Skip to content

Commit 830ac72

Browse files
chore(ci): multi-arch e2e-runner image & add oc-mirror and podman (#5036)
* chore(ci): add podman and oc-mirror to e2e-runner image Bump OC client to 4.22.3 and install oc-mirror alongside oc for the upcoming disconnected CI job. Co-authored-by: Cursor <cursoragent@cursor.com> * chore(ci): make e2e-runner Dockerfile multi-arch (amd64 + arm64) Parameterize all architecture-hardcoded tool downloads to support building the e2e-runner image for both linux/amd64 and linux/arm64. Changes: - Pin base image to manifest list digest (supports both platforms) - Add ARG TARGETARCH for dynamic arch resolution - Helm, oc, oc-mirror, ocm-cli, yq, opm: use TARGETARCH in URLs - AWS CLI: use $(uname -m) for native x86_64/aarch64 mapping - umoci: upgrade v0.4.7 -> v0.6.0 (first version with arm64 binaries) - Operator SDK: already multi-arch, unchanged - Azure/GCloud/apt packages: already arch-agnostic, unchanged - Remove unused Go env vars (GO_VERSION, GO_SHA256, GOPATH) - local-run.sh: remove --platform=linux/amd64 from podman pull Tested: both images build and all tools verified on both architectures. Assisted-by: OpenCode * chore(ci): add multi-arch build to e2e-runner workflow Add matrix strategy (ubuntu-24.04 + ubuntu-24.04-arm) to build the e2e-runner image natively on both amd64 and arm64 runners. A merge job assembles the per-arch digests into a multi-arch manifest list. - build-image: matrix builds per-arch images, pushes arch-specific tags, exports digest as artifact - merge: downloads digests, creates multi-arch manifest with docker buildx imagetools create, tags with branch and branch-sha Assisted-by: OpenCode * fix(ci): clean up AWS CLI install artifacts in e2e-runner Dockerfile Remove the downloaded zip and extracted aws/ directory after install to reduce image size. Assisted-by: OpenCode * fix(ci): add apt cleanup to skopeo/podman install step Add apt-get clean and list removal to match all other apt-get install blocks in the Dockerfile and reduce layer size. Assisted-by: OpenCode * fix(ci): pin merge job runner to ubuntu-24.04 Pin the merge job to ubuntu-24.04 for consistency with the build jobs instead of using ubuntu-latest. Assisted-by: OpenCode * chore(ci): run e2e-runner build as PR check on Dockerfile changes Add pull_request trigger so the e2e-runner image is built (without pushing) on PRs that modify .ci/images/Dockerfile or .yarnrc.yml. This catches build failures before merge. - Add pull_request trigger with same path filters - Guard push-only steps (login, digest export, merge) with event check - Widen branch glob from 'release-1.*' to 'release-*' for future majors - Use PR number in concurrency group and image tag Assisted-by: OpenCode * chore(e2e): add --runner-image flag to local-run.sh Add -i/--runner-image CLI parameter to override the e2e runner container image. Defaults to quay.io/rhdh-community/rhdh-e2e-runner:main. Local images (localhost/ prefix) skip the podman pull step. Assisted-by: OpenCode * fix(e2e): fix TTY flag in local-run.sh and vault arch in container-init.sh - local-run.sh: remove -t from podman run flags. The -t (allocate TTY) is incompatible with piping through tee, causing a spurious exit code 127 when bash misparses continuation lines. The -i flag alone is sufficient. - container-init.sh: use dpkg --print-architecture instead of hardcoded amd64 for the vault binary download, so arm64 containers get the native binary instead of relying on QEMU emulation. Assisted-by: OpenCode * fix(e2e): skip podman pull for local runner images Re-add the localhost/ prefix check that was lost during rebase. When using --runner-image localhost/..., skip the pull step since the image is already available locally. Assisted-by: OpenCode * fix(e2e): show podman pull errors instead of suppressing stderr Remove 2>/dev/null from podman pull so auth, network, and tag errors are visible to the user when a pull fails. Assisted-by: OpenCode * fix(ci): add timeout-minutes to e2e-runner merge job Add timeout-minutes: 20 to the merge job to prevent hangs on registry hiccups. Aligns with the build-image job which already has an explicit timeout. Assisted-by: OpenCode * fix(e2e): respect RUNNER_IMAGE env var in local-run.sh Use ${RUNNER_IMAGE:-default} so an exported env var is not silently clobbered by the hardcoded default. The --runner-image CLI flag still takes precedence over both. Assisted-by: OpenCode * fix(e2e): add comment explaining why -t is omitted from podman run Document that -t (TTY allocation) is intentionally omitted because stdout is piped through tee and CI has no TTY. Prevents future contributors from adding it back. Assisted-by: OpenCode * chore(ci): set 1-week expiry on per-arch e2e-runner tags Add quay.expires-after=1w label to per-arch images so intermediate tags (main-amd64, main-arm64, etc.) are automatically cleaned up by Quay after one week. The multi-arch manifest tags are unaffected. Assisted-by: OpenCode --------- Co-authored-by: Cursor <cursoragent@cursor.com>
1 parent a1a8bf9 commit 830ac72

