bh7cw/add cosa and rhcos commit

## add cosa and rhcos commit
I am trying to tackle this issue https://issues.redhat.com/browse/GRPA-2086
This is my commit in cosa https://github.com/bh7cw/coreos-assembler/commit/1cf18ba390af2083b16516b9a6da9ac9d446041e
Then, I tested the code:
1) create a trigger on quay.io to build image after Git repo is pushed https://quay.io/repository/bh7cw/coreos-assembler?tab=builds
2) Run the cosa on local machine:
    cosa file:
        #!/usr/bin/env bash

        # this script will use podman, but docker will work too
        rpm -qa | grep -q podman || (echo "podman not installed!" ; exit 1)

        # checks if cosa image was pulled previously
        podman image exists quay.io/bh7cw/coreos-assembler || \
          podman pull quay.io/bh7cw/coreos-assembler

        # create a tmp directory for storing builds
        mkdir -p rhcos && cd rhcos

        # define the _real_ cosa command
        cosa() {
           env | grep COREOS_ASSEMBLER
           set -x
           podman run --rm -ti --security-opt label=disable --privileged                                    \
                      --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536                          \
                      -v ${PWD}:/srv/ --device /dev/kvm --device /dev/fuse                                  \
                      --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa                                         \
                      ${COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro}   \
                      ${COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro}  \
                      ${COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS}                                            \
                      ${COREOS_ASSEMBLER_CONTAINER:-quay.io/bh7cw/coreos-assembler:latest} "$@"
           rc=$?; set +x; return $rc
        }

        # run the cosa container and run shell
        cosa shell

    # execute commands:
    chmod +x cosa
    ./cosa
    # build the rhcos:
    sudo curl -kL -o /etc/pki/ca-trust/source/anchors/Red_Hat_IT_Root_CA.crt https://password.corp.redhat.com/RH-IT-Root-CA.crt
    sudo update-ca-trust

    # fetch the Red Hat CoreOS configuration
    cosa init https://gitlab.cee.redhat.com/coreos/redhat-coreos.git
    cosa fetch
    cosa build

3)upload oscontainer and inspect:
    cosa upload-oscontainer --name oci:/tmp/testing --from registry.access.redhat.com/ubi8/ubi:latest
    skopeo inspect oci:/tmp/testing

Expected result:
show "com.coreos.coreos-assembler-commit" and "com.coreos.redhat-coreos-commit" Labels.

