-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Red Hat Konflux update managed-serviceaccount-mce-25 (open-cluster-ma…
…nagement-io#49) Co-authored-by: red-hat-konflux <rhtap@redhat.com>
- Loading branch information
1 parent
f2d552a
commit eee59de
Showing
2 changed files
with
777 additions
and
0 deletions.
There are no files selected for viewing
390 changes: 390 additions & 0 deletions
390
.tekton/managed-serviceaccount-mce-25-pull-request.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,390 @@ | ||
| apiVersion: tekton.dev/v1 | ||
| kind: PipelineRun | ||
| metadata: | ||
| annotations: | ||
| build.appstudio.openshift.io/repo: https://github.com/stolostron/managed-serviceaccount?rev={{revision}} | ||
| build.appstudio.redhat.com/commit_sha: '{{revision}}' | ||
| build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' | ||
| build.appstudio.redhat.com/target_branch: '{{target_branch}}' | ||
| pipelinesascode.tekton.dev/max-keep-runs: "3" | ||
| pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch | ||
| == "backplane-2.5" | ||
| creationTimestamp: null | ||
| labels: | ||
| appstudio.openshift.io/application: release-mce-25 | ||
| appstudio.openshift.io/component: managed-serviceaccount-mce-25 | ||
| pipelines.appstudio.openshift.io/type: build | ||
| name: managed-serviceaccount-mce-25-on-pull-request | ||
| namespace: crt-redhat-acm-tenant | ||
| spec: | ||
| params: | ||
| - name: dockerfile | ||
| value: Dockerfile.rhtap | ||
| - name: git-url | ||
| value: '{{source_url}}' | ||
| - name: image-expires-after | ||
| value: 5d | ||
| - name: output-image | ||
| value: quay.io/redhat-user-workloads/crt-redhat-acm-tenant/release-mce-25/managed-serviceaccount-mce-25:on-pr-{{revision}} | ||
| - name: path-context | ||
| value: . | ||
| - name: revision | ||
| value: '{{revision}}' | ||
| pipelineSpec: | ||
| finally: | ||
| - name: show-sbom | ||
| params: | ||
| - name: IMAGE_URL | ||
| value: $(tasks.build-container.results.IMAGE_URL) | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: show-sbom | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-show-sbom:0.1@sha256:82737c8d365c620295fa526d21a481d4614f657800175ddc0ccd7846c54207f8 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| - name: show-summary | ||
| params: | ||
| - name: pipelinerun-name | ||
| value: $(context.pipelineRun.name) | ||
| - name: git-url | ||
| value: $(tasks.clone-repository.results.url)?rev=$(tasks.clone-repository.results.commit) | ||
| - name: image-url | ||
| value: $(params.output-image) | ||
| - name: build-task-status | ||
| value: $(tasks.build-container.status) | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: summary | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-summary:0.1@sha256:f65a69aaf71cbab382eff685eee522ad35068a4d91d233e76cef7d42ff15a686 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| params: | ||
| - description: Source Repository URL | ||
| name: git-url | ||
| type: string | ||
| - default: "" | ||
| description: Revision of the Source Repository | ||
| name: revision | ||
| type: string | ||
| - description: Fully Qualified Output Image | ||
| name: output-image | ||
| type: string | ||
| - default: . | ||
| description: Path to the source code of an application's component from where | ||
| to build image. | ||
| name: path-context | ||
| type: string | ||
| - default: Dockerfile | ||
| description: Path to the Dockerfile inside the context specified by parameter | ||
| path-context | ||
| name: dockerfile | ||
| type: string | ||
| - default: "false" | ||
| description: Force rebuild image | ||
| name: rebuild | ||
| type: string | ||
| - default: "false" | ||
| description: Skip checks against built image | ||
| name: skip-checks | ||
| type: string | ||
| - default: "false" | ||
| description: Execute the build with network isolation | ||
| name: hermetic | ||
| type: string | ||
| - default: "" | ||
