From 3b0b3f033504a37707847265cebf027f14c4cd9b Mon Sep 17 00:00:00 2001
From: Malte Poll <mp@edgeless.systems>
Date: Tue, 2 Aug 2022 17:14:13 +0200
Subject: [PATCH] Use local CoreOS assembler image instead of ghcr

---
 .github/workflows/build-coreos.yml | 1 +
 image/Makefile                     | 5 +++++
 image/README.md                    | 6 ++++++
 image/docker.env                   | 6 +++---
 image/podman.env                   | 6 +++---
 5 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/build-coreos.yml b/.github/workflows/build-coreos.yml
index 8126f18d6..43876bab1 100644
--- a/.github/workflows/build-coreos.yml
+++ b/.github/workflows/build-coreos.yml
@@ -116,6 +116,7 @@ jobs:
         id: build-and-upload
         shell: bash {0}
         run: |
+          make cosa-image
           make -j$(nproc) CONTAINER_ENGINE=docker NETRC=/tmp/.netrc \
             COSA_INIT_BRANCH="${{ inputs.coreOSConfigBranch }}" \
             GCP_IMAGE_NAME="${{ env.gcpImageName }}" GCP_IMAGE_FAMILY="${{ env.gcpImageFamily }}" \
diff --git a/image/Makefile b/image/Makefile
index 9650a3765..647563c80 100644
--- a/image/Makefile
+++ b/image/Makefile
@@ -22,6 +22,7 @@ DISK_MAPPER_BINARY               ?= $(BASE_PATH)/../build/disk-mapper
 DISK_MAPPER_OVERRIDE_PATH        ?= $(OVERRIDES_ROOTFS)/usr/sbin/disk-mapper
 IMAGES_PATH                      ?= $(BASE_PATH)/images
 CONTAINER_ENGINE                 ?= podman
+COSA_BUILDDIR                    ?= $(BASE_PATH)/../3rdparty/coreos-assembler
 COSA_ENV                         ?= $(BASE_PATH)/$(CONTAINER_ENGINE).env
 COSA_INIT_REPO                   ?= "https://github.com/edgelesssys/constellation-fedora-coreos-config"
 COSA_INIT_BRANCH                 ?= "constellation"
@@ -78,6 +79,10 @@ $(DISK_MAPPER_OVERRIDE_PATH): $(DISK_MAPPER_BINARY) | cosa-init
 	cp $(DISK_MAPPER_BINARY) $@
 	chmod +x $@
 
+cosa-image:
+	-make -j 1 -C $(COSA_BUILDDIR) clean
+	make -j 1 -C $(COSA_BUILDDIR)
+
 cosa-init:
 	-flock $(COSA_LOCKFILE) -c '. $(COSA_ENV) && cd $(COREOS_BUILD_PATH) && NETRC=$(NETRC) cosa init --branch $(COSA_INIT_BRANCH) $(COSA_INIT_REPO)'
 
diff --git a/image/README.md b/image/README.md
index 52143a346..0d90cec34 100644
--- a/image/README.md
+++ b/image/README.md
@@ -62,6 +62,12 @@ Clean up the `build` dir and remove old images (⚠ this will undo any local cha
 sudo make clean
 ```
 
+Ensure you have the modified cosa container image installed:
+
+```shell-session
+make cosa-image
+```
+
 - Build QEMU image (for local testing only)
 
   ```shell-session
diff --git a/image/docker.env b/image/docker.env
index 7fd565c99..cc5f563a9 100644
--- a/image/docker.env
+++ b/image/docker.env
@@ -1,12 +1,12 @@
 cosa() {
     env | grep COREOS_ASSEMBLER
-    local -r COREOS_ASSEMBLER_CONTAINER_LATEST="ghcr.io/edgelesssys/constellation-coreos-assembler:latest"
+    local -r COREOS_ASSEMBLER_CONTAINER_LATEST="localhost/coreos-assembler-test"
     test -t 1 && USE_TTY="-ti"
     set -x
     docker run --rm ${USE_TTY} --security-opt label=disable --privileged                                                      \
                -v ${PWD}:/srv/ --device /dev/kvm --device /dev/fuse                                                           \
-               --tmpfs /tmp -v /var/tmp:/var/tmp --name constellation-cosa --pull always                                      \
-               ${NETRC+-v ${NETRC}:/home/builder/.netrc:ro}                                                                   \
+               --tmpfs /tmp -v /var/tmp:/var/tmp --name constellation-cosa                                                    \
+               -v ${NETRC}:/home/builder/.netrc:ro                                                                            \
                ${COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro}                            \
                ${COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro}                           \
                ${COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS}                                                                     \
diff --git a/image/podman.env b/image/podman.env
index 9c47f29d7..e4310fd7a 100644
--- a/image/podman.env
+++ b/image/podman.env
@@ -1,13 +1,13 @@
 cosa() {
     env | grep COREOS_ASSEMBLER
-    local -r COREOS_ASSEMBLER_CONTAINER_LATEST="ghcr.io/edgelesssys/constellation-coreos-assembler:latest"
+    local -r COREOS_ASSEMBLER_CONTAINER_LATEST="localhost/coreos-assembler-test"
     test -t 1 && USE_TTY="-ti"
     set -x
     podman run --rm ${USE_TTY} --security-opt label=disable --privileged                                                      \
                --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536                                                   \
                -v ${PWD}:/srv/ --device /dev/kvm --device /dev/fuse                                                           \
-               --tmpfs /tmp -v /var/tmp:/var/tmp --name constellation-cosa --pull always                                      \
-               ${NETRC+-v ${NETRC}:/home/builder/.netrc:ro}                                                                   \
+               --tmpfs /tmp -v /var/tmp:/var/tmp --name constellation-cosa                                                    \
+               -v ${NETRC}:/home/builder/.netrc:ro                                                                            \
                ${COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro}                            \
                ${COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro}                           \
                ${COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS}                                                                     \