Drop tests that are failing

Alpine doesn't keep their archs in sync and only keeps around the latest revision in edge, which breaks a bunch of our test, so I've cut down the alpine tests to a single arch. Signed-off-by: Jon Johnson <jon.johnson@chainguard.dev>
chainguard-dev · Nov 22, 2024 · b4524de · b4524de
1 parent 19462e0
commit b4524de
Show file tree

Hide file tree

Showing 12 changed files with 41 additions and 57 deletions.
diff --git a/.github/workflows/build-samples.yml b/.github/workflows/build-samples.yml
@@ -19,7 +19,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        arch: [x86_64, "386", armv7, aarch64, riscv64, s390x, ppc64le]
+        arch: [x86_64, aarch64]
 
     steps:
       - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
@@ -47,38 +47,7 @@ jobs:
             echo ::group::sbom.json
             cat $f
             echo ::endgroup::
-            docker run --rm -v $(pwd)/$f:/sbom.json cgr.dev/chainguard/ntia-conformance-checker -v --file /sbom.json
-          done
-
-  # Build a multi-arch nginx image for all archs.
-  build-nginx-multiarch:
-    name: build-nginx-multiarch
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: read
-
-    steps:
-      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
-        with:
-          egress-policy: audit
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v2.1.5
-        with:
-          go-version-file: 'go.mod'
-          check-latest: true
-      - run: |
-          make apko
-          ./apko build ./examples/nginx.yaml nginx:build /tmp/nginx.tar --arch x86_64,386,armv7,aarch64,s390x,ppc64le
-
-      - name: Check SBOM Conformance
-        run: |
-          set -euxo pipefail
-          for f in *.spdx.json; do
-            echo ::group::sbom.json
-            cat $f
-            echo ::endgroup::
-            docker run --rm -v $(pwd)/$f:/sbom.json cgr.dev/chainguard/ntia-conformance-checker -v --file /sbom.json
+            docker run --rm -v $(pwd)/$f:/$f --entrypoint "sh" cgr.dev/chainguard/wolfi-base -c "apk add spdx-tools-java && tools-java Verify /$f
           done
 
   build-all-examples-one-arch:
@@ -116,7 +85,7 @@ jobs:
             fi
           done
 
-  build-alpine-source-date-epoch:
+  build-wolfi-source-date-epoch:
     name: source-date-epoch
     runs-on: ubuntu-latest
 
@@ -141,11 +110,11 @@ jobs:
           SOURCE_DATE_EPOCH: "0"
         run: |
           make apko
-          FIRST=$(./apko publish ./examples/alpine-base.yaml localhost:5000/alpine --arch x86_64,386,armv7,aarch64,s390x,ppc64le 2> /dev/null)
+          FIRST=$(./apko publish ./examples/wolfi-base.yaml localhost:5000/wolfi --arch x86_64,aarch64 2> /dev/null)
 
           for idx in {2..10}
           do
-            NEXT=$(./apko publish ./examples/alpine-base.yaml localhost:5000/alpine --arch x86_64,386,armv7,aarch64,s390x,ppc64le 2> /dev/null)
+            NEXT=$(./apko publish ./examples/wolfi-base.yaml localhost:5000/wolfi --arch x86_64,aarch64 2> /dev/null)
 
             if [ "${FIRST}" = "${NEXT}" ]; then
               echo "Build ${idx} matches."
@@ -155,7 +124,7 @@ jobs:
             fi
           done
 
-  build-alpine-build-date-epoch:
+  build-wolfi-build-date-epoch:
     name: build-date-epoch
     runs-on: ubuntu-latest
 
@@ -180,11 +149,11 @@ jobs:
           make apko
           # Without SOURCE_DATE_EPOCH set, the timestamp of the image will be computed to be
           # the maximum build date of the resolved APKs.
-          FIRST=$(./apko publish ./examples/alpine-base.yaml localhost:5000/alpine --arch x86_64,386,armv7,aarch64,s390x,ppc64le 2> /dev/null)
+          FIRST=$(./apko publish ./examples/wolfi-base.yaml localhost:5000/wolfi --arch x86_64,aarch64 2> /dev/null)
 
           for idx in {2..10}
           do
-            NEXT=$(./apko publish ./examples/alpine-base.yaml localhost:5000/alpine --arch x86_64,386,armv7,aarch64,s390x,ppc64le 2> /dev/null)
+            NEXT=$(./apko publish ./examples/wolfi-base.yaml localhost:5000/wolfi --arch x86_64,aarch64 2> /dev/null)
 
             if [ "${FIRST}" = "${NEXT}" ]; then
               echo "Build ${idx} matches."
@@ -218,7 +187,7 @@ jobs:
           make apko
 
