opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-11-28 17:18:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

Exercise containers_image_sequoia in CI

Browse Source 
This build tag replaces the backend for _verification_
of GPG signatures, to use Sequoia-PGP instead of GNUPG.

Do Rawhide builds with Sequoia; the podman-sequoia package exists
in F43 and later, so we can't do it in earlier versions.

This way we cover both variants (+ containers_image_openpgp
in the podman-remote client, at least that it builds).

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
Miloslav Trmač
2025-07-15 18:54:33 +02:00
parent 998c9d8f6a
commit 2f005b67f4
4 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
.cirrus.yml
View File

@@ -95,6 +95,7 @@ validate-source_task:
image_name: "${FEDORA_CACHE_IMAGE_NAME}" # from stdenvars image_name: "${FEDORA_CACHE_IMAGE_NAME}" # from stdenvars
env: env:
TEST_FLAVOR: validate-source TEST_FLAVOR: validate-source
TEST_BUILD_TAGS: ""
# NOTE: The default way Cirrus-CI clones is *NOT* compatible with # NOTE: The default way Cirrus-CI clones is *NOT* compatible with
# environment expectations in contrib/cirrus/lib.sh. Specifically # environment expectations in contrib/cirrus/lib.sh. Specifically
# the 'origin' remote must be defined, and all remote branches/tags # the 'origin' remote must be defined, and all remote branches/tags
@@ -151,11 +152,13 @@ build_task:
# Ref: https://cirrus-ci.org/guide/writing-tasks/#matrix-modification # Ref: https://cirrus-ci.org/guide/writing-tasks/#matrix-modification
- env: &stdenvars - env: &stdenvars
DISTRO_NV: ${FEDORA_NAME} DISTRO_NV: ${FEDORA_NAME}
TEST_BUILD_TAGS: ""
# Not used here, is used in other tasks # Not used here, is used in other tasks
VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
CTR_FQIN: ${FEDORA_CONTAINER_FQIN} CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
- env: - env:
DISTRO_NV: ${PRIOR_FEDORA_NAME} DISTRO_NV: ${PRIOR_FEDORA_NAME}
TEST_BUILD_TAGS: ""
VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME}
CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN}
CI_DESIRED_DATABASE: boltdb CI_DESIRED_DATABASE: boltdb
@@ -163,11 +166,13 @@ build_task:
- env: - env:
<<: *stdenvars <<: *stdenvars
DISTRO_NV: ${RAWHIDE_NAME} DISTRO_NV: ${RAWHIDE_NAME}
TEST_BUILD_TAGS: "containers_image_sequoia"
VM_IMAGE_NAME: ${RAWHIDE_CACHE_IMAGE_NAME} VM_IMAGE_NAME: ${RAWHIDE_CACHE_IMAGE_NAME}
CI_DESIRED_STORAGE: composefs CI_DESIRED_STORAGE: composefs
CTR_FQIN: "" CTR_FQIN: ""
- env: - env:
DISTRO_NV: ${DEBIAN_NAME} DISTRO_NV: ${DEBIAN_NAME}
TEST_BUILD_TAGS: ""
VM_IMAGE_NAME: ${DEBIAN_CACHE_IMAGE_NAME} VM_IMAGE_NAME: ${DEBIAN_CACHE_IMAGE_NAME}
env: env:
TEST_FLAVOR: build TEST_FLAVOR: build
@@ -209,6 +214,7 @@ build_aarch64_task:
VM_IMAGE_NAME: ${FEDORA_AARCH64_AMI} VM_IMAGE_NAME: ${FEDORA_AARCH64_AMI}
CTR_FQIN: ${FEDORA_CONTAINER_FQIN} CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
TEST_FLAVOR: build TEST_FLAVOR: build
TEST_BUILD_TAGS: ""
clone_script: *full_clone clone_script: *full_clone
# TODO: Rename to "ci-sanity" and move into task that runs in parallel to build # TODO: Rename to "ci-sanity" and move into task that runs in parallel to build
prebuild_script: *prebuild prebuild_script: *prebuild
@@ -236,6 +242,7 @@ alt_build_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: "altbuild" TEST_FLAVOR: "altbuild"
TEST_BUILD_TAGS: ""
gce_instance: *fastvm gce_instance: *fastvm
matrix: matrix:
- env: - env:
@@ -402,6 +409,7 @@ bindings_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: bindings TEST_FLAVOR: bindings
TEST_BUILD_TAGS: ""
# N/B: This script depends on ${DISTRO_NV} being defined for the task. # N/B: This script depends on ${DISTRO_NV} being defined for the task.
clone_script: &get_gosrc | clone_script: &get_gosrc |
cd /tmp cd /tmp
@@ -443,6 +451,7 @@ swagger_task:
GCPJSON: ENCRYPTED[927dc01e755eaddb4242b0845cf86c9098d1e3dffac38c70aefb1487fd8b4fe6dd6ae627b3bffafaba70e2c63172664e] GCPJSON: ENCRYPTED[927dc01e755eaddb4242b0845cf86c9098d1e3dffac38c70aefb1487fd8b4fe6dd6ae627b3bffafaba70e2c63172664e]
GCPNAME: ENCRYPTED[c145e9c16b6fb88d476944a454bf4c1ccc84bb4ecaca73bdd28bdacef0dfa7959ebc8171a27b2e4064d66093b2cdba49] GCPNAME: ENCRYPTED[c145e9c16b6fb88d476944a454bf4c1ccc84bb4ecaca73bdd28bdacef0dfa7959ebc8171a27b2e4064d66093b2cdba49]
GCPPROJECT: 'libpod-218412' GCPPROJECT: 'libpod-218412'
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main
@@ -536,6 +545,7 @@ docker-py_test_task:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: docker-py TEST_FLAVOR: docker-py
TEST_ENVIRON: container TEST_ENVIRON: container
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main
@@ -568,6 +578,7 @@ unit_test_task:
gce_instance: *standardvm gce_instance: *standardvm
env: env:
TEST_FLAVOR: unit TEST_FLAVOR: unit
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main
@@ -630,6 +641,7 @@ apiv2_test_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: apiv2 TEST_FLAVOR: apiv2
TEST_BUILD_TAGS: ""
matrix: matrix:
- env: - env:
PRIV_NAME: root PRIV_NAME: root
@@ -664,6 +676,7 @@ compose_test_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: compose_v2 TEST_FLAVOR: compose_v2
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main
@@ -736,6 +749,7 @@ container_integration_test_task:
env: env:
TEST_FLAVOR: int TEST_FLAVOR: int
TEST_ENVIRON: container TEST_ENVIRON: container
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main
@@ -780,6 +794,7 @@ podman_machine_task:
env: env:
EC2_INST_TYPE: "m5zn.metal" # Bare-metal instance is required EC2_INST_TYPE: "m5zn.metal" # Bare-metal instance is required
TEST_FLAVOR: "machine-linux" TEST_FLAVOR: "machine-linux"
TEST_BUILD_TAGS: ""
PRIV_NAME: "rootless" # intended use-case PRIV_NAME: "rootless" # intended use-case
DISTRO_NV: "${FEDORA_NAME}" DISTRO_NV: "${FEDORA_NAME}"
VM_IMAGE_NAME: "${FEDORA_AMI}" VM_IMAGE_NAME: "${FEDORA_AMI}"
@@ -799,6 +814,7 @@ podman_machine_aarch64_task:
timeout_in: 30m timeout_in: 30m
env: env:
TEST_FLAVOR: "machine-linux" TEST_FLAVOR: "machine-linux"
TEST_BUILD_TAGS: ""
EC2_INST_TYPE: c6g.metal EC2_INST_TYPE: c6g.metal
PRIV_NAME: "rootless" # intended use-case PRIV_NAME: "rootless" # intended use-case
DISTRO_NV: "${FEDORA_AARCH64_NAME}" DISTRO_NV: "${FEDORA_AARCH64_NAME}"
@@ -954,6 +970,7 @@ local_system_test_aarch64_task: &local_system_test_task_aarch64
env: env:
<<: *stdenvars_aarch64 <<: *stdenvars_aarch64
TEST_FLAVOR: sys TEST_FLAVOR: sys
TEST_BUILD_TAGS: ""
DISTRO_NV: ${FEDORA_AARCH64_NAME} DISTRO_NV: ${FEDORA_AARCH64_NAME}
clone_script: *get_gosrc_aarch64 clone_script: *get_gosrc_aarch64
setup_script: *setup setup_script: *setup
@@ -1031,6 +1048,7 @@ farm_test_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: farm TEST_FLAVOR: farm
TEST_BUILD_TAGS: ""
PRIV_NAME: rootless PRIV_NAME: rootless
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
@@ -1053,6 +1071,7 @@ buildah_bud_test_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: bud TEST_FLAVOR: bud
TEST_BUILD_TAGS: ""
matrix: matrix:
- env: - env:
PODBIN_NAME: podman PODBIN_NAME: podman
@@ -1090,6 +1109,7 @@ upgrade_test_task:
gce_instance: *standardvm gce_instance: *standardvm
env: env:
TEST_FLAVOR: upgrade_test TEST_FLAVOR: upgrade_test
TEST_BUILD_TAGS: ""
DISTRO_NV: ${FEDORA_NAME} DISTRO_NV: ${FEDORA_NAME}
VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
# Never force a DB, let the old version decide its default # Never force a DB, let the old version decide its default
@@ -1238,6 +1258,7 @@ release_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: release TEST_FLAVOR: release
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main
@@ -1265,6 +1286,7 @@ release_test_task:
env: env:
<<: *stdenvars <<: *stdenvars
TEST_FLAVOR: release TEST_FLAVOR: release
TEST_BUILD_TAGS: ""
clone_script: *get_gosrc clone_script: *get_gosrc
setup_script: *setup setup_script: *setup
main_script: *main main_script: *main

