Build and publish nightly RPMs using COPR

.github/actions/build/action.yaml

@@ -30,7 +30,12 @@ inputs:
     default: 1
   build:
     description: Types of artifacts to build (all, rpms, bootc-image)
-    required: true
+    required: false
+    default: all
+  skip-prebuild:
+    description: Skip the prebuild step
+    required: false
+    default: false
 
 runs:
   using: "composite"
@@ -40,9 +45,11 @@ runs:
       uses: ./.github/actions/debug-info
 
     - name: Prepare the build and run environment
+      if: inputs.skip-prebuild == 'false'
       uses: ./.github/actions/prebuild
 
     - name: Build MicroShift RPMs
+      if: contains(fromJSON('["all", "rpms"]'), inputs.build)
       shell: bash
       run: |
         # See https://github.com/microshift-io/microshift/blob/main/docs/build.md

.github/workflows/builders.yaml

@@ -23,7 +23,6 @@ jobs:
           okd-version-tag: ${{ steps.detect-okd-version.outputs.okd-version-tag }}
           bootc-image-url: quay.io/centos-bootc/centos-bootc
           bootc-image-tag: stream9
-          build: bootc-image
           node-count: 2
 
   centos10-bootc:
@@ -44,7 +43,6 @@ jobs:
           okd-version-tag: ${{ steps.detect-okd-version.outputs.okd-version-tag }}
           bootc-image-url: quay.io/centos-bootc/centos-bootc
           bootc-image-tag: stream10
-          build: bootc-image
           node-count: 2
 
   fedora-bootc:
@@ -68,7 +66,6 @@ jobs:
           okd-version-tag: ${{ steps.detect-okd-version.outputs.okd-version-tag }}
           bootc-image-url: registry.fedoraproject.org/fedora-bootc
           bootc-image-tag: 42
-          build: bootc-image
           node-count: 2
 
   ubuntu-rpm2deb:
@@ -115,4 +112,3 @@ jobs:
           okd-version-tag: ${{ steps.detect-okd-version.outputs.okd-version-tag }}
           isolated-network: 1
           ovnk-networking: ${{ matrix.ovnk-networking }}
-          build: bootc-image

