ci: Use `BOOTC_SKIP_SELINUX_HOST_CHECK`, test labeling of /etc

As we work to change ostree to set up the labels
for things even in a selinux-host-disabled case, let's test
it here.

diff --git a/.github/workflows/bootc.yaml b/.github/workflows/bootc.yaml
index 2df323e63d6bb2c0b2efaba736d93afc8d23d853..5d1cee8730630b523e0b83d1e0b0b8de240478c4 100644 (file)
--- a/.github/workflows/bootc.yaml
+++ b/.github/workflows/bootc.yaml
@@ -35,7 +35,9 @@ jobs:
       - name: bootc install
         run: |
           set -xeuo pipefail
-          sudo podman run --rm -ti --privileged -v /:/target --pid=host --security-opt label=disable \
+          sudo podman run --env BOOTC_SKIP_SELINUX_HOST_CHECK=1 --rm -ti --privileged -v /:/target --pid=host --security-opt label=disable \
             -v /var/lib/containers:/var/lib/containers \
             localhost/test:latest bootc install to-filesystem --skip-fetch-check \
-            --disable-selinux --replace=alongside /target
+             --replace=alongside /target
+          # Verify labeling for /etc
+          sudo ls -dZ /ostree/deploy/default/deploy/*.0/etc |grep :etc_t: