Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Red Hat Konflux update source-to-image #1185

Merged
merged 1 commit into from
Oct 22, 2024
Merged

Red Hat Konflux update source-to-image #1185

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 27 additions & 8 deletions .tekton/source-to-image-pull-request.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,15 @@ metadata:
appstudio.openshift.io/component: source-to-image
pipelines.appstudio.openshift.io/type: build
name: source-to-image-on-pull-request
namespace: rh-openshift-builds-tenant
namespace: ocp-tools-s2i-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/rh-openshift-builds-tenant/source-to-image/source-to-image:on-pr-{{revision}}
value: quay.io/redhat-user-workloads/ocp-tools-s2i-tenant/source-to-image:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: dockerfile
Expand Down Expand Up @@ -77,19 +77,19 @@ spec:
description: Skip checks against built image
name: skip-checks
type: string
- default: "true"
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: '{"packages": [{"type": "gomod"}], "flags": ["gomod-vendor-check"]}'
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "true"
- default: "false"
description: Build a source image.
name: build-source-image
type: string
Expand All @@ -107,9 +107,6 @@ spec:
type: string
- default:
- linux/x86_64
- linux/arm64
- linux/ppc64le
- linux/s390x
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
Expand Down Expand Up @@ -455,6 +452,28 @@ spec:
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:7aa4d3c95e2b963e82fdda392f7cb3d61e3dab035416cf4a3a34e43cf3c9c9b8
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: git-auth
optional: true
Expand Down
35 changes: 27 additions & 8 deletions .tekton/source-to-image-push.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,15 @@ metadata:
appstudio.openshift.io/component: source-to-image
pipelines.appstudio.openshift.io/type: build
name: source-to-image-on-push
namespace: rh-openshift-builds-tenant
namespace: ocp-tools-s2i-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/rh-openshift-builds-tenant/source-to-image/source-to-image:{{revision}}
value: quay.io/redhat-user-workloads/ocp-tools-s2i-tenant/source-to-image:{{revision}}
- name: dockerfile
value: Dockerfile
pipelineSpec:
Expand Down Expand Up @@ -74,19 +74,19 @@ spec:
description: Skip checks against built image
name: skip-checks
type: string
- default: "true"
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: '{"packages": [{"type": "gomod"}], "flags": ["gomod-vendor-check"]}'
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "true"
- default: "false"
description: Build a source image.
name: build-source-image
type: string
Expand All @@ -104,9 +104,6 @@ spec:
type: string
- default:
- linux/x86_64
- linux/arm64
- linux/ppc64le
- linux/s390x
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
Expand Down Expand Up @@ -452,6 +449,28 @@ spec:
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:7aa4d3c95e2b963e82fdda392f7cb3d61e3dab035416cf4a3a34e43cf3c9c9b8
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: git-auth
optional: true
Expand Down