diff --git a/.cirrus.yml b/.cirrus.yml index b67cf8c4..529813f0 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -97,9 +97,9 @@ container_images_task: &container_images # TARGET_NAME: 'debian' # DEST_FQIN: *fqin env: &image_env - # For quay.io/libpod namespace - REG_USERNAME: ENCRYPTED[de755aef351c501ee480231c24eae25b15e2b2a2b7c629f477c1d427fc5269e360bb358a53bd8914605bae588e99b52a] - REG_PASSWORD: ENCRYPTED[52268944bb0d6642c33efb1c5d7fb82d0c40f9e6988448de35827f9be2cc547c1383db13e8b21516dbd7a0a69a7ae536] + # For quay.io/libpod namespace, select FQINs only. + REG_USERNAME: ENCRYPTED[df4efe530b9a6a731cfea19233e395a5206d24dfac25e84329de035393d191e94ead8c39b373a0391fa025cab15470f8] + REG_PASSWORD: ENCRYPTED[255ec05057707c20237a6c7d15b213422779c534f74fe019b8ca565f635dba0e11035a034e533a6f39e146e7435d87b5] script: ci/make_container_images.sh; package_cache: &package_cache folder: "/tmp/automation_images_tmp/.cache/**" @@ -477,7 +477,9 @@ test_build-push_task: disk: 200 # More muscle to emulate multi-arch type: "n2-standard-4" - script: bash ./build-push/test.sh + script: | + bash ./build-push/.install.sh + bash ./build-push/test.sh # N/B: "latest" image produced after PR-merge (branch-push) diff --git a/IMG_SFX b/IMG_SFX index cfee5cc9..e8722587 100644 --- a/IMG_SFX +++ b/IMG_SFX @@ -1 +1 @@ -20230822t185743z-f38f37d13 +20230918t183521z-f38f37d13 diff --git a/build-push/.install.sh b/build-push/.install.sh index 2c06d1b4..2100d220 100644 --- a/build-push/.install.sh +++ b/build-push/.install.sh @@ -1,26 +1,25 @@ #!/bin/bash -# This script is intended to be used from two places only: -# 1) When building the build-push VM image, to install the scripts as-is -# in a PR in order for CI testing to operate on them. -# 2) From the autoupdate.sh script, when $BUILDPUSHAUTOUPDATED is unset -# or '0'. This clones the latest repository to install (possibly) -# updated scripts. +# This script is intended to be run from a task using a pre-existing +# build-push VM image (having an image-suffix from the IMG_SFX file). +# It's purpose is to install the latest version of the scripts in the +# `bin` directory onto the system. # # WARNING: Use under any other circumstances will probably screw things up. -if [[ -z "$BUILDPUSHAUTOUPDATED" ]]; -then - echo "This script must only be run under Packer or autoupdate.sh" +# Common automation library pre-installed into the build-push VM +if [[ -r /etc/automation_environment ]]; then + # Defines AUTOMATION_LIB_PATH and updates PATH + source /etc/automation_environment + source "$AUTOMATION_LIB_PATH/common_lib.sh" +else + echo "ERROR: The common automation library has not been installed." > /dev/stderr exit 1 fi -source /etc/automation_environment -source "$AUTOMATION_LIB_PATH/common_lib.sh" +# Defined by common automation library +# shellcheck disable=SC2154 +cd $(dirname "${BASH_SOURCE[0]}") || exit 1 -#shellcheck disable=SC2154 -cd $(dirname "$SCRIPT_FILEPATH") || exit 1 -# Must be installed into $AUTOMATION_LIB_PATH/../bin which is on $PATH -cp ./bin/* $AUTOMATION_LIB_PATH/../bin/ -cp ./lib/* $AUTOMATION_LIB_PATH/ -chmod +x $AUTOMATION_LIB_PATH/../bin/* +# Must be installed into $AUTOMATION_LIB_PATH/../bin which is also now on $PATH +install -g root -o root -m 550 ./bin/* $AUTOMATION_LIB_PATH/../bin/ diff --git a/build-push/bin/main.sh b/build-push/bin/containers_build_push.sh similarity index 52% rename from build-push/bin/main.sh rename to build-push/bin/containers_build_push.sh index c2a94b6c..1b85623f 100644 --- a/build-push/bin/main.sh +++ b/build-push/bin/containers_build_push.sh @@ -1,18 +1,18 @@ #!