public
/
bootc-base-images
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'ci' into 'main' 

Use gitlab ci until Konflux is onboarded

See merge request fedora/bootc/base-images!20
This commit is contained in:
pbrobinson 2024-05-21 17:59:32 +00:00
parent f36f5b680b 9bc407619a
commit 4a725c0c05
10 changed files with 8 additions and 866 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.fmf/version
View File

@ -1 +0,0 @@
1

147
.gitlab-ci.yml
View File

@ -1,143 +1,12 @@
--- ---
default: include:
interruptible: true - remote: https://gitlab.com/platform-engineering-org/gitlab-ci/-/raw/main/templates/build-image.gitlab-ci.yml
build-image:
extends: .build-image
variables: variables:
LATEST_VERSION: "40" EXTRA_ARGS: "--security-opt=label=disable --cap-add=all"
# Default this one
RUNNER: saas-linux-medium-amd64
ARM_RUNNER: tmp-gcp-bifrost-aarch64
# TODO add arm64 once we have a runner
ARCHES: "amd64"
BUILDAH_IMAGE: quay.io/buildah/stable:v1.34.0
BUILDAH_ARGS: "--security-opt=label=disable --cap-add=all"
stages:
- build
# Code for merge requests
.build-image-mr:
image: $BUILDAH_IMAGE
parallel:
matrix:
- VARIANT:
- full
VERSION:
- "40"
script:
- buildah bud ${BUILDAH_ARGS} --no-cache -t localhost/test ${EXTRA_ARGS} ${CONTEXT}
rules: rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_SOURCE_PROJECT_PATH != $CI_PROJECT_PATH && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH' - if: $CI_PROJECT_NAMESPACE != "fedora/bootc"
stage: build when: never
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
ci-build-image-arm64:
variables:
ARCH: arm64
extends: .build-image-mr
tags:
- $ARM_RUNNER
# See above re runner
rules:
- when: never
ci-build-image-amd64:
variables:
ARCH: amd64
extends: .build-image-mr
tags:
- $RUNNER
# Code executed to build and push to registry
.build-push-image-arch:
image: $BUILDAH_IMAGE
variables:
IMAGE: $CI_REGISTRY_IMAGE/fedora-bootc-$VARIANT:$VERSION-$ARCH
EXTRA_ARGS: --from=quay.io/fedora/fedora:$VERSION --build-arg=VARIANT=$VARIANT --format oci --arch $ARCH --security-opt=label=disable --cap-add=all
before_script:
- buildah login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
script:
- buildah bud ${BUILDAH_ARGS} --no-cache -t ${IMAGE} ${EXTRA_ARGS} ${CONTEXT}
- buildah push $IMAGE
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- when: never
stage: build
build-push-amd64:
variables:
ARCH: amd64
parallel:
matrix:
- VARIANT:
- minimal
- full
VERSION:
- "40"
- rawhide
extends: .build-push-image-arch
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- when: never
stage: build
build-push-arm64:
tags:
- tmp-gcp-bifrost-aarch64
parallel:
matrix:
- VARIANT:
- minimal
- full
VERSION:
- "40"
- rawhide
variables:
ARCH: arm64
extends: .build-push-image-arch
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- when: never
stage: build
# And stitch things together into a manifest list
manifests_list:
parallel:
matrix:
- VARIANT:
- minimal
- full
VERSION:
- "40"
- rawhide
needs:
- build-push-amd64
- build-push-arm64
image: $BUILDAH_IMAGE
variables:
IMAGE_BASE: $CI_REGISTRY_IMAGE/fedora-bootc-$VARIANT
IMAGE: $IMAGE_BASE:$VERSION
before_script:
- buildah login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- for arch in ${ARCHES}; do buildah pull $IMAGE-${arch}; done
script:
- |
set -xeuo pipefail
buildah manifest create $IMAGE $IMAGE-amd64 $IMAGE-arm64
for arch in ${ARCHES}; do
buildah manifest annotate $IMAGE $IMAGE-${arch} --os linux --arch ${arch}
buildah manifest annotate $IMAGE $IMAGE-${arch} --os linux --arch ${arch}
done
buildah manifest push --all $IMAGE docker://$IMAGE
if test $VERSION == $LATEST_VERSION; then
buildah manifest push --all $IMAGE docker://$IMAGE_BASE:latest
fi
if test $VARIANT == full; then
buildah push $IMAGE $CI_REGISTRY_IMAGE/fedora-bootc:$VERSION
fi
rules:
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- when: never
stage: build

