Skip to content

Building RPMs using COPR #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pmtk wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Building RPMs using COPR #161

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
6157416
Make targets for COPR interactions
pmtk Dec 1, 2025
45c4d5e
Configurable FROM for the runner
pmtk Dec 1, 2025
97d4fab
Changes to release workflow
pmtk Jan 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .github/actions/build/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,10 @@ inputs:
build:
description: Types of artifacts to build (all, rpms, bootc-image)
required: true
rpm-image:
description: Image with the RPMs
required: false
default: microshift-okd-rpm

runs:
using: "composite"
Expand All @@ -41,9 +45,11 @@ runs:

- name: Prepare the build and run environment
uses: ./.github/actions/prebuild
if: inputs.rpm-builder == 'microshift-okd-rpm'
Copy link

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Fix incorrect input reference: rpm-builder should be rpm-image.

The condition references inputs.rpm-builder but the input is named rpm-image (line 34). This will cause the condition to always evaluate as false.

Proposed fix 
-      if: inputs.rpm-builder == 'microshift-okd-rpm'
+      if: inputs.rpm-image == 'microshift-okd-rpm'
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if: inputs.rpm-builder == 'microshift-okd-rpm'
if: inputs.rpm-image == 'microshift-okd-rpm'
🤖 Prompt for AI Agents 
In @.github/actions/build/action.yaml at line 48, The workflow conditional is
referencing the wrong input name: update the if expression that currently uses
"inputs.rpm-builder" to use the correct input identifier "inputs.rpm-image" so
the branch evaluating "== 'microshift-okd-rpm'" works as intended; locate the
conditional expression (the if: inputs.rpm-builder == 'microshift-okd-rpm' line)
and replace rpm-builder with rpm-image.


- name: Build MicroShift RPMs
shell: bash
if: inputs.rpm-builder == 'microshift-okd-rpm'
Copy link

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Same typo: rpm-builder should be rpm-image.

Proposed fix 
-      if: inputs.rpm-builder == 'microshift-okd-rpm'
+      if: inputs.rpm-image == 'microshift-okd-rpm'
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if: inputs.rpm-builder == 'microshift-okd-rpm'
if: inputs.rpm-image == 'microshift-okd-rpm'
🤖 Prompt for AI Agents 
In @.github/actions/build/action.yaml at line 52, The conditional uses the wrong
input name: change the occurrence of "if: inputs.rpm-builder ==
'microshift-okd-rpm'" to use the correct input key "rpm-image" (e.g., "if:
inputs.rpm-image == 'microshift-okd-rpm'") so the action reads the intended
input; update any other references of "rpm-builder" in this file to "rpm-image"
to keep names consistent.

run: |
# See https://github.com/microshift-io/microshift/blob/main/docs/build.md
# for more information about the build process.
Expand Down Expand Up @@ -73,6 +79,7 @@ runs:
make image \
BOOTC_IMAGE_URL="${{ inputs.bootc-image-url }}" \
BOOTC_IMAGE_TAG="${{ inputs.bootc-image-tag }}" \
RPM_IMAGE="${{ inputs.rpm-image }}" \
${make_opts[@]}

- name: Run a test to verify that MicroShift is functioning properly
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/prebuild/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ runs:
sudo rm -rvf /mnt/* || true

# Create the necessary directories on the /mnt partition
sudo mkdir -p /mnt/tmp /mnt/rpms /mnt/release
sudo mkdir -p /mnt/tmp /mnt/rpms /mnt/release /mnt/srpm
sudo chmod 1777 /mnt/tmp

# Install the pre-requisites for the build and run environment
Expand Down
150 changes: 104 additions & 46 deletions .github/workflows/release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,26 +15,90 @@ on:
default: "latest"
description: OKD version tag from https://quay.io/repository/okd/scos-release?tab=tags
type: string
build:
type: choice
description: Types of artifacts to build
default: all
options:
- all
- packages
- bootc-image
copr-repo:
default: "@microshift-io/microshift"
description: COPR repository name
type: string

jobs:
build-microshift:
build-rpms:
name: Build RPMs using COPR
runs-on: ubuntu-24.04
steps:
- name: Check out MicroShift upstream repository
uses: actions/checkout@v4

- name: Prepare the build and run environment
uses: ./.github/actions/prebuild

- name: Detect OKD version tag
id: detect-okd-version
uses: ./.github/actions/okd-version

- name: Build SRPM
shell: bash
run: |
cd ${GITHUB_WORKSPACE}/
make srpm \
USHIFT_GITREF=${{ inputs.ushift-gitref }} \
OKD_VERSION_TAG=${{ inputs.okd-version-tag != 'latest' && inputs.okd-version-tag || steps.detect-okd-version.outputs.okd-version-tag }} \
SRPM_WORKDIR=/mnt/srpm