| description: Build dependencies to be prefetched by Cachi2 | ||
| name: prefetch-input | ||
| type: string | ||
| - default: "false" | ||
| description: Java build | ||
| name: java | ||
| type: string | ||
| - default: "" | ||
| description: Image tag expiration time, time values could be something like | ||
| 1h, 2d, 3w for hours, days, and weeks, respectively. | ||
| name: image-expires-after | ||
| - default: "false" | ||
| description: Build a source image. | ||
| name: build-source-image | ||
| type: string | ||
| results: | ||
| - description: "" | ||
| name: IMAGE_URL | ||
| value: $(tasks.build-container.results.IMAGE_URL) | ||
| - description: "" | ||
| name: IMAGE_DIGEST | ||
| value: $(tasks.build-container.results.IMAGE_DIGEST) | ||
| - description: "" | ||
| name: CHAINS-GIT_URL | ||
| value: $(tasks.clone-repository.results.url) | ||
| - description: "" | ||
| name: CHAINS-GIT_COMMIT | ||
| value: $(tasks.clone-repository.results.commit) | ||
| - description: "" | ||
| name: JAVA_COMMUNITY_DEPENDENCIES | ||
| value: $(tasks.build-container.results.JAVA_COMMUNITY_DEPENDENCIES) | ||
| tasks: | ||
| - name: init | ||
| params: | ||
| - name: image-url | ||
| value: $(params.output-image) | ||
| - name: rebuild | ||
| value: $(params.rebuild) | ||
| - name: skip-checks | ||
| value: $(params.skip-checks) | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: init | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-init:0.2@sha256:3d8f01fa59596a998d30dc700fcf7377f09d60008337290eebaeaf604512ce2b | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| - name: clone-repository | ||
| params: | ||
| - name: url | ||
| value: $(params.git-url) | ||
| - name: revision | ||
| value: $(params.revision) | ||
| runAfter: | ||
| - init | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: git-clone | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-git-clone:0.1@sha256:b8fddc2d36313a5cde93aba2491205f4a84e6853af6c34ede681f8339b147478 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(tasks.init.results.build) | ||
| operator: in | ||
| values: | ||
| - "true" | ||
| workspaces: | ||
| - name: output | ||
| workspace: workspace | ||
| - name: basic-auth | ||
| workspace: git-auth | ||
| - name: prefetch-dependencies | ||
| params: | ||
| - name: input | ||
| value: $(params.prefetch-input) | ||
| runAfter: | ||
| - clone-repository | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: prefetch-dependencies | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-prefetch-dependencies:0.1@sha256:0b7bec23b6c08f37138a86e569835842763b3aa42f4455fd70ba3986350e07c7 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(params.hermetic) | ||
| operator: in | ||
| values: | ||
| - "true" | ||
| workspaces: | ||
| - name: source | ||
| workspace: workspace | ||
| - name: build-container | ||
| params: | ||
| - name: IMAGE | ||
| value: $(params.output-image) | ||
| - name: DOCKERFILE | ||
| value: $(params.dockerfile) | ||
| - name: CONTEXT | ||
| value: $(params.path-context) | ||
| - name: HERMETIC | ||
| value: $(params.hermetic) | ||
| - name: PREFETCH_INPUT | ||
| value: $(params.prefetch-input) | ||
| - name: IMAGE_EXPIRES_AFTER | ||
| value: $(params.image-expires-after) | ||
| - name: COMMIT_SHA | ||
| value: $(tasks.clone-repository.results.commit) | ||
| runAfter: | ||
| - prefetch-dependencies | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: buildah | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-buildah:0.1@sha256:351af2c0e5eeb92a5d6d4083847c1559475b596cda7671f489756d5302a4c847 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(tasks.init.results.build) | ||
| operator: in | ||
| values: | ||
| - "true" | ||
| workspaces: | ||
| - name: source | ||
| workspace: workspace | ||
| - name: build-source-image | ||
| params: | ||
| - name: BINARY_IMAGE | ||
| value: $(params.output-image) | ||
| - name: BASE_IMAGES | ||
| value: $(tasks.build-container.results.BASE_IMAGES_DIGESTS) | ||