61
.tekton/fedora-bootc-integration-tests.yaml
View File

@ -1,61 +0,0 @@
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: testing-farm
spec:
description: >-
Expects a list of container images to be provided via the SNAPSHOT parameter.
A secret containing the testing-farm API token should be made available via a secret with the name `testing-farm-secret` containing a key `testing-farm-token`.
params:
- name: SNAPSHOT
description: A list of container images that should undergo testing
type: string
- name: GIT_URL
description: URL of the GIT repository that contains the tests.
type: string
- name: GIT_REF
default: "main"
description: Branch of the git repository used containing the tests
type: string
- name: COMPOSE
default: "Fedora-Rawhide"
description: Compose to use for the system-under-test.
type: string
- name: ARCH
default: "x86_64"
description: Comma-separated list of architectures to run against.
type: string
- name: TIMEOUT
default: "720"
description: Set the timeout for the request in minutes. If the test takes longer than this, it will be terminated.
type: string
- name: TESTING_FARM_API_URL
default: https://api.dev.testing-farm.io/v0.1
description: The testing-farm instance API to use
type: string
tasks:
- name: testing-farm
taskRef:
resolver: git
params:
- name: url
value: https://gitlab.com/fedora/bootc/base-images/
- name: revision
value: main
- name: pathInRepo
value: .tekton/testing-farm.yaml
params:
- name: SNAPSHOT
value: $(params.SNAPSHOT)
- name: GIT_URL
value: $(params.GIT_URL)
- name: GIT_REF
value: $(params.GIT_REF)
- name: COMPOSE
value: $(params.COMPOSE)
- name: ARCH
value: $(params.ARCH)
- name: TIMEOUT
value: $(params.TIMEOUT)
- name: TESTING_FARM_API_URL
value: $(params.TESTING_FARM_API_URL)

61
.tekton/fedora-bootc-pull-request.yaml
View File

@ -1,61 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://gitlab.com/fedora/bootc/base-images/?rev={{revision}}
build.appstudio.redhat.com/commit_sha: "{{revision}}"
build.appstudio.redhat.com/pull_request_number: "{{pull_request_number}}"
build.appstudio.redhat.com/target_branch: "{{target_branch}}"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression:
event == "pull_request" && target_branch == "main"
creationTimestamp: null
labels:
appstudio.openshift.io/application: fedora-bootc
appstudio.openshift.io/component: fedora-bootc
pipelines.appstudio.openshift.io/type: build
name: fedora-bootc-on-pull-request
namespace: centos-bootc-tenant
spec:
params:
- name: image-file
value: fedora-bootc.yaml
- name: git-url
value: "{{repo_url}}"
- name: output-image
value: quay.io/redhat-user-workloads/centos-bootc-tenant/fedora-bootc/fedora-bootc:on-pr-{{revision}}
- name: path-context
value: .
- name: revision
value: "{{revision}}"
- name: config-file
value: "fedora-bootc-config.json"
pipelineRef:
name: ostree-build
workspaces:
- name: workspace
volumeClaimTemplate:
metadata:
creationTimestamp: null
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
status: {}
- name: workspace-arm64
volumeClaimTemplate:
metadata:
creationTimestamp: null
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
status: {}
- name: git-auth
secret:
secretName: "{{ git_auth_secret }}"
status: {}

