Install awscli2 only on RH cluster #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: RHEL | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| DRY_RUN: ${{ github.event_name == 'pull_request' && '1' || '' }} | |
| FOUNDRY_IMAGE: ghcr.io/${{ github.repository }}/foundry:${{ github.ref == 'refs/heads/main' && 'latest' || github.sha }} | |
| FOUNDRY_IMAGE_HEAD: ghcr.io/${{ github.repository }}/foundry:latest | |
| # private cache registry | |
| CACHE_IMAGE: ghcr.io/${{ github.repository }}/cache | |
| jobs: | |
| build-container: | |
| name: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Podman | |
| run: | | |
| sudo apt-get -qq update | |
| sudo apt-get -qq install -y podman | |
| - name: Log in to registry.redhat.io | |
| env: | |
| RHSM_USERNAME: ${{ secrets.RHSM_USERNAME }} | |
| RHSM_PASSWORD: ${{ secrets.RHSM_PASSWORD }} | |
| run: | | |
| echo "$RHSM_PASSWORD" | podman login -u "$RHSM_USERNAME" --password-stdin registry.redhat.io | |
| - name: Log in to GHCR | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | podman login -u "${{ github.actor }}" --password-stdin ghcr.io | |
| - name: Pull foundry image (build cache from latest) | |
| run: podman pull "${{ env.FOUNDRY_IMAGE_HEAD }}" 2>/dev/null || true | |
| - name: Build foundry image | |
| run: | | |
| podman build \ | |
| --build-arg UPSTREAM="true" \ | |
| -f Containerfile.foundry \ | |
| -t "${{ env.FOUNDRY_IMAGE }}" . | |
| # Always push foundry image so run-matrix can pull it; DRY_RUN only skips push inside the container (build-and-push.sh / generate-manifests.sh) | |
| - name: Push foundry image | |
| run: | | |
| podman push "${{ env.FOUNDRY_IMAGE }}" | |
| run-matrix: | |
| name: build-rhel-${{ matrix.rhel }} | |
| runs-on: ubuntu-latest | |
| needs: build-container | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - rhel: "9" | |
| script: matrix-rhel9.sh | |
| tag_suffix: rhel-bootc-9 | |
| - rhel: "10" | |
| script: matrix-rhel10.sh | |
| tag_suffix: rhel-bootc-10 | |
| steps: | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| swap-storage: true | |
| - name: Install Podman | |
| run: | | |
| sudo apt-get -qq update | |
| sudo apt-get -qq install -y podman | |
| - name: Log in to GHCR | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | sudo podman login -u "${{ github.actor }}" --password-stdin ghcr.io | |
| - name: Pull foundry image | |
| run: sudo podman pull "${{ env.FOUNDRY_IMAGE }}" | |
| - name: Register RHSM and run matrix build | |
| env: | |
| RHSM_ORG: ${{ secrets.RHSM_ORG }} | |
| RHSM_ACTIVATIONKEY: ${{ secrets.RHSM_ACTIVATIONKEY }} | |
| RHSM_USERNAME: ${{ secrets.RHSM_USERNAME }} | |
| RHSM_PASSWORD: ${{ secrets.RHSM_PASSWORD }} | |
| REPO_USERNAME: ${{ github.actor }} | |
| REPO_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| CACHE_USERNAME: ${{ github.actor }} | |
| CACHE_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| CACHE_IMAGE: ${{ env.CACHE_IMAGE }} | |
| STORAGE_DRIVER: overlay | |
| STORAGE_OPTS: "overlay.mount_program=/usr/bin/fuse-overlayfs" | |
| BUILDAH_ISOLATION: chroot | |
| run: | | |
| IMAGE="$CACHE_IMAGE:${{ matrix.tag_suffix }}" | |
| sudo podman run --rm --privileged --cap-add all --device /dev/fuse:rw \ | |
| --security-opt label=disable --security-opt seccomp=unconfined \ | |
| -e "RHSM_ORG=$RHSM_ORG" -e "RHSM_ACTIVATIONKEY=$RHSM_ACTIVATIONKEY" \ | |
| -e "RHSM_USERNAME=$RHSM_USERNAME" -e "RHSM_PASSWORD=$RHSM_PASSWORD" \ | |
| -e "CACHE_IMAGE=$CACHE_IMAGE" -e "CACHE_USERNAME=$CACHE_USERNAME" -e "CACHE_PASSWORD=$CACHE_PASSWORD" \ | |
| -e "STORAGE_DRIVER=$STORAGE_DRIVER" -e "STORAGE_OPTS=$STORAGE_OPTS" -e "BUILDAH_ISOLATION=$BUILDAH_ISOLATION" \ | |
| -e "DRY_RUN=$DRY_RUN" \ | |
| "${{ env.FOUNDRY_IMAGE }}" \ | |
| ${{ matrix.script }} "$IMAGE" |