-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Adrian Riobo <[email protected]>
- Loading branch information
1 parent
21f4e31
commit 9b91ff2
Showing
4 changed files
with
384 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
quay.io/crcont/ci-crc-builder | ||
1.0.0-dev | ||
quay.io/crc-org/ci-crc-builder | ||
1.0.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,134 @@ | ||
--- | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: Task | ||
metadata: | ||
name: crc-builder-installer | ||
labels: | ||
app.kubernetes.io/version: "v1.0.0" | ||
redhat.com/product: openshift-local | ||
dev.lifecycle.io/phase: build | ||
openshift-local.redhat.com/component: installer | ||
annotations: | ||
tekton.dev/pipelines.minVersion: "0.44.x" | ||
tekton.dev/categories: installer | ||
tekton.dev/tags: openshift-local, installer | ||
tekton.dev/displayName: "openshift local installer" | ||
tekton.dev/platforms: "linux/amd64" | ||
spec: | ||
description: >- | ||
This task will build openshift local installers | ||
params: | ||
- name: crc-scm | ||
default: "''" | ||
- name: crc-scm-pr | ||
default: "''" | ||
- name: crc-scm-ref | ||
default: main | ||
- name: custom-bundle-version-variable | ||
description: | | ||
When building an installer based on a custom bundle it is required | ||
to manipulate the Makefile to match the custom version. | ||
Current variables holding bundle version based on bundle type are | ||
* OPENSHIFT_VERSION | ||
* PODMAN_VERSION | ||
default: "''" | ||
- name: custom-bundle-version | ||
default: "''" | ||
- name: os | ||
description: valid values are macos and windows | ||
- name: host-config-secret | ||
description: secret holding a host config | ||
- name: s3-url | ||
- name: s3-access-key | ||
- name: s3-secret-key | ||
- name: s3-folder-path | ||
- name: s3-download-url | ||
|
||
results: | ||
- name: downloadable-base-url | ||
description: base url where the installer and the shasumfile can be downloaded | ||
- name: distributable-name | ||
description: distributable file name for the installer | ||
- name: shasumfile | ||
description: shasumfile name | ||
|
||
volumes: | ||
- name: host-connection | ||
secret: | ||
secretName: $(params.host-config-secret) | ||
|
||
steps: | ||
- name: crc-executable-builder | ||
# quay.io/crcont/ci-crc-builder and v1.0.0 values should be passed to the template | ||
image: quay.io/crcont/ci-crc-builder:v1.0.0-$(params.os) | ||
imagePullPolicy: Always | ||
volumeMounts: | ||
- mountPath: /opt/host/ | ||
name: host-connection | ||
script: | | ||
#!/bin/sh | ||
# Copy key to connect to machine | ||
cp /opt/host/key id_rsa | ||
chmod 600 id_rsa | ||
# Run builder on target machine | ||
TARGET_HOST=$(cat /opt/host/host) | ||
TARGET_HOST_USERNAME=$(cat /opt/host/user) | ||
TARGET_HOST_KEY_PATH=id_rsa | ||
# sanitizing permissions for the key | ||
chmod 600 ${TARGET_HOST_KEY_PATH} | ||
DATALAKE_URL=$(params.s3-url) | ||
DATALAKE_ACCESS_KEY=$(params.s3-access-key) | ||
DATALAKE_SECRET_KEY=$(params.s3-secret-key) | ||
UPLOAD_PATH=$(params.s3-folder-path) | ||
# Optionals | ||
if [[ $(params.crc-scm) != "" ]]; then | ||
CRC_SCM=$(params.crc-scm) | ||
fi | ||
