From 625e949309ff365159ee55c705d65f3c9f32417e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Va=C5=A1ek?= Date: Tue, 24 Mar 2026 11:40:07 +0100 Subject: [PATCH 1/3] fix: run podman-next in Fedora container with TCP API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The test-podman-next CI workflow broke after Fedora 42 updated glibc, making RPMs converted via alien incompatible with Ubuntu's runtime on GitHub Actions. Instead of installing converted packages on the host, run podman-next inside a privileged Fedora 42 container and expose the API over TCP on port 2375, which the Go client already supports. Signed-off-by: Matej Vašek Co-Authored-By: Claude Opus 4.6 --- .github/workflows/test-podman-next.yaml | 75 +++++++++++++++---------- hack/test-integration-podman.sh | 9 +++ 2 files changed, 55 insertions(+), 29 deletions(-) diff --git a/.github/workflows/test-podman-next.yaml b/.github/workflows/test-podman-next.yaml index 8a786f528c..3065e7e60d 100644 --- a/.github/workflows/test-podman-next.yaml +++ b/.github/workflows/test-podman-next.yaml @@ -17,41 +17,33 @@ jobs: sudo rm -rf /usr/share/dotnet || true sudo rm -rf /usr/local/lib/android || true sudo rm -rf /opt/ghc || true - - name: Install Podman Next (Nightly Build) - env: - FEDORA_RELEASE: 42 - BASE_ARCH: x86_64 + - name: Start Podman Next Container run: | - sudo apt update - sudo mkdir -p /etc/yum.repos.d - sudo apt install dnf -y - sudo apt install dnf-plugins-core -y - sudo apt install alien -y - sudo touch /etc/yum.repos.d/fedora.repo - sudo chmod 666 /etc/yum.repos.d/fedora.repo - cat << EOF >> /etc/yum.repos.d/fedora.repo - [fedora] - name=Fedora $FEDORA_RELEASE - metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-$FEDORA_RELEASE&arch=$BASE_ARCH - enabled=1 - countme=1 - metadata_expire=7d - repo_gpgcheck=0 - type=rpm - gpgcheck=0 - EOF - sudo chmod 644 /etc/yum.repos.d/fedora.repo - sudo dnf copr enable rhcontainerbot/podman-next fedora-$FEDORA_RELEASE-$BASE_ARCH --releasever=$FEDORA_RELEASE -y - sudo dnf download crun conmon podman --releasever=$FEDORA_RELEASE -y - sudo alien --to-deb $(ls -1 crun*.rpm) --install - sudo alien --to-deb $(ls -1 conmon*.rpm) --install - sudo alien --to-deb $(ls -1 podman*.rpm) --install - podman info + docker run -d \ + --name podman-next \ + --privileged \ + --network=host \ + fedora:42 \ + bash -c ' + dnf -y copr enable rhcontainerbot/podman-next + dnf -y install podman + mkdir -p /etc/containers + cat > /etc/containers/registries.conf <> "$GITHUB_ENV" echo "PATH=${{ github.workspace }}/hack/bin:$PATH" >> "$GITHUB_ENV" echo "FUNC_ALLOCATE_RETRIES=5" >> "$GITHUB_ENV" + echo "PODMAN_NEXT_TCP=tcp://localhost:2375" >> "$GITHUB_ENV" - name: Disable CLRF conversion run: git config --global core.autocrlf false - uses: actions/checkout@v4 @@ -64,11 +56,33 @@ jobs: run: ./hack/registry.sh - name: Setup testing images run: ./hack/images.sh + - name: Wait for Podman API + run: | + echo "Waiting for Podman API to become available..." + for i in $(seq 1 60); do + if curl -s -o /dev/null -w "%{http_code}" http://localhost:2375/_ping | grep -q 200; then + echo "Podman API is ready." + exit 0 + fi + echo "Attempt $i/60: Podman API not ready yet, retrying in 2s..." + sleep 2 + done + echo "Podman API did not become ready in time." + echo "::group::Podman Next Container Logs" + docker logs podman-next + echo "::endgroup::" + exit 1 - name: Integration Test Podman run: ./hack/test-integration-podman.sh - name: Dump Cluster Logs if: always() run: ./hack/dump-logs.sh cluster_log.txt + - name: Dump Podman Next Logs + if: always() + run: | + echo "::group::Podman Next Container Logs" + docker logs podman-next 2>&1 || true + echo "::endgroup::" - name: Archive Cluster Logs if: always() uses: actions/upload-artifact@v4 @@ -76,3 +90,6 @@ jobs: name: cluster-logs-podman-next path: ./cluster_log.txt retention-days: 7 + - name: Stop Podman Next Container + if: always() + run: docker rm -f podman-next || true diff --git a/hack/test-integration-podman.sh b/hack/test-integration-podman.sh index 8205312624..a0de337194 100755 --- a/hack/test-integration-podman.sh +++ b/hack/test-integration-podman.sh @@ -1,5 +1,14 @@ #!/usr/bin/env bash +# TCP mode: podman is running remotely (e.g. in a Fedora container). +# Just point DOCKER_HOST at it and run tests. +if [ -n "$PODMAN_NEXT_TCP" ]; then + export DOCKER_HOST="$PODMAN_NEXT_TCP" + make test-integration + exit $? +fi + +# Local mode: start a local podman service and configure registries. cat < registries.conf unqualified-search-registries = ["docker.io", "quay.io", "registry.fedoraproject.org", "registry.access.redhat.com"] short-name-mode="permissive" From 61df18534ff0ddee739fa06fa988c9f64d15213b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Va=C5=A1ek?= Date: Tue, 24 Mar 2026 13:28:51 +0100 Subject: [PATCH 2/3] fixup: serve docker api on /var/run/docker.sock MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Matej Vašek --- .github/workflows/test-podman-next.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test-podman-next.yaml b/.github/workflows/test-podman-next.yaml index 3065e7e60d..a7f455fc98 100644 --- a/.github/workflows/test-podman-next.yaml +++ b/.github/workflows/test-podman-next.yaml @@ -26,7 +26,7 @@ jobs: fedora:42 \ bash -c ' dnf -y copr enable rhcontainerbot/podman-next - dnf -y install podman + dnf -y install podman socat mkdir -p /etc/containers cat > /etc/containers/registries.conf < Date: Tue, 24 Mar 2026 13:29:26 +0100 Subject: [PATCH 3/3] TEST ONLY [DNM] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Matej Vašek --- .github/workflows/test-podman-next.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test-podman-next.yaml b/.github/workflows/test-podman-next.yaml index a7f455fc98..0940499c9f 100644 --- a/.github/workflows/test-podman-next.yaml +++ b/.github/workflows/test-podman-next.yaml @@ -3,6 +3,9 @@ name: Func Podman Next Test on: schedule: - cron: '0 2 * * *' + pull_request: + branches: + - main jobs: test: