Fix shell linter #33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: RHEL | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| DRY_RUN: ${{ github.event_name == 'pull_request' && '1' || '' }} | |
| FOUNDRY_IMAGE: ghcr.io/${{ github.repository }}/foundry:${{ github.ref == 'refs/heads/main' && 'latest' || github.sha }} | |
| FOUNDRY_IMAGE_HEAD: ghcr.io/${{ github.repository }}/foundry:latest | |
| CACHE_IMAGE: ghcr.io/${{ github.repository }}/cache | |
| jobs: | |
| build-container: | |
| name: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Podman | |
| run: | | |
| sudo apt-get -qq update | |
| sudo apt-get -qq install -y podman | |
| - name: Log in to registry.redhat.io | |
| env: | |
| RHSM_USERNAME: ${{ secrets.RHSM_USERNAME }} | |
| RHSM_PASSWORD: ${{ secrets.RHSM_PASSWORD }} | |
| run: | | |
| echo "$RHSM_PASSWORD" | podman login -u "$RHSM_USERNAME" --password-stdin registry.redhat.io | |
| - name: Log in to GHCR | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | podman login -u "${{ github.actor }}" --password-stdin ghcr.io | |
| - name: Pull foundry image (build cache from latest) | |
| run: podman pull "${{ env.FOUNDRY_IMAGE_HEAD }}" 2>/dev/null || true | |
| - name: Build foundry image | |
| run: | | |
| podman build \ | |
| --build-arg UPSTREAM="true" \ | |
| -f Containerfile.foundry \ | |
| -t "${{ env.FOUNDRY_IMAGE }}" . | |
| - name: Push foundry image | |
| run: | | |
| podman push "${{ env.FOUNDRY_IMAGE }}" | |
| run-matrix: | |
| name: build-rhel-${{ matrix.rhel }} | |
| runs-on: ubuntu-latest | |
| needs: build-container | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - rhel: "9" | |
| script: matrix-rhel9.sh | |
| tag_suffix: rhel-bootc-9 | |
| - rhel: "10" | |
| script: matrix-rhel10.sh | |
| tag_suffix: rhel-bootc-10 | |
| steps: | |
| - name: Free Disk Space | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| tool-cache: true | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| swap-storage: true | |
| - name: Install Podman | |
| run: | | |
| sudo apt-get -qq update | |
| sudo apt-get -qq install -y podman | |
| - name: Log in to GHCR | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | sudo podman login -u "${{ github.actor }}" --password-stdin ghcr.io | |
| - name: Pull foundry image | |
| run: sudo podman pull "${{ env.FOUNDRY_IMAGE }}" | |
| - name: Register RHSM and run matrix build | |
| env: | |
| RHSM_ORG: ${{ secrets.RHSM_ORG }} | |
| RHSM_ACTIVATIONKEY: ${{ secrets.RHSM_ACTIVATIONKEY }} | |
| RHSM_USERNAME: ${{ secrets.RHSM_USERNAME }} | |
| RHSM_PASSWORD: ${{ secrets.RHSM_PASSWORD }} | |
| REPO_USERNAME: ${{ github.actor }} | |
| REPO_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| CACHE_USERNAME: ${{ github.actor }} | |
| CACHE_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
| CACHE_IMAGE: ${{ env.CACHE_IMAGE }} | |
| STORAGE_DRIVER: overlay | |
| STORAGE_OPTS: "overlay.mount_program=/usr/bin/fuse-overlayfs" | |
| BUILDAH_ISOLATION: chroot | |
| run: | | |
| IMAGE="$CACHE_IMAGE:${{ matrix.tag_suffix }}" | |
| sudo podman run --rm --privileged --cap-add all --device /dev/fuse:rw \ | |
| --security-opt label=disable --security-opt seccomp=unconfined \ | |
| -e "RHSM_ORG=$RHSM_ORG" -e "RHSM_ACTIVATIONKEY=$RHSM_ACTIVATIONKEY" \ | |
| -e "RHSM_USERNAME=$RHSM_USERNAME" -e "RHSM_PASSWORD=$RHSM_PASSWORD" \ | |
| -e "REPO_USERNAME=$REPO_USERNAME" -e "REPO_PASSWORD=$REPO_PASSWORD" \ | |
| -e "CACHE_IMAGE=$CACHE_IMAGE" -e "CACHE_USERNAME=$CACHE_USERNAME" -e "CACHE_PASSWORD=$CACHE_PASSWORD" \ | |
| -e "STORAGE_DRIVER=$STORAGE_DRIVER" -e "STORAGE_OPTS=$STORAGE_OPTS" -e "BUILDAH_ISOLATION=$BUILDAH_ISOLATION" \ | |
| -e "DRY_RUN=$DRY_RUN" \ | |
| "${{ env.FOUNDRY_IMAGE }}" \ | |
| ${{ matrix.script }} "$IMAGE" |