Got result:
[coreos-assembler]$ cosa upload-oscontainer --name oci:/tmp/testing --from registry.access.redhat.com/ubi8/ubi:latest
Preparing to upload oscontainer for build: 46.82.202006262035-0
+ /usr/bin/ostree checkout --repo /srv/tmp/repo --user-mode --subpath=/usr/lib/os-release 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 tmp/usrlib-osrelease
Using nested container mode due to container environment variable
Getting image source signatures
Copying blob 264aaa453271 done
Copying blob 7f24bdb73d53 done
Copying config a523835cfc done
Writing manifest to image destination
Storing signatures
Copying ostree commit into container: 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 ...
+ ostree --repo=/srv/tmp/containers-storage/vfs/dir/27657ba7b9c1261c620f56c34c5ee1d651fcf44ece8e99bff4250d74a4ad3612/srv/repo pull-local /srv/tmp/repo 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6
7680 metadata, 30974 content objects imported
1cf18ba390af2083b16516b9a6da9ac9d446041e
2f28461010ad4f0f2420108dab219f4c58907ecb
+ buildah --root=./tmp/containers-storage --storage-driver vfs config --entrypoint [\"/noentry\"] -l com.coreos.ostree-commit=54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 -l version=46.82.202006262035-0 -l com.coreos.coreos-assembler-commit=1cf18ba390af2083b16516b9a6da9ac9d446041e -l com.coreos.redhat-coreos-commit=2f28461010ad4f0f2420108dab219f4c58907ecb -l "io.openshift.build.version-display-names=machine-os=Red Hat Enterprise Linux CoreOS" -l io.openshift.build.versions=machine-os=46.82.202006262035-0 ubi-working-container
Committing container...
Getting image source signatures
Copying blob f9327c1608ad done
Copying blob 449675ca11bc done
Copying blob f7da2ed23cb9 [======================================] 800.3MiB / 800.3MiB
Copying config eff1667a25 done
Writing manifest to image destination
Storing signatures
oci:/tmp/testing:46.82.202006262035-0
Pushing container
+ podman --root=./tmp/containers-storage --storage-driver vfs push --tls-verify oci:/tmp/testing:46.82.202006262035-0 --digestfile=tmp/oscontainer-digest
Error: invalid reference format
Traceback (most recent call last):
  File "/usr/lib/coreos-assembler/oscontainer.py", line 326, in <module>
    main()
  File "/usr/lib/coreos-assembler/oscontainer.py", line 310, in main
    oscontainer_build(
  File "/usr/lib/coreos-assembler/oscontainer.py", line 244, in oscontainer_build
    run_verbose(podCmd)
  File "/usr/lib/coreos-assembler/oscontainer.py", line 67, in run_verbose
    subprocess.check_call(args, **kwargs)
  File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['podman', '--root=./tmp/containers-storage', '--storage-driver', 'vfs', 'push', '--tls-verify', 'oci:/tmp/testing:46.82.202006262035-0', '--digestfile=tmp/oscontainer-digest']' returned non-zero exit status 125.
Traceback (most recent call last):
  File "/usr/lib/coreos-assembler/cmd-upload-oscontainer", line 88, in <module>
    subprocess.check_call(cosa_argv +
  File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '--preserve-env=container,REGISTRY_AUTH_FILE', '/usr/lib/coreos-assembler/oscontainer.py', '--workdir=./tmp', 'build', '--from=registry.access.redhat.com/ubi8/ubi:latest', '--display-name=Red Hat Enterprise Linux CoreOS', '--digestfile=tmp/oscontainer-digest', '--push', '/srv/tmp/repo', '54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6', 'oci:/tmp/testing:46.82.202006262035-0']' returned non-zero exit status 1.
[coreos-assembler]$ skopeo inspect oci:/tmp/testing
{
    "Digest": "sha256:3bf27d318a413ab3b620e6238098d2af23b4f55cedc16d6ba8a25d81d118ed26",
    "RepoTags": [],
    "Created": "2020-06-26T20:42:11.593068864Z",
    "DockerVersion": "",
    "Labels": {
        "architecture": "x86_64",
        "build-date": "2020-06-22T07:30:14.481393",
        "com.coreos.coreos-assembler-commit": "1cf18ba390af2083b16516b9a6da9ac9d446041e",
        "com.coreos.ostree-commit": "54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6",
        "com.coreos.redhat-coreos-commit": "2f28461010ad4f0f2420108dab219f4c58907ecb",
        "com.redhat.build-host": "cpt-1003.osbs.prod.upshift.rdu2.redhat.com",
        "com.redhat.component": "ubi8-container",
        "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI",
        "description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
        "distribution-scope": "public",
        "io.buildah.version": "1.14.9",
        "io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
        "io.k8s.display-name": "Red Hat Universal Base Image 8",
        "io.openshift.build.version-display-names": "machine-os=Red Hat Enterprise Linux CoreOS",
        "io.openshift.build.versions": "machine-os=46.82.202006262035-0",
        "io.openshift.expose-services": "",
        "io.openshift.tags": "base rhel8",
        "maintainer": "Red Hat, Inc.",
        "name": "ubi8",
        "release": "299.1592810498",
        "summary": "Provides the latest release of Red Hat Universal Base Image 8.",
        "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/images/8.2-299.1592810498",
        "vcs-ref": "2f70d2e5b96ea67813c0f06b74a23775a118e7db",
        "vcs-type": "git",
        "vendor": "Red Hat, Inc.",
        "version": "46.82.202006262035-0"
    },
    "Architecture": "amd64",
    "Os": "linux",
    "Layers": [
        "sha256:f9327c1608ad0ae79b5f4a4c47eda907a980ea9640c70e6036811ea76d641249",
        "sha256:449675ca11bc217d5066dcce0a7dcb774bc87cb2553a8f137bc875cb5dddf4d4",
        "sha256:f7da2ed23cb9ebbbfce98c6b394f550f1597295bdff4caf58c0e4dd4a3cd9523"
    ],
    "Env": [
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
        "container=oci"
    ]
}
	I am trying to tackle this issue https://issues.redhat.com/browse/GRPA-2086
	This is my commit in cosa https://github.com/bh7cw/coreos-assembler/commit/1cf18ba390af2083b16516b9a6da9ac9d446041e
	Then, I tested the code:
	1) create a trigger on quay.io to build image after Git repo is pushed https://quay.io/repository/bh7cw/coreos-assembler?tab=builds
	2) Run the cosa on local machine:
	cosa file:
	#!/usr/bin/env bash

