Last active
June 26, 2020 21:12
-
-
Save bh7cw/8f9ed64121b8b39450e8e07191c74206 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I am trying to tackle this issue https://issues.redhat.com/browse/GRPA-2086 | |
This is my commit in cosa https://github.com/bh7cw/coreos-assembler/commit/1cf18ba390af2083b16516b9a6da9ac9d446041e | |
Then, I tested the code: | |
1) create a trigger on quay.io to build image after Git repo is pushed https://quay.io/repository/bh7cw/coreos-assembler?tab=builds | |
2) Run the cosa on local machine: | |
cosa file: | |
#!/usr/bin/env bash | |
# this script will use podman, but docker will work too | |
rpm -qa | grep -q podman || (echo "podman not installed!" ; exit 1) | |
# checks if cosa image was pulled previously | |
podman image exists quay.io/bh7cw/coreos-assembler || \ | |
podman pull quay.io/bh7cw/coreos-assembler | |
# create a tmp directory for storing builds | |
mkdir -p rhcos && cd rhcos | |
# define the _real_ cosa command | |
cosa() { | |
env | grep COREOS_ASSEMBLER | |
set -x | |
podman run --rm -ti --security-opt label=disable --privileged \ | |
--uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 \ | |
-v ${PWD}:/srv/ --device /dev/kvm --device /dev/fuse \ | |
--tmpfs /tmp -v /var/tmp:/var/tmp --name cosa \ | |
${COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro} \ | |
${COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro} \ | |
${COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS} \ | |
${COREOS_ASSEMBLER_CONTAINER:-quay.io/bh7cw/coreos-assembler:latest} "$@" | |
rc=$?; set +x; return $rc | |
} | |
# run the cosa container and run shell | |
cosa shell | |
# execute commands: | |
chmod +x cosa | |
./cosa | |
# build the rhcos: | |
sudo curl -kL -o /etc/pki/ca-trust/source/anchors/Red_Hat_IT_Root_CA.crt https://password.corp.redhat.com/RH-IT-Root-CA.crt | |
sudo update-ca-trust | |
# fetch the Red Hat CoreOS configuration | |
cosa init https://gitlab.cee.redhat.com/coreos/redhat-coreos.git | |
cosa fetch | |
cosa build | |
3)upload oscontainer and inspect: | |
cosa upload-oscontainer --name oci:/tmp/testing --from registry.access.redhat.com/ubi8/ubi:latest | |
skopeo inspect oci:/tmp/testing | |
Expected result: | |
show "com.coreos.coreos-assembler-commit" and "com.coreos.redhat-coreos-commit" Labels. | |
Got result: | |
[coreos-assembler]$ cosa upload-oscontainer --name oci:/tmp/testing --from registry.access.redhat.com/ubi8/ubi:latest | |
Preparing to upload oscontainer for build: 46.82.202006262035-0 | |
+ /usr/bin/ostree checkout --repo /srv/tmp/repo --user-mode --subpath=/usr/lib/os-release 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 tmp/usrlib-osrelease | |
Using nested container mode due to container environment variable | |
Getting image source signatures | |
Copying blob 264aaa453271 done | |
Copying blob 7f24bdb73d53 done | |
Copying config a523835cfc done | |
Writing manifest to image destination | |
Storing signatures | |
Copying ostree commit into container: 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 ... | |
+ ostree --repo=/srv/tmp/containers-storage/vfs/dir/27657ba7b9c1261c620f56c34c5ee1d651fcf44ece8e99bff4250d74a4ad3612/srv/repo pull-local /srv/tmp/repo 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 | |
7680 metadata, 30974 content objects imported | |
1cf18ba390af2083b16516b9a6da9ac9d446041e | |
2f28461010ad4f0f2420108dab219f4c58907ecb | |
+ buildah --root=./tmp/containers-storage --storage-driver vfs config --entrypoint [\"/noentry\"] -l com.coreos.ostree-commit=54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 -l version=46.82.202006262035-0 -l com.coreos.coreos-assembler-commit=1cf18ba390af2083b16516b9a6da9ac9d446041e -l com.coreos.redhat-coreos-commit=2f28461010ad4f0f2420108dab219f4c58907ecb -l "io.openshift.build.version-display-names=machine-os=Red Hat Enterprise Linux CoreOS" -l io.openshift.build.versions=machine-os=46.82.202006262035-0 ubi-working-container | |
Committing container... | |
Getting image source signatures | |
Copying blob f9327c1608ad done | |
Copying blob 449675ca11bc done | |
