From bf71e7d082a70727aad6cb6029d299137fcb41f2 Mon Sep 17 00:00:00 2001 From: Pete Savage Date: Tue, 17 Dec 2024 07:46:27 +0000 Subject: [PATCH] Added new trusted artifact --- .tekton/clowder-pull-request.yaml | 56 +++++++++++++++++++++++++++++++ Makefile | 3 ++ 2 files changed, 59 insertions(+) diff --git a/.tekton/clowder-pull-request.yaml b/.tekton/clowder-pull-request.yaml index 3f948571e..47c4be4ca 100644 --- a/.tekton/clowder-pull-request.yaml +++ b/.tekton/clowder-pull-request.yaml @@ -244,6 +244,52 @@ spec: operator: in values: - "true" + - name: make-template + params: + # New parameter to use the Trusted Artifact from the git-clone Task. + - name: SOURCE_ARTIFACT + value: $(tasks.clone-repository.results.SOURCE_ARTIFACT) + - name: IMAGE_EXPIRES_AFTER + value: $(params.image-expires-after) + runAfter: + - prefetch-dependencies + taskSpec: + results: + - name: TEMPLATE_ARTIFACT + type: array + description: Template artifact + params: + - description: The Trusted Artifact URI pointing to the artifact with the application source code. + name: SOURCE_ARTIFACT + type: string + stepTemplate: + volumeMounts: + - mountPath: /var/workdir + name: workdir + steps: + # New step to fetch the Trusted Artifact and make it available to the next steps. + - name: use-trusted-artifact + image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac + args: + - use + - $(params.SOURCE_ARTIFACT)=/var/workdir/source + - name: make-template + image: registry.access.redhat.com/ubi8/go-toolset:1.22.7-5.1731464728 + workingDir: /opt/app-root/src + script: | + set -xe && cp /var/workdir/source/* /opt/app-root/src -Rv && cd /opt/app-root/src && make release && make build-template-kustomize + - name: create-template-manifest-trusted-artifact + image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac + args: + - create + - manifest=/opt/app-root/src/manifest.yaml + - deploy-kustomize=/opt/app-root/src/deploy-kustomize.yaml + - --store + - $(params.ociStorage) + volumes: + # New volume to store a copy of the source code accessible only to this Task. + - name: workdir + emptyDir: {} - name: run-unit-tests params: # New parameter to use the Trusted Artifact from the git-clone Task. @@ -280,8 +326,11 @@ spec: # New parameter to use the Trusted Artifact from the git-clone Task. - name: SOURCE_ARTIFACT value: $(tasks.clone-repository.results.SOURCE_ARTIFACT) + - name: TEMPLATE_ARTIFACT + value: $(tasks.make-template.results.TEMPLATE_ARTIFACT) runAfter: - build-container + - make-template taskSpec: params: - description: The Trusted Artifact URI pointing to the artifact with the application source code. @@ -298,6 +347,13 @@ spec: args: - use - $(params.SOURCE_ARTIFACT)=/var/workdir/source + - name: use-trusted-artifact-template + image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac + args: + - use + - $(params.TEMPLATE_ARTIFACT[0])=/var/workdir/source/manifest.yaml + - $(params.TEMPLATE_ARTIFACT[1])=/var/workdir/source/deploy.yaml + - $(params.TEMPLATE_ARTIFACT[2])=/var/workdir/source/deploy-mutate.yaml - name: e2e-tests image: registry.access.redhat.com/ubi8/ubi:8.10-1132.1732635159 workingDir: /var/workdir/source diff --git a/Makefile b/Makefile index b87590b51..a3f56d2eb 100644 --- a/Makefile +++ b/Makefile @@ -74,6 +74,9 @@ build-template: manifests kustomize controller-gen $(KUSTOMIZE) build config/deployment-template | ./manifest2template.py --config config/deployment-template/clowder_config.yaml --mutate > deploy-mutate.yml $(KUSTOMIZE) build config/deployment-template | ./manifest2template.py --config config/deployment-template/clowder_config.yaml > deploy.yml +build-template-kustomize: manifests kustomize controller-gen + $(KUSTOMIZE) build config/deployment-template > deploy-kustomize.yaml + release: manifests kustomize controller-gen echo "---" > manifest.yaml cat config/manager/clowder_config.yaml >> manifest.yaml