From 87448daf718d964c3c5444f7d1b8aa01fb2cb8a5 Mon Sep 17 00:00:00 2001
From: Martin Pitt <mpitt@redhat.com>
Date: Mon, 2 Jun 2025 23:18:20 +0200
Subject: [PATCH 1/4] ci: Bump tox-lsr to 3.10.0

---
 inventory/group_vars/active_roles.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inventory/group_vars/active_roles.yml b/inventory/group_vars/active_roles.yml
index a4d6561..42a7df1 100644
--- a/inventory/group_vars/active_roles.yml
+++ b/inventory/group_vars/active_roles.yml
@@ -62,5 +62,5 @@ lsr_namespace: fedora
 lsr_name: linux_system_roles
 lsr_role_namespace: linux_system_roles  # for ansible-lint
 gha_checkout_action: actions/checkout@v4
-tox_lsr_url: "git+https://github.com/linux-system-roles/tox-lsr@3.9.1"
+tox_lsr_url: "git+https://github.com/linux-system-roles/tox-lsr@3.10.0"
 lsr_rh_distros: "{{ ['AlmaLinux', 'CentOS', 'RedHat', 'Rocky'] + lsr_rh_distros_extra | d([]) }}"

From 7917207658fee5c101d192e7b38e1ecd65d17c1b Mon Sep 17 00:00:00 2001
From: Martin Pitt <mpitt@redhat.com>
Date: Tue, 3 Jun 2025 08:09:17 +0200
Subject: [PATCH 2/4] ci: Use defined $TOX_ARGS in qemu-kvm-integration-tests

Avoids repeating the value. The defined `TOX_ARGS` was previously
unused.
---
 .../templates/.github/workflows/qemu-kvm-integration-tests.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml b/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
index 2d7f258..d85ee3f 100644
--- a/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
+++ b/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
@@ -124,7 +124,7 @@ jobs:
 {%- raw %}
         run: >-
           tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch
-          --log-level debug --skip-tags tests::infiniband,tests::nvme,tests::scsi
+          --log-level debug $TOX_ARGS
           --lsr-report-errors-url DEFAULT --
 {%- endraw +%}
 

From a21ef209ea5e0599a5b7430ec5e05534cf3a683d Mon Sep 17 00:00:00 2001
From: Martin Pitt <mpitt@redhat.com>
Date: Tue, 3 Jun 2025 08:10:15 +0200
Subject: [PATCH 3/4] ci: Update to podman 5.x in qemu-kvm-integration-tests
 bootc tests

Ubuntu 24.04's podman 4.9.3 does not work with the bootc-image-builder
container: Bind-mounting the container storage into it makes the
container's podman 5 fail with a storage error.

Thus install podman 5.4 from Ubuntu 25.04 to regain compatibility. This
is rather hackish, but as that is a stable release, it should not break
in the future (wrt. library dependencies and such).
---
 .../workflows/qemu-kvm-integration-tests.yml  | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml b/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
index d85ee3f..1583b7c 100644
--- a/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
+++ b/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
@@ -113,6 +113,28 @@ jobs:
           sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86
           pip3 install "{{ tox_lsr_url }}"
 
+      # HACK: Drop this when moving this workflow to 26.04 LTS
+      - name: Update podman to 5.x for compatibility with bootc-image-builder's podman 5
+        if: steps.check_platform.outputs.supported && endsWith(matrix.scenario.image, '-bootc')
+        run: |
+          sed 's/noble/plucky/g' /etc/apt/sources.list.d/ubuntu.sources | sudo tee /etc/apt/sources.list.d/plucky.sources >/dev/null
+          cat <<EOF | sudo tee /etc/apt/preferences.d/podman.pref >/dev/null
+          Package: podman buildah golang-github-containers-common crun libgpgme11t64 libgpg-error0 golang-github-containers-image catatonit conmon containers-storage
+          Pin: release n=plucky
+          Pin-Priority: 991
+
+          Package: libsubid4 netavark passt aardvark-dns containernetworking-plugins libslirp0 slirp4netns
+          Pin: release n=plucky
+          Pin-Priority: 991
+
+          Package: *
+          Pin: release n=plucky
+          Pin-Priority: 400
+          EOF
+
+          sudo apt update
+          sudo apt install -y podman crun conmon containers-storage
+
       - name: Configure tox-lsr
         if: steps.check_platform.outputs.supported
         run: >-

From 1c4f8a127016e42731fd22c9112255f83eeebf90 Mon Sep 17 00:00:00 2001
From: Martin Pitt <mpitt@redhat.com>
Date: Tue, 3 Jun 2025 08:11:42 +0200
Subject: [PATCH 4/4] ci: Add support for bootc end-to-end validation tests

These tests run the role during a bootc container image build, deploy
the container into a QEMU VM, boot that, and validate the expected
configuration there. They run in two different tox environments, and
thus have to be run in two steps (preparation in buildah, validation in
QEMU). The preparation is expected to output a qcow2 image in
`tests/tmp/TESTNAME/qcow2/disk.qcow2`, i.e. the output structure of
<https://github.com/osbuild/bootc-image-builder>.

There are two possibilities:

* Have separate bootc end-to-end tests. These are tagged with
`tests::bootc-e2` and are skipped in the normal qemu-* scenarios.
They run as part of the container-* ones.

* Modify an existing test: These need to build a qcow2 image exactly
*once* (via calling `bootc-buildah-qcow.sh`) and skip setup/cleanup
and role invocations in validation mode, i.e. when
`__bootc_validation` is true.

In the container scenario, run the QEMU validation as a separate step in
the workflow.

See https://issues.redhat.com/browse/RHEL-88396
---
 .../workflows/qemu-kvm-integration-tests.yml  | 26 ++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml b/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
index 1583b7c..e05e5dc 100644
--- a/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
+++ b/playbooks/templates/.github/workflows/qemu-kvm-integration-tests.yml
@@ -146,7 +146,7 @@ jobs:
 {%- raw %}
         run: >-
           tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch
-          --log-level debug $TOX_ARGS
+          --log-level debug $TOX_ARGS --skip-tags tests::bootc-e2e
           --lsr-report-errors-url DEFAULT --
 {%- endraw +%}
 
@@ -196,6 +196,30 @@ jobs:
           exit $rc
 {%- endraw +%}
 
+      - name: Run bootc validation tests in QEMU
+        if: steps.check_platform.outputs.supported &&
+            startsWith(matrix.scenario.env, 'container') &&
+            endsWith(matrix.scenario.image, '-bootc')
+{%- raw %}
+        run: |
+          set -euxo pipefail
+          env=$(echo "${{ matrix.scenario.env }}" | sed 's/^container-/qemu-/')
+
+          for image_file in $(ls tests/tmp/*/qcow2/disk.qcow2 2>/dev/null); do
+              test="tests/$(basename $(dirname $(dirname $image_file))).yml"
+              if tox -e "$env" -- --image-file "$(pwd)/$image_file" \
+                     --log-level debug $TOX_ARGS \
+                     --lsr-report-errors-url DEFAULT \
+                     -e __bootc_validation=true \
+                     -- "$test" >out 2>&1; then
+                  mv out "${test}-PASS.log"
+              else
+                  mv out "${test}-FAIL.log"
+                  exit 1
+              fi
+          done
+{%- endraw +%}
+
       - name: Upload test logs on failure
         if: failure()
         uses: actions/upload-artifact@v4