Build Rocky Linux 10 container images

Author: owenjones

.github/workflows/stackhpc-container-image-build.yml

@@ -23,6 +23,11 @@ on:
         type: boolean
         required: false
         default: true
+      rocky-linux-10:
+        description: Build Rocky Linux 10 images?
+        type: boolean
+        required: false
+        default: true
       ubuntu-noble:
         description: Build Ubuntu Noble 24.04 images?
         type: boolean
@@ -66,7 +71,7 @@ jobs:
     steps:
       - name: Validate inputs
         run: |
-          if [[ ${{ inputs.rocky-linux-9 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then
+          if [[ ${{ inputs.rocky-linux-9 }} == 'false' && ${{ inputs.rocky-linux-10 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then
             echo "At least one distribution must be selected"
             exit 1
           fi
@@ -104,6 +109,10 @@ jobs:
               output+="{'name': 'rocky', 'release': 9, 'arch': 'amd64'},"
               output+="{'name': 'rocky', 'release': 9, 'arch': 'aarch64'},"
           fi
+          if [[ ${{ inputs.rocky-linux-10 }} == 'true' ]]; then
+              output+="{'name': 'rocky', 'release': 10, 'arch': 'amd64'},"
+              output+="{'name': 'rocky', 'release': 10, 'arch': 'aarch64'},"
+          fi
           if [[ ${{ inputs.ubuntu-noble }} == 'true' ]]; then
               output+="{'name': 'ubuntu', 'release': 'noble', 'arch': 'amd64'},"
           fi
@@ -255,16 +264,17 @@ jobs:
       - name: Fail if no images have been built
         run: if [ $(wc -l < ${{ matrix.distro.name }}-${{ matrix.distro.release }}-container-images) -le 1 ]; then exit 1; fi
 
-      - name: Scan built container images
-        run: src/kayobe-config/tools/scan-images.sh ${{ matrix.distro.name }}-${{ matrix.distro.release }} ${{ steps.write-kolla-tag.outputs.kolla-tag }} ${{ inputs.sbom && '--sbom' }}
+      # Temp block these out for time saving
+      # - name: Scan built container images
+      #   run: src/kayobe-config/tools/scan-images.sh ${{ matrix.distro.name }}-${{ matrix.distro.release }} ${{ steps.write-kolla-tag.outputs.kolla-tag }} ${{ inputs.sbom && '--sbom' }}
 
-      - name: Move image scan logs to output artifact
-        run: mv image-scan-output image-build-logs/image-scan-output
-        if: ${{ !cancelled() }}
+      # - name: Move image scan logs to output artifact
+      #   run: mv image-scan-output image-build-logs/image-scan-output
+      #   if: ${{ !cancelled() }}
 
-      - name: Fail if any images have critical vulnerabilities
-        run: if [ $(wc -l < image-build-logs/image-scan-output/critical-images.txt) -gt 0 ]; then exit 1; fi
-        if: ${{ !inputs.push-critical }}
+      # - name: Fail if any images have critical vulnerabilities
+      #   run: if [ $(wc -l < image-build-logs/image-scan-output/critical-images.txt) -gt 0 ]; then exit 1; fi
+      #   if: ${{ !inputs.push-critical }}
 
       - name: Copy clean images to push-attempt-images list
         run: cp image-build-logs/image-scan-output/clean-images.txt image-build-logs/push-attempt-images.txt
@@ -346,7 +356,7 @@ jobs:
   create-manifests:
     # Only for Rocky Linux for now
     name: Create Multiarch Docker Manifests
-    if: github.repository == 'stackhpc/stackhpc-kayobe-config' && inputs.push && inputs.rocky-linux-9
+    if: github.repository == 'stackhpc/stackhpc-kayobe-config' && inputs.push && (inputs.rocky-linux-9 || inputs.rocky-linux-10)
     runs-on: ${{ needs.runner-selection.outputs.runner_name_container_image_build }}
     permissions: {}
     needs:

etc/kayobe/environments/ci-builder/stackhpc-ci.yml

@@ -28,7 +28,8 @@ kolla_enable_neutron_sriov: true
 kolla_enable_octavia: true
 kolla_enable_opensearch: true
 kolla_enable_prometheus: true
-kolla_enable_redis: true
+kolla_enable_redis: "{{ kolla_base_distro_and_version in ['rocky-9', 'ubuntu-noble'] }}"
+kolla_enable_valkey: "{{ kolla_base_distro_and_version == 'rocky-10' }}"
 kolla_build_neutron_ovs: true
 
