2023-08-14 16:40:13 +02:00
.. _toolbox:
Fedora Toolbx images
====================
2023-08-28 16:36:51 +02:00
This document contains information about current workflow used to build and publish Toolbox images.
It also describes changes needed to make it work with `quay.io <https://quay.io> `_ .
2023-08-14 16:40:13 +02:00
Current workflow
----------------
2023-08-30 13:02:11 +02:00
The toolbx images are currently built using OSBS. The OSBS submits builds to
2023-08-28 16:36:51 +02:00
`candidate-registry.fedoraproject.org <https://candidate-registry.fedoraproject.org/> `_ using
2023-08-30 13:02:11 +02:00
dockercfg and user can create an update in Bodhi. After testing period is finished or the update
gets enough karma it is moved by bodhi to
2023-08-28 16:36:51 +02:00
`registry.fedoraproject_org <https://registry.fedoraproject.org/> `_ .
2023-08-30 13:02:11 +02:00
This will change in F39 where the images will be built by
2023-09-01 12:17:11 +02:00
`koji-flatpak <https://pagure.io/koji-flatpak> `_ plugin. Releng script will then submit the builds
to both `registry.fedoraproject_org <https://registry.fedoraproject.org/> `_ and
2023-08-30 13:02:11 +02:00
`quay.io <https://quay.io> `_ .
2023-08-28 16:36:51 +02:00
.. image :: ../_static/toolbox_workflow_registry.drawio.png
:target: ../_images/toolbox_workflow_registry.drawio.png
2023-08-14 16:40:13 +02:00
Changes for quay.io
-------------------
2023-08-30 13:02:11 +02:00
2023-09-01 12:17:11 +02:00
This section will describe changes that are needed to make `quay.io <https://quay.io> `_
work with current setup. It will go through pipeline step by step and describe what
needs to be changed in case of toolbx workflow.
2023-08-30 13:02:11 +02:00
OSBS
^^^^
2023-08-31 12:59:13 +02:00
2023-08-30 13:02:11 +02:00
OSBS is using Openshift local container registry, which is configured by
`dockercfg <https://pagure.io/fedora-infra/ansible/blob/main/f/files/osbs/dockercfg-production-secret.j2> `_
file and pointing to candidate-registry. There is dockercfg for
`production <https://pagure.io/fedora-infra/ansible/blob/main/f/files/osbs/dockercfg-production-secret.j2> `_ and `staging <https://pagure.io/fedora-infra/ansible/blob/main/f/files/osbs/dockercfg-staging-secret.j2> `_ .
This dockercfg is used as a secret in OSBS and it's deployed in
`setup-worker-namespace <https://pagure.io/fedora-infra/ansible/blob/main/f/playbooks/groups/osbs/setup-worker-namespace.yml> `_ playbook.
2023-09-01 12:17:11 +02:00
To make this work with `quay.io <https://quay.io> `_ we need to replace the dockercfg with new
one pointing to `quay.io <https://quay.io> `_ .
2023-08-30 13:02:11 +02:00
.. note ::
2023-09-01 12:17:11 +02:00
OSBS could have trouble reaching to `quay.io <https://quay.io> `_ , this needs to be solved for this to work.
2023-08-30 13:02:11 +02:00
2023-08-31 12:59:13 +02:00
Releng script
^^^^^^^^^^^^^
In the new workflow introduced in Fedora 39+ is a Release Engineering script that pushes the image
to registry. This script could be found in
`releng repository <https://pagure.io/releng/blob/main/f/scripts/sync-latest-container-base-image.sh> `_
and it's already pushing images to `quay.io <https://quay.io> `_ .
2023-08-30 13:02:11 +02:00
Bodhi
^^^^^
2023-09-01 12:17:11 +02:00
Bodhi is pushing the container builds from
`candidate-registry.fedoraproject.org <https://candidate-registry.fedoraproject.org/> `_ to
`registry.fedoraproject_org <https://registry.fedoraproject.org/> `_ and this is configured in
2023-08-30 13:02:11 +02:00
`production.ini template <https://pagure.io/fedora-infra/ansible/blob/main/f/roles/bodhi2/base/templates/production.ini.j2> `_
in ansible.
To make it work with quay.io we just need to change `container.destination_registry`
`container.source_registry`
.. note ::
Bodhi wouldn't be part of the toolbx workflow in Fedora 39 and later. So no need to change
anything here.
Toolbx
^^^^^^
Toolbx has the `registry.fedoraproject_org <https://registry.fedoraproject.org/> `_ set in code.
This needs to be changed before we completely switch to `quay.io <https://quay.io> `_ .