2
Makefile
View File

@@ -56,6 +56,7 @@ SYSTEMDDIR ?= ${LIBDIR}/systemd/system
USERSYSTEMDDIR ?= ${LIBDIR}/systemd/user USERSYSTEMDDIR ?= ${LIBDIR}/systemd/user
SYSTEMDGENERATORSDIR ?= ${LIBDIR}/systemd/system-generators SYSTEMDGENERATORSDIR ?= ${LIBDIR}/systemd/system-generators
USERSYSTEMDGENERATORSDIR ?= ${LIBDIR}/systemd/user-generators USERSYSTEMDGENERATORSDIR ?= ${LIBDIR}/systemd/user-generators
SEQUOIA_SONAME_DIR =
REMOTETAGS ?= remote exclude_graphdriver_btrfs containers_image_openpgp REMOTETAGS ?= remote exclude_graphdriver_btrfs containers_image_openpgp
BUILDTAGS ?= \ BUILDTAGS ?= \
grpcnotrace \ grpcnotrace \
@@ -131,6 +132,7 @@ LDFLAGS_PODMAN ?= \
-X $(LIBPOD)/config._installPrefix=$(PREFIX) \ -X $(LIBPOD)/config._installPrefix=$(PREFIX) \
-X $(LIBPOD)/config._etcDir=$(ETCDIR) \ -X $(LIBPOD)/config._etcDir=$(ETCDIR) \
-X $(PROJECT)/v5/pkg/systemd/quadlet._binDir=$(BINDIR) \ -X $(PROJECT)/v5/pkg/systemd/quadlet._binDir=$(BINDIR) \
-X go.podman.io/image/v5/signature/internal/sequoia.sequoiaLibraryDir='"$(SEQUOIA_SONAME_DIR)"' \
-X go.podman.io/common/pkg/config.additionalHelperBinariesDir=$(HELPER_BINARIES_DIR)\ -X go.podman.io/common/pkg/config.additionalHelperBinariesDir=$(HELPER_BINARIES_DIR)\
$(EXTRA_LDFLAGS) $(EXTRA_LDFLAGS)
LDFLAGS_PODMAN_STATIC ?= \ LDFLAGS_PODMAN_STATIC ?= \

5
contrib/cirrus/runner.sh
View File

@@ -213,7 +213,8 @@ function _run_build() {
# Ensure always start from clean-slate with all vendor modules downloaded # Ensure always start from clean-slate with all vendor modules downloaded
showrun make clean showrun make clean
showrun make vendor showrun make vendor
showrun make -j $(nproc) --output-sync=target podman-release # includes podman, podman-remote, and docs # shellcheck disable=SC2154
showrun make -j $(nproc) --output-sync=target podman-release EXTRA_BUILDTAGS="$TEST_BUILD_TAGS" # includes podman, podman-remote, and docs
# There's no reason to validate-binaries across multiple linux platforms # There's no reason to validate-binaries across multiple linux platforms
# shellcheck disable=SC2154 # shellcheck disable=SC2154
@@ -416,7 +417,7 @@ dotest() {
die "The CI test TMPDIR is not on a tmpfs mount, we need tmpfs to make the tests faster" die "The CI test TMPDIR is not on a tmpfs mount, we need tmpfs to make the tests faster"
fi fi
showrun make ${localremote}${testsuite} PODMAN_SERVER_LOG=$PODMAN_SERVER_LOG \ showrun make ${localremote}${testsuite} PODMAN_SERVER_LOG=$PODMAN_SERVER_LOG EXTRA_BUILDTAGS="$TEST_BUILD_TAGS" \
|& logformatter |& logformatter
# FIXME: https://github.com/containers/podman/issues/22642 # FIXME: https://github.com/containers/podman/issues/22642

4
contrib/cirrus/setup_environment.sh
View File

@@ -422,11 +422,11 @@ case "$TEST_FLAVOR" in
die "Refusing to config. host-test in container"; die "Refusing to config. host-test in container";
fi fi
remove_packaged_podman_files remove_packaged_podman_files
make install PREFIX=/usr ETCDIR=/etc make install PREFIX=/usr ETCDIR=/etc EXTRA_BUILDTAGS="$TEST_BUILD_TAGS"
elif [[ "$TEST_ENVIRON" == "container" ]]; then elif [[ "$TEST_ENVIRON" == "container" ]]; then
if ((CONTAINER)); then if ((CONTAINER)); then
remove_packaged_podman_files remove_packaged_podman_files
make install PREFIX=/usr ETCDIR=/etc make install PREFIX=/usr ETCDIR=/etc EXTRA_BUILDTAGS="$TEST_BUILD_TAGS"
fi fi
else else
die "Invalid value for \$TEST_ENVIRON=$TEST_ENVIRON" die "Invalid value for \$TEST_ENVIRON=$TEST_ENVIRON"