WIP: Add TMT gating test and workflow for bootupd #1077
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| permissions: | |
| actions: read | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: {} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| c9s-bootc-e2e: | |
| strategy: | |
| matrix: | |
| runner: | |
| - ubuntu-24.04 | |
| - ubuntu-24.04-arm | |
| runs-on: [ "${{ matrix.runner }}" ] | |
| steps: | |
| - name: Get a newer podman for heredoc support (from debian testing) | |
| run: | | |
| set -eux | |
| echo 'deb [trusted=yes] https://ftp.debian.org/debian/ testing main' | sudo tee /etc/apt/sources.list.d/testing.list | |
| sudo apt update | |
| sudo apt install -y crun/testing podman/testing skopeo/testing | |
| - uses: actions/checkout@v4 | |
| - name: Install podman | |
| if: ( matrix.runner == 'ubuntu-24.04-arm' ) | |
| run: | | |
| sudo apt update -y | |
| sudo apt install -y podman | |
| - name: build | |
| run: sudo podman build -t localhost/bootupd:latest -f Dockerfile . | |
| - name: bootupctl status in container | |
| run: | | |
| set -xeuo pipefail | |
| arch="$(uname --machine)" | |
| if [[ "${arch}" == "x86_64" ]]; then | |
| components_text='Available components: BIOS EFI' | |
| components_json='{"components":["BIOS","EFI"]}' | |
| else | |
| # Assume aarch64 for now | |
| components_text='Available components: EFI' | |
| components_json='{"components":["EFI"]}' | |
| fi | |
| output=$(sudo podman run --rm -ti localhost/bootupd:latest bootupctl status | tr -d '\r') | |
| [ "${components_text}" == "${output}" ] | |
| output=$(sudo podman run --rm -ti localhost/bootupd:latest bootupctl status --json) | |
| [ "${components_json}" == "${output}" ] | |
| - name: bootc install to disk | |
| run: | | |
| set -xeuo pipefail | |
| sudo truncate -s 10G myimage.raw | |
| sudo podman run --rm --privileged -v .:/target --pid=host --security-opt label=disable \ | |
| -v /var/lib/containers:/var/lib/containers \ | |
| -v /dev:/dev \ | |
| localhost/bootupd:latest bootc install to-disk --skip-fetch-check \ | |
| --disable-selinux --generic-image --via-loopback /target/myimage.raw | |
| # Verify we installed grub.cfg and shim on the disk | |
| sudo losetup -P -f myimage.raw | |
| device=$(losetup -a myimage.raw --output NAME -n) | |
| esp_part=$(sudo sfdisk -l -J "${device}" | jq -r '.partitiontable.partitions[] | select(.type == "C12A7328-F81F-11D2-BA4B-00A0C93EC93B").node') | |
| sudo mount "${esp_part}" /mnt/ | |
| arch="$(uname --machine)" | |
| if [[ "${arch}" == "x86_64" ]]; then | |
| shim="shimx64.efi" | |
| else | |
| # Assume aarch64 for now | |
| shim="shimaa64.efi" | |
| fi | |
| sudo ls /mnt/EFI/centos/{grub.cfg,${shim}} | |
| sudo umount /mnt | |
| # check /boot/grub2/grub.cfg permission | |
| root_part=$(sudo sfdisk -l -J "${device}" | jq -r '.partitiontable.partitions[] | select(.name == "root").node') | |
| sudo mount "${root_part}" /mnt/ | |
| sudo ls /mnt/boot/grub2/grub.cfg | |
| [ $(sudo stat -c "%a" /mnt/boot/grub2/grub.cfg) == "600" ] | |
| sudo umount /mnt | |
| sudo losetup -D "${device}" | |
| sudo rm -f myimage.raw | |
| - name: bootc install to filesystem | |
| run: | | |
| set -xeuo pipefail | |
| sudo podman run --rm -ti --privileged -v /:/target --pid=host --security-opt label=disable \ | |
| -v /dev:/dev -v /var/lib/containers:/var/lib/containers \ | |
| localhost/bootupd:latest bootc install to-filesystem --skip-fetch-check \ | |
| --acknowledge-destructive \ | |
| --disable-selinux --replace=alongside /target | |
| # Verify we injected static configs | |
| jq -re '.["static-configs"].version' /boot/bootupd-state.json | |
| [ $(sudo stat -c "%a" /boot/grub2/grub.cfg) == "600" ] |