61
.tekton/fedora-bootc-push.yaml
View File

@ -1,61 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://gitlab.com/fedora/bootc/base-images/?rev={{revision}}
build.appstudio.redhat.com/commit_sha: "{{revision}}"
build.appstudio.redhat.com/pull_request_number: "{{pull_request_number}}"
build.appstudio.redhat.com/target_branch: "{{target_branch}}"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression:
event == "push" && target_branch == "main"
creationTimestamp: null
labels:
appstudio.openshift.io/application: fedora-bootc
appstudio.openshift.io/component: fedora-bootc
pipelines.appstudio.openshift.io/type: build
name: fedora-bootc-on-push
namespace: centos-bootc-tenant
spec:
params:
- name: image-file
value: fedora-bootc.yaml
- name: git-url
value: "{{repo_url}}"
- name: output-image
value: quay.io/redhat-user-workloads/centos-bootc-tenant/fedora-bootc/fedora-bootc:on-pr-{{revision}}
- name: path-context
value: .
- name: revision
value: "{{revision}}"
- name: config-file
value: "fedora-bootc-config.json"
pipelineRef:
name: ostree-build
workspaces:
- name: workspace
volumeClaimTemplate:
metadata:
creationTimestamp: null
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
status: {}
- name: workspace-arm64
volumeClaimTemplate:
metadata:
creationTimestamp: null
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
status: {}
- name: git-auth
secret:
secretName: "{{ git_auth_secret }}"
status: {}