.github/workflows/nightly-copr.yaml

@@ -0,0 +1,149 @@
+name: nightly-copr
+
+on:
+  schedule:
+     - cron: "0 1 * * *"
+  workflow_dispatch:
+
+env:
+  COPR_REPO_NAME: "@microshift-io/microshift-nightly"
+
+jobs:
+  build-rpms:
+    if: github.event_name != 'schedule' || github.repository == 'microshift-io/microshift'
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Check out MicroShift upstream repository
+        uses: actions/checkout@v4
+
+      - name: Detect OKD version tag
+        id: detect-okd-version
+        uses: ./.github/actions/okd-version
+
+      - name: Build SRPM
+        shell: bash
+        run: |
+          cd ${GITHUB_WORKSPACE}/
+          make srpm \
+            USHIFT_GITREF=main \
+            OKD_VERSION_TAG=${{ steps.detect-okd-version.outputs.okd-version-tag }} \
+            SRPM_WORKDIR=/mnt/srpm
+
+      - name: Create copr-cli image and secret
+        shell: bash
+        env:
+          COPR_CONFIG: |
+            ${{ secrets.COPR_CONFIG }}
+        run: |
+          set -euo pipefail
+          cd ${GITHUB_WORKSPACE}/
+          echo "${COPR_CONFIG}" > /tmp/copr-config
+          ls -lah /tmp/copr-config
+
+          make copr-cli
+
+          make copr-cfg-ensure-podman-secret \
+            COPR_CONFIG=/tmp/copr-config
+
+      - name: Create COPR build
+        shell: bash
+        env:
+          COPR_CONFIG: |
+            ${{ secrets.COPR_CONFIG }}
+        run: |
+          set -euo pipefail
+          cd ${GITHUB_WORKSPACE}/
+          echo "${COPR_CONFIG}" > /tmp/copr-config
+
+          make copr-create-build \
+            SRPM_WORKDIR=/mnt/srpm \
+            COPR_REPO_NAME=${{ env.COPR_REPO_NAME }} \
+            COPR_CONFIG=/tmp/copr-config
+
+          make copr-watch-build \
+            SRPM_WORKDIR=/mnt/srpm \
+            COPR_REPO_NAME=${{ env.COPR_REPO_NAME }}
+
+      - name: Persist version and build ID
+        uses: actions/upload-artifact@v4
+        with:
+          name: srpm-artifacts
+          path: |
+            /mnt/srpm/version.txt
+            /mnt/srpm/build.txt
+          overwrite: true
+
+
+  build-and-test-microshift:
+    needs: build-rpms
+    if: github.event_name != 'schedule' || github.repository == 'microshift-io/microshift'
+    strategy:
+      matrix:
+        runners: [ubuntu-24.04, ubuntu-24.04-arm]
+    name: Build RPM images based on COPR build
+    runs-on: ${{ matrix.runners }}
+    steps:
+      - uses: actions/download-artifact@v5
+        with:
+          name: srpm-artifacts
+          path: /tmp/srpm
+
+      - name: Check out MicroShift upstream repository
+        uses: actions/checkout@v4
+
+      - name: Prepare the build and run environment
+        uses: ./.github/actions/prebuild
+
+      - name: Detect the CPU architecture
+        id: detect-cpu-arch
+        uses: ./.github/actions/arch
+
+      - name: Create RPMs image with RPMs from COPR
+        shell: bash
+        run: |
+          set -euo pipefail
+          cd ${GITHUB_WORKSPACE}/
+
+          make rpm-copr \
+            SRPM_WORKDIR=/tmp/srpm \
+            RPM_OUTDIR=/mnt/rpms \
+            COPR_CHROOT="epel-10-$(uname -m)"
+
+      - name: Run the build action
+        uses: ./.github/actions/build
+        with:
+          ushift-gitref: nil    # RPMs are not built, so no need for git ref or OKD version
+          okd-version-tag: nil
+          bootc-image-url: quay.io/centos-bootc/centos-bootc
+          bootc-image-tag: stream10
+          skip-prebuild: "true"
+          build: bootc-image
+
+      # Test the local container image with the quick start and clean procedures
+      # before releasing the artifacts. Make sure not to run the clean scripts
+      # because the images are needed for the release process.
+      - name: Run the quick start script and clean scripts
+        uses: ./.github/actions/quick-start-clean
+        with:
+          image-ref: localhost/microshift-okd:latest
+          run-clean: false
+
+
+  regenerate-copr-repo:
+    needs: build-and-test-microshift
+    if: github.event_name != 'schedule' || github.repository == 'microshift-io/microshift'
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Check out MicroShift upstream repository
+        uses: actions/checkout@v4
+
+      - name: COPR - Regenerate RPM repo
+        shell: bash
+        env:
+          COPR_CONFIG: |
+            ${{ secrets.COPR_CONFIG }}
+        run : |
+          echo "${COPR_CONFIG}" > /tmp/copr-config
+          make copr-regenerate-repos \
+            COPR_CONFIG=/tmp/copr-config \
+            COPR_REPO_NAME=${{ env.COPR_REPO_NAME }}

Makefile

@@ -44,6 +44,9 @@ SRPM_IMAGE := microshift-okd-srpm
 LVM_DISK := /var/lib/microshift-okd/lvmdisk.image
 VG_NAME := myvg1
 
+PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
+include $(PROJECT_DIR)/src/copr/copr.mk
+
 #
 # Define the main targets
 #
@@ -115,7 +118,7 @@ rpm-to-deb:
 .PHONY: image
 image:
 	@if ! sudo podman image exists "${RPM_IMAGE}" ; then \
-		echo "ERROR: Run 'make rpm' to build the MicroShift RPMs" ; \
+		echo "ERROR: Run 'make rpm' or 'make rpm-copr' to build the MicroShift RPMs" ; \
 		exit 1 ; \
 	fi
 

