Add GCP images for AlmaLinux 8, 9, and 10

Author: jonathanspw

.github/actions/shared-steps/action.yml

@@ -41,6 +41,11 @@ inputs:
 runs:
   using: "composite"
   steps:
+    - uses: runs-on/action@v2
+      # only in the AlmaLinux namespace where we are using runs-on
+      if: github.repository_owner == 'AlmaLinux'
+      with:
+        metrics: cpu,network,memory,disk,io
 
     - name: Runner OS, install extra packages
       shell: bash
@@ -73,14 +78,15 @@ runs:
         echo "version_major=${version_major}" >> $GITHUB_ENV
         echo "alma_arch=${alma_arch}" >> $GITHUB_ENV
 
-    - name: Prepare staff
+    - name: Prepare stuff
       shell: bash
       run: |
-        # Prepare staff
+        # Prepare stuff
+        packer_opts=
         case ${{ env.runner_os }} in
           ubuntu)
             # Packer options
-            packer_opts="-var ovmf_code=/usr/share/OVMF/OVMF_CODE_4M.fd -var ovmf_vars=/usr/share/OVMF/OVMF_VARS_4M.fd"
+            packer_opts="-var qemu_binary=/usr/bin/qemu-system-${{ inputs.arch }} -var ovmf_code=/usr/share/OVMF/OVMF_CODE_4M.fd -var ovmf_vars=/usr/share/OVMF/OVMF_VARS_4M.fd"
             ;;
           rhel)
             # Packer options
@@ -114,6 +120,10 @@ runs:
         # AWS S3 path to store images
         aws_s3_path=images/${{ env.version_major }}/${release}/${{ inputs.type }}/${{ env.TIME_STAMP }}
 
+        # tell packer we can use more cpu/ram if we're in the almalinux namespace
+        # which means we're using runs-on with metal instances
+        [[ ${{ github.repository_owner }} == 'AlmaLinux' ]] && packer_opts="${packer_opts} -var cpus=$(($(nproc)-4)) -var memory_${{ env.alma_arch }}=32768"
+
         # Overriding packer source, image mask and S3 path where necessary
         case "${{ inputs.type }}${{ env.version_major }}" in
           azure8|azure9)
@@ -228,6 +238,17 @@ runs:
             output_mask=output-${packer_source}/AlmaLinux-*.${{ env.alma_arch }}*.qcow2
             packer_source=qemu.${packer_source}
             ;;
+          gcp8|gcp9)
+            output_mask=output-${packer_source}/AlmaLinux-*${version_major}*.${{ env.alma_arch }}.tar.gz
+            packer_source=qemu.${packer_source}
+            ;;
+          gcp10)
+            packer_source=almalinux_${{ env.version_major }}_${{ inputs.type }}_${{ env.alma_arch }}
+            [[ ${{ env.version_major }} == *"v2"* ]] && packer_source="${packer_source}_v2"
+            [[ ${{ inputs.variant }} == *"64k"* ]] && packer_source="almalinux_${{ env.version_major }}_${{ inputs.type }}_64k_${{ env.alma_arch }}"
+            output_mask=output-${packer_source}/AlmaLinux-*${version_major}*.${{ env.alma_arch }}.tar.gz
+            packer_source=qemu.${packer_source}
+            ;;
           *)
             output_mask=output-${output_mask}
             packer_source=qemu.${packer_source}
@@ -260,8 +281,24 @@ runs:
             ;;
         esac
 
+    - name: Remove KVM
+      if: inputs.type == 'vagrant_virtualbox' || inputs.type == 'vagrant_vmware'
+      shell: bash
+      run: |
+        # Remove KVM
+        case ${{ env.runner_os }} in
+          ubuntu)
+            sudo apt-get -y remove qemu-kvm
+            ;;
+          rhel)
+            sudo dnf -y -q remove qemu-kvm
+            ;;
+        esac
+        sudo rmmod kvm_amd || sudo rmmod kvm_intel || true
+        sudo rmmod kvm || true
+
     - name: Check nested virtualization support
-      if: inputs.arch == 'x86_64' && inputs.type != 'vagrant_virtualbox' && inputs.type != 'vagrant_vmware' && inputs.runner != 'aws-ec2'
+      if: inputs.arch == 'x86_64' && env.RUNS_ON_VERSION == '' && inputs.type != 'vagrant_virtualbox' && inputs.type != 'vagrant_vmware'
       shell: bash
       run: |
         # Check nested virtualization support
@@ -365,12 +402,13 @@ runs:
       run: |
         # Build ${{ inputs.type }} image
         # PACKER_LOG=1
+        sudo systemctl start libvirtd
         sudo sh -c "/usr/bin/packer build ${{ env.PACKER_OPTS }} -only=${{ env.packer_source }} ."
 
