: &ci_docs $CIRRUS_CHANGE_TITLE =~ '.*CI:DOCS.*'
depends_on:
- image_builder
timeout_in: *cntr_timeout
gce_instance: *ibi_vm
timeout_in: &cntr_timeout 40m
gce_instance: &ibi_vm
image_project: "libpod-218412"
# Trust whatever was built most recently is functional
image_family: "image-builder"
zone: "us-central1-a"
disk: 200 # Must be 200, negatively affects performance otherwise.
env: *image_env
script: |
export TARGET_NAME=imgts
Expand Down
2 changes: 1 addition & 1 deletion IMG_SFX
Original file line number Diff line number Diff line change
@@ -1 +1 @@
20240819t164934z-f40f39d13
20240820t135131z-f40f39d13
8 changes: 7 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -308,9 +308,15 @@ fedora_podman: ## Build Fedora podman development container
prior-fedora_podman: ## Build Prior-Fedora podman development container
$(call build_podman_container,$@,$(PRIOR_FEDORA_RELEASE))

# N/B: This assumes that qemu_user_static is present and installed into the kernel or (as root)
# podman run --rm --privileged mirror.gcr.io/multiarch/qemu-user-static:latest --reset -p yes
# must been executed (e.g. on CentOS).
$(_TEMPDIR)/%_podman.iid: podman/Containerfile podman/setup.sh $(wildcard base_images/*.sh) $(_TEMPDIR) $(wildcard cache_images/*.sh)
podman build -t $*_podman:$(call err_if_empty,_IMG_SFX) \
podman build --manifest=$*_podman:$(call err_if_empty,_IMG_SFX) \
--security-opt label=disable \
--security-opt seccomp=unconfined \
--platform=linux/amd64,linux/arm64 \
--jobs=2 \
--iidfile=$@ \
--build-arg=BASE_NAME=$(subst prior-,,$*) \
--build-arg=BASE_TAG=$(call err_if_empty,BASE_TAG) \
Expand Down

0 comments on commit 4f9f677

Please sign in to comment.