packaging/rpms-copr.Containerfile

@@ -0,0 +1,29 @@
+FROM quay.io/fedora/fedora:42
+
+RUN dnf install -y \
+        --setopt=install_weak_deps=False \
+        copr-cli createrepo rpm2cpio cpio && \
+    dnf clean all
+
+ARG COPR_BUILD_ID=
+ARG BUILDER_RPM_REPO_PATH=/home/microshift/microshift/_output/rpmbuild/RPMS
+ARG COPR_CHROOT="epel-10-$(uname -m)"
+
+# hadolint ignore=DL4006,DL3003
+RUN \
+    echo "# Download the RPMs from COPR" && \
+    copr download-build --rpms --chroot "${COPR_CHROOT}" --dest /tmp/rpms ${COPR_BUILD_ID} && \
+    \
+    echo "# Extract the MicroShift source code into /home/microshift/microshift" && \
+    mkdir -p /home/microshift/microshift && \
+    cd /tmp/rpms/"${COPR_CHROOT}"/ && \
+    rpm2cpio microshift-*.src.rpm | cpio -idmv && \
+    tar xf microshift-*.tar.gz -C /home/microshift/microshift --strip-components=1 && \
+    \
+    echo "# Move the RPMs" && \
+    mkdir -p ${BUILDER_RPM_REPO_PATH} && \
+    mv /tmp/rpms/"${COPR_CHROOT}"/*.rpm ${BUILDER_RPM_REPO_PATH}/ && \
+    \
+    echo "# Create the repository and cleanup" && \
+    createrepo -v ${BUILDER_RPM_REPO_PATH} && \
+    rm -rf /tmp/rpms

src/copr/copr-cli.Containerfile

@@ -0,0 +1,3 @@
+FROM quay.io/fedora/fedora:42
+
+RUN dnf install -y copr-cli && dnf clean all