379
.tekton/ostree-build.yaml
View File

@ -1,379 +0,0 @@
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: ostree-build
spec:
finally:
- name: show-summary
params:
- name: pipelinerun-name
value: $(context.pipelineRun.name)
- name: git-url
value: $(tasks.clone-repository.results.url)?rev=$(tasks.clone-repository.results.commit)
- name: image-url
value: $(params.output-image)
- name: build-task-status
value: $(tasks.build-container.status)
taskRef:
params:
- name: name
value: summary
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-summary:0.2@sha256:bdf58a8a6bf10482fff841ce6c78c54e87d306bc6aae9515821c436d26daff35
- name: kind
value: task
resolver: bundles
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description:
Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- description:
Path to the image file inside the context specified by parameter
path-context
name: image-file
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "true"
description: Skip optional checks, set false if you want to run optional checks
name: skip-optional
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: "false"
description: Java build
name: java
type: string
- default: ""
description:
Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- name: config-file
description: config file to use for rpm-ostree tool
type: string
default: ""
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-container.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-container.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-init:0.2@sha256:99674c6fbedcb153945ea37729c951e86314746cfc2dbeeecef6ce8b60229383
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:30709df067659a407968154fd39e99763823d8ecfc6b5cd00a55b68818ec94ba
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: output
workspace: workspace
- name: basic-auth
workspace: git-auth
- name: clone-repository-arm64
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
runAfter:
- init
taskRef:
kind: Task
params:
- name: name
value: git-clone
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:30709df067659a407968154fd39e99763823d8ecfc6b5cd00a55b68818ec94ba
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: output
workspace: workspace-arm64
- name: basic-auth
workspace: git-auth
- name: build-container-amd64
params:
- name: IMAGE
value: $(params.output-image)-amd64
- name: IMAGE_FILE
value: $(params.image-file)
- name: CONTEXT
value: $(params.path-context)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: PLATFORM
value: linux/amd64
- name: BUILDER_IMAGE
value: quay.io/centos-bootc/bootc-image-builder:latest
- name: CONFIG_FILE
value: $(params.config-file)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: rpm-ostree
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-rpm-ostree:0.1@sha256:8691f0a12dca3a4066d3f18ec11473d5ec0d680d58f764fb0e77cd3ff27009fe
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: source
workspace: workspace
- name: build-container-arm64
params:
- name: IMAGE
value: $(params.output-image)-arm64
- name: IMAGE_FILE
value: $(params.image-file)
- name: CONTEXT
value: $(params.path-context)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: PLATFORM
value: linux/arm64
- name: BUILDER_IMAGE
value: quay.io/centos-bootc/bootc-image-builder:latest
- name: CONFIG_FILE
value: $(params.config-file)
runAfter:
- clone-repository-arm64
taskRef:
params:
- name: name
value: rpm-ostree
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-rpm-ostree:0.1@sha256:8691f0a12dca3a4066d3f18ec11473d5ec0d680d58f764fb0e77cd3ff27009fe
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: source
workspace: workspace-arm64
- name: build-container
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGES
value:
- $(tasks.build-container-amd64.results.IMAGE_URL)@$(tasks.build-container-amd64.results.IMAGE_DIGEST)
- $(tasks.build-container-arm64.results.IMAGE_URL)@$(tasks.build-container-arm64.results.IMAGE_DIGEST)
runAfter:
- build-container-amd64
- build-container-arm64
taskRef:
params:
- name: name
value: build-image-manifest
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-build-image-manifest:0.1@sha256:4f8da0144ac88fb8139d3f60c40b64db02a5bf8bdd3f500f22389de80c7807c8
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: inspect-image
params:
- name: IMAGE_URL
value: $(tasks.build-container.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-container.results.IMAGE_DIGEST)
runAfter:
- build-container
taskRef:
params:
- name: name
value: inspect-image
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-inspect-image:0.1@sha256:268632262685fe84400c9b346fe589f96b1930321334660d234037fc25f97806
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: source
workspace: workspace
- name: deprecated-base-image-check
params:
- name: BASE_IMAGES_DIGESTS
value: $(tasks.build-container-amd64.results.BASE_IMAGES_DIGESTS)
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-deprecated-image-check:0.3@sha256:ae1fcb32b1aeac846e1a41019b2e735b9c25c27752496f17744d869860c80ff1
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-container.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-container.results.IMAGE_URL)
runAfter:
- build-container
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-clair-scan:0.1@sha256:5bf4cd29dd515decb96dfc4e3e07cee05dea399fb3acc4905384272e497c9ae3
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: sast-snyk-check
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:fa722fdf4b82e5e856a2a43227262762c40070746d97c2b36c130870802ed0e3
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: workspace
workspace: workspace
- name: sbom-json-check
params:
- name: IMAGE_URL
value: $(tasks.build-container.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-container.results.IMAGE_DIGEST)
runAfter:
- build-container
taskRef:
params:
- name: name
value: sbom-json-check
- name: bundle
value: quay.io/redhat-appstudio-tekton-catalog/task-sbom-json-check:0.1@sha256:988213d48b64c8d2f3a1c511fbb819c14b244ab72d05cecd789a4778ec23fb5d
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: workspace
- name: workspace-arm64
- name: git-auth
optional: true

68
.tekton/testing-farm.yaml
View File

@ -1,68 +0,0 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: testing-farm
spec:
description: Initiate testing-farm test given a list of container images
params:
- name: SNAPSHOT
description: A list of container images that should undergo testing
- name: GIT_URL
description: URL of the GIT repository that contains the tests.
- name: GIT_REF
default: "main"
description: Branch of the git repository used containing the tests
- name: COMPOSE
default: "Fedora-Rawhide"
description: Compose to use for the system-under-test.
- name: ARCH
default: "x86_64"
description: Comma-separated list of architectures to run against.
- name: TIMEOUT
default: "720"
description: Set the timeout for the request in minutes. If the test takes longer than this, it will be terminated.
- name: TESTING_FARM_API_URL
default: https://api.dev.testing-farm.io/v0.1
description: The testing-farm instance API to use
volumes:
- name: testing-farm-secret
secret:
secretName: testing-farm-secret
steps:
- image: quay.io/testing-farm/cli:latest
volumeMounts:
- name: testing-farm-secret
mountPath: "/etc/secrets"
readOnly: true
env:
- name: SNAPSHOT
value: $(params.SNAPSHOT)
- name: GIT_URL
value: $(params.GIT_URL)
- name: GIT_REF
value: $(params.GIT_REF)
- name: COMPOSE
value: $(params.COMPOSE)
- name: ARCH
value: $(params.ARCH)
- name: TIMEOUT
value: $(params.TIMEOUT)
- name: TESTING_FARM_API_URL
value: $(params.TESTING_FARM_API_URL)
script: |
#!/usr/bin/env bash
export TESTING_FARM_API_TOKEN=$(cat /etc/secrets/testing-farm-token)
apk add jq
GIT_URL=$(echo "${SNAPSHOT}" | jq -r '.components[0].source.git.url')
GIT_REF=$(echo "${SNAPSHOT}" | jq -r '.components[0].source.git.revision')
testing-farm request \
--environment SNAPSHOT="$(echo ${SNAPSHOT} | base64 -w 0)" \
--git-url "${GIT_URL}" \
--git-ref "${GIT_REF}" \
--compose "${COMPOSE}" \
--arch "${ARCH}" \
--timeout "${TIMEOUT}"