if [[ $(params.crc-scm-pr) != "" ]]; then | ||
PULL_REQUEST=$(params.crc-scm-pr) | ||
fi | ||
if [[ $(params.crc-scm-ref) != "" ]]; then | ||
REF=$(params.crc-scm-ref) | ||
fi | ||
if [[ $(params.custom-bundle-version-variable) != "" ]]; then | ||
CUSTOM_BUNDLE_VERSION_VARIABLE=$(params.custom-bundle-version-variable) | ||
fi | ||
if [[ $(params.custom-bundle-version) != "" ]]; then | ||
CUSTOM_BUNDLE_VERSION=$(params.custom-bundle-version) | ||
fi | ||
# set -exuo pipefail | ||
# Build installer | ||
. entrypoint.sh | ||
echo -n "$(params.s3-download-url)" \ | ||
| tee $(results.downloadable-base-url.path) | ||
case "$(params.os)" in | ||
macos|darwin) | ||
echo -n "crc-macos-installer.pkg" | tee $(results.distributable-name.path) | ||
echo -n "crc-macos-installer.pkg.sha256sum" | tee $(results.shasumfile.path) | ||
;; | ||
windows) | ||
echo -n "crc-windows-installer.zip" | tee $(results.distributable-name.path) | ||
echo -n "crc-windows-installer.zip.sha256sum" | tee $(results.shasumfile.path) | ||
;; | ||
*) | ||
echo -n "" | tee $(results.distributable-name.path) | ||
echo -n "" | tee $(results.shasumfile.path) | ||
;; | ||
esac | ||
resources: | ||
requests: | ||
memory: 150Mi | ||
cpu: 90m | ||
limits: | ||
memory: 270Mi | ||
cpu: 150m | ||
timeout: 90m |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
--- | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: Task | ||
metadata: | ||
name: crc-builder | ||
labels: | ||
app.kubernetes.io/version: "v1.0.0" | ||
redhat.com/product: openshift-local | ||
dev.lifecycle.io/phase: build | ||
openshift-local.redhat.com/component: binary | ||
annotations: | ||
tekton.dev/pipelines.minVersion: "0.44.x" | ||
tekton.dev/categories: binary | ||
tekton.dev/tags: openshift-local, binary, linux | ||
tekton.dev/displayName: "openshift local linux binary" | ||
tekton.dev/platforms: "linux/amd64, linux/arm64" | ||
spec: | ||
description: >- | ||
This task will build openshift local binary for linux distributions | ||
params: | ||
- name: crc-scm | ||
default: https://github.com/code-ready/crc.git | ||
- name: crc-scm-pr | ||
default: "''" | ||
- name: crc-scm-ref | ||
default: main | ||
- name: s3-url | ||
- name: s3-access-key | ||
- name: s3-secret-key | ||
- name: s3-folder-path | ||
- name: s3-download-url | ||
|
||
results: | ||
- name: downloadable-base-url | ||
description: base url where the installer and the shasumfile can be downloaded | ||
- name: distributable-name | ||
description: distributable file name for the installer | ||
- name: shasumfile | ||
description: shasumfile name | ||
|
||
steps: | ||
- name: build | ||
# quay.io/crcont/ci-crc-builder and v1.0.0 values should be passed to the template | ||
image: quay.io/crcont/ci-crc-builder:v1.0.0-linux | ||
imagePullPolicy: Always | ||
script: | | ||
#!/bin/sh | ||
DATALAKE_URL=$(params.s3-url) | ||
DATALAKE_ACCESS_KEY=$(params.s3-access-key) | ||
DATALAKE_SECRET_KEY=$(params.s3-secret-key) | ||
# Optionals | ||
if [[ $(params.crc-scm) != "" ]]; then | ||
CRC_SCM=$(params.crc-scm) | ||
fi | ||
if [[ $(params.crc-scm-pr) != "" ]]; then | ||
CRC_SCM_PR=$(params.crc-scm-pr) | ||
fi | ||
if [[ $(params.crc-scm-ref) != "" ]]; then | ||