           # Build image with annotations.
-          ref=$(./apko publish ./examples/nginx.yaml localhost:5000/nginx --arch x86_64,386,armv7,aarch64,s390x,ppc64le)
+          ref=$(./apko publish ./examples/nginx.yaml localhost:5000/nginx --arch x86_64,aarch64)
 
           # Check index annotations.
           crane manifest $ref | jq -r '.annotations.foo' | grep bar

diff --git a/examples/alias-only.yaml b/examples/alias-only.yaml
@@ -2,4 +2,7 @@ contents:
   repositories:
     - https://dl-cdn.alpinelinux.org/alpine/edge/main
   packages:
-    - openssh-client
+    - openssh-client
+
+archs:
+- x86_64
diff --git a/examples/alpine-386_amd64.yaml b/examples/alpine-386_amd64.yaml
diff --git a/examples/alpine-base-rootless.yaml b/examples/alpine-base-rootless.yaml
@@ -18,3 +18,6 @@ cmd: /bin/sh -l
 # optional environment configuration
 environment:
   PATH: /usr/sbin:/sbin:/usr/bin:/bin
+
+archs:
+  - amd64
diff --git a/examples/alpine-base.yaml b/examples/alpine-base.yaml
@@ -9,3 +9,6 @@ cmd: /bin/sh -l
 # optional environment configuration
 environment:
   PATH: /usr/sbin:/sbin:/usr/bin:/bin
+
+archs:
+  - amd64
diff --git a/examples/alpine-python3.yaml b/examples/alpine-python3.yaml
@@ -10,3 +10,6 @@ cmd: /bin/sh -l
 # optional environment configuration
 environment:
   PATH: /usr/sbin:/sbin:/usr/bin:/bin
+
+archs:
+  - amd64
diff --git a/examples/alpine-slim.yaml b/examples/alpine-slim.yaml
@@ -11,3 +11,6 @@ environment:
   PATH: /usr/sbin:/sbin:/usr/bin:/bin
 
 cmd: /bin/sh -l
+
+archs:
+  - amd64
diff --git a/examples/apko-devenv.yaml b/examples/apko-devenv.yaml
@@ -32,3 +32,6 @@ contents:
     - docker-cli
 entrypoint:
   command: /bin/sh -l
+
+archs:
+  - amd64
diff --git a/examples/nginx-rootless.yaml b/examples/nginx-rootless.yaml
@@ -36,3 +36,6 @@ paths:
     uid: 10000
     gid: 10000
     permissions: 0o644
+
+archs:
+  - amd64
diff --git a/examples/nginx.yaml b/examples/nginx.yaml
@@ -1,8 +1,10 @@
 contents:
+  keyring:
+    - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub
   repositories:
-    - https://dl-cdn.alpinelinux.org/alpine/edge/main
+    - https://packages.wolfi.dev/os
   packages:
-    - alpine-baselayout
+    - wolfi-baselayout
     - nginx
 
 entrypoint:
@@ -32,7 +34,7 @@ paths:
     permissions: 0o755
   - path: /etc/nginx/http.d/default.conf
     type: hardlink
-    source: /usr/share/nginx/http-default_server.conf
+    source: /etc/nginx/nginx.conf.default
     uid: 10000
     gid: 10000
     permissions: 0o644
@@ -41,3 +43,6 @@ work-dir: /usr/share/nginx
 
 annotations:
   foo: bar
+
+archs:
+  - amd64
diff --git a/hack/ci/00-build.sh b/hack/ci/00-build.sh
@@ -10,7 +10,7 @@ REF="apko.local/ci-testing:test"
 
 trap "rm -f ${OUTPUT_TAR}" EXIT
 
-for f in examples/alpine-base-rootless.yaml examples/wolfi-base.yaml; do
+for f in examples/wolfi-base.yaml; do
   echo "=== building $f"
 
   REF="apko.local/ci-testing:$(basename ${f})"

diff --git a/hack/ci/01-publish.sh b/hack/ci/01-publish.sh
@@ -16,7 +16,7 @@ docker rm -f "${REGISTRY_CONTAINER_NAME}"
 docker run --name "${REGISTRY_CONTAINER_NAME}" \
   -d -p ${PORT}:5000 "${REGISTRY_BASE_IMAGE}"
 
-for f in examples/alpine-base-rootless.yaml examples/wolfi-base.yaml; do
+for f in examples/wolfi-base.yaml; do
   echo "=== building $f"
 
   REF="localhost:${PORT}/ci-testing:$(basename ${f})"