/bin/bash -# This script is not intended for humans. It should be run by automation -# at the branch-level in automation for the skopeo, buildah, and podman -# repositories. It's purpose is to produce a multi-arch container image -# based on the contents of context subdirectory. At runtime, $PWD is assumed -# to be the root of the cloned git repository. +# This script is not intended for humans. It should be run by secure +# (maintainer-only) cron-like automation to service the skopeo, buildah, +# and podman repositories. It's purpose is to produce a multi-arch container +# image based on the contents of a repository context subdirectory from their +# respective 'main' branches. # -# The first argument to the script, should be the URL of the git repository -# in question. Though at this time, this is only used for labeling the -# resulting image. +# The first argument to the script, should be the (clone) URL of the git repository +# in question. This is used to both retrieve the build context, as well as label +# the produced images. # # The second argument to this script is the relative path to the build context -# subdirectory. The basename of this subdirectory may indicates the -# image flavor (i.e. `upstream`, `testing`, or `stable`). Depending +# subdirectory. The basename of this subdirectory may (see next paragraph) +# indicate the image flavor (i.e. `upstream`, `testing`, or `stable`). Depending # on this value, the image may be pushed to multiple container registries # under slightly different rules (see the next option). # @@ -27,27 +27,27 @@ if [[ -r "/etc/automation_environment" ]]; then source /etc/automation_environment # defines AUTOMATION_LIB_PATH #shellcheck disable=SC1090,SC2154 source "$AUTOMATION_LIB_PATH/common_lib.sh" - #shellcheck source=../lib/autoupdate.sh - source "$AUTOMATION_LIB_PATH/autoupdate.sh" else echo "Expecting to find automation common library installed." exit 1 fi -# Careful: Changing the error message below could break auto-update test. -if [[ "$#" -lt 2 ]]; then - #shellcheck disable=SC2145 - die "Must be called with at least two arguments, got '$@'" -fi - if [[ -z $(type -P build-push.sh) ]]; then die "It does not appear that build-push.sh is installed properly" fi -if ! [[ -d "$PWD/.git" ]]; then - die "The current directory ($PWD) does not appear to be the root of a git repo." +if [[ -z "$1" ]]; then + die "Expecting a git repository URI as the first argument." +fi + +# Careful: Changing the error message below could break auto-update test. +if [[ "$#" -lt 2 ]]; then + #shellcheck disable=SC2145 + die "Must be called with at least two arguments, got '$*'" fi +req_env_vars CI + # Assume transitive debugging state for build-push.sh if set if [[ "$(automation_version | cut -d '.' -f 1)" -ge 4 ]]; then # Valid for version 4.0.0 and above only @@ -101,27 +101,67 @@ if ((DRYRUN)); then warn "Operating in dry-run mode with $_DRNOPUSH" fi +# SCRIPT_PATH defined by automation library +# shellcheck disable=SC2154 +CLONE_TMP=$(mktemp -p "" -d "tmp_${SCRIPT_FILENAME}_XXXX") +trap "rm -rf '$CLONE_TMP'" EXIT + ### MAIN declare -a build_args if [[ -n "$FLAVOR_NAME" ]]; then - build_args=(--build-arg "FLAVOR=$FLAVOR_NAME") + build_args=("--build-arg=FLAVOR=$FLAVOR_NAME") fi -# Labels to add to all images -# N/B: These won't show up in the manifest-list itself, only it's constituents. -lblargs="\ - --label=org.opencontainers.image.source=$REPO_URL \ - --label=org.opencontainers.image.created=$(date -u --iso-8601=seconds)" -dbg "lblargs=$lblargs" +dbg "Cloning '$REPO_URL' into $CLONE_TMP" +git clone --depth 1 "$REPO_URL" "$CLONE_TMP" +cd "$CLONE_TMP" +head_sha=$(git rev-parse HEAD) +dbg "HEAD is $head_sha" + +req_env_vars CIRRUS_TASK_ID CIRRUS_CHANGE_IN_REPO CIRRUS_REPO_NAME + +# Labels to add to all images as per +# https://specs.opencontainers.org/image-spec/annotations/?v=v1.0.1 +declare -a label_args + +# Use both labels and annotations since some older tools only support labels +# CIRRUS_TASK_ID provided by CI and verified non-empty +# shellcheck disable=SC2154 +for arg in "--label" "--annotation"; do + label_args+=(\ + "$arg=org.opencontainers.image.source=$REPO_URL" + "$arg=org.opencontainers.image.revision=$head_sha" + "$arg=org.opencontainers.image.created=$(date -u --iso-8601=seconds)" + "$arg=org.opencontainers.image.documentation=${REPO_URL%.git}/tree/$CTX_SUB/README.md" + "$arg=org.opencontainers.image.authors=podman@lists.podman.io" + ) + + # Perhaps slightly outside the intended purpose, but it kind of fits, and may help + # somebody ascertain provenance a little better. Note: Even if the console logs + # are blank, the Cirrus-CI GraphQL API keeps build and task metadata for years. + label_args+=(\ + "$arg=org.opencontainers.image.url=https://cirrus-ci.com/task/$CIRRUS_TASK_ID" + ) + + # Definitely not any official spec., but offers a quick reference to exactly what produced + # the images and it's current signature. + label_args+=(\ + "$arg=built.by.repo=${CIRRUS_REPO_NAME}" + "$arg=built.by.commit=${CIRRUS_CHANGE_IN_REPO}" + "$arg=built.by.exec=$(basename ${BASH_SOURCE[0]})" + "$arg=built.by.digest=sha256:$(sha256sum<${BASH_SOURCE[0]} | awk '{print $1}')" + ) +done modcmdarg="tag_version.sh $FLAVOR_NAME" -# For stable images, the version number of the command is needed for tagging. +# For stable images, the version number of the command is needed for tagging and labeling. if [[ "$FLAVOR_NAME" == "stable" ]]; then # only native arch is needed to extract the version - dbg "Building local-arch image to extract stable version number" - podman build -t $REPO_FQIN "${build_args[@]}" ./$CTX_SUB + dbg "Building temporary local-arch image to extract stable version number" + FQIN_TMP="$REPO_NAME:temp" + showrun podman build -t $FQIN_TMP "${build_args[@]}" ./$CTX_SUB case "$REPO_NAME" in skopeo) version_cmd="--version" ;; @@ -131,42 +171,42 @@ if [[ "$FLAVOR_NAME" == "stable" ]]; then *) die "Unknown/unsupported repo '$REPO_NAME'" ;; esac - pvcmd="podman run -i --rm $REPO_FQIN $version_cmd" + pvcmd="podman run -i --rm $FQIN_TMP $version_cmd" dbg "Extracting version with command: $pvcmd" version_output=$($pvcmd) - dbg "version output: - $version_output - " + dbg "version output: '$version_output'" img_cmd_version=$(awk -r -e '/^.+ version /{print $3}' <<<"$version_output") dbg "parsed version: $img_cmd_version" test -n "$img_cmd_version" - lblargs="$lblargs --label=org.opencontainers.image.version=$img_cmd_version" - # Prevent temporary build colliding with multi-arch manifest list (built next) - # but preserve image (by ID) for use as cache. - dbg "Un-tagging $REPO_FQIN" - podman untag $REPO_FQIN + + label_args+=("--label=org.opencontainers.image.version=$img_cmd_version" + "--annotation=org.opencontainers.image.version=$img_cmd_version") # tag-version.sh expects this arg. when FLAVOR_NAME=stable modcmdarg+=" $img_cmd_version" + dbg "Building stable-flavor manifest-list '$_REG/containers/$REPO_NAME'" + # Stable images get pushed to 'containers' namespace as latest & version-tagged - build-push.sh \ + showrun build-push.sh \ $_DRNOPUSH \ - --arches=$ARCHES \ + --arches="$ARCHES" \ --modcmd="$modcmdarg" \ - $_REG/containers/$REPO_NAME \ - ./$CTX_SUB \ - $lblargs \ - "${build_args[@]}" + "$_REG/containers/$REPO_NAME" \ + "./$CTX_SUB" \ + "${build_args[@]}" \ + "${label_args[@]}" fi +dbg "Building manifest-list '$REPO_FQIN'" + # All images are pushed to quay.io/, both # latest and version-tagged (if available). -build-push.sh \ +showrun build-push.sh \ $_DRNOPUSH \ - --arches=$ARCHES \ + --arches="$ARCHES" \ --modcmd="$modcmdarg" \ - $REPO_FQIN \ - ./$CTX_SUB \ - $lblargs \ - "${build_args[@]}" + "$REPO_FQIN" \ + "./$CTX_SUB" \ + "${build_args[@]}" \ + "${label_args[@]}" diff --git a/build-push/bin/tag_version.sh b/build-push/bin/tag_version.sh index b4858f1d..284aff86 100644 --- a/build-push/bin/tag_version.sh +++ b/build-push/bin/tag_version.sh @@ -3,7 +3,11 @@ # This script is not intended for humans. It should only be referenced # as an argument to the build-push.sh `--modcmd` option. It's purpose # is to ensure stable images are re-tagged with a verison-number -# cooresponding to the included tool's version. +# using a specific scheme, cooresponding to the included tool's version. +# It expects two arguments, the first is the "flavor" of the image. +# Typically 'upstream', 'testing', or 'stable'. The second argument +# is optional, when provided it should be the container-image's tool +# version number (e.g. podman version). set -eo pipefail @@ -20,33 +24,36 @@ fi req_env_vars SCRIPT_FILENAME SCRIPT_FILEPATH RUNTIME PLATFORMOS FQIN CONTEXT \ PUSH ARCHES REGSERVER NAMESPACE IMGNAME MODCMD -if [[ "$#" -ge 1 ]]; then - FLAVOR_NAME="$1" # upstream, testing, or stable +if [[ "$#" -lt 1 ]]; then + # Defined by common automation library + # shellcheck disable=SC2154 + die "$SCRIPT_FILENAME expects at least one argument" fi if [[ "$#" -ge 2 ]]; then - # Enforce all version-tags start with a 'v' - VERSION="v${2#v}" # output of $version_cmd + FLAVOR_NAME="$1" + # Version is optional + unset VERSION + [[ -z "$2" ]] || \ + VERSION="v${2#v}" fi if [[ -z "$FLAVOR_NAME" ]]; then # Defined by common_lib.sh # shellcheck disable=SC2154 - warn "$SCRIPT_FILENAME passed empty flavor-name argument (optional)." + warn "$SCRIPT_FILENAME passed empty flavor-name argument." elif [[ -z "$VERSION" ]]; then - warn "$SCRIPT_FILENAME received empty version argument (req. for FLAVOR_NAME=stable)." + warn "$SCRIPT_FILENAME received empty version argument." fi # shellcheck disable=SC2154 -dbg "Mod-command operating on $FQIN in '$FLAVOR_NAME' flavor" +dbg "$SCRIPT_FILENAME operating on '$FLAVOR_NAME' flavor of '$FQIN' with tool version '$VERSION' (optional)" if [[ "$FLAVOR_NAME" == "stable" ]]; then # Stable images must all be tagged with a version number. # Confirm this value is passed in by caller. - req_env_vars VERSION - VERSION=v${VERSION#v} if grep -E -q '^v[0-9]+\.[0-9]+\.[0-9]+'<<<"$VERSION"; then - msg "Found image command version '$VERSION'" + msg "Using provided image command version '$VERSION'" else die "Encountered unexpected/non-conforming version '$VERSION'" fi @@ -65,5 +72,5 @@ if [[ "$FLAVOR_NAME" == "stable" ]]; then $RUNTIME tag $FQIN:latest $FQIN:$x_ver msg "Successfully tagged $FQIN:$x_ver" else - warn "$SCRIPT_FILENAME not version-tagging for '$FLAVOR_NAME' stage of '$FQIN'" + warn "$SCRIPT_FILENAME not version-tagging for '$FLAVOR_NAME' flavor'$FQIN'" fi diff --git a/build-push/lib/autoupdate.sh b/build-push/lib/autoupdate.sh deleted file mode 100644 index 7d88d2f7..00000000 --- a/build-push/lib/autoupdate.sh +++ /dev/null @@ -1,36 +0,0 @@ - - -# This script is not intended for humans. It should only be sourced by -# main.sh. If BUILDPUSHAUTOUPDATED!=0 this it will be a no-op. Otherwise, -# it will download the latest version of the build-push scripts and re-exec -# main.sh. This allows the scripts to be updated without requiring new VM -# images to be composed and deployed. -# -# WARNING: Changes to this script _do_ require new VM images as auto-updating -# the auto-update script would be complex and hard to test. - -# Must be exported - .install.sh checks this is set. -export BUILDPUSHAUTOUPDATED="${BUILDPUSHAUTOUPDATED:-0}" - -if ! ((BUILDPUSHAUTOUPDATED)); then - msg "Auto-updating build-push operational scripts..." - #shellcheck disable=SC2154 - GITTMP=$(mktemp -p '' -d "$MKTEMP_FORMAT") - trap "rm -rf $GITTMP" EXIT - - msg "Obtaining latest version..." - git