4 files changed

Lines changed: 178 additions & 41 deletions

File tree

.ci/images/Dockerfile

Lines changed: 37 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
1-
# Base image from Microsoft Playwright
2-
# Playwright v1.59.1-noble includes Node 24.14.1
3-
FROM mcr.microsoft.com/playwright:v1.61.1-noble@sha256:824f1a789072e648c62541c2cfa4479c4061a290d5c27766d67dc1dcbc19b321
1+
# Base image from Microsoft Playwright (multi-arch: amd64 + arm64)
2+
# Playwright v1.61.1-noble includes Node 24.14.1
3+
# Pinned to manifest list digest to support both platforms
4+
FROM mcr.microsoft.com/playwright:v1.61.1-noble@sha256:5b8f294aff9041b7191c34a4bab3ac270157a28774d4b0660e9743297b697e48
5+
6+
# Automatically set by buildx/podman based on --platform (amd64 or arm64)
7+
ARG TARGETARCH
48

59
# Set environment variables for the container
610
ENV CI=1 \
@@ -9,12 +13,9 @@ ENV CI=1 \
913
_MITSHM=0 \
1014
NODE_PATH=/usr/local/lib/node_modules \
1115
HELM_VERSION="v3.17.2" \
12-
OC_VERSION="4.19.17" \
16+
OC_VERSION="4.22.3" \
1317
OCM_VERSION="0.1.76" \
14-
GO_VERSION="1.19" \
15-
GO_SHA256="464b6b66591f6cf055bc5df90a9750bf5fbc9d038722bb84a9d56a2bea974be6" \
16-
GOPATH="/go" \
17-
PATH="$GOPATH/bin:/usr/local/go/bin:$PATH"
18+
UMOCI_VERSION="v0.6.0"
1819

1920
# Copy Yarn configuration files to correctly use the project-defined Yarn version
2021
COPY .yarn /root/.yarn
@@ -52,15 +53,22 @@ RUN echo "whoami: $(whoami)" && \
5253
# Check where Node.js loads required modules
5354
node -p 'module.paths'
5455

55-
# Install Helm, OpenShift CLI, ocm-cli, and yq
56-
RUN curl -fsSL -o /tmp/helm.tar.gz "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz" && \
57-
tar -xzvf /tmp/helm.tar.gz -C /tmp && mv /tmp/linux-amd64/helm /usr/local/bin/helm && \
58-
curl -fsSL -o /tmp/openshift-client-linux.tar.gz "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux-${OC_VERSION}.tar.gz" && \
56+
# Install Helm, OpenShift CLI, oc-mirror, ocm-cli, and yq
57+
# OC client: amd64 has no arch suffix (default), arm64 needs "-arm64".
58+
# oc-mirror: arm64 lives under "openshift-v4/aarch64/" mirror tree.
59+
RUN OC_ARCH_SUFFIX=$([ "${TARGETARCH}" = "arm64" ] && echo "-arm64" || echo "") && \
60+
OC_MIRROR_TREE=$([ "${TARGETARCH}" = "arm64" ] && echo "openshift-v4/aarch64" || echo "openshift-v4") && \
61+
curl -fsSL -o /tmp/helm.tar.gz "https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz" && \
62+
tar -xzvf /tmp/helm.tar.gz -C /tmp && mv /tmp/linux-${TARGETARCH}/helm /usr/local/bin/helm && \
63+
curl -fsSL -o /tmp/openshift-client-linux.tar.gz "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux${OC_ARCH_SUFFIX}-${OC_VERSION}.tar.gz" && \
5964
tar -xzvf /tmp/openshift-client-linux.tar.gz -C /usr/local/bin oc kubectl && \
60-
curl -Lo /usr/local/bin/ocm "https://github.com/openshift-online/ocm-cli/releases/download/v${OCM_VERSION}/ocm-linux-amd64" && \
65+
curl -fsSL -o /tmp/oc-mirror.tar.gz "https://mirror.openshift.com/pub/${OC_MIRROR_TREE}/clients/ocp/${OC_VERSION}/oc-mirror.tar.gz" && \
66+
tar -xzvf /tmp/oc-mirror.tar.gz -C /usr/local/bin oc-mirror && \
67+
chmod +x /usr/local/bin/oc-mirror && \
68+
curl -Lo /usr/local/bin/ocm "https://github.com/openshift-online/ocm-cli/releases/download/v${OCM_VERSION}/ocm-linux-${TARGETARCH}" && \
6169
chmod +x /usr/local/bin/ocm && \
62-
curl -fsSL "https://github.com/mikefarah/yq/releases/download/v4.43.1/yq_linux_amd64.tar.gz" | tar -xz && \
63-
mv yq_linux_amd64 /usr/local/bin/yq && \
70+
curl -fsSL "https://github.com/mikefarah/yq/releases/download/v4.43.1/yq_linux_${TARGETARCH}.tar.gz" | tar -xz && \
71+
mv yq_linux_${TARGETARCH} /usr/local/bin/yq && \
6472
rm -rf /tmp/* /var/tmp/*
6573

6674
# Install Azure CLI
@@ -74,29 +82,31 @@ RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.
7482
apt-get install google-cloud-cli google-cloud-sdk-gke-gcloud-auth-plugin -y && \
7583
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
7684

77-
# Install AWS CLI
78-
RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
85+
# Install AWS CLI (uname -m returns x86_64 on amd64, aarch64 on arm64 — matching AWS URL naming)
86+
RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip" -o "awscliv2.zip" && \
7987
unzip awscliv2.zip && \
80-
./aws/install
88+
./aws/install && \
89+
rm -rf awscliv2.zip aws/
8190

82-
# Install skopeo
91+
# Install skopeo and podman
8392
RUN apt-get update -y && \
84-
apt-get install -y skopeo
93+
apt-get install -y --no-install-recommends skopeo podman && \
94+
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
8595

8696
# Install PostgreSQL CLI (psql only)
8797
RUN apt-get update && \
8898
apt-get install -y --no-install-recommends postgresql-client && \
8999
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
90100

91-
# Install umoci
92-
RUN curl -LO "https://github.com/opencontainers/umoci/releases/download/v0.4.7/umoci.amd64" && \
93-
chmod +x umoci.amd64 && \
94-
mv umoci.amd64 /usr/local/bin/umoci
101+
# Install umoci (v0.6.0+ provides multi-arch binaries)
102+
RUN curl -LO "https://github.com/opencontainers/umoci/releases/download/${UMOCI_VERSION}/umoci.linux.${TARGETARCH}" && \
103+
chmod +x "umoci.linux.${TARGETARCH}" && \
104+
mv "umoci.linux.${TARGETARCH}" /usr/local/bin/umoci
95105

96106
# Install opm
97-
RUN curl -LO "https://github.com/operator-framework/operator-registry/releases/download/v1.47.0/linux-amd64-opm" && \
98-
chmod +x linux-amd64-opm && \
99-
mv linux-amd64-opm /usr/local/bin/opm
107+
RUN curl -LO "https://github.com/operator-framework/operator-registry/releases/download/v1.47.0/linux-${TARGETARCH}-opm" && \
108+
chmod +x "linux-${TARGETARCH}-opm" && \
109+
mv "linux-${TARGETARCH}-opm" /usr/local/bin/opm
100110

101111
# Install Operator SDK CLI (required to install OLM on K8s clusters)
102112
RUN export ARCH=$(case $(uname -m) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(uname -m) ;; esac) && \

.github/workflows/push-e2e-runner.yaml

Lines changed: 118 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,14 @@
11
name: Build & Push e2e-runner Image to Quay.io
22

33
on:
4+
pull_request:
5+
paths:
6+
- '.ci/images/Dockerfile'
7+
- '.yarnrc.yml'
48
push:
59
branches:
610
- main
7-
- 'release-1.*'
11+
- 'release-*'
812
paths:
913
- '.ci/images/Dockerfile'
1014
- '.yarnrc.yml'
@@ -16,7 +20,7 @@ on:
1620
default: 'NONE'
1721

1822
concurrency:
19-
group: ${{ github.workflow }}-${{ github.ref }}
23+
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
2024
cancel-in-progress: true
2125

2226
env:
@@ -25,12 +29,17 @@ env:
2529

2630
jobs:
2731
build-image:
28-
name: Build & Push e2e-runner Image
32+
name: Build e2e-runner (${{ matrix.os }})
33+
env:
34+
HAS_QUAY_AUTH: ${{ secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }}
2935
strategy:
3036
fail-fast: false
3137
matrix:
32-
os: [ubuntu-24.04]
38+
os:
39+
- ubuntu-24.04
40+
- ubuntu-24.04-arm
3341
runs-on: ${{ matrix.os }}
42+
timeout-minutes: 120
3443
permissions:
3544
contents: read
3645
packages: write
@@ -44,41 +53,141 @@ jobs:
4453
- name: Prepare Environment Variables
4554
env:
4655
INPUT_BRANCH: ${{ inputs.branch }}
56+
PR_NUMBER: ${{ github.event.number }}
4757
run: |
48-
echo "PLATFORM=linux/amd64" >> $GITHUB_ENV
58+
# Detect platform from runner's native architecture
59+
arch=$(dpkg --print-architecture)
60+
echo "PLATFORM=linux/${arch}" >> $GITHUB_ENV
61+
echo "PLATFORM_PAIR=linux-${arch}" >> $GITHUB_ENV
62+
echo "PLATFORM_ARCH=${arch}" >> $GITHUB_ENV
4963
50-
# create image tag from the correct branch (either from a push or a workflow_dispatch trigger)
64+
# Create image tag from the correct branch (either from a push or a workflow_dispatch trigger)
5165
if [[ "$INPUT_BRANCH" ]] && [[ "$INPUT_BRANCH" != "NONE" ]]; then
5266
echo "Switch to $INPUT_BRANCH"
5367
git checkout "$INPUT_BRANCH"
5468
IMAGE_TAG="$INPUT_BRANCH"
69+
elif [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then
70+
IMAGE_TAG="pr-${PR_NUMBER}"
5571
else
5672
echo "Use current branch $GITHUB_REF"
5773
IMAGE_TAG=$(git rev-parse --abbrev-ref HEAD)
5874
fi
5975
echo "Use IMAGE_TAG = $IMAGE_TAG"
6076
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
6177
78+
- name: Check Quay credentials
79+
if: github.event_name != 'pull_request'
80+
run: |
81+
if [ "$HAS_QUAY_AUTH" != "true" ]; then
82+
echo "::error::Missing QUAY_USERNAME or QUAY_TOKEN secrets"
83+
exit 1
84+
fi
85+
6286
- name: Get the last commit short SHA
6387
uses: ./.github/actions/get-sha
6488

6589
- name: Set up Docker Buildx
6690
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
6791

6892
- name: Login to Quay
93+
if: github.event_name != 'pull_request'
6994
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
7095
with:
7196
registry: ${{ env.REGISTRY }}
7297
username: ${{ secrets.QUAY_USERNAME }}
7398
password: ${{ secrets.QUAY_TOKEN }}
7499

75100
- name: Build and Push Image
101+
id: build-push
76102
uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
77103
with:
78104
context: .
79105
file: .ci/images/Dockerfile
80-
push: true
106+
push: ${{ github.event_name != 'pull_request' }}
81107
tags: |
82-
${{ env.REGISTRY }}/${{ env.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}
83-
${{ env.REGISTRY }}/${{ env.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}-${{ env.SHORT_SHA }}
108+
${{ env.REGISTRY }}/${{ env.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}-${{ env.PLATFORM_ARCH }}
109+
${{ env.REGISTRY }}/${{ env.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}-${{ env.SHORT_SHA }}-${{ env.PLATFORM_ARCH }}
110+
labels: |
111+
quay.expires-after=1w
84112
platforms: ${{ env.PLATFORM }}
113+
114+
- name: Export digest
115+
if: github.event_name != 'pull_request'
116+
env:
117+
DIGEST: ${{ steps.build-push.outputs.digest }}
118+
run: |
119+
mkdir -p /tmp/digests
120+
digest="$DIGEST"
121+
touch "/tmp/digests/${digest#sha256:}"
122+
123+
- name: Upload digest
124+
if: github.event_name != 'pull_request'
125+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
126+
with:
127+
name: digests-${{ env.PLATFORM_PAIR }}
128+
path: /tmp/digests/*
129+
if-no-files-found: error
130+
retention-days: 1
131+
132+
merge:
133+
name: Create multi-arch manifest
134+
if: github.event_name != 'pull_request'
135+
runs-on: ubuntu-24.04
136+
timeout-minutes: 20
137+
needs: build-image
138+
permissions:
139+
contents: read
140+
packages: write
141+
142+
steps:
143+
- name: Checkout Repository
144+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
145+
with:
146+
fetch-depth: 0
147+
148+
- name: Prepare Environment Variables
149+
env:
150+
INPUT_BRANCH: ${{ inputs.branch }}
151+
run: |
152+
if [[ "$INPUT_BRANCH" ]] && [[ "$INPUT_BRANCH" != "NONE" ]]; then
153+
git checkout "$INPUT_BRANCH"
154+
IMAGE_TAG="$INPUT_BRANCH"
155+
else
156+
IMAGE_TAG=$(git rev-parse --abbrev-ref HEAD)
157+
fi
158+
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
159+
160+
- name: Get the last commit short SHA
161+
uses: ./.github/actions/get-sha
162+
163+
- name: Download digests
164+
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
165+
with:
166+
path: /tmp/digests
167+
pattern: digests-*
168+
merge-multiple: true
169+
170+
- name: Set up Docker Buildx
171+
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
172+
173+
- name: Login to Quay
174+
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
175+
with:
176+
registry: ${{ env.REGISTRY }}
177+
username: ${{ secrets.QUAY_USERNAME }}
178+
password: ${{ secrets.QUAY_TOKEN }}
179+
180+
- name: Create manifest list and push
181+
working-directory: /tmp/digests
182+
run: |
183+
for tag in \
184+
"${REGISTRY}/${REGISTRY_IMAGE}:${IMAGE_TAG}" \
185+
"${REGISTRY}/${REGISTRY_IMAGE}:${IMAGE_TAG}-${SHORT_SHA}"; do
186+
echo "Creating multi-arch manifest for: $tag"
187+
docker buildx imagetools create -t "$tag" \
188+
$(printf "${REGISTRY}/${REGISTRY_IMAGE}@sha256:%s " *)
189+
done
190+
191+
- name: Inspect image
192+
run: |
193+
docker buildx imagetools inspect "${REGISTRY}/${REGISTRY_IMAGE}:${IMAGE_TAG}"

e2e-tests/container-init.sh

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,8 @@ set -e
2323
if ! command -v vault &> /dev/null; then
2424
VAULT_VERSION="${VAULT_VERSION:-1.15.4}"
2525
log::info "Installing vault ${VAULT_VERSION}..."
26-
curl -fsSL "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" -o /tmp/vault.zip
26+
VAULT_ARCH=$(dpkg --print-architecture)
27+
curl -fsSL "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_${VAULT_ARCH}.zip" -o /tmp/vault.zip
2728
unzip -q /tmp/vault.zip -d /usr/local/bin/
2829
rm /tmp/vault.zip
2930
fi

e2e-tests/local-run.sh

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
set -e
33

44
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
5-
RUNNER_IMAGE="quay.io/rhdh-community/rhdh-e2e-runner:main"
5+
RUNNER_IMAGE="${RUNNER_IMAGE:-quay.io/rhdh-community/rhdh-e2e-runner:main}"
66
RUN_CONFIG_FILE="$SCRIPT_DIR/.local-test/run-config.env"
77

88
# Source logging library
@@ -23,6 +23,8 @@ Options:
2323
-r, --repo IMAGE_REPO Image repository (e.g., rhdh/rhdh-hub-rhel9)
2424
-t, --tag TAG_NAME Image tag (e.g., next, latest, 1.5)
2525
-p, --pr PR_NUMBER PR number (sets repo to rhdh-community/rhdh, tag to pr-<number>)
26+
-i, --runner-image IMG Override the e2e runner container image
27+
(default: quay.io/rhdh-community/rhdh-e2e-runner:main)
2628
-s, --skip-tests Deploy only, skip running tests
2729
-h, --help Show this help message
2830
@@ -45,6 +47,9 @@ Examples:
4547
# Run on GKE
4648
./local-run.sh -j periodic-ci-gke-helm-nightly -r rhdh/rhdh-hub-rhel9 -t next -s
4749
50+
# Use a locally built runner image
51+
./local-run.sh --runner-image localhost/rhdh-e2e-runner:test
52+
4853
EOF
4954
exit 0
5055
}
@@ -73,6 +78,10 @@ while [[ $# -gt 0 ]]; do
7378
CLI_TAG_NAME="pr-$2"
7479
shift 2
7580
;;
81+
-i | --runner-image)
82+
RUNNER_IMAGE="$2"
83+
shift 2
84+
;;
7685
-s | --skip-tests)
7786
CLI_SKIP_TESTS="true"
7887
shift
@@ -357,9 +366,16 @@ if [[ "$CLI_MODE" == "false" ]]; then
357366
echo ""
358367
fi
359368

360-
# Pull runner image first (can take a while)
369+
# Pull runner image (always attempt; fall back to local copy if pull fails)
361370
log::section "Pulling runner container image"
362-
podman pull "$RUNNER_IMAGE" --platform=linux/amd64
371+
if ! podman pull "$RUNNER_IMAGE"; then
372+
if podman image exists "$RUNNER_IMAGE" 2>/dev/null; then
373+
log::info "Pull failed but image exists locally: $RUNNER_IMAGE"
374+
else
375+
log::error "Failed to pull image and no local copy: $RUNNER_IMAGE"
376+
exit 1
377+
fi
378+
fi
363379

364380
export VAULT_ADDR='https://vault.ci.openshift.org'
365381

@@ -434,9 +450,10 @@ log::info "Container log: $CONTAINER_LOG"
434450
echo ""
435451

436452
CONTAINER_EXIT_CODE=0
453+
# no -t: stdout is piped to tee and CI has no TTY
437454
podman run -v "$WORK_DIR":/tmp/rhdh \
438455
-v "$SCRIPT_DIR/container-init.sh":/tmp/container-init.sh:ro \
439-
-it -u root --privileged \
456+
-i -u root --privileged \
440457
--mount type=tmpfs,destination=/tmp/secrets \
441458
-e VAULT_ADDR="$VAULT_ADDR" \
442459
-e VAULT_TOKEN="$VAULT_TOKEN" \

0 commit comments

Comments
 (0)