Copying blob f7da2ed23cb9 [======================================] 800.3MiB / 800.3MiB | |
Copying config eff1667a25 done | |
Writing manifest to image destination | |
Storing signatures | |
oci:/tmp/testing:46.82.202006262035-0 | |
Pushing container | |
+ podman --root=./tmp/containers-storage --storage-driver vfs push --tls-verify oci:/tmp/testing:46.82.202006262035-0 --digestfile=tmp/oscontainer-digest | |
Error: invalid reference format | |
Traceback (most recent call last): | |
File "/usr/lib/coreos-assembler/oscontainer.py", line 326, in <module> | |
main() | |
File "/usr/lib/coreos-assembler/oscontainer.py", line 310, in main | |
oscontainer_build( | |
File "/usr/lib/coreos-assembler/oscontainer.py", line 244, in oscontainer_build | |
run_verbose(podCmd) | |
File "/usr/lib/coreos-assembler/oscontainer.py", line 67, in run_verbose | |
subprocess.check_call(args, **kwargs) | |
File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call | |
raise CalledProcessError(retcode, cmd) | |
subprocess.CalledProcessError: Command '['podman', '--root=./tmp/containers-storage', '--storage-driver', 'vfs', 'push', '--tls-verify', 'oci:/tmp/testing:46.82.202006262035-0', '--digestfile=tmp/oscontainer-digest']' returned non-zero exit status 125. | |
Traceback (most recent call last): | |
File "/usr/lib/coreos-assembler/cmd-upload-oscontainer", line 88, in <module> | |
subprocess.check_call(cosa_argv + | |
File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call | |
raise CalledProcessError(retcode, cmd) | |
subprocess.CalledProcessError: Command '['sudo', '--preserve-env=container,REGISTRY_AUTH_FILE', '/usr/lib/coreos-assembler/oscontainer.py', '--workdir=./tmp', 'build', '--from=registry.access.redhat.com/ubi8/ubi:latest', '--display-name=Red Hat Enterprise Linux CoreOS', '--digestfile=tmp/oscontainer-digest', '--push', '/srv/tmp/repo', '54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6', 'oci:/tmp/testing:46.82.202006262035-0']' returned non-zero exit status 1. | |
[coreos-assembler]$ skopeo inspect oci:/tmp/testing | |
{ | |
"Digest": "sha256:3bf27d318a413ab3b620e6238098d2af23b4f55cedc16d6ba8a25d81d118ed26", | |
"RepoTags": [], | |
"Created": "2020-06-26T20:42:11.593068864Z", | |
"DockerVersion": "", | |
"Labels": { | |
"architecture": "x86_64", | |
"build-date": "2020-06-22T07:30:14.481393", | |
"com.coreos.coreos-assembler-commit": "1cf18ba390af2083b16516b9a6da9ac9d446041e", | |
"com.coreos.ostree-commit": "54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6", | |
"com.coreos.redhat-coreos-commit": "2f28461010ad4f0f2420108dab219f4c58907ecb", | |
"com.redhat.build-host": "cpt-1003.osbs.prod.upshift.rdu2.redhat.com", | |
"com.redhat.component": "ubi8-container", | |
"com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", | |
"description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", | |
"distribution-scope": "public", | |
"io.buildah.version": "1.14.9", | |
"io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", | |
"io.k8s.display-name": "Red Hat Universal Base Image 8", | |
"io.openshift.build.version-display-names": "machine-os=Red Hat Enterprise Linux CoreOS", | |
"io.openshift.build.versions": "machine-os=46.82.202006262035-0", | |
"io.openshift.expose-services": "", | |
"io.openshift.tags": "base rhel8", | |
"maintainer": "Red Hat, Inc.", | |
"name": "ubi8", | |
"release": "299.1592810498", | |
"summary": "Provides the latest release of Red Hat Universal Base Image 8.", | |
"url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/images/8.2-299.1592810498", | |
"vcs-ref": "2f70d2e5b96ea67813c0f06b74a23775a118e7db", | |
"vcs-type": "git", | |
"vendor": "Red Hat, Inc.", | |
"version": "46.82.202006262035-0" | |
}, | |
"Architecture": "amd64", | |
"Os": "linux", | |
"Layers": [ | |
"sha256:f9327c1608ad0ae79b5f4a4c47eda907a980ea9640c70e6036811ea76d641249", | |
"sha256:449675ca11bc217d5066dcce0a7dcb774bc87cb2553a8f137bc875cb5dddf4d4", | |
"sha256:f7da2ed23cb9ebbbfce98c6b394f550f1597295bdff4caf58c0e4dd4a3cd9523" | |
], | |
"Env": [ | |
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", | |
"container=oci" | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment