Skip to content

Commit f8ab032

Browse files
committed
Add "Build Customized Advanced Image for Tobiko" workflow
The new workflow will create Customized Tobiko Advanced images. The tobiko tests will use these images to created Advanced VMs and run tests with them. TOBIKO-142 Signed-off-by: Eduardo Olivares <eolivare@redhat.com>
1 parent b731a95 commit f8ab032

4 files changed

Lines changed: 163 additions & 0 deletions

File tree

Lines changed: 120 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,120 @@
1+
name: Build Customized Advanced Image for Tobiko
2+
3+
on:
4+
# Allows you to run this workflow manually from the Actions tab
5+
workflow_dispatch:
6+
inputs:
7+
fedora_version:
8+
description: 'Fedora version (e.g., 42-1.1)'
9+
required: true
10+
default: '42-1.1'
11+
release_tag:
12+
description: 'Release tag (e.g., v1.0.0)'
13+
required: true
14+
customize_args:
15+
description: 'Space-separated arguments for virt-customize'
16+
required: true
17+
default: >-
18+
--copy-in /tmp/config:/etc/selinux
19+
--firstboot-command
20+
'nmcli connection add type vlan con-name vlan101 ifname vlan101 vlan.parent ens3 vlan.id 101 ipv6.addr-gen-mode default-or-eui64;
21+
nmcli connection add type vlan con-name vlan101 ifname vlan101 vlan.parent eth0 vlan.id 101 ipv6.addr-gen-mode default-or-eui64;
22+
nmcli connection add type vlan con-name vlan101 ifname vlan101 vlan.parent enp3s0 vlan.id 101 ipv6.addr-gen-mode default-or-eui64'
23+
--install iperf3,iputils,nmap,nmap-ncat,nginx
24+
--copy-in /tmp/nginx_id.conf:/etc/nginx/conf.d
25+
--run-command 'systemctl enable nginx'
26+
--copy-in /tmp/iperf3-server.service:/etc/systemd/system
27+
--run-command 'systemctl enable iperf3-server'
28+
--root-password password:tobiko
29+
--selinux-relabel
30+
31+
jobs:
32+
build-image:
33+
# TODO(eduolivares): the virt-customize command fails with ubuntu-24.04/ubuntu-latest
34+
runs-on: ubuntu-22.04
35+
36+
# Permission needed to create a release and upload assets
37+
permissions:
38+
contents: write
39+
40+
env:
41+
# Set image file names based on inputs
42+
IMAGE_FILE_BASE: Fedora-Cloud-Base-Generic-${{ inputs.fedora_version }}.x86_64
43+
44+
# Define our custom output image name
45+
CUSTOM_IMAGE_FILE: tobiko-custom-${{ inputs.release_tag }}.qcow2
46+
47+
steps:
48+
- name: 1. Checkout Repository
49+
uses: actions/checkout@v4
50+
51+
- name: 2. Prepare Config Files
52+
run: |
53+
# Copy config files from the repository to /tmp for virt-customize
54+
cp artifacts/tobiko-images/conf/selinux-config /tmp/config
55+
cp artifacts/tobiko-images/conf/nginx_id.conf /tmp/nginx_id.conf
56+
cp artifacts/tobiko-images/conf/iperf3-server.service /tmp/iperf3-server.service
57+
echo "Config files copied to /tmp"
58+
59+
- name: 3. Extract Fedora Major Version and Construct URL
60+
id: setup
61+
run: |
62+
# Extract major version from fedora_version (e.g., "42" from "42-1.1")
63+
MAJOR_VERSION=$(echo "${{ inputs.fedora_version }}" | cut -d'-' -f1)
64+
echo "major_version=$MAJOR_VERSION" >> $GITHUB_OUTPUT
65+
echo "Extracted major version: $MAJOR_VERSION"
66+
67+
# Construct the download URL
68+
IMAGE_URL="https://download.fedoraproject.org/pub/fedora/linux/releases/${MAJOR_VERSION}/Cloud/x86_64/images/${{ env.IMAGE_FILE_BASE }}.qcow2"
69+
echo "image_url=$IMAGE_URL" >> $GITHUB_OUTPUT
70+
echo "Download URL: $IMAGE_URL"
71+
72+
- name: 4. Install Dependencies
73+
run: |
74+
echo "Installing libguestfs-tools (for virt-customize) and wget"
75+
sudo apt-get update
