From 3891f4033d786555e82e41158de75c533da9b3b2 Mon Sep 17 00:00:00 2001
From: Ableytner <emanuel.ableitner@gmx.at>
Date: Sat, 20 Dec 2025 22:13:27 +0100
Subject: [PATCH 1/5] add a basic docker test

---
 .github/workflows/run-build-images.yaml | 31 ++++++++++++++++++++++++-
 linux/Dockerfile                        |  6 +++--
 linux/scripts/entrypoint.sh             |  8 ++++++-
 linux/scripts/run-tests.sh              | 14 +++++++++++
 4 files changed, 55 insertions(+), 4 deletions(-)
 create mode 100755 linux/scripts/run-tests.sh

diff --git a/.github/workflows/run-build-images.yaml b/.github/workflows/run-build-images.yaml
index a0f20fd..65aaf80 100644
--- a/.github/workflows/run-build-images.yaml
+++ b/.github/workflows/run-build-images.yaml
@@ -11,9 +11,38 @@ jobs:
     uses: ./.github/workflows/define-build-linux-image.yaml
     secrets: inherit
 
-  push:
+  test-linux:
     needs: [build-linux]
     runs-on: [self-hosted, linux]
+    steps:
+    - name: lowercase github.repository
+      run: |
+        echo "IMAGE_NAME=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >>${GITHUB_ENV}
+    - name: Download cached docker image
+      run: |
+        curl -X GET http://192.168.0.11:25000/attachments/gha-runner/1/image_ubuntu.tar -o /tmp/image_ubuntu.tar
+    - name: Load image
+      run: |
+        docker load --input /tmp/image_ubuntu.tar
+    - name: Run container with tests
+      run: |
+        docker run --name gha-runner --runtime sysbox-runc -e TEST_ONLY_RUN=yes -e REPO=Ableytner/docker-github-actions-runner -e TOKEN=XXXX ${{ env.IMAGE_NAME }}:latest
+        if [[ $? -ne 0 ]]; then
+          echo "tests failed!"
+          exit 1
+        fi
+    - name: Print out server container logs
+      if: failure()
+      run: |
+        docker logs ${{ env.CONTAINER_ID }}
+    - name: Stop and delete server container
+      if: always()
+      run: |
+        docker rm -f ${{ env.CONTAINER_ID }}
+
+  push:
+    needs: [test-linux]
+    runs-on: [self-hosted, linux]
     permissions:
       contents: read
       packages: write
diff --git a/linux/Dockerfile b/linux/Dockerfile
index d42780a..7384064 100644
--- a/linux/Dockerfile
+++ b/linux/Dockerfile
@@ -1,7 +1,9 @@
 FROM ubuntu:22.04
 
+# NOTE: CONTAINERD_VERSION needs to stay the same due to:
+# https://github.com/nestybox/sysbox/issues/973
 ARG RUNNER_VERSION="2.330.0" \
-  CONTAINERD_VERSION="2.2.1" \
+  CONTAINERD_VERSION="1.7.28" \
   DOCKER_VERSION="29.1.3" \
   BUILDX_VERSION="0.30.1" \
   COMPOSE_VERSION="2.40.3" \
@@ -66,7 +68,7 @@ RUN mkdir -p /home/runner/tmp \
   && getent group docker || groupadd docker > /dev/null \
   && usermod -aG docker runner
 
-COPY --chmod=755 scripts/entrypoint.sh /entrypoint.sh
+COPY --chmod=755 scripts/* /
 
 # switch to the runner user
 USER runner
diff --git a/linux/scripts/entrypoint.sh b/linux/scripts/entrypoint.sh
index 0d29111..fce1d3f 100644
--- a/linux/scripts/entrypoint.sh
+++ b/linux/scripts/entrypoint.sh
@@ -26,10 +26,16 @@ if [[ "$(service docker status)" == *"Docker is running"* ]]; then
     echo "Done!"
 else
     echo "Docker didn't start, status is:"
-    echo $(service docker status)
+    service docker status
     exit 1
 fi
 