     - name: Locate image file, generate checksum
       shell: bash
       run: |
-        # Locate image file, generate checksum
+        # Locate image file, generate checksum, rename repo metadata file
         ls -la $(dirname '${{ env.output_mask }}')
         image_file=$(ls -1 ${{ env.output_mask }} | head -n 1)
         [ "x${image_file}" = "x" ] && false
@@ -380,8 +418,127 @@ runs:
         echo "IMAGE_FILE=${image_file}" >> $GITHUB_ENV
         echo "IMAGE_NAME=$(basename ${image_file})" >> $GITHUB_ENV
 
-    # - name: Setup tmate session
-    #   uses: mxschmitt/action-tmate@v3
+        # don't fail if this doesn't exist, we may not always generate it
+        sudo mv repo-metadata-*.txt $(basename ${image_file}).repo-metadata.txt || true
+
+    - id: 'google-auth-dev-images'
+      if: env.IMAGE_TYPE == 'gcp'
+      uses: 'google-github-actions/auth@v2'
+      with:
+        workload_identity_provider: 'projects/443728870479/locations/global/workloadIdentityPools/github-actions/providers/github'
+        service_account: 'github-actions-cloud-images@almalinux-dev-images-469421.iam.gserviceaccount.com'
+    
+    - name: 'Set up Google Cloud SDK'
+      if: env.IMAGE_TYPE == 'gcp'
+      uses: 'google-github-actions/setup-gcloud@v3.0.0'
+
+    - name: 'Upload output to GCP storage bucket'
+      if: env.IMAGE_TYPE == 'gcp'
+      shell: bash
+      run: gcloud storage cp ${{ env.IMAGE_FILE }} gs://almalinux-images-dev/almalinux-${version_major}${{ inputs.arch == 'aarch64' && '-arm64' || '' }}-v$(date +'%Y%m%d')/root.tar.gz
+
+    # - name: Create image on GCP
+    #   if: env.IMAGE_TYPE == 'gcp'
+    #   shell: bash
+    #   run: |
+    #     # Create image on GCP
+    #     gcloud --project almalinux-dev-images-469421 compute images create                                              \
+    #       almalinux-${{ env.version_major }}${{ inputs.arch == 'aarch64' && '-arm64' || '' }}-v$(date +'%Y%m%d')        \
+    #       --description="AlmaLinux, AlmaLinux, ${{ env.version_major }}, ${{ inputs.arch }} built on $(date +'%Y%m%d')" \
+    #       --source-uri gs://almalinux-images-dev/${{ env.IMAGE_NAME }}                                                  \
+    #       --guest-os-features=GVNIC,UEFI_COMPATIBLE,VIRTIO_SCSI_MULTIQUEUE,SEV_CAPABLE,SEV_LIVE_MIGRATABLE,IDPF         \
+    #       --family almalinux-${{ env.version_major }}${{ inputs.arch == 'aarch64' && '-arm64' || '' }}                  \
+    #       --architecture=${{ inputs.arch == 'x86_64' && 'X86_64' || 'ARM64' }}                                          \
+    #       --labels=public-image=true
+
+    - name: Clone gce_image_publish repo
+      if: env.IMAGE_TYPE == 'gcp'
+      uses: actions/checkout@v5
+      with:
+        path: compute-image-tools
+        repository: GoogleCloudPlatform/compute-image-tools
+        ref: "20250916.00"
+
+    - name: Build gce_image_publish tool
+      if: env.IMAGE_TYPE == 'gcp'
+      shell: bash
+      run: |
+        # we need golang
+        case ${{ env.runner_os }} in
+          ubuntu)
+            sudo apt update
+            sudo apt-get -y install golang-go
+            ;;
+          rhel)
+            sudo dnf -y -q install golang
+            ;;
+        esac
+        # print golang version for reference
+        go version
+        # Build gce_image_publish tool
+        cd compute-image-tools/cli_tools/gce_image_publish
+        go mod tidy
+        go install
+
+    - name: Create test image on GCP
+      if: env.IMAGE_TYPE == 'gcp'
+      shell: bash
+      run: |
+        /home/$USER/go/bin/gce_image_publish \
+          -var:environment=test \
+          -skip_confirmation \
+          -rollout_rate=0 \
+          -publish_project="almalinux-dev-images-469421" \
+          -work_project="almalinux-dev-images-469421" \
+          -replace \
+          -source_gcs_path="gs://almalinux-images-dev/" \
+          vm-scripts/gcp/almalinux_${version_major}${{ inputs.arch == 'aarch64' && '_arm64' || '' }}.publish.json
+
+    - id: 'google-auth-image-testing'
+      if: env.IMAGE_TYPE == 'gcp' && inputs.run_test == 'true'
+      uses: 'google-github-actions/auth@v2'
+      with:
+        workload_identity_provider: 'projects/527193872801/locations/global/workloadIdentityPools/github-actions/providers/github'
+        service_account: 'github-actions-image-testing@almalinux-image-testing-469421.iam.gserviceaccount.com'
+    
+    - name: 'Set up Google Cloud SDK'
+      if: env.IMAGE_TYPE == 'gcp' && inputs.run_test == 'true'
+      uses: 'google-github-actions/setup-gcloud@v3.0.0'
+
+    - name: 'Clone Google cloud-image-testing repo'
+      if: env.IMAGE_TYPE == 'gcp' && inputs.run_test == 'true'
+      uses: actions/checkout@v5
+      with:
+        path: cloud-image-tests
+        #repository: GoogleCloudPlatform/cloud-image-tests
+        repository: jonathanspw/cloud-image-tests
+        ref: "local_build_fixes"
+
+    # - name: 'Build Google cloud-image-testing docker image'
+    #   if: env.IMAGE_TYPE == 'gcp' && inputs.run_test == 'true'
+    #   shell: bash
+    #   run: |
+    #     cd cloud-image-tests
+    #     docker build -t cloud-image-tests -f Dockerfile .
+
+    - name: Build Google cloud-image-testing manager
+      if: env.IMAGE_TYPE == 'gcp' && inputs.run_test == 'true'
+      shell: bash
+      run: |
+        cd cloud-image-tests
+        ./local_build.sh -j $(nproc) -o bin
+
+    - name: 'Run Google cloud-image-testing tests (basic suite)'
+      if: env.IMAGE_TYPE == 'gcp' && inputs.run_test == 'true'
+      shell: bash
+      run: |
+        cd cloud-image-tests
+        ./bin/manager \
+          -local_path bin \
+          -project almalinux-image-testing-469421 \
+          -filter '^(cvm|livemigrate|suspendresume|loadbalancer|guestagent|hostnamevalidation|imageboot|licensevalidation|network|security|hotattach|lssd|disk|packagevalidation|ssh|metadata|vmspec)$' \
+          -images 'projects/almalinux-dev-images-469421/global/images/family/almalinux-${{ env.version_major }}${{ inputs.arch == 'aarch64' && '-arm64' || '' }}' \
+          -parallel_stagger 10s -parallel_count 20
 
     - name: Test ${{ inputs.type }} ${{ inputs.variant }} image
       # Skip testing for vagrant_virtualbox on GH runner because 'vugrant up' fails to connect to the newly created VM via ssh:
@@ -474,6 +631,15 @@ runs:
         name: ${{ env.IMAGE_NAME }}
         path: ${{ env.IMAGE_FILE }}
 
+    - uses: actions/upload-artifact@v4
+      name: Store repo metadata as artifact
+      id: repo-meta-artifact
+      if: inputs.store_as_artifact == 'true'
+      with:
+        compression-level: 9
+        name: ${{ env.IMAGE_NAME }}.repo-metadata.txt
+        path: ${{ env.IMAGE_FILE }}.repo-metadata.txt
+
     - uses: actions/upload-artifact@v4
       name: Store checksum as artifact
       id: checksum-artifact
@@ -488,7 +654,7 @@ runs:
       id: pkglist-artifact
       if: inputs.store_as_artifact  == 'true' && env.got_pkgs_list == 'true'
       with:
-        compression-level: 1
+        compression-level: 9
         name: ${{ env.IMAGE_NAME }}.txt
         path: ${{ env.IMAGE_FILE }}.txt