- name: Create COPR build
shell: bash
env:
COPR_CONFIG: |
${{ secrets.COPR_CONFIG }}
run: |
set -euo pipefail
cd ${GITHUB_WORKSPACE}/
echo "${COPR_CONFIG}" > /tmp/copr-config

make copr-create-build \
SRPM_WORKDIR=/mnt/srpm \
COPR_REPO_NAME="${{ inputs.copr-repo }}" \
COPR_CONFIG=/tmp/copr-config

make copr-watch-build \
SRPM_WORKDIR=/mnt/srpm \
COPR_REPO_NAME="${{ inputs.copr-repo }}"

- name: Persist version and build ID
uses: actions/upload-artifact@v4
with:
name: srpm-artifacts
path: |
/mnt/srpm/version.txt
/mnt/srpm/build.txt
overwrite: true

build-and-test-microshift:
name: Build RPM and bootc images and test them
needs: build-rpms
strategy:
matrix:
runners: [ubuntu-24.04, ubuntu-24.04-arm]
name: Build MicroShift upstream
runs-on: ${{ matrix.runners }}
steps:
- name: Check out MicroShift upstream repository
uses: actions/checkout@v4

- name: Prepare the build and run environment
uses: ./.github/actions/prebuild

- uses: actions/download-artifact@v5
with:
name: srpm-artifacts
path: /tmp/srpm

- name: Store version
shell: bash
id: version
run: |
set -euo pipefail
test -f /tmp/srpm/version.txt
echo "version=$(cat /tmp/srpm/version.txt)" >> "${GITHUB_OUTPUT}"

- name: Detect the CPU architecture
id: detect-cpu-arch
uses: ./.github/actions/arch
Expand All @@ -43,6 +107,16 @@ jobs:
id: detect-okd-version
uses: ./.github/actions/okd-version

- name: Create RPMs image with RPMs from COPR
shell: bash
run: |
set -euo pipefail
cd ${GITHUB_WORKSPACE}/

make rpm-copr \
SRPM_WORKDIR=/tmp/srpm \
RPM_OUTDIR=/mnt/rpms

- name: Determine bootc stream version
id: set-bootc-image-tag
shell: bash
Expand Down Expand Up @@ -70,67 +144,41 @@ jobs:
okd-version-tag: ${{ inputs.okd-version-tag != 'latest' && inputs.okd-version-tag || steps.detect-okd-version.outputs.okd-version-tag }}
bootc-image-url: quay.io/centos-bootc/centos-bootc
bootc-image-tag: ${{ steps.set-bootc-image-tag.outputs.bootc-image-tag }}
build: ${{ inputs.build }}
build: bootc-image
rpm-image: rpm-copr-builder

# Test the local container image with the quick start and clean procedures
# before releasing the artifacts. Make sure not to run the clean scripts
# because the images are needed for the release process.
- name: Run the quick start script and clean scripts
if: contains(fromJSON('["all", "bootc-image"]'), inputs.build)
uses: ./.github/actions/quick-start-clean
with:
image-ref: localhost/microshift-okd:latest
run-clean: false

# Prepare the RPM archives to be released before converting to DEB packages.
- name: Prepare the RPM archives
if: contains(fromJSON('["all", "packages"]'), inputs.build)
shell: bash
run : |
# Archive sources separately from the RPMs
sudo mv /mnt/rpms/srpms /mnt/srpms
cd /mnt/srpms
sudo tar zcvf /mnt/release/microshift-src.tgz .

cd /mnt/rpms
sudo tar zcvf /mnt/release/microshift-rpms-$(uname -m).tgz .

- name: Store version in a variable
id: version
run: |
set -euo pipefail
if [ ! -f /mnt/rpms/version.txt ]; then
echo "ERROR: version.txt not found at /mnt/rpms/version.txt"
exit 1
fi
echo "version=$(cat /mnt/rpms/version.txt)" >> "${GITHUB_OUTPUT}"

- name: Push version.txt to artifacts
uses: actions/upload-artifact@v4
with:
name: version.txt
path: /mnt/rpms/version.txt
overwrite: true

# This step is run after the RPM archives are prepared to avoid
# including DEB packages in the RPM archive.
- name: Convert the RPMs to DEB packages
if: contains(fromJSON('["all", "packages"]'), inputs.build)
uses: ./.github/actions/build-deb
with:
ushift-gitref: ${{ inputs.ushift-gitref }}
okd-version-tag: ${{ inputs.okd-version-tag != 'latest' && inputs.okd-version-tag || steps.detect-okd-version.outputs.okd-version-tag }}
build-rpms: false

- name: Prepare the DEB archives
if: contains(fromJSON('["all", "packages"]'), inputs.build)
shell: bash
run: |
cd /mnt/rpms/deb
sudo tar zcvf /mnt/release/microshift-debs-$(uname -m).tgz .

