diff --git a/.github/workflows/bot_commands.yml b/.github/workflows/bot_commands.yml index ed19f19..2148cd3 100644 --- a/.github/workflows/bot_commands.yml +++ b/.github/workflows/bot_commands.yml @@ -55,6 +55,9 @@ jobs: with: pr: ${{ github.event.issue.number }} parent_job_name: Run Build Container + secrets: + RH_REPO: ${{ secrets.RH_REPO }} + RH_ENT: ${{ secrets.RH_ENT }} run_build_iso: name: Run Build Container diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 8646626..621eaeb 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -7,6 +7,12 @@ on: parent_job_name: required: true type: string + secrets: + RH_REPO: + required: true + RH_ENT: + required: true + jobs: @@ -23,7 +29,19 @@ jobs: contents: read packages: write statuses: write - + continue-on-error: false + strategy: + fail-fast: false + matrix: + os: + - registry.fedoraproject.org/fedora + - registry.access.redhat.com/ubi8/ubi + include: + - os: registry.fedoraproject.org/fedora + tag: 39 + - os: registry.access.redhat.com/ubi8/ubi + tag: latest + append: ubi steps: - name: Checkout uses: actions/checkout@v4 @@ -67,7 +85,7 @@ jobs: uses: docker/metadata-action@v5 with: images: | - ghcr.io/${{ github.repository }} + ghcr.io/${{ github.repository }}${{ matrix.append && format('-{0}', matrix.append) }} tags: | type=ref,event=branch type=ref,event=pr @@ -80,10 +98,19 @@ jobs: uses: docker/metadata-action@v5 with: images: | - ghcr.io/${{ github.repository }} + ghcr.io/${{ github.repository }}${{ matrix.append && format('-{0}', matrix.append) }} tags: | pr-${{ inputs.pr }} + - name: Get UBI Subs + if: matrix.append == 'ubi' + uses: actions/checkout@v4 + with: + repository: ${{ secrets.RH_REPO }} + ssh-key: ${{ secrets.RH_ENT }} + persist-credentials: false + path: ubi + - name: Buildah Build id: build-image uses: redhat-actions/buildah-build@v2 @@ -91,6 +118,11 @@ jobs: containerfiles: Containerfile tags: ${{ steps.meta.outputs.tags || steps.meta_pr.outputs.tags }} labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} + build-args: | + BASE_IMAGE=${{ matrix.os }} + IMAGE_VERSION=${{ matrix.tag }} + extra-args: | + ${{ matrix.append == 'ubi' && format('--volume={0}/ubi:/run/secrets', github.workspace) || ''}} - name: Push image uses: redhat-actions/push-to-registry@v2 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index dabc918..031103b 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -35,6 +35,9 @@ jobs: with: pr: ${{ inputs.pr }} parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build Container + secrets: + RH_REPO: ${{ secrets.RH_REPO }} + RH_ENT: ${{ secrets.RH_ENT }} build_iso: name: Build ISO diff --git a/Containerfile b/Containerfile index e77fa97..00234ef 100644 --- a/Containerfile +++ b/Containerfile @@ -1,4 +1,6 @@ -FROM registry.fedoraproject.org/fedora:39 +ARG BASE_IMAGE +ARG IMAGE_VERSION +FROM ${BASE_IMAGE}:${IMAGE_VERSION} ARG VERSION=39 diff --git a/action.yml b/action.yml index cec8763..df3fba9 100644 --- a/action.yml +++ b/action.yml @@ -140,7 +140,7 @@ runs: shell: bash run: | image=$(echo "ghcr.io/${ACTION_REPO}" | tr [:upper:] [:lower:]) - # Check if running inside01 of the action repo + # Check if running inside of the action repo if [[ -z "${ACTION_REPO}" ]] then image=$(echo "ghcr.io/${{ github.repository }}" | tr [:upper:] [:lower:]) @@ -183,6 +183,11 @@ runs: then volumes="--volume ${{ inputs.secrets_dir }}:/run/secrets" fi + # RHEL + if [[ ${{ inputs.version }} -lt 30 ]] + then + image=${image}-ubi + fi docker run --privileged ${volumes} --volume ${{ github.workspace }}:/github/workspace/ ${cache} ${image}:${tag} \ ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \ ARCH="${{ inputs.arch }}" \