diff --git a/bib/cmd/bootc-image-builder/image.go b/bib/cmd/bootc-image-builder/image.go index 65b804b9..0c84f567 100644 --- a/bib/cmd/bootc-image-builder/image.go +++ b/bib/cmd/bootc-image-builder/image.go @@ -65,7 +65,7 @@ func manifestForDiskImage(c *ManifestConfig, rng *rand.Rand) (*manifest.Manifest Source: c.Imgref, Name: c.Imgref, TLSVerify: &c.TLSVerify, - Local: c.Local, + Local: true, } var customizations *blueprint.Customizations @@ -123,15 +123,7 @@ func manifestForDiskImage(c *ManifestConfig, rng *rand.Rand) (*manifest.Manifest mf := manifest.New() mf.Distro = manifest.DISTRO_FEDORA runner := &runner.Linux{} - containerSources := []container.SourceSpec{ - { - Source: c.Imgref, - Name: c.Imgref, - TLSVerify: &c.TLSVerify, - Local: c.Local, - }, - } - err = img.InstantiateManifestFromContainers(&mf, containerSources, runner, rng) + err = img.InstantiateManifestFromContainers(&mf, []container.SourceSpec{containerSource}, runner, rng) return &mf, err } @@ -145,7 +137,7 @@ func manifestForISO(c *ManifestConfig, rng *rand.Rand) (*manifest.Manifest, erro Source: c.Imgref, Name: c.Imgref, TLSVerify: &c.TLSVerify, - Local: c.Local, + Local: true, } // The ref is not needed and will be removed from the ctor later diff --git a/bib/cmd/bootc-image-builder/main.go b/bib/cmd/bootc-image-builder/main.go index be92005d..1de1118d 100644 --- a/bib/cmd/bootc-image-builder/main.go +++ b/bib/cmd/bootc-image-builder/main.go @@ -6,6 +6,7 @@ import ( "fmt" "log" "os" + "os/exec" "path/filepath" "strconv" "strings" @@ -101,6 +102,19 @@ func loadConfig(path string) (*BuildConfig, error) { } func makeManifest(c *ManifestConfig, cacheRoot string) (manifest.OSBuildManifest, error) { + // If --local wasn't given, always pull the container. + // If the user mount a container storage inside bib (without --local), the code will try to pull + // a newer version of the container even if an older one is already present. This doesn't match + // how `podman run`` behaves by default, but it matches the bib's behaviour before the switch + // to using containers storage in all code paths happened. + // We might want to change this behaviour in the future to match podman. + if !c.Local { + pullCmd := exec.Command("podman", "pull", "--arch", c.Architecture.String(), c.Imgref) + if err := pullCmd.Run(); err != nil { + return nil, fmt.Errorf("failed to pull container image: %w", err) + } + } + manifest, err := Manifest(c) if err != nil { return nil, err @@ -284,7 +298,7 @@ func cmdBuild(cmd *cobra.Command, args []string) error { } manifest_fname := fmt.Sprintf("manifest-%s.json", strings.Join(imgTypes, "-")) - fmt.Printf("Generating %s ... ", manifest_fname) + fmt.Printf("Generating manifest %s\n", manifest_fname) mf, err := manifestFromCobra(cmd, args) if err != nil { panic(err) diff --git a/test/test_build.py b/test/test_build.py index 8d77784c..1d05e006 100644 --- a/test/test_build.py +++ b/test/test_build.py @@ -266,7 +266,8 @@ def build_images(shared_tmpdir, build_container, request, force_aws_upload): break print(line, end="") bib_output += line - p.wait(timeout=10) + rc = p.wait(timeout=10) + assert rc == 0, f"bootc-image-builder failed with return code {rc}" journal_output = testutil.journal_after_cursor(cursor) metadata = {} diff --git a/test/test_manifest.py b/test/test_manifest.py index 8746809a..7f0cdc5a 100644 --- a/test/test_manifest.py +++ b/test/test_manifest.py @@ -7,6 +7,8 @@ if not testutil.has_executable("podman"): pytest.skip("no podman, skipping integration tests that required podman", allow_module_level=True) +if not testutil.can_start_rootful_containers(): + pytest.skip("tests require to be able to run rootful containers (try: sudo)", allow_module_level=True) from containerbuild import build_container_fixture # noqa: F401 from testcases import gen_testcases @@ -19,6 +21,8 @@ def test_manifest_smoke(build_container, testcase_ref): output = subprocess.check_output([ "podman", "run", "--rm", + "--privileged", + "--security-opt", "label=type:unconfined_t", f'--entrypoint=["/usr/bin/bootc-image-builder", "manifest", "{container_ref}"]', build_container, ])