+# [RUN TESTS]
+if [[ -v TEST_ONLY_RUN ]]; then
+    /run-tests.sh
+    exit 0
+fi
+
 # [START]
 
 echo "Registering runner..."
diff --git a/linux/scripts/run-tests.sh b/linux/scripts/run-tests.sh
new file mode 100755
index 0000000..1eebd43
--- /dev/null
+++ b/linux/scripts/run-tests.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -o nounset  # exit if unset variable is used
+set -e          # exit on command error
+
+docker container ls
+container_id=$(docker run -d hello-world)
+echo $container_id
+docker logs $container_id
+docker rm $container_id
+docker container ls
+
+# run some docker container for testing
+echo "test succeeded!"

From b419baa1ca346bd89a44d815f379b5fa345f2cda Mon Sep 17 00:00:00 2001
From: Ableytner <emanuel.ableitner@gmx.at>
Date: Sat, 20 Dec 2025 22:25:06 +0100
Subject: [PATCH 2/5] install sysbox, skip tests for now

---
 .github/workflows/run-build-images.yaml | 1 +
 linux/Dockerfile                        | 2 ++
 linux/scripts/entrypoint.sh             | 1 +
 linux/scripts/run-tests.sh              | 3 ---
 4 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/run-build-images.yaml b/.github/workflows/run-build-images.yaml
index 65aaf80..f2409bd 100644
--- a/.github/workflows/run-build-images.yaml
+++ b/.github/workflows/run-build-images.yaml
@@ -25,6 +25,7 @@ jobs:
       run: |
         docker load --input /tmp/image_ubuntu.tar
     - name: Run container with tests
+      if: failure()
       run: |
         docker run --name gha-runner --runtime sysbox-runc -e TEST_ONLY_RUN=yes -e REPO=Ableytner/docker-github-actions-runner -e TOKEN=XXXX ${{ env.IMAGE_NAME }}:latest
         if [[ $? -ne 0 ]]; then
diff --git a/linux/Dockerfile b/linux/Dockerfile
index 7384064..4a2bc33 100644
--- a/linux/Dockerfile
+++ b/linux/Dockerfile
@@ -7,6 +7,7 @@ ARG RUNNER_VERSION="2.330.0" \
   DOCKER_VERSION="29.1.3" \
   BUILDX_VERSION="0.30.1" \
   COMPOSE_VERSION="2.40.3" \
+  SYSBOX_VERSION="0.6.7" \
   ARCH="amd64" \
   INSTRUCTION_SET="x64"
 
@@ -62,6 +63,7 @@ RUN mkdir -p /home/runner/tmp \
   && curl -L ${BASE_URL}/docker-ce-cli_${DOCKER_VERSION}-1~ubuntu.22.04~jammy_${ARCH}.deb -o ./docker-ce-cli.deb \
   && curl -L ${BASE_URL}/docker-buildx-plugin_${BUILDX_VERSION}-1~ubuntu.22.04~jammy_${ARCH}.deb -o ./docker-buildx-plugin.deb \
   && curl -L ${BASE_URL}/docker-compose-plugin_${COMPOSE_VERSION}-1~ubuntu.22.04~jammy_${ARCH}.deb -o ./docker-compose-plugin.deb \
+  && curl -L https://downloads.nestybox.com/sysbox/releases/v${SYSBOX_VERSION}/sysbox-ce_${SYSBOX_VERSION}-0.linux_amd64.deb -o ./sysbox.deb \
   && apt-get install -y $(ls *.deb | sed -e "s/^/.\//") \
   && rm $(ls *.deb) \
   && sed -i 's/ulimit -Hn/# ulimit -Hn/g' /etc/init.d/docker \
diff --git a/linux/scripts/entrypoint.sh b/linux/scripts/entrypoint.sh
index fce1d3f..565dde7 100644
--- a/linux/scripts/entrypoint.sh
+++ b/linux/scripts/entrypoint.sh
@@ -33,6 +33,7 @@ fi
 # [RUN TESTS]
 if [[ -v TEST_ONLY_RUN ]]; then
     /run-tests.sh
+    echo "all tests succeeded!"
     exit 0
 fi
 
