[yocto-autobuilder2][PATCH v3 0/6] Implement 'containers' jobs

[tim.orling@konsulko.com]

From: Tim Orling <tim.orling@konsulko.com>

This series builds on top of the patches already merged from v2.

This series contains the 'yocto-autobuilder-helper' patches to enable:
* building, testing and publishing of 'vcontainer-tarball'
  - vcontainer-tests job
* building and pushing containers from:
  - meta-virtualization
* containers are pushed when the push_containers boolean is set in the
  AutoBuilder UI
  - regstries are set with CONTAINER_REGISTRIES variable
* authentication uses local user credentials (e.g. ~/.docker/config.json
  or .../auth.json for podman)
* containers are tagged with PV_MAJOR, PV_MAJOR.PV_MINOR, DISTRO_CODENAME
  and yocto-x.y release (yocto-x.y.z for release builds).

Additional features, such as container signing and attaching SLSA provenance
attestations will come in a future series, once this initial functionality
is agreed upon an stable.

Concerns about the possible infinite loop around the tarball extraction
"while True, try, expect OSError" code [1] are addressed separately [2],
since the original patch has been merged.

This series relies on the resolution of [3] and [4].

[1] https://lore.kernel.org/yocto-patches/02f0c35f16a8a51bbe0e89145353008f67180a84.camel@pbarker.dev/
[2] https://lore.kernel.org/yocto-patches/20260606011918.61582-1-tim.orling@konsulko.com/
[3] https://lore.kernel.org/yocto-meta-virtualization/aiJDIinJWZhO4Jid@gmail.com/T/#t
[4] https://lore.kernel.org/yocto-meta-virtualization/20260604001931.96550-1-tim.orling@konsulko.com/T/#u

Changes in v2:
* Simplify by  merging vdkr-tests and vpdmn-tests into vcontainer-tests
* Simplify by building containers from meta-virtualization:
- Depends on resolution of: https://lists.yoctoproject.org/g/meta-virtualization/message/9826
* Workaround for recent (since Friday May 29, 2026) errors:
  Error: reading blob sha256:<hash>: file integrity checksum failed for "<file>"
  - This is probably related to either sstate changes or recent changes in vcontainer-common...

Changes in v3:
* vcontainer-tarball is installed in jobs that set "vcontainer" similar to "extratools", instead
  of the more global "buildtools" behavior.
* The (rather large amount of) code for pushing containers in run-config is broken out into
  a dedicated run-push-containers script.
* Workaround for pushing containers is moved to run-push-containers. The most recent
  behavior (on top of meta-virt master-next) showed a different error pattern:
  Error: reading blob sha256:<hash>: EOF
  The workaround simply removes all container images from the VM's container-registry before
  importing or pushing new container images. The commit message was reworded accordingly.
* Rather than installing latest versions of pip, setuptools and wheel, silence the pip
  warning with PIP_DISABLE_PIP_VERSION_CHECK=1
* Rather than installing the latest versions of pytest, pytest-timeout and pexpect, install
  from meta-virtualization/tests/requirements.txt (pending).
* Refactor run-vcontainer-tests script to use optargs instead of a mix of positional args
  and env vars.

The following changes since commit 07887d0ace65c873aa929ef31cae52c4c1a8e5c5:

  script/utils: Remove prefix from sha256 parameter if present (2026-06-05 23:41:35 +0100)

are available in the Git repository at:

  https://git.yoctoproject.org/yocto-autobuilder-helper contrib/timo/containers-upstream-v3
  https://git.yoctoproject.org/yocto-autobuilder-helper/log/?h=contrib/timo/containers-upstream-v3

for you to fetch changes up to c21fe441965ef9fd801338f017109592dba8b9e0:

  scripts/run-push-containers: remove all images before push (2026-06-05 18:20:07 -0700)

----------------------------------------------------------------

Tim Orling (6):
  scripts: add vcontainer-tarball setup, integration, and publishing
  config.json: add vcontainer-tarball build target
  scripts: add run-vcontainer-tests for meta-virtualization
  scripts: add container registry push, auth, tagging, runtime selection
  config.json: add 'containers-library' build job
  scripts/run-push-containers: remove all images before push

 config.json                  | 118 +++++++++++++++++++
 scripts/publish-artefacts    |   5 +
 scripts/run-config           |  23 ++++
 scripts/run-push-containers  | 167 +++++++++++++++++++++++++++
 scripts/run-vcontainer-tests | 212 +++++++++++++++++++++++++++++++++++
 scripts/utils.py             |  20 +++-
 6 files changed, 541 insertions(+), 4 deletions(-)
 create mode 100755 scripts/run-push-containers
 create mode 100755 scripts/run-vcontainer-tests

-- 
2.43.0