76+
sudo apt-get install -y libguestfs-tools wget
77+
78+
- name: 5. Download Base Fedora Image
79+
run: |
80+
echo "Downloading from ${{ steps.setup.outputs.image_url }}"
81+
wget -O ${{ env.IMAGE_FILE_BASE }}.qcow2 ${{ steps.setup.outputs.image_url }}
82+
83+
- name: 6. Rename and Customize Image
84+
run: |
85+
# Copy the downloaded image to /tmp and give it our custom name
86+
sudo cp ${{ env.IMAGE_FILE_BASE }}.qcow2 /tmp/${{ env.CUSTOM_IMAGE_FILE }}
87+
88+
echo "Running virt-customize with args: ${{ inputs.customize_args }}"
89+
90+
# virt-customize modifies the image file in-place
91+
# The shell will correctly parse the space-separated arguments from the input
92+
sudo LIBGUESTFS_BACKEND=direct virt-customize -a /tmp/${{ env.CUSTOM_IMAGE_FILE }} ${{ inputs.customize_args }}
93+
94+
# Move the customized image back to the working directory
95+
sudo mv /tmp/${{ env.CUSTOM_IMAGE_FILE }} ${{ env.CUSTOM_IMAGE_FILE }}
96+
97+
# Change ownership back to the runner user so the file can be read
98+
echo "Resetting file ownership..."
99+
sudo chown $(whoami):$(whoami) ${{ env.CUSTOM_IMAGE_FILE }}
100+
101+
- name: 7. Create GitHub Release and Upload Artifact
102+
uses: softprops/action-gh-release@v2
103+
with:
104+
# This is the tag you provided as input
105+
tag_name: ${{ inputs.release_tag }}
106+
107+
# Title for the release
108+
name: "Custom Tobiko ${{ inputs.release_tag }} Image"
109+
110+
# Release description
111+
body: |
112+
Customized Tobiko ${{ inputs.release_tag }} image built by GitHub Actions.
113+
114+
**Customizations:**
115+
```
116+
${{ inputs.customize_args }}
117+
```
118+
119+
# The file(s) to upload
120+
files: ${{ env.CUSTOM_IMAGE_FILE }}
Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
[Unit]
2+
Description=iperf3 server on port 5201
3+
After=syslog.target network.target
4+
5+
[Service]
6+
ExecStart=/usr/bin/iperf3 -s -p 5201
7+
Restart=always
8+
User=root
9+
10+
[Install]
11+
WantedBy=multi-user.target
Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
server{
2+
listen 80;
3+
listen [::]:80;
4+
location /id { add_header Content-Type text/plain; return 200 '$hostname';}
5+
}
Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
2+
# This file controls the state of SELinux on the system.
3+
# SELINUX= can take one of these three values:
4+
# enforcing - SELinux security policy is enforced.
5+
# permissive - SELinux prints warnings instead of enforcing.
6+
# disabled - No SELinux policy is loaded.
7+
# See also:
8+
# https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-selinux/#getting-started-with-selinux-selinux-states-and-modes
9+
#
10+
# NOTE: In earlier Fedora kernel builds, SELINUX=disabled would also
11+
# fully disable SELinux during boot. If you need a system with SELinux
12+
# fully disabled instead of SELinux running with no policy loaded, you
13+
# need to pass selinux=0 to the kernel command line. You can use grubby
14+
# to persistently set the bootloader to boot with selinux=0:
15+
#
16+
# grubby --update-kernel ALL --args selinux=0
17+
#
18+
# To revert back to SELinux enabled:
19+
#
20+
# grubby --update-kernel ALL --remove-args selinux
21+
#
22+
SELINUX=permissive
23+
# SELINUXTYPE= can take one of these three values:
24+
# targeted - Targeted processes are protected,
25+
# minimum - Modification of targeted policy. Only selected processes are protected.
26+
# mls - Multi Level Security protection.
27+
SELINUXTYPE=targeted

0 commit comments

Comments
 (0)