22
catalog-info.yaml
View File

@ -1,22 +0,0 @@
apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: centos-bootc
description: Create and maintain base bootable container images from Fedora ELN and CentOS Stream packages.
annotations:
github.com/project-slug: CentOS/centos-bootc
jira/project-key: BIFROST
feedback/type: JIRA
feedback/host: https://issues.redhat.com
links:
- url: https://centos.github.io/centos-bootc/
title: documentation
- url: https://app.slack.com/client/E030G10V24F/C02CU30L7GF
title: slack channel
icon: chat
tags:
- bifrost
spec:
type: library
lifecycle: experimental
owner: redhat/platform-engineering

33
plans/main.fmf
View File

@ -1,33 +0,0 @@
summary: Example of working with Snapshots from RHTAP
prepare:
- name: Install packages
how: install
package:
# For working with the SNAPSHOT var
- jq
# Just for interacting with the images
- podman
execute:
# Note, the ' character works here because the ${SNAPSHOT} is not a shell
# environment variable. it is treated by tmt as a tmt variable which is
# injected into the script before it is evaluated by bash.
script: |
echo "This is where the test script goes."
echo "The base64 encoded snapshot is: ${SNAPSHOT}"
echo -n "The base64 decoded snapshot is: "
echo $SNAPSHOT | base64 -d
echo "It contains the following container images:"
IMAGES=$(echo '${SNAPSHOT}' | base64 -d | jq -r '.components[].containerImage')
# Then, perform some check
for IMAGE in $IMAGES; do
echo $IMAGE
# Comment out this line due to the quay.io flakes
# https://github.com/containers/podman/issues/16973
# podman run $IMAGE cat /etc/os-release
done

41
renovate.json
View File

@ -2,46 +2,5 @@
"$schema": "https://docs.renovatebot.com/renovate-schema.json", "$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [ "extends": [
"github>platform-engineering-org/.github" "github>platform-engineering-org/.github"
],
"customDatasources": {
"c9s-compose": {
"defaultRegistryUrlTemplate": "https://composes.stream.centos.org/production/",
"format": "html"
}
},
"customManagers": [
{
"customType": "regex",
"fileMatch": [
"c9s.repo",
"centos-bootc-config.json"
],
"matchStrings": [
"https://composes.stream.centos.org/production/(?<currentValue>.*)/compose/(.*)",
"\"redhat.compose-id\": \"(?<currentValue>.*)\""
],
"datasourceTemplate": "custom.c9s-compose",
"depNameTemplate": "CentOS-Stream-9",
"versioningTemplate": "regex:^CentOS-Stream-9-(?<major>\\d{8})\\.d\\.0$"
}
],
"packageRules": [
{
"matchDatasources": [
"custom.c9s-compose"
],
"extractVersion": "(?<version>.+)/$",
"automerge": true,
"schedule": [
"at any time"
],
"groupName": null
},
{
"matchPackageNames": [
"quay.io/centos-bootc/bootc-image-builder"
],
"pinDigests": false
}
] ]
} }