	# this script will use podman, but docker will work too
	rpm -qa \| grep -q podman \|\| (echo "podman not installed!" ; exit 1)

	# checks if cosa image was pulled previously
	podman image exists quay.io/bh7cw/coreos-assembler \|\| \
	podman pull quay.io/bh7cw/coreos-assembler

	# create a tmp directory for storing builds
	mkdir -p rhcos && cd rhcos

	# define the _real_ cosa command
	cosa() {
	env \| grep COREOS_ASSEMBLER
	set -x
	podman run --rm -ti --security-opt label=disable --privileged \
	--uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 \
	-v ${PWD}:/srv/ --device /dev/kvm --device /dev/fuse \
	--tmpfs /tmp -v /var/tmp:/var/tmp --name cosa \
	${COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro} \
	${COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro} \
	${COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS} \
	${COREOS_ASSEMBLER_CONTAINER:-quay.io/bh7cw/coreos-assembler:latest} "$@"
	rc=$?; set +x; return $rc
	}

	# run the cosa container and run shell
	cosa shell

	# execute commands:
	chmod +x cosa
	./cosa
	# build the rhcos:
	sudo curl -kL -o /etc/pki/ca-trust/source/anchors/Red_Hat_IT_Root_CA.crt https://password.corp.redhat.com/RH-IT-Root-CA.crt
	sudo update-ca-trust

	# fetch the Red Hat CoreOS configuration
	cosa init https://gitlab.cee.redhat.com/coreos/redhat-coreos.git
	cosa fetch
	cosa build

	3)upload oscontainer and inspect:
	cosa upload-oscontainer --name oci:/tmp/testing --from registry.access.redhat.com/ubi8/ubi:latest
	skopeo inspect oci:/tmp/testing

	Expected result:
	show "com.coreos.coreos-assembler-commit" and "com.coreos.redhat-coreos-commit" Labels.

