From 987da0613617d29e5f5168c0277b8a5765c72d65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hozza?= Date: Thu, 27 Mar 2025 09:35:52 +0100 Subject: [PATCH] deploy.sh: set `network_backend` to `netavark` in containers.conf MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add a workaround for the issue that podman falls back to the 'cni' network backend when finding any container images in the local storage when executed for the first time. Since we started embedding container images in our CI runner images, this resulted in failures, because the OS is missing some required CNI plugins. Until we somehow fix this in osbuild, we explicitly set the network backend to 'netavark'. This is relevant only for RHEL-9 / c9s, because Fedora since F40 and el10 support only `netavark` backend. Signed-off-by: Tomáš Hozza --- schutzbot/deploy.sh | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/schutzbot/deploy.sh b/schutzbot/deploy.sh index 24aa3786d..25ffb2b0f 100755 --- a/schutzbot/deploy.sh +++ b/schutzbot/deploy.sh @@ -166,3 +166,20 @@ if [ -n "${CI}" ]; then # which are outside the build directory cp /etc/yum.repos.d/*.repo "$(pwd)" fi + +# NB: The following is a workaround for the issue that podman falls back to +# the 'cni' network backend when finding any container images in the local +# storage when executed for the first time. Since we started embedding +# container images in our CI runner images, this resulted in failures, +# because the OS is missing some required CNI plugins. Until we somehow fix +# this in osbuild, we explicitly set the network backend to 'netavark'. +# This is relevant only for RHEL-9 / c9s, because Fedora since F40 and el10 +# support only `netavark` backend. +if [[ $ID == "rhel" && ${VERSION_ID%.*} == "9" ]]; then + greenprint "containers.conf: explicitly setting network_backend to 'netavark'" + sudo mkdir -p /etc/containers/containers.conf.d + sudo tee /etc/containers/containers.conf.d/network_backend.conf > /dev/null << EOF +[network] +network_backend = "netavark" +EOF +fi