USHIFT-6547: Add RHEL 10 CI lane

test/bin/ci_phase_iso_build.sh

@@ -66,6 +66,9 @@ update_build_cache() {
     # Build the composer-cli base layer and brew RPMs to be cached
     $(dry_run) bash -x ./bin/build_images.sh -l ./image-blueprints/layer1-base
     $(dry_run) bash -x ./bin/build_images.sh -l ./image-blueprints/layer4-release
+
+    # Build templates
+    $(dry_run) bash -x ./bin/build_bootc_images.sh -g ./image-blueprints-bootc/templates
     # Build the bootc base layer and brew RPMs to be cached
     $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer1-base
     $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer4-release
@@ -115,28 +118,44 @@ run_image_build() {
 run_bootc_image_build() {
     make -C "${ROOTDIR}" verify-containers
 
+    # Build templates first
+    $(dry_run) bash -x ./bin/build_bootc_images.sh -g ./image-blueprints-bootc/templates
+
     if [ -v CI_JOB_NAME ] ; then
-        # Skip all image builds for release testing CI jobs because all the images are fetched from the cache.
-        if [[ "${CI_JOB_NAME}" =~ .*release(-arm)?$ ]]; then
-            $(dry_run) bash -x ./bin/build_bootc_images.sh -X
-            return
-        fi
 
-        $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer1-base
-        $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer2-presubmit
+        local -r os="${CI_JOB_NAME##*-}"
+
+        if [[ "${os}" == "el9" || "${os}" == "el10" ]]; then
 
-        if [[ "${CI_JOB_NAME}" =~ .*periodic.* ]]; then
-            $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer3-periodic
+            $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer1-base
+            $(dry_run) bash -x ./bin/build_bootc_images.sh -l "./image-blueprints-bootc/${os}/layer2-presubmit"
+
+            if [[ "${os}" == "el10" ]]; then
+                # Build el9 images for upgrade tests
+                $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/el9/layer2-presubmit
+            fi
+
+            if [[ "${CI_JOB_NAME}" =~ .*periodic.* ]]; then
+                $(dry_run) bash -x ./bin/build_bootc_images.sh -l "./image-blueprints-bootc/${os}/layer3-periodic"
+            fi
+            if [[ "${CI_JOB_NAME}" =~ .*release.* ]]; then
+                $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer4-release
+            fi
         fi
+
+        # Build upstream images
         if [[ "${CI_JOB_NAME}" =~ .*upstream.* ]]; then
-            $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer5-upstream
+            $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/upstream
         fi
     else
         $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer1-base
-        $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer2-presubmit
-        $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer3-periodic
+        # Full build for all OS versions
+        for os_ver in el9 el10; do
+            $(dry_run) bash -x ./bin/build_bootc_images.sh -l "./image-blueprints-bootc/${os_ver}/layer2-presubmit"
+            $(dry_run) bash -x ./bin/build_bootc_images.sh -l "./image-blueprints-bootc/${os_ver}/layer3-periodic"
+        done
         $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer4-release
-        $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/layer5-upstream
+        $(dry_run) bash -x ./bin/build_bootc_images.sh -l ./image-blueprints-bootc/upstream
     fi
 }
 

test/image-blueprints-bootc/el10/layer3-periodic/group1/rhel102-bootc-source-isolated.containerfile

@@ -0,0 +1,34 @@
+FROM localhost/rhel102-bootc-source:latest
+
+# The qemu-guest-agent is used in offline tests
+RUN dnf install -y qemu-guest-agent && \
+    systemctl enable qemu-guest-agent && \
+    dnf clean all
+
+# Override the default qemu-ga service configuration on the guest to allow all RPCs.
+# BLOCK_RPCS is a deny-list of qemu-guest-agent RPCs to block, such as file read/write, process execution, etc. By
+# default, all RPCs are blocked.
+# FREEZE_HOOK_PATHNAME is the dir-path containing hook scripts. This override does not change the default value.
+# These scripts are executed before or after guest image snapshot ops ("freezing" and "thawing" in libvirt speak).
+# No hooks are installed by default.
+RUN printf '\
+\# This is a systemd environment file, not a shell script.\n\
+\# It provides settings for "/lib/systemd/system/qemu-guest-agent.service".\n\
+BLOCK_RPCS=\n\
+FSFREEZE_HOOK_PATHNAME=/etc/qemu-ga/fsfreeze-hook\n' > /etc/sysconfig/qemu-ga
+
+# Embed images based on contents of release-info RPMs
+COPY --chmod=755 ./bootc-images/microshift-copy-images.sh /usr/bin/microshift-copy-images
+RUN --mount=type=secret,id=pullsecret,dst=/run/secrets/pull-secret.json \
+    images="$(jq -r ".images[]" /usr/share/microshift/release/release-"$(uname -m)".json)" ; \
+    images="${images} quay.io/microshift/busybox:1.36" ; \
+    IMAGE_PULL_LIST="${images}" /usr/bin/microshift-copy-images pull
+
+# Install a systemd drop-in unit to address the problem with image upgrades
+# overwriting the container images in additional store. The workaround is to
+# copy the images from the pre-loaded to the main container storage.
+# In this case, it is not necessary to update /etc/containers/storage.conf with
+# the additional store path.
+# See https://issues.redhat.com/browse/RHEL-75827
+RUN mkdir -p /usr/lib/systemd/system/microshift.service.d
+COPY --chmod=644 ./bootc-images/microshift-copy-images.conf /usr/lib/systemd/system/microshift.service.d/microshift-copy-images.conf

test/image-blueprints-bootc/el10/layer3-periodic/group2/rhel102-bootc-source-isolated.image-bootc

@@ -0,0 +1 @@
+localhost/rhel102-bootc-source-isolated:latest

test/image-blueprints-bootc/layer4-release/group2/rhel102-bootc-brew-lrel-optional.image-bootc

@@ -0,0 +1,3 @@
+{{- if env.Getenv "BREW_LREL_RELEASE_VERSION" "" -}}
+localhost/rhel102-bootc-brew-lrel-optional:latest
+{{- end }}