Skip to content

Commit

Permalink
Added new trusted artifact
Browse files Browse the repository at this point in the history
  • Loading branch information
psav committed Dec 17, 2024
1 parent d53ab03 commit 636e281
Show file tree
Hide file tree
Showing 4 changed files with 119 additions and 20 deletions.
101 changes: 101 additions & 0 deletions .tekton/clowder-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -244,6 +244,97 @@ spec:
operator: in
values:
- "true"
- name: make-template
params:
# New parameter to use the Trusted Artifact from the git-clone Task.
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).make-template-kustomize
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
runAfter:
- prefetch-dependencies
taskSpec:
results:
- name: TEMPLATE_ARTIFACT
type: array
description: Template artifact
params:
- description: The Trusted Artifact URI pointing to the artifact with the application source code.
name: SOURCE_ARTIFACT
type: string
stepTemplate:
volumeMounts:
- mountPath: /var/workdir
name: workdir
steps:
# New step to fetch the Trusted Artifact and make it available to the next steps.
- name: use-trusted-artifact
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac
args:
- use
- $(params.SOURCE_ARTIFACT)=/var/workdir/source
- name: make-template
image: registry.access.redhat.com/ubi8/go-toolset:1.22.7-5.1731464728
workingDir: /opt/app-root/src
script: |
set -xe && cp /var/workdir/source/* /opt/app-root/src -Rv && cd /opt/app-root/src && make release && make build-template-kustomize
- name: create-template-manifest-trusted-artifact
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac
args:
- create
- manifest=/opt/app-root/src/manifest.yaml
- deploy-kustomize=/opt/app-root/src/deploy-kustomize.yaml
- --store
- $(params.ociStorage)
volumes:
# New volume to store a copy of the source code accessible only to this Task.
- name: workdir
emptyDir: {}
- name: run-template-tests
params:
# New parameter to use the Trusted Artifact from the git-clone Task.
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: TEMPLATE_ARTIFACT
value: $(tasks.make-template.results.TEMPLATE_ARTIFACT)
runAfter:
- make-template
taskSpec:
params:
- description: The Trusted Artifact URI pointing to the artifact with the application source code.
name: SOURCE_ARTIFACT
type: string
- description: The Trusted Artifact URI pointing to the artifact with the template.
name: TEMPLATE_ARTIFACT
type: string
stepTemplate:
volumeMounts:
- mountPath: /var/workdir
name: workdir
steps:
# New step to fetch the Trusted Artifact and make it available to the next steps.
- name: use-trusted-artifact
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac
args:
- use
- $(params.SOURCE_ARTIFACT)=/var/workdir/source
- name: use-trusted-artifact
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac
args:
- use
- $(params.TEMPLATE_ARTIFACT[0])=/var/workdir/source/manifest.yaml
- $(params.TEMPLATE_ARTIFACT[1])=/var/workdir/source/deploy-kustomize.yaml
- name: test-template
image: registry.access.redhat.com/ubi8/go-toolset:1.22.7-5.1731464728
workingDir: /opt/app-root/src
script: |
set -xe && cd /var/workdir/source && make test-template
volumes:
# New volume to store a copy of the source code accessible only to this Task.
- name: workdir
emptyDir: {}
- name: run-unit-tests
params:
# New parameter to use the Trusted Artifact from the git-clone Task.
Expand Down Expand Up @@ -280,8 +371,11 @@ spec:
# New parameter to use the Trusted Artifact from the git-clone Task.
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: TEMPLATE_ARTIFACT
value: $(tasks.make-template.results.TEMPLATE_ARTIFACT)
runAfter:
- build-container
- run-template-tests
taskSpec:
params:
- description: The Trusted Artifact URI pointing to the artifact with the application source code.
Expand All @@ -298,6 +392,13 @@ spec:
args:
- use
- $(params.SOURCE_ARTIFACT)=/var/workdir/source
- name: use-trusted-artifact-template
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac
args:
- use
- $(params.TEMPLATE_ARTIFACT[0])=/var/workdir/source/manifest.yaml
- $(params.TEMPLATE_ARTIFACT[1])=/var/workdir/source/deploy.yaml
- $(params.TEMPLATE_ARTIFACT[2])=/var/workdir/source/deploy-mutate.yaml
- name: e2e-tests
image: registry.access.redhat.com/ubi8/ubi:8.10-1132.1732635159
workingDir: /var/workdir/source
Expand Down
10 changes: 10 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ CLOWDER_BUILD_TAG ?= $(shell git rev-parse HEAD)

GO_CMD ?= go

TEMPLATE_KUSTOMIZE ?= "deploy-kustomize.yaml"

# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
ENVTEST_K8S_VERSION = 1.28

Expand Down Expand Up @@ -74,6 +76,14 @@ build-template: manifests kustomize controller-gen
$(KUSTOMIZE) build config/deployment-template | ./manifest2template.py --config config/deployment-template/clowder_config.yaml --mutate > deploy-mutate.yml
$(KUSTOMIZE) build config/deployment-template | ./manifest2template.py --config config/deployment-template/clowder_config.yaml > deploy.yml

build-template-kustomize: manifests kustomize controller-gen
$(KUSTOMIZE) build config/deployment-template > $(TEMPLATE_KUSTOMIZE)

test-template:
cat $(TEMPLATE_KUSTOMIZE) | ./manifest2template.py --config config/deployment-template/clowder_config.yaml --mutate > deploy-mutate-test.yml
cat $(TEMPLATE_KUSTOMIZE) | ./manifest2template.py --config config/deployment-template/clowder_config.yaml > deploy-test.yml
source ./build/template_check.sh

release: manifests kustomize controller-gen
echo "---" > manifest.yaml
cat config/manager/clowder_config.yaml >> manifest.yaml
Expand Down
27 changes: 8 additions & 19 deletions build/template_check.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,27 +2,16 @@

set -exv

python3 -m venv "build/.build_venv"
source build/.build_venv/bin/activate
pip install pyyaml

CURRENT_DEPLOY=$(md5sum deploy.yml)
CURRENT_MUTATE=$(md5sum deploy-mutate.yml)

make build-template

if [[ $CURRENT_DEPLOY != $(md5sum deploy.yml) ]]; then
echo "Deployment template not updated. Please run make build-template and recommit"
exit 1
else
if diff -q deploy.yml deploy-test.yml > /dev/null; then
echo "Deployment template is up to date"
else
echo "Deployment template [deploy.yml] not updated. Please run make build-template and recommit"
exit 1
fi

if [[ $CURRENT_MUTATE != $(md5sum deploy-mutate.yml) ]]; then
echo "Mutating template not updated. Please run make build-template and recommit"
exit 1
if diff -q deploy-mutate.yml deploy-mutate-test.yml > /dev/null; then
echo "Deployment template is up to date"
else
echo "Mutating template is up to date"
echo "Deployment template [deploy-mutate.yml] not updated. Please run make build-template and recommit"
exit 1
fi

deactivate
1 change: 0 additions & 1 deletion ci/konflux_minikube_e2e_tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ cd /var/workdir/source
./"${KREW}" install krew
)

source build/template_check.sh
export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"

export PATH="/bins:$PATH"
Expand Down

0 comments on commit 636e281

Please sign in to comment.