ci: Build latest podman+skopeo

.github/workflows/ci.yml

@@ -15,123 +15,151 @@ env:
 
 jobs:
   tests:
-    runs-on: ubuntu-latest
-    container: quay.io/coreos-assembler/fcos-buildroot:testing-devel
-    steps:
-      - uses: actions/checkout@v3
-      - name: Install deps
-        run: ./ci/installdeps.sh
-      # xref containers/containers-image-proxy-rs
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2
-        with:
-          key: "tests"
-      - name: cargo fmt (check)
-        run: cargo fmt -- --check -l
-      - name: Build
-        run: cargo test --no-run
-      - name: Build lib without default features
-        run: cd lib && cargo check --no-default-features
-      - name: Individual checks
-        run: (cd cli && cargo check) && (cd lib && cargo check)
-      - name: Lints
-        run: cargo xtask custom-lints
-      - name: Run tests
-        run: cargo test -- --nocapture --quiet
-      - name: Manpage generation
-        run: mkdir -p target/man && cargo run --features=docgen -- man --directory target/man
-      - name: Clippy (non-gating)
-        run: cargo clippy
-  build:
-    runs-on: ubuntu-latest
-    container: quay.io/coreos-assembler/fcos-buildroot:testing-devel
-    steps:
-      - uses: actions/checkout@v3
-      - name: Install deps
-        run: ./ci/installdeps.sh
-      - name: Cache Dependencies
-        uses: Swatinem/rust-cache@v2
-        with:
-          key: "build"
-      - name: Build
-        run: make test-bin-archive
-      - name: Upload binary
-        uses: actions/upload-artifact@v3
-        with:
-          name: bootc.tar.zst
-          path: target/bootc.tar.zst
-  cargo-deny:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-    - uses: EmbarkStudios/cargo-deny-action@v1
-      with:
-        log-level: warn
-        command: check bans sources licenses
-  privtest:
-    name: "Privileged testing"
-    needs: build
+  #   runs-on: ubuntu-latest
+  #   container: quay.io/coreos-assembler/fcos-buildroot:testing-devel
+  #   steps:
+  #     - uses: actions/checkout@v3
+  #     - name: Install deps
+  #       run: ./ci/installdeps.sh
+  #     # xref containers/containers-image-proxy-rs
+  #     - name: Cache Dependencies
+  #       uses: Swatinem/rust-cache@v2
+  #       with:
+  #         key: "tests"
+  #     - name: cargo fmt (check)
+  #       run: cargo fmt -- --check -l
+  #     - name: Build
+  #       run: cargo test --no-run
+  #     - name: Build lib without default features
+  #       run: cd lib && cargo check --no-default-features
+  #     - name: Individual checks
+  #       run: (cd cli && cargo check) && (cd lib && cargo check)
+  #     - name: Lints
+  #       run: cargo xtask custom-lints
+  #     - name: Run tests
+  #       run: cargo test -- --nocapture --quiet
+  #     - name: Manpage generation
+  #       run: mkdir -p target/man && cargo run --features=docgen -- man --directory target/man
+  #     - name: Clippy (non-gating)
+  #       run: cargo clippy
+  # build:
+  #   runs-on: ubuntu-latest
+  #   container: quay.io/coreos-assembler/fcos-buildroot:testing-devel
+  #   steps:
+  #     - uses: actions/checkout@v3
+  #     - name: Install deps
+  #       run: ./ci/installdeps.sh
+  #     - name: Cache Dependencies
+  #       uses: Swatinem/rust-cache@v2
+  #       with:
+  #         key: "build"
+  #     - name: Build
+  #       run: make test-bin-archive
+  #     - name: Upload binary
+  #       uses: actions/upload-artifact@v3
+  #       with:
+  #         name: bootc.tar.zst
+  #         path: target/bootc.tar.zst
+  # cargo-deny:
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #   - uses: actions/checkout@v3
+  #   - uses: EmbarkStudios/cargo-deny-action@v1
+  #     with:
+  #       log-level: warn
+  #       command: check bans sources licenses
+  # privtest:
+  #   name: "Privileged testing"
+  #   needs: build
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: Checkout repository
+  #       uses: actions/checkout@v3
+  #     - name: Download
+  #       uses: actions/download-artifact@v3
+  #       with:
+  #         name: bootc.tar.zst
+  #     - name: Install
+  #       run: sudo tar -C / -xvf bootc.tar.zst
+  #     - name: Integration tests
+  #       run: sudo podman run --rm -ti --privileged -v /run/systemd:/run/systemd -v /:/run/host -v /usr/bin/bootc:/usr/bin/bootc --pid=host quay.io/fedora/fedora-coreos:testing-devel bootc internal-tests run-privileged-integration
+  # container-tests:
+  #   name: "Container testing"
+  #   needs: build
+  #   runs-on: ubuntu-latest
+  #   container: quay.io/fedora/fedora-coreos:testing-devel
+  #   steps:
+  #     - name: Download
+  #       uses: actions/download-artifact@v3
+  #       with:
+  #         name: bootc.tar.zst
+  #     - name: Install
+  #       run: sudo tar -C / -xvf bootc.tar.zst
+  #     - name: Integration tests
+  #       run: bootc internal-tests run-container-integration
+  build-latest-containers:
+    name: "Build skopeo and podman"
     runs-on: ubuntu-latest
     steps:
+      - run: apt update && apt builddep skopeo podman