clone --quiet --depth=1 \ - https://github.com/containers/automation_images.git \ - "$GITTMP" - cd $GITTMP/build-push || exit 1 - msg "Replacing build-push scripts from containers/automation_images commit $(git rev-parse --short=8 HEAD)..." - bash ./.install.sh - # Important: Return to directory main.sh was started from - cd - || exit 1 - rm -rf "$GITTMP" - - #shellcheck disable=SC2145 - msg "Re-executing main.sh $@..." - export BUILDPUSHAUTOUPDATED=1 - exec main.sh "$@" # guaranteed on $PATH -fi diff --git a/build-push/test.sh b/build-push/test.sh index 3ef0cdd7..6e15f042 100644 --- a/build-push/test.sh +++ b/build-push/test.sh @@ -2,22 +2,23 @@ # DO NOT USE - This script is intended to be called by the Cirrus-CI # `test_build-push` task. It is not intended to be used otherwise -# and may cause harm. It's purpose is to confirm the 'main.sh' script -# behaves in an expected way, given a local test repository as input. +# and may cause harm. It's purpose is to confirm the +# 'containers_build_push.sh' script behaves in an expected way, given +# a special testing git repository (setup here) as input. set -eo pipefail SCRIPT_DIRPATH=$(dirname $(realpath "${BASH_SOURCE[0]}")) source $SCRIPT_DIRPATH/../lib.sh -req_env_vars CIRRUS_CI +req_env_vars CIRRUS_CI CIRRUS_CHANGE_IN_REPO # No need to test if image wasn't built if TARGET_NAME=build-push skip_on_pr_label; then exit 0; fi # Architectures to test with (golang standard names) TESTARCHES="amd64 arm64" -# main.sh is sensitive to this value +# containers_build_push.sh is sensitive to this value ARCHES=$(tr " " ","<<<"$TESTARCHES") export ARCHES # Contrived "version" for testing purposes @@ -27,16 +28,16 @@ FAKE_VER_Z=$RANDOM FAKE_VERSION="$FAKE_VER_X.$FAKE_VER_Y.$FAKE_VER_Z" # Contrived source repository for testing SRC_TMP=$(mktemp -p '' -d tmp-build-push-test-XXXX) -# Do not change, main.sh is sensitive to the 'testing' name +# Do not change, containers_build_push.sh is sensitive to the 'testing' name TEST_FQIN=example.com/testing/stable # Stable build should result in manifest list tagged this TEST_FQIN2=example.com/containers/testing -# Don't allow main.sh or tag_version.sh to auto-update at runtime +# Don't allow containers_build_push.sh or tag_version.sh to auto-update at runtime export BUILDPUSHAUTOUPDATED=1 trap "rm -rf $SRC_TMP" EXIT -# main.sh expects $PWD to be a git repository. +# containers_build_push.sh expects a git repository argument msg " ##### Constructing local test repository #####" cd $SRC_TMP @@ -49,12 +50,14 @@ git config --local commit.gpgsign "false" # The following paths match the style of sub-dir in the actual # skopeo/buildah/podman repositories. Only the 'stable' flavor # is tested here, since it involves the most complex workflow. +# Set a default flavor in the Containerfile to detect missing +# flavor arg / envar processing. mkdir -vp "contrib/testimage/stable" cd "contrib/testimage/stable" echo "build-push-test version v$FAKE_VERSION" | tee "FAKE_VERSION" cat < /FLAVOUR EOF @@ -69,8 +72,10 @@ git add --all git commit -m 'test repo initial commit' TEST_REVISION=$(git rev-parse HEAD) +TEST_REPO_URL="file://$SRC_TMP/testing" + # Given the flavor-name as the first argument, verify built image -# expectations. For 'stable' image, verify that main.sh will properly +# expectations. For 'stable' image, verify that containers_build_push.sh will properly # version-tagged both FQINs. For other flavors, verify expected labels # on the `latest` tagged FQINs. verify_built_images() { @@ -102,7 +107,7 @@ verify_built_images() { msg "Testing container FLAVOR build-arg passed correctly" showrun podman run -i --arch=$_arch --rm "$_fqin:$test_tag" \ - cat /FLAVOUR | tee /dev/stderr | fgrep -xq "FLAVOUR=$expected_flavor" + cat /FLAVOUR | tee /dev/stderr | grep -Fxq "FLAVOUR=$expected_flavor" if [[ "$expected_flavor" == "stable" ]]; then msg "Testing tag '$xy_ver'" @@ -127,7 +132,19 @@ verify_built_images() { msg "Testing image $_fqin:$test_tag source label" _fltr='.