	Got result:
	[coreos-assembler]$ cosa upload-oscontainer --name oci:/tmp/testing --from registry.access.redhat.com/ubi8/ubi:latest
	Preparing to upload oscontainer for build: 46.82.202006262035-0
	+ /usr/bin/ostree checkout --repo /srv/tmp/repo --user-mode --subpath=/usr/lib/os-release 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 tmp/usrlib-osrelease
	Using nested container mode due to container environment variable
	Getting image source signatures
	Copying blob 264aaa453271 done
	Copying blob 7f24bdb73d53 done
	Copying config a523835cfc done
	Writing manifest to image destination
	Storing signatures
	Copying ostree commit into container: 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 ...
	+ ostree --repo=/srv/tmp/containers-storage/vfs/dir/27657ba7b9c1261c620f56c34c5ee1d651fcf44ece8e99bff4250d74a4ad3612/srv/repo pull-local /srv/tmp/repo 54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6
	7680 metadata, 30974 content objects imported
	1cf18ba390af2083b16516b9a6da9ac9d446041e
	2f28461010ad4f0f2420108dab219f4c58907ecb
	+ buildah --root=./tmp/containers-storage --storage-driver vfs config --entrypoint [\"/noentry\"] -l com.coreos.ostree-commit=54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6 -l version=46.82.202006262035-0 -l com.coreos.coreos-assembler-commit=1cf18ba390af2083b16516b9a6da9ac9d446041e -l com.coreos.redhat-coreos-commit=2f28461010ad4f0f2420108dab219f4c58907ecb -l "io.openshift.build.version-display-names=machine-os=Red Hat Enterprise Linux CoreOS" -l io.openshift.build.versions=machine-os=46.82.202006262035-0 ubi-working-container
	Committing container...
	Getting image source signatures
	Copying blob f9327c1608ad done
	Copying blob 449675ca11bc done
	Copying blob f7da2ed23cb9 [======================================] 800.3MiB / 800.3MiB
	Copying config eff1667a25 done
	Writing manifest to image destination
	Storing signatures
	oci:/tmp/testing:46.82.202006262035-0
	Pushing container
	+ podman --root=./tmp/containers-storage --storage-driver vfs push --tls-verify oci:/tmp/testing:46.82.202006262035-0 --digestfile=tmp/oscontainer-digest
	Error: invalid reference format
	Traceback (most recent call last):
	File "/usr/lib/coreos-assembler/oscontainer.py", line 326, in <module>
	main()
	File "/usr/lib/coreos-assembler/oscontainer.py", line 310, in main
	oscontainer_build(
	File "/usr/lib/coreos-assembler/oscontainer.py", line 244, in oscontainer_build
	run_verbose(podCmd)
	File "/usr/lib/coreos-assembler/oscontainer.py", line 67, in run_verbose
	subprocess.check_call(args, **kwargs)
	File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call
	raise CalledProcessError(retcode, cmd)
	subprocess.CalledProcessError: Command '['podman', '--root=./tmp/containers-storage', '--storage-driver', 'vfs', 'push', '--tls-verify', 'oci:/tmp/testing:46.82.202006262035-0', '--digestfile=tmp/oscontainer-digest']' returned non-zero exit status 125.
	Traceback (most recent call last):
	File "/usr/lib/coreos-assembler/cmd-upload-oscontainer", line 88, in <module>
	subprocess.check_call(cosa_argv +
	File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call
	raise CalledProcessError(retcode, cmd)
	subprocess.CalledProcessError: Command '['sudo', '--preserve-env=container,REGISTRY_AUTH_FILE', '/usr/lib/coreos-assembler/oscontainer.py', '--workdir=./tmp', 'build', '--from=registry.access.redhat.com/ubi8/ubi:latest', '--display-name=Red Hat Enterprise Linux CoreOS', '--digestfile=tmp/oscontainer-digest', '--push', '/srv/tmp/repo', '54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6', 'oci:/tmp/testing:46.82.202006262035-0']' returned non-zero exit status 1.
	[coreos-assembler]$ skopeo inspect oci:/tmp/testing
	{
	"Digest": "sha256:3bf27d318a413ab3b620e6238098d2af23b4f55cedc16d6ba8a25d81d118ed26",
	"RepoTags": [],
	"Created": "2020-06-26T20:42:11.593068864Z",
	"DockerVersion": "",
	"Labels": {
	"architecture": "x86_64",
	"build-date": "2020-06-22T07:30:14.481393",
	"com.coreos.coreos-assembler-commit": "1cf18ba390af2083b16516b9a6da9ac9d446041e",
	"com.coreos.ostree-commit": "54819e60a948c6aa2952ac1eaa54fed7df441afa0fa44af2c5023df5a4ae4cc6",
	"com.coreos.redhat-coreos-commit": "2f28461010ad4f0f2420108dab219f4c58907ecb",
	"com.redhat.build-host": "cpt-1003.osbs.prod.upshift.rdu2.redhat.com",
	"com.redhat.component": "ubi8-container",
	"com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI",
	"description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
	"distribution-scope": "public",
	"io.buildah.version": "1.14.9",
	"io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
	"io.k8s.display-name": "Red Hat Universal Base Image 8",
	"io.openshift.build.version-display-names": "machine-os=Red Hat Enterprise Linux CoreOS",
	"io.openshift.build.versions": "machine-os=46.82.202006262035-0",
	"io.openshift.expose-services": "",
	"io.openshift.tags": "base rhel8",
	"maintainer": "Red Hat, Inc.",
	"name": "ubi8",
	"release": "299.1592810498",
	"summary": "Provides the latest release of Red Hat Universal Base Image 8.",
	"url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8/images/8.2-299.1592810498",
	"vcs-ref": "2f70d2e5b96ea67813c0f06b74a23775a118e7db",
	"vcs-type": "git",
	"vendor": "Red Hat, Inc.",
	"version": "46.82.202006262035-0"
	},
	"Architecture": "amd64",
	"Os": "linux",
	"Layers": [
	"sha256:f9327c1608ad0ae79b5f4a4c47eda907a980ea9640c70e6036811ea76d641249",
	"sha256:449675ca11bc217d5066dcce0a7dcb774bc87cb2553a8f137bc875cb5dddf4d4",
	"sha256:f7da2ed23cb9ebbbfce98c6b394f550f1597295bdff4caf58c0e4dd4a3cd9523"
	],
	"Env": [
	"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
	"container=oci"
	]
	}