test: add Podman integration tests for OCI runtime compatibility (#1143)

Copilot · rjaegers · philips-software-forest-releaser[bot] · web-flow · commit 75ae0ceee74b · 2026-02-27T05:23:35.000Z
* Initial plan * Add Podman integration tests for OCI runtime compatibility Co-authored-by: rjaegers <45816308+rjaegers@users.noreply.github.com> * Pass environment variables to Podman container Co-authored-by: rjaegers <45816308+rjaegers@users.noreply.github.com> * Add comment clarifying Ubuntu runner requirement for Podman Co-authored-by: rjaegers <45816308+rjaegers@users.noreply.github.com> * Fix code injection vulnerabilities in Podman workflow Move all template expansions to environment variables and use them in shell commands instead to prevent code injection. Properly quote all variables that can contain spaces. Co-authored-by: rjaegers <45816308+rjaegers@users.noreply.github.com> * Fix DNS resolution issue in Podman tests by using host network Add --network=host flag to podman run command to ensure DNS resolution works properly in containers. This fixes the "failed to lookup address information" errors that were occurring on x64 runners when tests tried to download Windows SDK from aka.ms domains. Co-authored-by: rjaegers <45816308+rjaegers@users.noreply.github.com> * chore(deps, rust): update github.vscode-pull-request-github in devcontainer.json (#1146) Update github.vscode-pull-request-github in devcontainer.json Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> * chore(deps): bump conan from 2.25.1 to 2.25.2 in /.devcontainer (#1149) Bumps [conan](https://github.com/conan-io/conan) from 2.25.1 to 2.25.2. - [Release notes](https://github.com/conan-io/conan/releases) - [Commits](conan-io/conan@2.25.1...2.25.2) --- updated-dependencies: - dependency-name: conan dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci(deps): bump the github-actions group with 4 updates (#1151) Bumps the github-actions group with 4 updates: [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action), [github/codeql-action](https://github.com/github/codeql-action), [philips-software/amp-devcontainer](https://github.com/philips-software/amp-devcontainer) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `zizmorcore/zizmor-action` from 0.4.1 to 0.5.0 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](zizmorcore/zizmor-action@1356984...0dce257) Updates `github/codeql-action` from 4.31.10 to 4.32.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@cdefb33...45cbd0c) Updates `philips-software/amp-devcontainer` from 6.6.2 to 6.8.0 - [Release notes](https://github.com/philips-software/amp-devcontainer/releases) - [Changelog](https://github.com/philips-software/amp-devcontainer/blob/main/CHANGELOG.md) - [Commits](03a6ec0...0b102f3) Updates `anchore/sbom-action` from 0.21.1 to 0.22.2 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@0b82b0b...28d7154) --- updated-dependencies: - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.32.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: philips-software/amp-devcontainer dependency-version: 6.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: anchore/sbom-action dependency-version: 0.22.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * test(deps): bump the npm group with 4 updates (#1150) Bumps the npm group with 4 updates: [@playwright/test](https://github.com/microsoft/playwright), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [dotenv](https://github.com/motdotla/dotenv) and [otpauth](https://github.com/hectorm/otpauth). Updates `@playwright/test` from 1.58.0 to 1.58.1 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.58.0...v1.58.1) Updates `@types/node` from 25.1.0 to 25.2.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `dotenv` from 17.2.3 to 17.2.4 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v17.2.3...v17.2.4) Updates `otpauth` from 9.4.1 to 9.5.0 - [Release notes](https://github.com/hectorm/otpauth/releases) - [Commits](hectorm/otpauth@v9.4.1...v9.5.0) --- updated-dependencies: - dependency-name: "@playwright/test" dependency-version: 1.58.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: "@types/node" dependency-version: 25.2.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: dotenv dependency-version: 17.2.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: otpauth dependency-version: 9.