| runAfter: | ||
| - build-container | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: source-build | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-source-build:0.1@sha256:3ad20adff4aa5cd153695b115133cb7c71c87f095af02fae5932396b1c72eb00 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(tasks.init.results.build) | ||
| operator: in | ||
| values: | ||
| - "true" | ||
| - input: $(params.build-source-image) | ||
| operator: in | ||
| values: | ||
| - "true" | ||
| workspaces: | ||
| - name: workspace | ||
| workspace: workspace | ||
| - name: deprecated-base-image-check | ||
| params: | ||
| - name: BASE_IMAGES_DIGESTS | ||
| value: $(tasks.build-container.results.BASE_IMAGES_DIGESTS) | ||
| runAfter: | ||
| - build-container | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: deprecated-image-check | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-deprecated-image-check:0.3@sha256:a299ff57d97f3924020634625dfb9bbc66547124ca23a3396e338c645f7b4a8e | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(params.skip-checks) | ||
| operator: in | ||
| values: | ||
| - "false" | ||
| - name: clair-scan | ||
| params: | ||
| - name: image-digest | ||
| value: $(tasks.build-container.results.IMAGE_DIGEST) | ||
| - name: image-url | ||
| value: $(tasks.build-container.results.IMAGE_URL) | ||
| runAfter: | ||
| - build-container | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: clair-scan | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-clair-scan:0.1@sha256:63b42c0fc23d05e26776a0e7c4f0ab00750096ebfe1eed9a7ba96f8b27713fbf | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(params.skip-checks) | ||
| operator: in | ||
| values: | ||
| - "false" | ||
| - name: sast-snyk-check | ||
| runAfter: | ||
| - clone-repository | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: sast-snyk-check | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-sast-snyk-check:0.1@sha256:47515cb119225bba55c593876610bd890f8efcbb66bb57fb0c0881ddd47ce558 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(params.skip-checks) | ||
| operator: in | ||
| values: | ||
| - "false" | ||
| workspaces: | ||
| - name: workspace | ||
| workspace: workspace | ||
| - name: clamav-scan | ||
| params: | ||
| - name: image-digest | ||
| value: $(tasks.build-container.results.IMAGE_DIGEST) | ||
| - name: image-url | ||
| value: $(tasks.build-container.results.IMAGE_URL) | ||
| runAfter: | ||
| - build-container | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: clamav-scan | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-clamav-scan:0.1@sha256:3a546fe7c07fc24ecf3bddef88a7a9a66b525c4dd53acc8b5ea13069f60c086d | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(params.skip-checks) | ||
| operator: in | ||
| values: | ||
| - "false" | ||
| - name: sbom-json-check | ||
| params: | ||
| - name: IMAGE_URL | ||
| value: $(tasks.build-container.results.IMAGE_URL) | ||
| - name: IMAGE_DIGEST | ||
| value: $(tasks.build-container.results.IMAGE_DIGEST) | ||
| runAfter: | ||
| - build-container | ||
| taskRef: | ||
| params: | ||
| - name: name | ||
| value: sbom-json-check | ||
| - name: bundle | ||
| value: quay.io/redhat-appstudio-tekton-catalog/task-sbom-json-check:0.1@sha256:bf49861b3bbee2129e8d1b5966fc2a7c3f259d96a5fcef5674d05c9cb21ab540 | ||
| - name: kind | ||
| value: task | ||
| resolver: bundles | ||
| when: | ||
| - input: $(params.skip-checks) | ||
| operator: in | ||
| values: | ||
| - "false" | ||
| workspaces: | ||
| - name: workspace | ||
| - name: git-auth | ||
| optional: true | ||
| taskRunTemplate: {} | ||
| workspaces: | ||
| - name: workspace | ||
| volumeClaimTemplate: | ||
| metadata: | ||
| creationTimestamp: null | ||
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| resources: | ||
| requests: | ||
| storage: 1Gi | ||
| status: {} | ||
| - name: git-auth | ||
| secret: | ||
| secretName: '{{ git_auth_secret }}' | ||
| status: {} |
Oops, something went wrong.