From 1c9477f4d1c7a71afef22fb347b70645f9ce419f Mon Sep 17 00:00:00 2001
From: Erik Heeren <erik.heeren@epfl.ch>
Date: Thu, 3 Oct 2024 08:58:58 +0200
Subject: [PATCH] Build runtime like builder

---
 .github/workflows/spacktainer.yaml | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/spacktainer.yaml b/.github/workflows/spacktainer.yaml
index 1b0ce04..200ddda 100644
--- a/.github/workflows/spacktainer.yaml
+++ b/.github/workflows/spacktainer.yaml
@@ -16,6 +16,7 @@ jobs:
           AWS_BUILDER_REPO_URL: ${{ secrets.AWS_ECR_URL }}/spacktainers/builder
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }}
+          BUILD_PATH: builder
           BUILDAH_EXTRA_ARGS: --label org.opencontainers.image.revision="$GITHUB_SHA"
             --label org.opencontainers.image.authors="$GITHUB_TRIGGERING_ACTOR"
             --label org.opencontainers.image.url="https://github.com/${GITHUB_REPOSITORY}"
@@ -26,19 +27,19 @@ jobs:
           # ' --label org.opencontainers.image.created="$CI_JOB_STARTED_AT"'
           SPACK_DEPLOYMENT_KEY_PUB: ${{ secrets.SPACK_DEPLOYMENT_KEY_PUB }}
         run: |-
-          echo "Creating builder"
+          echo "Creating ${BUILD_PATH}"
           set -x
           apt install -y awscli buildah podman
           export STORAGE_DRIVER=vfs  # allows to build inside containers without additional mounts
           export BUILDAH_FORMAT=docker  # enables ONBUILD instructions which are not OCI compatible
           export REGISTRY_IMAGE_TAG=latest  # for now
-          echo "${SPACK_DEPLOYMENT_KEY_PUB}" > builder/key.pub
+          echo "${SPACK_DEPLOYMENT_KEY_PUB}" > ${BUILD_PATH}/key.pub
           aws ecr get-login-password --region us-east-1 | buildah login --username AWS --password-stdin ${AWS_ECR_URL}
           # This is written like that in case $BUILDAH_EXTRA_ARGS has args that require spaces,
           # which is tricky with shell variable expansion.  Similar to Kaniko, see also:
           # https://github.com/GoogleContainerTools/kaniko/issues/1803
           export IFS=''
-          COMMAND="buildah bud --iidfile image_id ${BUILDAH_EXTRA_ARGS} builder"
+          COMMAND="buildah bud --iidfile image_id ${BUILDAH_EXTRA_ARGS} ${BUILD_PATH}"
           echo "${COMMAND}"
           eval "${COMMAND}"
           # Sometimes buildah push fails on the first attempt
@@ -49,6 +50,7 @@ jobs:
           AWS_BUILDER_REPO_URL: ${{ secrets.AWS_ECR_URL }}/spacktainers/runtime
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }}
+          BUILD_PATH: runtime
           BUILDAH_EXTRA_ARGS: --label org.opencontainers.image.revision="$GITHUB_SHA"
             --label org.opencontainers.image.authors="$GITHUB_TRIGGERING_ACTOR"
             --label org.opencontainers.image.url="https://github.com/${GITHUB_REPOSITORY}"
@@ -59,17 +61,20 @@ jobs:
           # ' --label org.opencontainers.image.created="$CI_JOB_STARTED_AT"'
         run: |-
           # Holy code duplication, Batman!
-          echo "Creating runtime"
-          yum install -y awscli
+          echo "Creating ${BUILD_PATH}"
+          set -x
+          apt install -y awscli buildah podman
           export STORAGE_DRIVER=vfs  # allows to build inside containers without additional mounts
           export BUILDAH_FORMAT=docker  # enables ONBUILD instructions which are not OCI compatible
           export REGISTRY_IMAGE_TAG=latest  # for now
+          echo "${SPACK_DEPLOYMENT_KEY_PUB}" > ${BUILD_PATH}/key.pub
           aws ecr get-login-password --region us-east-1 | buildah login --username AWS --password-stdin ${AWS_ECR_URL}
           # This is written like that in case $BUILDAH_EXTRA_ARGS has args that require spaces,
           # which is tricky with shell variable expansion.  Similar to Kaniko, see also:
           # https://github.com/GoogleContainerTools/kaniko/issues/1803
           export IFS=''
-          COMMAND="buildah bud --iidfile image_id ${BUILDAH_EXTRA_ARGS} builder"
+          COMMAND="buildah bud --iidfile image_id ${BUILDAH_EXTRA_ARGS} ${BUILD_PATH}"
+          echo "${COMMAND}"
           eval "${COMMAND}"
           # Sometimes buildah push fails on the first attempt
           buildah push $(<image_id) "docker://${AWS_BUILDER_REPO_URL}:${REGISTRY_IMAGE_TAG}" || sleep 10; buildah push $(<image_id) "docker://${AWS_BUILDER_REPO_URL}:${REGISTRY_IMAGE_TAG}"