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps, base): update g++-14 (#1156) Update g++-14 Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> * chore(deps, cpp): update ms-vscode.cpptools in devcontainer-metadata.json (#1152) Update ms-vscode.cpptools in devcontainer-metadata.json Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> * chore(deps, rust): update rust-lang.rust-analyzer in devcontainer-metadata.json (#1153) Update rust-lang.rust-analyzer in devcontainer-metadata.json Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> Co-authored-by: Ron <45816308+rjaegers@users.noreply.github.com> * chore(deps, cpp): update alexkrechik.cucumberautocomplete, ms-vscode.cpptools in devcontainer.json (#1154) Update alexkrechik.cucumberautocomplete, ms-vscode.cpptools in devcontainer.json Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> Co-authored-by: Ron <45816308+rjaegers@users.noreply.github.com> * chore(deps, rust): update rust-lang.rust-analyzer in devcontainer.json (#1155) Update rust-lang.rust-analyzer in devcontainer.json Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> Co-authored-by: Ron <45816308+rjaegers@users.noreply.github.com> * Initial plan * ci: minor updates * ci: process review comments * ci: make podman tests optional * ci: reduce duplication * ci: fix workflow needs * ci: remove concurrency from workflow_call workflow * ci: pass secrets to workflow * ci: correct syntax for passing secrets --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: rjaegers <45816308+rjaegers@users.noreply.github.com> Co-authored-by: philips-software-forest-releaser[bot] <80338643+philips-software-forest-releaser[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/build-push-test.yml b/.github/workflows/build-push-test.yml
@@ -0,0 +1,60 @@
+---
+name: Build, Push & Test
+
+on:
+  workflow_call:
+    secrets:
+      TEST_GITHUB_PASSWORD:
+        required: false
+      TEST_GITHUB_TOKEN:
+        required: false
+      TEST_GITHUB_TOTP_SECRET:
+        required: false
+      TEST_GITHUB_USER:
+        required: false
+
+permissions: {}
+
+jobs:
+  build-push-test-base:
+    name: 🍨 base
+    uses: ./.github/workflows/wc-build-push-test.yml
+    permissions: &build-push-test-permissions
+      actions: read # is needed by anchore/sbom-action to find workflow artifacts when attaching release assets
+      artifact-metadata: write # is needed by actions/attest-build-provenance to write artifact metadata
+      attestations: write # is needed by actions/attest-build-provenance to push attestations
+      contents: write # is needed by anchore/sbom-action for artifact uploads
+      id-token: write # is needed by actions/attest-build-provenance to obtain an OIDC token
+      packages: write # is needed to push image manifest when using GitHub Container Registry
+      pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments
+    with:
+      dockerfile: .devcontainer/base/Dockerfile
+      enable-edge-tag: ${{ github.event_name == 'merge_group' }}
+      image-name: ${{ github.repository }}-base
+      integration-test-file: test/base/integration-tests.bats
+      integration-test-podman: true
+
+  build-push-test-flavors:
+    name: 🍨 ${{ matrix.flavor }}
+    needs: build-push-test-base
+    strategy:
+      matrix:
+        flavor: [cpp, rust]
+    uses: ./.github/workflows/wc-build-push-test.yml
+    secrets:
+      TEST_GITHUB_TOKEN: ${{ secrets.TEST_GITHUB_TOKEN }}
+      TEST_GITHUB_USER: ${{ secrets.TEST_GITHUB_USER }}
+      TEST_GITHUB_PASSWORD: ${{ secrets.TEST_GITHUB_PASSWORD }}
+      TEST_GITHUB_TOTP_SECRET: ${{ secrets.TEST_GITHUB_TOTP_SECRET }}
+    permissions: *build-push-test-permissions
+    with:
+      acceptance-test-path: ${{ (github.actor != 'dependabot[bot]' && matrix.flavor == 'cpp') && 'test/cpp/features' || '' }}
+      acceptance-test-devcontainer-file: .devcontainer/${{ matrix.flavor }}-test/devcontainer.json
+      build-args: |
+        BASE_IMAGE=${{ needs.build-push-test-base.outputs.fully-qualified-image-name }}@${{ needs.build-push-test-base.outputs.digest }}
+      devcontainer-metadata-file: .devcontainer/${{ matrix.flavor }}/devcontainer-metadata.json
+      dockerfile: .devcontainer/${{ matrix.flavor }}/Dockerfile
+      enable-edge-tag: ${{ github.event_name == 'merge_group' }}
+      image-name: ${{ github.repository }}-${{ matrix.flavor }}
+      integration-test-file: test/${{ matrix.flavor }}/integration-tests.bats
+      integration-test-podman: true
diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
@@ -13,9 +13,9 @@ concurrency:
 permissions: {}
 
 jobs:
-  build-push-base:
-    name: Build → Push → Test (🍨 base)
-    uses: ./.github/workflows/wc-build-push-test.yml
+  build-push-test:
+    name: Build → Push → Test
+    uses: ./.github/workflows/build-push-test.yml
     permissions:
       actions: read # is needed by anchore/sbom-action to find workflow artifacts when attaching release assets
       artifact-metadata: write # is needed by actions/attest-build-provenance to write artifact metadata
@@ -24,46 +24,15 @@ jobs:
       id-token: write # is needed by actions/attest-build-provenance to obtain an OIDC token
       packages: write # is needed to push image manifest when using GitHub Container Registry
       pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments
-    with:
-      dockerfile: .devcontainer/base/Dockerfile
-      enable-edge-tag: ${{ github.event_name == 'merge_group' }}
-      image-name: ${{ github.repository }}-base
-      integration-test-file: test/base/integration-tests.bats
-
-  build-push-flavors:
-    name: Build → Push → Test (🍨 ${{ matrix.flavor }})
-    needs: build-push-base
-    strategy:
-      matrix:
-        flavor: [cpp, rust]
-    uses: ./.github/workflows/wc-build-push-test.yml
     secrets:
       TEST_GITHUB_TOKEN: ${{ secrets.TEST_GITHUB_TOKEN }}
       TEST_GITHUB_USER: ${{ secrets.TEST_GITHUB_USER }}
       TEST_GITHUB_PASSWORD: ${{ secrets.TEST_GITHUB_PASSWORD }}
       TEST_GITHUB_TOTP_SECRET: ${{ secrets.TEST_GITHUB_TOTP_SECRET }}
-    permissions:
-      actions: read # is needed by anchore/sbom-action to find workflow artifacts when attaching release assets
-      artifact-metadata: write # is needed by actions/attest-build-provenance to write artifact metadata
-      attestations: write # is needed by actions/attest-build-provenance to push attestations
-      contents: write # is needed by anchore/sbom-action for artifact uploads
-      id-token: write # is needed by actions/attest-build-provenance to obtain an OIDC token
-      packages: write # is needed to push image manifest when using GitHub Container Registry
-      pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments
-    with:
-      build-args: |
-        BASE_IMAGE=${{ needs.build-push-base.outputs.fully-qualified-image-name }}@${{ needs.build-push-base.outputs.digest }}
-      devcontainer-metadata-file: .devcontainer/${{ matrix.flavor }}/devcontainer-metadata.json
-      dockerfile: .devcontainer/${{ matrix.flavor }}/Dockerfile
-      enable-edge-tag: ${{ github.event_name == 'merge_group' }}
-      image-name: ${{ github.repository }}-${{ matrix.flavor }}
-      integration-test-file: test/${{ matrix.flavor }}/integration-tests.bats
-      acceptance-test-path: ${{ (github.actor != 'dependabot[bot]' && matrix.flavor == 'cpp') && 'test/cpp/features' || '' }}
-      test-devcontainer-file: .devcontainer/${{ matrix.flavor }}-test/devcontainer.json
 