[].Config.Labels."org.opencontainers.image.source"' img_src=$(podman inspect $_fqin:$test_tag | jq -r -e "$_fltr") - showrun test "$img_src" == "git://testing" + showrun test "$img_src" == "$TEST_REPO_URL" + + msg "Testing image $_fqin:$test_tag revision label" + _fltr='.[].Config.Labels."org.opencontainers.image.revision"' + img_rev=$(podman inspect $_fqin:$test_tag | jq -r -e "$_fltr") + showrun test "$img_rev" == "$TEST_REVISION" + + msg "Testing image $_fqin:$test_tag built.by.commit label" + _fltr='.[].Config.Labels."built.by.commit"' + img_bbc=$(podman inspect $_fqin:$test_tag | jq -r -e "$_fltr") + # Checked at beginning of script + # shellcheck disable=SC2154 + showrun test "$img_bbc" == "$CIRRUS_CHANGE_IN_REPO" done } @@ -144,52 +161,15 @@ remove_built_images() { msg " ##### Testing build-push subdir-flavor run of '$TEST_FQIN' & '$TEST_FQIN2' #####" cd $SRC_TMP/testing -export DRYRUN=1 # Force main.sh not to push anything +export DRYRUN=1 # Force containers_build_push.sh not to push anything req_env_vars ARCHES DRYRUN -# main.sh is sensitive to 'testing' value. -# Also confirms main.sh is on $PATH -env A_DEBUG=1 main.sh git://testing contrib/testimage/stable +# containers_build_push.sh is sensitive to 'testing' value. +# Also confirms containers_build_push.sh is on $PATH +env A_DEBUG=1 containers_build_push.sh $TEST_REPO_URL contrib/testimage/stable verify_built_images stable msg " ##### Testing build-push flavour-arg run for '$TEST_FQIN' & '$TEST_FQIN2' #####" remove_built_images -env A_DEBUG=1 main.sh git://testing contrib/testimage foobarbaz +env A_DEBUG=1 containers_build_push.sh $TEST_REPO_URL contrib/testimage foobarbaz verify_built_images foobarbaz - -# This script verifies it's only/ever running inside CI. Use a fake -# main.sh to verify it auto-updates itself w/o actually performing -# a build. N/B: This test must be run last, in a throw-away environment, -# it _WILL_ modify on-disk contents! -msg " -##### Testing auto-update capability #####" -cd $SRC_TMP -#shellcheck disable=SC2154 -cat >main.sh<< EOF -#!/bin/bash - -source /etc/automation_environment # defines AUTOMATION_LIB_PATH -source "$AUTOMATION_LIB_PATH/common_lib.sh" -source "$AUTOMATION_LIB_PATH/autoupdate.sh" -EOF -chmod +x main.sh -# Back to where we were -cd - - -# Expect the real main.sh to bark one of two error messages -# and exit non-zero. -EXP_RX1="Must.be.called.with.at.least.two.arguments" -EXP_RX2="does.not.appear.to.be.the.root.of.a.git.repo" -if output=$(env --ignore-environment \ - BUILDPUSHAUTOUPDATED=0 \ - AUTOMATION_LIB_PATH=$AUTOMATION_LIB_PATH \ - $SRC_TMP/main.sh 2>&1); then - die "Fail. Expected main.sh to exit non-zero" -else - if [[ "$output" =~ $EXP_RX1 ]] || [[ "$output" =~ $EXP_RX2 ]]; then - echo "PASS" - else - die "Fail. Expecting match to '$EXP_RX1' or '$EXP_RX2', got: -$output" - fi -fi diff --git a/cache_images/build-push_packaging.sh b/cache_images/build-push_packaging.sh index 44c43355..790280a2 100644 --- a/cache_images/build-push_packaging.sh +++ b/cache_images/build-push_packaging.sh @@ -41,11 +41,7 @@ lilto $SUDO dnf update -y # Re-install with the 'build-push' component install_automation_tooling build-push -# Install main scripts into directory on $PATH +# Install scripts into automation directory on $PATH cd $REPO_DIRPATH/build-push set -x -# Do not auto-update to allow testing inside a PR -$SUDO env BUILDPUSHAUTOUPDATED=1 bash ./.install.sh - -# Install wait-for-copr -$SUDO pip3 install git+https://github.com/packit/wait-for-copr.git@main +$SUDO bash ./.install.sh