Build and run the container with podman fixes

It respects .dockerignore, thus .bingo directory should be included. When untar an archive of secrets we should use  --no-same-owner to not modify the ownership. No need to check if dev-config.yaml exists when it is already ignored. Furthremore the new build us with no cache, when log in to ACR you will use -ojson flag, and we compare repo tag vs each existing tag

Dockerfile.full-rp-dev.dockerignore

@@ -8,5 +8,8 @@
 !go.sum
 !hack
 !pkg
+!test
 !vendor
-!.git
+!Dockerfile.aro-multistage
+!.git
+!.bingo

Makefile

@@ -229,7 +229,7 @@ secrets:
 	@[ "${SECRET_SA_ACCOUNT_NAME}" ] || ( echo ">> SECRET_SA_ACCOUNT_NAME is not set"; exit 1 )
 	rm -rf secrets
 	az storage blob download -n secrets.tar.gz -c secrets -f secrets.tar.gz --account-name ${SECRET_SA_ACCOUNT_NAME} >/dev/null
-	tar -xzf secrets.tar.gz
+	tar -xzf secrets.tar.gz --no-same-owner
 	rm secrets.tar.gz
 
 .PHONY: secrets-update
@@ -557,12 +557,13 @@ run-rp: ci-rp podman-secrets
 
 .PHONY: full-rp-dev
 full-rp-dev: # Build and run a full-rp-dev container for automating full-rp-dev
-	docker build --build-arg AZURE_PREFIX=$(AZURE_PREFIX) \
+	podman build --build-arg AZURE_PREFIX=$(AZURE_PREFIX) \
 		--build-arg LOCATION=$(RP_LOCATION) \
 		--build-arg SKIP_DEPLOYMENTS=$(SKIP_DEPLOYMENTS) \
+		--no-cache=$(NO_CACHE) \
 		-f Dockerfile.full-rp-dev \
 		-t $(FULL_RP_DEV_IMAGE) .
-	docker run --rm -it --user=0 --privileged \
+	podman run --rm -it --user=0 --privileged \
 		-v /dev/shm:/dev/shm \
 		-v "${HOME}/.azure:/root/.azure" \
 		--device /dev/net/tun \

hack/devtools/rp_dev_helper.sh

@@ -119,7 +119,7 @@ copy_digest_tag() {
 
     log "INFO: Copy image from one ACR to another ..."
 
-    src_auth="$(jq -r '.auths["'"$src_acr_name"'.azurecr.io"].auth' <<< $pull_secret | base64 -d)"
+    src_auth="$(jq -r '.auths["'"$src_acr_name"'.azurecr.io"].auth' <<< "$pull_secret" | base64 -d)"
     dst_token="$(az acr login -n "${dst_acr_name}" --expose-token | jq -r .accessToken)"
 
     skopeo copy \
@@ -138,21 +138,28 @@ check_acr_repo() {
 
    # Don't skip deployment creation when skip_deployments was set to 'false'
     if is_boolean "$skip_deployments" && [ "${skip_deployments}" = false ]; then
-        log "'skip_deployments' was set to 'false'. ❌⏩ Don't skip ACR '$acr_name' repo mirroring for repository '${repository}'."
+        log "'skip_deployments' was set to 'false'. ❌⏩ Don't skip ACR '${acr_name}' repo mirroring for repository '${repository}'."
         return 1
     fi
 
     # Check if the repository tag is not empty and if it matches an optional tag
-    repo_tag="$(az acr repository show-tags --name "$acr_name" --repository "${repository}" -o tsv | awk '{printf "%s%s", sep, $0; sep=","} END {print ""}')"
-    if [[ -n "$repo_tag" ]]; then
-        if [[ "${tag}" != "no-tag" && "${tag}" != "${repo_tag}" ]] ; then
-            log "🔴✈️ Repository '${repository}' in ACR '$acr_name' exists with different tag/s '${repo_tag}'. Expected tag: '${tag}'."
+    repo_tags="$(az acr repository show-tags --name "${acr_name}" --repository "${repository}" -o tsv | awk '{printf "%s%s", sep, $0; sep=","} END {print ""}')"
+    if [[ -n "${repo_tags}" ]]; then
+        if [[ "${tag}" != "no-tag" ]]; then
+            IFS=',' read -r -a repo_tags_array <<< "${repo_tags}"
+            for repo_tag in "${repo_tags_array[@]}"; do
+                if [[ "${repo_tag}" == "${tag}" ]]; then
+                    log "🟢✈️ Repository '${repository}' in ACR '${acr_name}' exists with tag '${repo_tag}'."
+                    return 0
+                fi
+            done
+            log "🔴✈️ Repository '${repository}' in ACR '${acr_name}' exists with different tag/s '${repo_tags}'. Expected tag: '${tag}'."
             return 1
         fi
-        log "🟢✈️ Repository '${repository}' in ACR '$acr_name' exists with tag '${repo_tag}'."
+        log "🟢✈️ Repository '${repository}' in ACR '${acr_name}' exists with tag '${repo_tags}'."
         return 0
     fi
-    log "🔴❌✈️ Repository '${repository}' doesn't exist in ACR '$acr_name'."
+    log "🔴❌✈️ Repository '${repository}' doesn't exist in ACR '${acr_name}'."
     return 1
 }
 

hack/rp-dev/full_rp_funcs.sh

@@ -32,13 +32,7 @@ setup_rp_config() {
   export ARO_IMAGE="${azure_prefix}aro.azurecr.io/aro:${git_commit}"
 
   # Generate new dev-config.yaml
-  if [ -f "dev-config.yaml" ]; then
-    rm dev-config.yaml
-  fi
   make dev-config.yaml
-  if [ ! -f "dev-config.yaml" ]; then
-    abort "File dev-config.yaml does not exist."
-  fi
   log "Success step 2 ✅ - Config file dev-config.yaml has been created"
 }
 
@@ -140,7 +134,7 @@ mirror_images() {
   export DST_ACR_NAME="${azure_prefix}aro"
   export SRC_AUTH_QUAY="$(jq -r '.auths."quay.io".auth' <<< "${user_pull_secret}")"
   export SRC_AUTH_REDHAT="$(jq -r '.auths."registry.redhat.io".auth' <<< "${user_pull_secret}")"
-  export DST_AUTH="$(echo -n '00000000-0000-0000-0000-000000000000:'"$(az acr login -n "${DST_ACR_NAME}" --expose-token | jq -r .accessToken)" | base64 -w0)"
+  export DST_AUTH="$(echo -n '00000000-0000-0000-0000-000000000000:'"$(az acr login -n "${DST_ACR_NAME}" -ojson --expose-token | jq -r .accessToken)" | base64 -w0)"
   docker login -u 00000000-0000-0000-0000-000000000000 -p "$(echo "$DST_AUTH" | base64 -d | cut -d':' -f2)" "${DST_ACR_NAME}.azurecr.io"
   local acr_string="ACR '${DST_ACR_NAME}'"
   log "Success step 6a ✈️ 🏷️ - Login to ${acr_string}"