- name: Release RPM and DEB packages
if: contains(fromJSON('["all", "packages"]'), inputs.build)
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ steps.version.outputs.version }}
Expand All @@ -141,13 +189,11 @@ jobs:
overwrite_files: true

- name: Login to GitHub Container Registry
if: contains(fromJSON('["all", "bootc-image"]'), inputs.build)
uses: ./.github/actions/podman-login
with:
token: ${{ secrets.GITHUB_TOKEN }}

- name: Publish Bootc container image for the target architecture
if: contains(fromJSON('["all", "bootc-image"]'), inputs.build)
shell: bash
run: |
set -euo pipefail
Expand All @@ -160,21 +206,23 @@ jobs:
sudo podman push "${TARGET_IMAGE}:${TARGET_TAG}"

release-microshift:
needs: build-microshift
needs: build-and-test-microshift
runs-on: ubuntu-24.04
steps:
- name: Check out MicroShift upstream repository
uses: actions/checkout@v4

- uses: actions/download-artifact@v4
- uses: actions/download-artifact@v5
with:
name: version.txt
path: /tmp/
name: srpm-artifacts
path: /tmp/srpm

- name: Store version in a variable
id: version
run: |
echo "version=$(cat /tmp/version.txt)" >> "${GITHUB_OUTPUT}"
set -euo pipefail
test -f /tmp/srpm/version.txt
echo "version=$(cat /tmp/srpm/version.txt)" >> "${GITHUB_OUTPUT}"

- name: Login to GitHub Container Registry
if: contains(fromJSON('["all", "bootc-image"]'), inputs.build)
Expand Down Expand Up @@ -202,8 +250,18 @@ jobs:
OWNER="${{ github.repository_owner }}" IMAGE="${TARGET_IMAGE}" TAG="${TARGET_TAG}" \
envsubst < .github/workflows/release.md > /tmp/release.md

- name: COPR - Regenerate RPM repo
shell: bash
env:
COPR_CONFIG: |
${{ secrets.COPR_CONFIG }}
run : |
echo "${COPR_CONFIG}" > /tmp/copr-config
make copr-regenerate-repos \
COPR_CONFIG=/tmp/copr-config \
COPR_REPO_NAME="${{ inputs.copr-repo }}"

- name: Add release note for bootc image usage
if: contains(fromJSON('["all", "bootc-image"]'), inputs.build)
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ steps.version.outputs.version }}
Expand Down
8 changes: 6 additions & 2 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,12 +38,15 @@ else
OKD_RELEASE_IMAGE ?= $(OKD_RELEASE_IMAGE_X86_64)
endif

RPM_IMAGE := microshift-okd-rpm
RPM_IMAGE ?= microshift-okd-rpm
USHIFT_IMAGE := microshift-okd
SRPM_IMAGE := microshift-okd-srpm
LVM_DISK := /var/lib/microshift-okd/lvmdisk.image
VG_NAME := myvg1

PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
include $(PROJECT_DIR)/src/copr/copr.mk

#
# Define the main targets
#
Expand Down Expand Up @@ -115,7 +118,7 @@ rpm-to-deb:
.PHONY: image
image:
@if ! sudo podman image exists "${RPM_IMAGE}" ; then \
echo "ERROR: Run 'make rpm' to build the MicroShift RPMs" ; \
echo "ERROR: Run 'make rpm' or 'make rpm-copr' to build the MicroShift RPMs" ; \
exit 1 ; \
fi

Expand All @@ -127,6 +130,7 @@ image:
--label okd.version="${OKD_VERSION_TAG}" \
--build-arg BOOTC_IMAGE_URL="${BOOTC_IMAGE_URL}" \
--build-arg BOOTC_IMAGE_TAG="${BOOTC_IMAGE_TAG}" \
--build-arg RPM_IMAGE="${RPM_IMAGE}" \
--env WITH_KINDNET="${WITH_KINDNET}" \
--env WITH_TOPOLVM="${WITH_TOPOLVM}" \
--env WITH_OLM="${WITH_OLM}" \
Expand Down
3 changes: 2 additions & 1 deletion packaging/bootc.Containerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
# Optionally allow for the base image override
ARG BOOTC_IMAGE_URL=quay.io/centos-bootc/centos-bootc
ARG BOOTC_IMAGE_TAG=stream9
ARG RPM_IMAGE=microshift-okd-rpm

FROM localhost/microshift-okd-rpm:latest AS builder
FROM localhost/${RPM_IMAGE}:latest AS builder
FROM ${BOOTC_IMAGE_URL}:${BOOTC_IMAGE_TAG}

ARG REPO_CONFIG_SCRIPT=/tmp/create_repos.sh
Expand Down
28 changes: 28 additions & 0 deletions packaging/rpms-copr.Containerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
FROM quay.io/fedora/fedora:42

RUN dnf install -y \
--setopt=install_weak_deps=False \
copr-cli createrepo rpm2cpio cpio && \
dnf clean all

ARG COPR_BUILD_ID=
ARG BUILDER_RPM_REPO_PATH=/home/microshift/microshift/_output/rpmbuild/RPMS
Comment on lines +8 to +9
Copy link

@coderabbitai coderabbitai bot Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Validate COPR_BUILD_ID is provided.

