From 6e9f6714ead12dda57e13d73309f18fee7809ddf Mon Sep 17 00:00:00 2001
From: Gregory Giguashvili <ggiguash@redhat.com>
Date: Mon, 10 Nov 2025 17:51:24 +0200
Subject: [PATCH 1/2] GitHub actions do not support type attribute - only
 strings

---
 .github/actions/build-deb/action.yaml    |  2 --
 .github/actions/build-okd/action.yaml    |  7 -------
 .github/actions/build/action.yaml        | 16 ++--------------
 .github/actions/podman-login/action.yaml |  5 +----
 .github/actions/sos-report/action.yaml   |  5 ++---
 .github/workflows/release-okd.yaml       |  2 +-
 6 files changed, 6 insertions(+), 31 deletions(-)

diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml
index 2024fef7..9cebee55 100644
--- a/.github/actions/build-deb/action.yaml
+++ b/.github/actions/build-deb/action.yaml
@@ -5,11 +5,9 @@ inputs:
   ushift-branch:
     description: MicroShift branch from https://github.com/openshift/microshift/branches
     required: true
-    type: string
   okd-version-tag:
     description: OKD version tag from https://quay.io/repository/okd/scos-release?tab=tags
     required: true
-    type: string
 
 runs:
   using: "composite"
diff --git a/.github/actions/build-okd/action.yaml b/.github/actions/build-okd/action.yaml
index a08e1a97..dcb126f8 100644
--- a/.github/actions/build-okd/action.yaml
+++ b/.github/actions/build-okd/action.yaml
@@ -5,33 +5,26 @@ inputs:
   ushift-branch:
     description: MicroShift branch from https://github.com/openshift/microshift/branches
     required: true
-    type: string
   okd-version-tag:
     description: OKD version tag from https://quay.io/repository/okd/scos-release?tab=tags
     required: true
-    type: string
   bootc-image-url:
     description: Base Bootc image URL used in `make image` command
     required: false
     default: quay.io/centos-bootc/centos-bootc
-    type: string
   bootc-image-tag:
     description: Base Bootc image tag used in `make image` command
     required: false
     default: stream9
-    type: string
   target-arch:
     description: Target architecture for the OKD images
     required: true
-    type: string
   target-registry:
     description: Target registry for the OKD images
     required: true
-    type: string
   token:
     description: Token for the GitHub Container Registry
     required: true
-    type: string
 
 runs:
   using: "composite"
diff --git a/.github/actions/build/action.yaml b/.github/actions/build/action.yaml
index 24e59270..92c0b9af 100644
--- a/.github/actions/build/action.yaml
+++ b/.github/actions/build/action.yaml
@@ -1,48 +1,36 @@
-name: build-rpms-and-images
+name: build-microshift
 description: Reusable action to build MicroShift RPMs and container images
 
 inputs:
   ushift-branch:
     description: MicroShift branch from https://github.com/openshift/microshift/branches
     required: true
-    type: string
   okd-version-tag:
     description: OKD version tag from https://quay.io/repository/okd/scos-release?tab=tags
     required: true
-    type: string
   bootc-image-url:
     description: Base Bootc image URL used in `make image` command
     required: false
     default: quay.io/centos-bootc/centos-bootc
-    type: string
   bootc-image-tag:
     description: Base Bootc image tag used in `make image` command
     required: false
     default: stream9
-    type: string
   isolated-network:
     description: Build and test the isolated network container image
     required: false
     default: 0
-    type: integer
   ovnk-networking:
     description: Use OVN-K networking
     required: false
     default: 0
-    type: integer
   node-count:
     description: Number of nodes in the MicroShift cluster
     required: false
     default: 1
-    type: integer
   build:
-    type: choice
-    description: Types of artifacts to build
+    description: Types of artifacts to build (all, rpms, bootc-image)
     required: true
-    options:
-    - all
-    - rpms
-    - bootc-image
 
 runs:
   using: "composite"
diff --git a/.github/actions/podman-login/action.yaml b/.github/actions/podman-login/action.yaml
index 8ff7481c..7ff1a755 100644
--- a/.github/actions/podman-login/action.yaml
+++ b/.github/actions/podman-login/action.yaml
@@ -5,22 +5,19 @@ inputs:
   registry:
     description: Registry to login to
     required: false
-    type: string
     default: ghcr.io
   username:
     description: Username to login with
     required: false
-    type: string
     default: ${{ github.actor }}
   token:
     description: Token for the registry
     required: true
-    type: string
 
 runs:
   using: "composite"
   steps:
-    - name: Login to GitHub Container Registry
+    - name: Login to the container registry
       uses: redhat-actions/podman-login@v1
       with:
         registry: ${{ inputs.registry }}
diff --git a/.github/actions/sos-report/action.yaml b/.github/actions/sos-report/action.yaml
index e68d4fee..1f8bb045 100644
--- a/.github/actions/sos-report/action.yaml
+++ b/.github/actions/sos-report/action.yaml
@@ -6,7 +6,6 @@ inputs:
     description: Collect the sos-report on the host if true or in the MicroShift container otherwise
     required: false
     default: false
-    type: boolean
 
 runs:
   using: "composite"
@@ -16,7 +15,7 @@ runs:
       uses: ./.github/actions/arch
 
