Ensure builds work properly - architectures must match

* Actually use release version input to run build-iso command
* Buildstamp should be an epoch
* template out the job/pod names instead of doing them in the rendering
* label pods with toleration

iso/empanadas/Containerfile

@@ -1,11 +1,7 @@
-FROM ghcr.io/neilhanlon/skbn:latest as skbn
-
 FROM quay.io/centos/centos:stream9
 
 ADD images/get_arch /get_arch
 
-COPY --from=skbn  /usr/src/app/skbn.git/skbn /usr/local/bin/skbn
-
 ENV TINI_VERSION v0.19.0
 RUN curl -o /tini -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-$(/get_arch)"
 RUN chmod +x /tini
@@ -62,7 +58,7 @@ RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc
 
 RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@feature/iso-kube#egg=empanadas&subdirectory=iso/empanadas'
 
-RUN echo "nameserver 1.1.1.1" > /etc/resolv.conf
+RUN pip install awscli
 
 ENV USER=1002
 USER 1002

iso/empanadas/empanadas/scripts/launch_builds.py

@@ -1,6 +1,7 @@
 # Launches the builds of ISOs
 
 import argparse
+import datetime
 
 from empanadas.common import *
 from empanadas.common import _rootdir
@@ -29,15 +30,16 @@ def run():
     elif results.env == "all":
         arches = EKSARCH+EXTARCH
 
+    command = ["build-iso", "--release", f"{results.release}", "--rc", "--isolation", "simple"]
+
     out = ""
     for arch in arches:
         out += job_template.render(
             architecture=arch,
             backoffLimit=4,
-            command=["build-iso", "--release", "9", "--rc", "--isolation", "simple"],
+            buildTime=datetime.datetime.utcnow().strftime("%s"),
-            containerName=f"buildiso-{major}-{arch}",
+            command=command,
             imageName="ghcr.io/neilhanlon/sig-core-toolkit:latest",
-            jobName=f"build-iso-{arch}",
             namespace="empanadas",
             major=major,
             restartPolicy="Never",

iso/empanadas/empanadas/templates/kube/Job.tmpl

@@ -2,34 +2,35 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: {{ jobName }}
+  name: build-iso-{{ major }}-{{ architecture }}
   namespace: {{ namespace }}
 spec:
   template:
+    metadata:
+      labels:
+        peridot.rockylinux.org/workflow-tolerates-arch: {{ architecture }}
     spec:
       containers:
-      - name: {{ containerName }}
+      - name: buildiso-{{ major }}-{{ architecture }}
-        image: {{ imageName }} 
+        image: {{ imageName }}
-        command: {{ command }}
+        command: ["/bin/bash", "-c"]
-        lifecycle:
+        args:
-          preStop:
+          - |
-            exec:
+            {{ command | join(' ') }}
-              command: [
+            aws s3 cp --recursive --exclude=* --include=lorax* \
-                "skbn",
+            /var/lib/mock/rocky-{{ major }}-$(uname -m)/root/builddir/ \
-                "cp",
+            "s3://resf-empanadas/buildiso-{{ major }}-{{ architecture }}/{{ buildTime }}/"
-                "--src",
-                "/var/lib/mock/rocky-{{ major }}-{{ architecture }}/root/builddir/lorax-*`",
-                "--dst",
-                "s3://resf-empanadas/{{ containerName }}/$(date +%s)/",
-                "--parallel",
-                "2"
-              ]
         securityContext:
           runAsUser: 0
           runAsGroup: 0
           privileged: true
           runAsNonRoot: false
           allowPrivilegeEscalation: true
+        volumeMounts:
+          - mountPath: /etc/resolv.conf
+            name: resolv-conf
+          - mountPath: /var/lib/mock/
+            name: mock
         env:
         - name: AWS_REGION
           value: us-east-2
@@ -49,5 +50,12 @@ spec:
         operator: Equal
         value: {{ architecture }}
       restartPolicy: {{ restartPolicy }}
+      volumes:
+      - name: resolv-conf
+        hostPath:
+          path: /etc/resolv.conf
+          type: File
+      - name: mock
+        emptyDir: {}
   backoffLimit: {{ backoffLimit }}