src/copr/copr.mk

@@ -0,0 +1,111 @@
+COPR_CONFIG ?= $(HOME)/.config/copr
+COPR_REPO_NAME ?= "@microshift-io/microshift"
+COPR_BUILD_ID ?= $(shell cat "${SRPM_WORKDIR}/build.txt" 2>/dev/null)
+
+COPR_SECRET_NAME := copr-cfg
+COPR_CLI_IMAGE := localhost/copr-cli:latest
+COPR_CHROOT ?= "epel-10-$(shell uname -m)"
+
+.PHONY: copr-help
+copr-help:
+	@echo "make <rpm-copr | copr-delete-build | copr-regenerate-repos | copr-create-build | copr-watch-build>"
+	@echo "   rpm-copr:                         build the MicroShift RPMs using COPR"
+	@echo "   copr-delete-build:                delete the COPR build"
+	@echo "   copr-regenerate-repos:            regenerate the COPR RPM repository"
+	@echo "   copr-create-build:                create the COPR RPM build"
+	@echo "   copr-watch-build:                 watch the COPR build"
+	@echo "   copr-cfg-ensure-podman-secret:    ensure the COPR secret is available and is up to date"
+	@echo "   copr-cli:                         build the COPR CLI container"
+	@echo ""
+	@echo "Variables:"
+	@echo "   COPR_BUILD_ID:                    COPR build ID (default: read from \$$SRPM_WORKDIR/build.txt)"
+	@echo "   COPR_REPO_NAME:                   COPR repository name (default: ${COPR_REPO_NAME})"
+	@echo "   COPR_CONFIG:                      COPR configuration file - from https://copr.fedorainfracloud.org/api/ (default: ${COPR_CONFIG})"
+	@echo "   COPR_CHROOT:                      COPR chroot (default: ${COPR_CHROOT})"
+	@echo ""
+	@echo "Recommended flow:"
+	@echo "   1. mkdir -p /tmp/microshift-srpm-copr"
+	@echo "   2. make srpm SRPM_WORKDIR=/tmp/microshift-srpm-copr"
+	@echo "   3. make copr-create-build COPR_REPO_NAME=USER/PROJECT SRPM_WORKDIR=/tmp/microshift-srpm-copr"
+	@echo "   4. make copr-watch-build SRPM_WORKDIR=/tmp/microshift-srpm-copr"
+	@echo "   5. make rpm-copr SRPM_WORKDIR=/tmp/microshift-srpm-copr"
+	@echo "   6. make image"
+	@echo ""
+
+.PHONY: rpm-copr
+rpm-copr:
+	@echo "Building MicroShift RPM image using COPR"
+	sudo podman build \
+        --tag "${RPM_IMAGE}" \
+        --build-arg COPR_BUILD_ID="${COPR_BUILD_ID}" \
+        --build-arg COPR_CHROOT="${COPR_CHROOT}" \
+        --file packaging/rpms-copr.Containerfile .
+
+	@echo "Extracting the MicroShift RPMs"
+	outdir="$${RPM_OUTDIR:-$$(mktemp -d /tmp/microshift-rpms-XXXXXX)}" && \
+	mntdir="$$(sudo podman image mount "${RPM_IMAGE}")" && \
+	trap "sudo podman image umount '${RPM_IMAGE}' >/dev/null" EXIT && \
+	sudo cp -r "$${mntdir}/home/microshift/microshift/_output/rpmbuild/RPMS/." "$${outdir}" && \
+	echo -e "\nBuild completed successfully\nRPMs are available in '$${outdir}'"
+
+.PHONY: copr-cfg-ensure-podman-secret
+copr-cfg-ensure-podman-secret:
+	@echo "Ensuring the COPR secret is available and is up to date"
+	if sudo podman secret exists "${COPR_SECRET_NAME}"; then \
+		sudo podman secret rm "${COPR_SECRET_NAME}" ; \
+	fi ; \
+	sudo podman secret create "${COPR_SECRET_NAME}" "${COPR_CONFIG}"
+
+.PHONY: copr-cli
+copr-cli:
+	@echo "Building the COPR CLI container"
+	sudo podman build \
+		--tag "${COPR_CLI_IMAGE}" \
+		--file src/copr/copr-cli.Containerfile .
+
+.PHONY: copr-delete-build
+copr-delete-build: copr-cfg-ensure-podman-secret copr-cli
+	@echo "Deleting the COPR build ${COPR_BUILD_ID}"
+	sudo podman run \
+		--rm \
+		--secret ${COPR_SECRET_NAME} \
+		"${COPR_CLI_IMAGE}" \
+		bash -c "copr-cli --config /run/secrets/${COPR_SECRET_NAME} delete-build ${COPR_BUILD_ID}"
+
+.PHONY: copr-regenerate-repos
+copr-regenerate-repos: copr-cfg-ensure-podman-secret copr-cli
+	@echo "Regenerating the COPR repository"
+	sudo podman run \
+		--rm \
+		--secret ${COPR_SECRET_NAME} \
+		"${COPR_CLI_IMAGE}" \
+		bash -c "copr-cli --config /run/secrets/${COPR_SECRET_NAME} regenerate-repos ${COPR_REPO_NAME}"
+
+.PHONY: copr-create-build
+copr-create-build: copr-cfg-ensure-podman-secret copr-cli
+	@echo "Creating the COPR build"
+	@if [ -z "${SRPM_WORKDIR}" ]; then \
+		echo "ERROR: SRPM_WORKDIR is not set" ; \
+		exit 1 ; \
+	fi
+	@if [ ! -d "${SRPM_WORKDIR}" ]; then \
+		echo "ERROR: ${SRPM_WORKDIR} directory not found" ; \
+		exit 1 ; \
+	fi
+	sudo podman run \
+		--rm \
+		--secret ${COPR_SECRET_NAME} \
+		--env COPR_REPO_NAME="${COPR_REPO_NAME}" \
+		--volume "${SRPM_WORKDIR}:/srpms:Z" \
+		--volume "./src/copr/create-build.sh:/create-build.sh:Z" \
+		"${COPR_CLI_IMAGE}" \
+		bash -c "bash -x /create-build.sh"
+
+.PHONY: copr-watch-build
+copr-watch-build: copr-cli
+	@echo "Watching the COPR build"
+	sudo podman run \
+		--rm \
+		--volume "${SRPM_WORKDIR}:/srpms:Z" \
+		"${COPR_CLI_IMAGE}" \
+		bash -c "copr-cli watch-build ${COPR_BUILD_ID}"

src/copr/create-build.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+if [[ -z "${COPR_REPO_NAME:-}" ]]; then
+    echo "ERROR: COPR_REPO_NAME environment variable is required"
+    exit 1
+fi
+
+out="$(copr-cli --config /run/secrets/copr-cfg build --nowait "${COPR_REPO_NAME}" /srpms/microshift*.src.rpm)"
+echo "${out}"
+build=$(echo "${out}" | grep "Created builds" | cut -d: -f2 | xargs)
+if [[ -z "${build}" ]]; then
+    echo "ERROR: Failed to extract build ID from copr-cli output"
+    exit 1
+fi
+echo "${build}" > /srpms/build.txt