   dependency-review:
     name: 🔍 Dependency Review
-    needs: build-push-flavors
+    needs: build-push-test
     uses: ./.github/workflows/wc-dependency-review.yml
     permissions:
       contents: read
@@ -75,7 +44,7 @@ jobs:
     permissions:
       checks: write # is needed by EnricoMi/publish-unit-test-result-action to add a check run with test results
       pull-requests: write # is needed by EnricoMi/publish-unit-test-result-action to annotate PRs
-    needs: build-push-flavors
+    needs: build-push-test
     if: ${{ !cancelled() }}
     steps:
       - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml
@@ -13,9 +13,9 @@ concurrency:
 permissions: {}
 
 jobs:
-  build-push-base:
-    name: Build → Push → Test (🍨 base)
-    uses: ./.github/workflows/wc-build-push-test.yml
+  build-push-test:
+    name: Build → Push → Test
+    uses: ./.github/workflows/build-push-test.yml
     permissions:
       actions: read # is needed by anchore/sbom-action to find workflow artifacts when attaching release assets
       artifact-metadata: write # is needed by actions/attest-build-provenance to write artifact metadata
@@ -24,40 +24,11 @@ jobs:
       id-token: write # is needed by actions/attest-build-provenance to obtain an OIDC token
       packages: write # is needed to push image manifest when using GitHub Container Registry
       pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments
-    with:
-      dockerfile: .devcontainer/base/Dockerfile
-      image-name: ${{ github.repository }}-base
-      integration-test-file: test/base/integration-tests.bats
-
-  build-push-flavors:
-    name: Build → Push → Test (🍨 ${{ matrix.flavor }})
-    needs: build-push-base
-    strategy:
-      matrix:
-        flavor: [cpp, rust]
-    uses: ./.github/workflows/wc-build-push-test.yml
     secrets:
       TEST_GITHUB_TOKEN: ${{ secrets.TEST_GITHUB_TOKEN }}
       TEST_GITHUB_USER: ${{ secrets.TEST_GITHUB_USER }}
       TEST_GITHUB_PASSWORD: ${{ secrets.TEST_GITHUB_PASSWORD }}
       TEST_GITHUB_TOTP_SECRET: ${{ secrets.TEST_GITHUB_TOTP_SECRET }}
-    permissions:
-      actions: read # is needed by anchore/sbom-action to find workflow artifacts when attaching release assets
-      artifact-metadata: write # is needed by actions/attest-build-provenance to write artifact metadata
-      attestations: write # is needed by actions/attest-build-provenance to push attestations
-      contents: write # is needed by anchore/sbom-action for artifact uploads
-      id-token: write # is needed by actions/attest-build-provenance to obtain an OIDC token
-      packages: write # is needed to push image manifest when using GitHub Container Registry
-      pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments
-    with:
-      build-args: |
-        BASE_IMAGE=${{ needs.build-push-base.outputs.fully-qualified-image-name }}@${{ needs.build-push-base.outputs.digest }}
-      devcontainer-metadata-file: .devcontainer/${{ matrix.flavor }}/devcontainer-metadata.json
-      dockerfile: .devcontainer/${{ matrix.flavor }}/Dockerfile
-      image-name: ${{ github.repository }}-${{ matrix.flavor }}
-      integration-test-file: test/${{ matrix.flavor }}/integration-tests.bats
-      acceptance-test-path: ${{ matrix.flavor == 'cpp' && 'test/cpp/features' || '' }}
-      test-devcontainer-file: ${{ matrix.flavor == 'cpp' && '.devcontainer/cpp-test/devcontainer.json' || '' }}
 
   apply-release-notes-template:
     name: 📝 Apply Release Template
@@ -96,7 +67,7 @@ jobs:
       # Please note that this is an overly broad scope, but GitHub does not
       # currently provide a more fine-grained permission for release modification.
       contents: write # is needed to modify a release
-    needs: [build-push-base, build-push-flavors, apply-release-notes-template]
+    needs: [build-push-test, apply-release-notes-template]
     env:
       CONTAINER_FLAVOR: ${{ matrix.flavor }}
       REF_NAME: ${{ github.ref_name }}
diff --git a/.github/workflows/wc-build-push-test.yml b/.github/workflows/wc-build-push-test.yml
@@ -4,12 +4,16 @@ name: Build, Push & Test
 on:
   workflow_call:
     inputs:
+      acceptance-test-devcontainer-file:
+        description: Path to the devcontainer.json file to use for acceptance tests.
+        required: false
+        type: string
       acceptance-test-path:
-        description: Path to the Playwright acceptance tests (directory that contains playwright.config.ts)
+        description: Path to the Playwright acceptance tests (directory that contains playwright.config.ts).
         required: false
         type: string
       build-args:
-        description: Optional docker build args (newline-separated KEY=VALUE)
+        description: Optional docker build args (newline-separated KEY=VALUE).
         required: false
         type: string
       build-test-runner-labels:
@@ -38,7 +42,7 @@ on:
         required: true
         type: string
       enable-edge-tag:
-        description: Whether to also build and push an "edge" tag for the image
+        description: Whether to also build and push an "edge" tag for the image.
         required: false
         type: boolean
         default: false
@@ -52,9 +56,14 @@ on:
         required: true
         type: string
       integration-test-file:
-        description: Path to the BATS test file to run for integration tests
+        description: Path to the BATS test file to run for integration tests.
         required: false
         type: string
+      integration-test-podman:
+        description: Enable running the tests using the Podman container runtime, next to the default Docker container runtime.
+        required: false
+        type: boolean
+        default: false
       registry:
         description: >-
           Docker registry to push built containers to.
@@ -73,10 +82,6 @@ on:
         required: false
         type: string
         default: '["ubuntu-latest"]'
-      test-devcontainer-file:
-        description: Path to the devcontainer.json file to use for acceptance tests
-        required: false
-        type: string
     outputs:
       digest:
         value: ${{ jobs.build-push.outputs.digest }}
@@ -88,10 +93,10 @@ on:
         value: ${{ jobs.build-push.outputs.version }}
     secrets:
       DOCKER_REGISTRY_PASSWORD:
-        description: Password or token for Docker login, if not provided the GitHub token will be used
+        description: Password or token for Docker login, if not provided the GitHub token will be used.
         required: false
       DOCKER_REGISTRY_USERNAME:
-        description: User name for Docker login, if not provided the GitHub actor will be used
+        description: User name for Docker login, if not provided the GitHub actor will be used.
         required: false
       TEST_GITHUB_PASSWORD:
         required: false
@@ -116,7 +121,7 @@ jobs:
       id-token: write # is needed by actions/attest-build-provenance to obtain an OIDC token
       packages: write # is needed to push image manifest when using GitHub Container Registry
       pull-requests: write # is needed by marocchino/sticky-pull-request-comment to post comments
-    secrets:
+    secrets: &docker-secrets
       DOCKER_REGISTRY_USERNAME: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
       DOCKER_REGISTRY_PASSWORD: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
     with:
@@ -129,27 +134,35 @@ jobs:
       runner-labels: ${{ inputs.runner-labels }}
       build-test-runner-labels: ${{ inputs.build-test-runner-labels }}
 