COPR_BUILD_ID is required but has an empty default. The script should fail early if not provided.

Add validation after the ARG declarations:

 ARG COPR_BUILD_ID=
 ARG BUILDER_RPM_REPO_PATH=/home/microshift/microshift/_output/rpmbuild/RPMS
 
+RUN if [ -z "${COPR_BUILD_ID}" ]; then \
+        echo "ERROR: COPR_BUILD_ID build argument is required" >&2; \
+        exit 1; \
+    fi
+
 # hadolint ignore=DL3003,DL4006,SC3040

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
In packaging/rpms-copr.Containerfile around lines 8 to 9, ARG COPR_BUILD_ID is
declared with an empty default but is required; add a validation immediately
after the ARG declarations that checks if COPR_BUILD_ID is empty and, if so,
prints a clear error message and exits non‑zero to fail the build early (e.g.,
test the variable and call exit 1). Ensure the validation runs during image
build so the Docker/Cool variant fails fast when COPR_BUILD_ID is not provided.


# hadolint ignore=DL4006
RUN \
echo "# Download the RPMs from COPR" && \
copr download-build --rpms --chroot "epel-9-$(uname -m)" --dest /tmp/rpms ${COPR_BUILD_ID} && \
\
echo "# Extract the MicroShift source code into /home/microshift/microshift" && \
mkdir -p /home/microshift/microshift && \
cd /tmp/rpms/"epel-9-$(uname -m)"/ && \
Comment on lines +11 to +18
Copy link

@coderabbitai coderabbitai bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Fix hadolint DL3003 violation causing pipeline failure.

The cd command on line 18 triggers DL3003. Add DL3003 to the ignore list or refactor to avoid cd.

Proposed fix (add to ignore list) 
-# hadolint ignore=DL4006
+# hadolint ignore=DL3003,DL4006
 RUN \
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# hadolint ignore=DL4006
RUN \
echo "# Download the RPMs from COPR" && \
copr download-build --rpms --chroot "epel-9-$(uname -m)" --dest /tmp/rpms ${COPR_BUILD_ID} && \
\
echo "# Extract the MicroShift source code into /home/microshift/microshift" && \
mkdir -p /home/microshift/microshift && \
cd /tmp/rpms/"epel-9-$(uname -m)"/ && \
# hadolint ignore=DL3003,DL4006
RUN \
echo "# Download the RPMs from COPR" && \
copr download-build --rpms --chroot "epel-9-$(uname -m)" --dest /tmp/rpms ${COPR_BUILD_ID} && \
\
echo "# Extract the MicroShift source code into /home/microshift/microshift" && \
mkdir -p /home/microshift/microshift && \
cd /tmp/rpms/"epel-9-$(uname -m)"/ && \
🧰 Tools
🪛 GitHub Actions: linters

[error] 12-12: Hadolint failed on containerfile with DL3003: Use WORKDIR to switch to a directory. (This is reported as a warning by Hadolint, but the step exited with an error in the CI pipeline.)

🤖 Prompt for AI Agents 
In `@packaging/rpms-copr.Containerfile` around lines 11 - 18, The RUN block
contains a shell cd (cd /tmp/rpms/"epel-9-$(uname -m)"/) which triggers hadolint
DL3003; either add DL3003 to the hadolint ignore list on that RUN (augment the
existing "# hadolint ignore=DL4006" to include DL3003) or refactor the RUN to
avoid cd (use absolute paths or a subshell/pushd/popd pattern) so the DL3003
violation is removed; update the RUN block containing the cd command
accordingly.

rpm2cpio microshift-*.src.rpm | cpio -idmv && \
tar xf microshift-*.tar.gz -C /home/microshift/microshift --strip-components=1 && \
\
echo "# Move the RPMs" && \
mkdir -p ${BUILDER_RPM_REPO_PATH} && \
mv /tmp/rpms/"epel-9-$(uname -m)"/*.rpm ${BUILDER_RPM_REPO_PATH}/ && \
\
echo "# Create the repository and cleanup" && \
createrepo -v ${BUILDER_RPM_REPO_PATH} && \
rm -rf /tmp/rpms
3 changes: 3 additions & 0 deletions src/copr/copr-cli.Containerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
FROM quay.io/fedora/fedora:42

RUN dnf install -y copr-cli && dnf clean all
Loading
Loading