CRC_SCM_REF=$(params.crc-scm-ref) | ||
fi | ||
if [[ $(params.s3-folder-path) != "" ]]; then | ||
UPLOAD_PATH=$(params.s3-folder-path) | ||
fi | ||
# Build installer | ||
DEBUG=true | ||
. entrypoint.sh | ||
if [[ $? -ne 0 ]]; then | ||
exit 1 | ||
fi | ||
# From entrypoint we can get UPLOAD_PATH env with the target bucket | ||
echo -n "$(params.s3-download-url)/${UPLOAD_PATH}" | tee $(results.downloadable-base-url.path) | ||
# Linux generated files | ||
echo -n "crc-linux-amd64.tar.xz" | tee $(results.distributable-name.path) | ||
echo -n "crc-linux-amd64.tar.xz.sha256sum" | tee $(results.shasumfile.path) | ||
resources: | ||
requests: | ||
memory: 450Mi | ||
cpu: 250m | ||
limits: | ||
memory: 3800Mi | ||
cpu: 1850m | ||
timeout: 900m |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,161 @@ | ||
--- | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: Task | ||
metadata: | ||
name: crc-builder-arm64 | ||
labels: | ||
app.kubernetes.io/version: "cversion" | ||
redhat.com/product: openshift-local | ||
dev.lifecycle.io/phase: build | ||
openshift-local.redhat.com/component: binary | ||
annotations: | ||
tekton.dev/pipelines.minVersion: "0.44.x" | ||
tekton.dev/categories: binary | ||
tekton.dev/tags: openshift-local, binary, linux, arm64 | ||
tekton.dev/displayName: "openshift local linux binary" | ||
tekton.dev/platforms: "linux/amd64" | ||
spec: | ||
description: >- | ||
This task will build openshift local binary for linux arm64 distributions | ||
workspaces: | ||
- name: storage | ||
description: volume to store outputs to connect within the target machine + state file for the infrastructure | ||
mountPath: /opt/storage | ||
- name: az-credentials | ||
description: | | ||
ocp secret holding the azure credentials. Secret should be accessible to this task. | ||
To be a valid secret it should contains the following fields: | ||
* tenant_id | ||
* subscription_id | ||
* client_id | ||
* client_secret | ||
* storage_account (optional if we use remote az storage) | ||
* storage_key (optional if we use remote az storage) | ||
mountPath: /opt/credentials | ||
|
||
params: | ||
# scm params | ||
- name: crc-scm-pr | ||
default: "''" | ||
# control params | ||
- name: ws-storage-path | ||
description: path on workspace storage where to store ephemeral assets | ||
# s3 target params | ||
- name: s3-url | ||
- name: s3-access-key | ||
- name: s3-secret-key | ||
- name: s3-folder-path | ||
- name: s3-download-url | ||
|
||
results: | ||
- name: downloadable-base-url | ||
description: base url where the installer and the shasumfile can be downloaded | ||
- name: distributable-name | ||
description: distributable file name for the installer | ||
- name: shasumfile | ||
description: shasumfile name | ||
|
||
steps: | ||
- name: provision-builder | ||
image: quay.io/redhat-developer/mapt@sha256:a4bf24c158edfe50bf84debebe609ede2cb6081fede418e883a31bd07288df7d #v0.6.9 | ||
script: | | ||
#!/bin/sh | ||
# Credentials | ||
export ARM_TENANT_ID=$(cat /opt/credentials/tenant_id) | ||
export ARM_SUBSCRIPTION_ID=$(cat /opt/credentials/subscription_id) | ||
export ARM_CLIENT_ID=$(cat /opt/credentials/client_id) | ||