diff --git a/linux/scripts/run-tests.sh b/linux/scripts/run-tests.sh
index 1eebd43..c764b92 100755
--- a/linux/scripts/run-tests.sh
+++ b/linux/scripts/run-tests.sh
@@ -9,6 +9,3 @@ echo $container_id
 docker logs $container_id
 docker rm $container_id
 docker container ls
-
-# run some docker container for testing
-echo "test succeeded!"

From f849d53e65473ccc17d6f501b724f760c07a4236 Mon Sep 17 00:00:00 2001
From: Ableytner <emanuel.ableitner@gmx.at>
Date: Sat, 20 Dec 2025 22:28:31 +0100
Subject: [PATCH 3/5] use correct container name

---
 .github/workflows/run-build-images.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/run-build-images.yaml b/.github/workflows/run-build-images.yaml
index f2409bd..b2181a2 100644
--- a/.github/workflows/run-build-images.yaml
+++ b/.github/workflows/run-build-images.yaml
@@ -35,11 +35,11 @@ jobs:
     - name: Print out server container logs
       if: failure()
       run: |
-        docker logs ${{ env.CONTAINER_ID }}
+        docker logs gha-runner
     - name: Stop and delete server container
       if: always()
       run: |
-        docker rm -f ${{ env.CONTAINER_ID }}
+        docker rm -f gha-runner
 
   push:
     needs: [test-linux]

From 4b0843307a9a5c6e2fffbd1bfa20c6c6823745a5 Mon Sep 17 00:00:00 2001
From: Ableytner <emanuel.ableitner@gmx.at>
Date: Sat, 20 Dec 2025 22:53:51 +0100
Subject: [PATCH 4/5] use correct container tag

---
 .github/workflows/run-build-images.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/run-build-images.yaml b/.github/workflows/run-build-images.yaml
index b2181a2..da4e0bf 100644
--- a/.github/workflows/run-build-images.yaml
+++ b/.github/workflows/run-build-images.yaml
@@ -27,7 +27,7 @@ jobs:
     - name: Run container with tests
       if: failure()
       run: |
-        docker run --name gha-runner --runtime sysbox-runc -e TEST_ONLY_RUN=yes -e REPO=Ableytner/docker-github-actions-runner -e TOKEN=XXXX ${{ env.IMAGE_NAME }}:latest
+        docker run --name gha-runner --runtime sysbox-runc -e TEST_ONLY_RUN=yes -e REPO=Ableytner/docker-github-actions-runner -e TOKEN=XXXX ${{ env.IMAGE_NAME }}:latest-ubuntu
         if [[ $? -ne 0 ]]; then
           echo "tests failed!"
           exit 1

From e837c6054d6636745851557525ef109a5782772c Mon Sep 17 00:00:00 2001
From: Ableytner <emanuel.ableitner@gmx.at>
Date: Sat, 20 Dec 2025 23:42:32 +0100
Subject: [PATCH 5/5] install systemctl alternative

---
 linux/Dockerfile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/linux/Dockerfile b/linux/Dockerfile
index 4a2bc33..b47951d 100644
--- a/linux/Dockerfile
+++ b/linux/Dockerfile
@@ -39,7 +39,11 @@ RUN apt-get update \
   build-essential \
   jq \
   zip \
-  unzip
+  unzip \
+  wget
+
+# install systemd alternative
+RUN wget https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/master/files/docker/systemctl3.py -O /usr/local/bin/systemctl
 
 # install gh cli
 RUN curl -L -H "Accept: application/vnd.github+json" https://api.github.com/repos/cli/cli/releases/latest \