     - name: Collect sos-report in the MicroShift containers
-      if: inputs.collect-on-host == false
+      if: ${{ inputs.collect-on-host == 'false' }}
       shell: bash
       run: |
         set -euo pipefail
@@ -41,7 +40,7 @@ runs:
         done
 
     - name: Collect sos-report on the host
-      if: inputs.collect-on-host == true
+      if: ${{ inputs.collect-on-host == 'true' }}
       shell: bash
       run: |
         set -euo pipefail
diff --git a/.github/workflows/release-okd.yaml b/.github/workflows/release-okd.yaml
index 7ef45bd8..b1016ed0 100644
--- a/.github/workflows/release-okd.yaml
+++ b/.github/workflows/release-okd.yaml
@@ -15,7 +15,7 @@ on:
         description: OKD version tag from https://quay.io/repository/okd/scos-release?tab=tags
         type: string
       okd-target-registry:
-        default: ghcr.io/microshift-io/okd
+        default: "ghcr.io/microshift-io/okd"
         description: Target registry for the OKD release images for ARM
         type: string
 

From 12699462620eed3013031b85427fa831dd5f57d7 Mon Sep 17 00:00:00 2001
From: Gregory Giguashvili <ggiguash@redhat.com>
Date: Mon, 10 Nov 2025 17:59:39 +0200
Subject: [PATCH 2/2] Add max-time limits on selected curl commands

---
 .github/actions/build/action.yaml       | 2 +-
 .github/actions/okd-version/action.yaml | 2 +-
 Makefile                                | 2 +-
 src/quickstart.sh                       | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/actions/build/action.yaml b/.github/actions/build/action.yaml
index 92c0b9af..3e7e81ad 100644
--- a/.github/actions/build/action.yaml
+++ b/.github/actions/build/action.yaml
@@ -92,7 +92,7 @@ runs:
         # Verify that Internet access is not available in the container
         # when the isolated network is enabled
         if [ "${{ inputs.isolated-network }}" = "1" ]; then
-          for cmd in "ping -c1 8.8.8.8" "curl -I quay.io" "curl -I ghcr.io"; do
+          for cmd in "ping -c1 -W10 8.8.8.8" "curl -I -m 10 quay.io" "curl -I -m 10 ghcr.io"; do
             if sudo podman exec -i microshift-okd ${cmd} ; then
               echo "ERROR: Internet access is available in the isolated network container"
               exit 1
diff --git a/.github/actions/okd-version/action.yaml b/.github/actions/okd-version/action.yaml
index fc4a7cba..63a0bfb1 100644
--- a/.github/actions/okd-version/action.yaml
+++ b/.github/actions/okd-version/action.yaml
@@ -15,7 +15,7 @@ runs:
       run: |
         sudo apt-get install -y jq
         # Get the latest OKD version tag
-        okd_version_tag="$(curl -s https://quay.io/api/v1/repository/okd/scos-release/tag/ | jq -r ".tags[].name" | sort | tail -1)"
+        okd_version_tag="$(curl -s --max-time 60 https://quay.io/api/v1/repository/okd/scos-release/tag/ | jq -r ".tags[].name" | sort | tail -1)"
         if [ -z "${okd_version_tag}" ]; then
           echo "ERROR: No OKD version tag found"
           exit 1
diff --git a/Makefile b/Makefile
index f7f37b17..c4598330 100644
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@
 
 # Options used in the 'rpm' target
 USHIFT_BRANCH ?= main
-OKD_VERSION_TAG ?= $$(curl -s https://quay.io/api/v1/repository/okd/scos-release/tag/ | jq -r ".tags[].name" | sort | tail -1)
+OKD_VERSION_TAG ?= $$(curl -s --max-time 60 https://quay.io/api/v1/repository/okd/scos-release/tag/ | jq -r ".tags[].name" | sort | tail -1)
 RPM_OUTDIR ?=
 # Options used in the 'image' target
 BOOTC_IMAGE_URL ?= quay.io/centos-bootc/centos-bootc
diff --git a/src/quickstart.sh b/src/quickstart.sh
index 7396bb8b..eb129d8c 100755
--- a/src/quickstart.sh
+++ b/src/quickstart.sh
@@ -83,7 +83,7 @@ fi
 
 # Update the tag for the latest version
 if [ "${TAG}" == "latest" ] ; then
-    TAG="$(curl -s "https://api.github.com/repos/${OWNER}/${REPO}/releases/latest" | jq -r .tag_name)"
+    TAG="$(curl -s --max-time 60 "https://api.github.com/repos/${OWNER}/${REPO}/releases/latest" | jq -r .tag_name)"
     if [ -z "${TAG}" ] || [ "${TAG}" == "null" ] ; then
         echo "ERROR: Could not determine the latest release tag from GitHub"
         exit 1