 ###############################################################################
@@ -58,15 +59,22 @@ stackhpc_repo_ubuntu_noble_version: "{{ stackhpc_pulp_repo_ubuntu_noble_version
 stackhpc_repo_ubuntu_noble_security_version: "{{ stackhpc_pulp_repo_ubuntu_noble_security_version }}"
 stackhpc_repo_ubuntu_cloud_archive_version: "{{ stackhpc_pulp_repo_ubuntu_cloud_archive_version }}"
 stackhpc_repo_docker_ce_ubuntu_noble_version: "{{ stackhpc_pulp_repo_docker_ce_ubuntu_noble_version }}"
+stackhpc_repo_centos_stream_10_nfv_openvswitch_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_nfv_openvswitch_version }}"
+stackhpc_repo_centos_stream_10_openstack_epoxy_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_openstack_epoxy_version }}"
+stackhpc_repo_centos_stream_10_ovn_lts_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_ovn_lts_version }}"
+stackhpc_repo_centos_stream_10_storage_ceph_squid_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_storage_ceph_squid_version }}"
+stackhpc_repo_centos_stream_10_docker_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_10_docker_version }}"
 stackhpc_repo_centos_stream_9_nfv_openvswitch_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_nfv_openvswitch_version }}"
 stackhpc_repo_centos_stream_9_openstack_epoxy_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_openstack_epoxy_version }}"
 stackhpc_repo_centos_stream_9_opstools_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_opstools_version }}"
 stackhpc_repo_centos_stream_9_storage_ceph_squid_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_storage_ceph_squid_version }}"
 stackhpc_repo_centos_stream_9_docker_version: "{{ stackhpc_pulp_repo_multiarch_centos_stream_9_docker_version }}"
+stackhpc_repo_rhel_10_mariadb_10_11_version: "{{ stackhpc_pulp_repo_multiarch_rhel_10_mariadb_10_11_version }}"
 stackhpc_repo_rhel_9_treasuredata_5_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_treasuredata_5_version }}"
 stackhpc_repo_rhel_9_mariadb_10_11_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_mariadb_10_11_version }}"
 stackhpc_repo_rhel_9_influxdb_version: "{{ stackhpc_pulp_repo_multiarch_rhel_9_influxdb_version }}"
 stackhpc_repo_epel_9_version: "{{ stackhpc_pulp_repo_multiarch_epel_9_version }}"
+stackhpc_repo_epel_10_version: "{{ stackhpc_pulp_repo_multiarch_epel_10_version }}"
 stackhpc_repo_opensearch_2_x_version: "{{ stackhpc_pulp_repo_opensearch_2_x_version }}"
 stackhpc_repo_opensearch_dashboards_2_x_version: "{{ stackhpc_pulp_repo_opensearch_dashboards_2_x_version }}"
 stackhpc_repo_almalinux_9_proxysql_2_7_version: "{{ stackhpc_pulp_repo_almalinux_9_proxysql_2_7_version }}"
@@ -82,6 +90,10 @@ stackhpc_repo_rhel9_doca_version: "{{ stackhpc_pulp_repo_rhel9_doca_version }}"
 
 stackhpc_repo_rocky_10_baseos_version: "{{ stackhpc_pulp_repo_rocky_10_baseos_version }}"
 stackhpc_repo_rocky_10_appstream_version: "{{ stackhpc_pulp_repo_rocky_10_appstream_version }}"
+stackhpc_repo_rocky_10_extras_version: "{{ stackhpc_pulp_repo_rocky_10_extras_version }}"
+stackhpc_repo_rocky_10_crb_version: "{{ stackhpc_pulp_repo_rocky_10_crb_version }}"
+stackhpc_repo_rocky_10_highavailability_version: "{{ stackhpc_pulp_repo_rocky_10_highavailability_version }}"
+stackhpc_repo_rhel10_doca_version: "{{ stackhpc_pulp_repo_rhel10_doca_version }}"
 
 # Rocky-and-CI-specific Pulp urls
 stackhpc_include_os_minor_version_in_repo_url: true