export ARM_CLIENT_SECRET=$(cat /opt/credentials/client_secret) | ||
set -xuo | ||
# Output folder | ||
workspace_path=/opt/storage/$(params.ws-storage-path)/builder | ||
mkdir -p ${workspace_path} | ||
# Run mapt | ||
cmd="mapt azure rhel create --project-name crc-builder-arm64 " | ||
cmd="$cmd --backed-url file://${workspace_path} --conn-details-output ${workspace_path} " | ||
cmd="$cmd --arch arm64 --version 8.10 --vm-types m7g.large,m6g.large,c7g.xlarge " | ||
cmd="$cmd --spot " | ||
eval "${cmd}" | ||
resources: | ||
requests: | ||
memory: 250Mi | ||
cpu: 150m | ||
limits: | ||
memory: 380Mi | ||
cpu: 350m | ||
timeout: 10m | ||
- name: build | ||
image: quay.io/rhqp/crc-builder:v0.0.8-linux | ||
imagePullPolicy: Always | ||
script: | | ||
#!/bin/sh | ||
# Remote target info | ||
key=/opt/storage/$(params.ws-storage-path)/builder/id_rsa | ||
username=$(cat /opt/storage/$(params.ws-storage-path)/builder/username) | ||
host=$(cat /opt/storage/$(params.ws-storage-path)/builder/host) | ||
set -xuo | ||
# Copy entrypoint.sh and common.sh containing the logic for building | ||
scp -i ${key} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ | ||
/usr/local/bin/common.sh ${username}@${host}:common.sh | ||
scp -i ${key} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ | ||
/usr/local/bin/entrypoint.sh ${username}@${host}:build.sh | ||
# Install required deps for building | ||
ssh -i ${key} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ | ||
${username}@${host} "sudo dnf install -y go" | ||
# Run build remotely | ||
cmd="GOARCH=arm64 DEBUG=true " | ||
cmd="$cmd DATALAKE_URL=$(params.s3-url) " | ||
cmd="$cmd DATALAKE_ACCESS_KEY=$(params.s3-access-key) " | ||
cmd="$cmd DATALAKE_SECRET_KEY=$(params.s3-secret-key) " | ||
cmd="$cmd UPLOAD_PATH=$(params.s3-folder-path) " | ||
if [[ $(params.crc-scm-pr) != "" ]]; then | ||
cmd="$cmd CRC_SCM_PR=$(params.crc-scm-pr) " | ||
fi | ||
cmd="$cmd ./build.sh" | ||
ssh -i ${key} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ | ||
${username}@${host} "${cmd}" | ||
# Results | ||
echo -n "$(params.s3-download-url)/$(params.s3-folder-path)" | tee $(results.downloadable-base-url.path) | ||
echo -n "crc-linux-arm64.tar.xz" | tee $(results.distributable-name.path) | ||
echo -n "crc-linux-arm64.tar.xz.sha256sum" | tee $(results.shasumfile.path) | ||
resources: | ||
requests: | ||
memory: 250Mi | ||
cpu: 150m | ||
limits: | ||
memory: 380Mi | ||
cpu: 350m | ||
timeout: 20m | ||
- name: decommission-builder | ||
image: quay.io/redhat-developer/mapt@sha256:612065e577e9371bd9cd8b5fa65df8db951a1b53a388d2706abe55deaad3d984 #v0.6.8 | ||
script: | | ||
#!/bin/sh | ||
# Credentials | ||
export AWS_ACCESS_KEY_ID=$(cat /opt/aws-credentials/access-key) | ||
export AWS_SECRET_ACCESS_KEY=$(cat /opt/aws-credentials/secret-key) | ||
export AWS_DEFAULT_REGION=$(cat /opt/aws-credentials/region) | ||
set -xuo | ||
# Run mapt | ||
cmd="mapt aws rhel destroy --project-name crc-builder-arm64 " | ||
cmd="$cmd --backed-url file:///opt/storage/$(params.ws-storage-path)/builder" | ||
eval "${cmd}" | ||
resources: | ||
requests: | ||
memory: 250Mi | ||
cpu: 150m | ||
limits: | ||
memory: 380Mi | ||
cpu: 350m | ||
timeout: 10m |