       - name: Checkout repository
         uses: actions/checkout@v3
-      - name: Download
-        uses: actions/download-artifact@v3
         with:
-          name: bootc.tar.zst
-      - name: Install
-        run: sudo tar -C / -xvf bootc.tar.zst
-      - name: Integration tests
-        run: sudo podman run --rm -ti --privileged -v /run/systemd:/run/systemd -v /:/run/host -v /usr/bin/bootc:/usr/bin/bootc --pid=host quay.io/fedora/fedora-coreos:testing-devel bootc internal-tests run-privileged-integration
-  container-tests:
-    name: "Container testing"
-    needs: build
-    runs-on: ubuntu-latest
-    container: quay.io/fedora/fedora-coreos:testing-devel
-    steps:
-      - name: Download
-        uses: actions/download-artifact@v3
+          repository: containers/skopeo
+          path: skopeo
+          tag: v1.13.3
+      - name: Build skopeo
+        run: cd skopeo && make PREFIX=/usr && make install PREFIX=/usr DESTDIR=$(pwd)/../inst && cd ../ && rm skopeo -rf
+      - name: Checkout repository
+        uses: actions/checkout@v3
         with:
-          name: bootc.tar.zst
-      - name: Install
-        run: sudo tar -C / -xvf bootc.tar.zst
-      - name: Integration tests
-        run: bootc internal-tests run-container-integration
-  privtest-alongside:
-    name: "Test install-alongside"
-    needs: build
-    runs-on: ubuntu-latest
-    steps:
-      - name: Download
-        uses: actions/download-artifact@v3
+          repository: containers/podman
+          path: podman
+          tag: v4.7.2
+      - name: Build podman
+        run: cd podman && make PREFIX=/usr && make install PREFIX=/usr DESTDIR=$(pwd)/../inst && cd ../ && rm podman -rf
+      - name: Archive containers
+        run: tar -C inst -czf containers.tar.gz .
+      - name: Upload 
+        uses: actions/upload-artifact@v3
         with:
-          name: bootc.tar.zst
-      - name: Install
-        run: tar -xvf bootc.tar.zst && sha256sum usr/bin/bootc > bootc.sha256sum
-      #- name: Update host skopeo
-      #  run: |
-      #    echo 'deb http://cz.archive.ubuntu.com/ubuntu lunar main universe' | sudo tee -a /etc/apt/sources.list
-      #    sudo apt update
-      #    sudo apt upgrade skopeo
-      - name: Build derived image
-        run: |
-          mkdir -p usr/lib/bootc/install
-          cat > usr/lib/bootc/install/50-test-kargs.toml << 'EOF'
-          [install]
-          kargs = ["localtestkarg=somevalue", "otherlocalkarg=42"]
-          EOF
-          cat >Containerfile << 'EOF'
-          FROM quay.io/centos-boot/fedora-tier-1:eln
-          COPY usr usr
-          EOF
-          sudo podman build -t localhost/testimage .
-      - name: Setup tmate session
-        uses: mxschmitt/action-tmate@v3
-      - name: Integration tests
-        run: |
-          set -xeuo pipefail
-          sudo podman run --rm -ti --privileged -v /:/target --pid=host --security-opt label=disable \
-            localhost/testimage env RUST_LOG=error,bootc_lib::install=debug bootc install-to-filesystem --skip-fetch-check --target-no-signature-verification \
-            --karg=foo=bar --disable-selinux --replace=alongside /target
-          sudo grep foo=bar /boot/loader/entries/*.conf
-          sudo grep localtestkarg=somevalue /boot/loader/entries/*.conf
+          name: containers.tar.gz
+          path: containers.tar.gz
+  # privtest-alongside:
+  #   name: "Test install-alongside"
+  #   needs: build
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: Download
+  #       uses: actions/download-artifact@v3
+  #       with:
+  #         name: bootc.tar.zst
+  #     - name: Install
+  #       run: tar -xvf bootc.tar.zst && sha256sum usr/bin/bootc > bootc.sha256sum
+  #     #- name: Update host skopeo
+  #     #  run: |
+  #     #    echo 'deb http://cz.archive.ubuntu.com/ubuntu lunar main universe' | sudo tee -a /etc/apt/sources.list
+  #     #    sudo apt update
+  #     #    sudo apt upgrade skopeo
+  #     - name: Build derived image
+  #       run: |
+  #         mkdir -p usr/lib/bootc/install
+  #         cat > usr/lib/bootc/install/50-test-kargs.toml << 'EOF'
+  #         [install]
+  #         kargs = ["localtestkarg=somevalue", "otherlocalkarg=42"]
+  #         EOF
+  #         cat >Containerfile << 'EOF'
+  #         FROM quay.io/centos-boot/fedora-tier-1:eln
+  #         COPY usr usr
+  #         EOF
+  #         sudo podman build -t localhost/testimage .
+  #     - name: Setup tmate session
+  #       uses: mxschmitt/action-tmate@v3
+  #     - name: Integration tests
+  #       run: |
+  #         set -xeuo pipefail
+  #         sudo podman run --rm -ti --privileged -v /:/target --pid=host --security-opt label=disable \
+  #           localhost/testimage env RUST_LOG=error,bootc_lib::install=debug bootc install-to-filesystem --skip-fetch-check --target-no-signature-verification \
+  #           --karg=foo=bar --disable-selinux --replace=alongside /target
+  #         sudo grep foo=bar /boot/loader/entries/*.conf
+  #         sudo grep localtestkarg=somevalue /boot/loader/entries/*.conf