-  integration-test:
+  integration-test-docker:
     name: 🧪
     if: ${{ inputs.integration-test-file }}
     needs: build-push
-    uses: ./.github/workflows/wc-integration-test.yml
+    uses: ./.github/workflows/wc-integration-test-docker.yml
     permissions:
       contents: read
-    secrets:
-      DOCKER_REGISTRY_USERNAME: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
-      DOCKER_REGISTRY_PASSWORD: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
-    with:
+    secrets: *docker-secrets
+    with: &integration-test-inputs
       build-test-runner-labels: ${{ inputs.build-test-runner-labels }}
       fully-qualified-image-name: ${{ needs.build-push.outputs.fully-qualified-image-name }}
       image-basename: ${{ needs.build-push.outputs.image-basename }}
       image-digest: ${{ needs.build-push.outputs.digest }}
       registry: ${{ inputs.registry }}
       test-file: ${{ inputs.integration-test-file }}
 
+  integration-test-podman:
+    name: 🧪
+    if: ${{ inputs.integration-test-file && inputs.integration-test-podman }}
+    needs: build-push
+    uses: ./.github/workflows/wc-integration-test-podman.yml
+    permissions:
+      contents: read
+    secrets: *docker-secrets
+    with: *integration-test-inputs
+
   acceptance-test:
     name: 🏗️
-    if: ${{ inputs.test-devcontainer-file && inputs.acceptance-test-path }}
+    if: ${{ inputs.acceptance-test-devcontainer-file && inputs.acceptance-test-path }}
     needs: build-push
     uses: ./.github/workflows/wc-acceptance-test.yml
     permissions:
@@ -161,5 +174,5 @@ jobs:
       TEST_GITHUB_TOTP_SECRET: ${{ secrets.TEST_GITHUB_TOTP_SECRET }}
     with:
       image-basename: ${{ needs.build-push.outputs.image-basename }}
-      devcontainer-file: ${{ inputs.test-devcontainer-file }}
+      devcontainer-file: ${{ inputs.acceptance-test-devcontainer-file }}
       acceptance-test-path: ${{ inputs.acceptance-test-path }}
diff --git a/.github/workflows/wc-integration-test-docker.yml b/.github/workflows/wc-integration-test-docker.yml
@@ -1,9 +1,12 @@
 ---
-name: Integration Test
+name: 🐳 Integration Test
 
 on:
   workflow_call:
     inputs:
+      build-test-runner-labels:
+        required: true
+        type: string
       fully-qualified-image-name:
         required: true
         type: string
@@ -13,26 +16,23 @@ on:
       image-digest:
         required: true
         type: string
-      test-file:
-        required: true
-        type: string
-      build-test-runner-labels:
+      registry:
         required: true
         type: string
-      registry:
+      test-file:
         required: true
         type: string
     secrets:
-      DOCKER_REGISTRY_USERNAME:
-        required: true
       DOCKER_REGISTRY_PASSWORD:
         required: true
+      DOCKER_REGISTRY_USERNAME:
+        required: true
 
 permissions: {}
 
 jobs:
   run-test:
-    name: Integration Test (${{ (startsWith(matrix.runner, '[') && endsWith(matrix.runner, ']')) && join(matrix.runner, ', ') || matrix.runner }})
+    name: 🐳 Integration Test (${{ (startsWith(matrix.runner, '[') && endsWith(matrix.runner, ']')) && join(matrix.runner, ', ') || matrix.runner }})
     strategy:
       matrix:
         runner: ${{ fromJson(inputs.build-test-runner-labels) }}
@@ -62,5 +62,5 @@ jobs:
       - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
         if: ${{ !cancelled() }}
         with:
-          name: test-results-integration-${{ inputs.image-basename }}-${{ steps.runner-arch.outputs.arch }}
+          name: test-results-integration-docker-${{ inputs.image-basename }}-${{ steps.runner-arch.outputs.arch }}
           path: test-report-*.xml
diff --git a/.github/workflows/wc-integration-test-podman.yml b/.github/workflows/wc-integration-test-podman.yml
