From ba97465539540af674eb02c2958ce30fecc4a86c Mon Sep 17 00:00:00 2001 From: Ralph Bean Date: Fri, 20 Dec 2024 14:39:19 -0500 Subject: [PATCH] Shrink the buildah task some more --- task/buildah-oci-ta/0.2/buildah-oci-ta.yaml | 8 +++----- task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml | 8 +++----- task/buildah-remote/0.2/buildah-remote.yaml | 8 +++----- task/buildah/0.2/buildah.yaml | 8 +++----- 4 files changed, 12 insertions(+), 20 deletions(-) diff --git a/task/buildah-oci-ta/0.2/buildah-oci-ta.yaml b/task/buildah-oci-ta/0.2/buildah-oci-ta.yaml index c5989b1003..6b22caff88 100644 --- a/task/buildah-oci-ta/0.2/buildah-oci-ta.yaml +++ b/task/buildah-oci-ta/0.2/buildah-oci-ta.yaml @@ -273,8 +273,7 @@ spec: elif [ -e "$SOURCE_CODE_DIR/$DOCKERFILE" ]; then dockerfile_path="$(pwd)/$SOURCE_CODE_DIR/$DOCKERFILE" elif [ -e "$DOCKERFILE" ]; then - # Custom Dockerfile location is mainly used for instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and also need to provide modified Dockerfile. + # Instrumented builds (SAST) use this custom dockerffile step as their base dockerfile_path="$DOCKERFILE" elif echo "$DOCKERFILE" | grep -q "^https\?://"; then echo "Fetch Dockerfile from $DOCKERFILE" @@ -330,7 +329,7 @@ spec: shift # Note: this may result in multiple --build-arg=KEY=value flags with the same KEY being # passed to buildah. In that case, the *last* occurrence takes precedence. This is why - # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE - they take precedence. + # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE while [[ $# -gt 0 && $1 != --* ]]; do build_args+=("$1") shift @@ -480,8 +479,7 @@ spec: if [ -n "${ADDITIONAL_VOLUME_MOUNTS-}" ]; then # ADDITIONAL_VOLUME_MOUNTS allows to specify more volumes for the build. - # This is primarily used in instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and add some other tools. + # Instrumented builds (SAST) use this step as their base and add some other tools. while read -r volume_mount; do VOLUME_MOUNTS+=("--volume=$volume_mount") done <<<"$ADDITIONAL_VOLUME_MOUNTS" diff --git a/task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml b/task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml index d043e0546c..7e6b603a0f 100644 --- a/task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml +++ b/task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml @@ -306,8 +306,7 @@ spec: elif [ -e "$SOURCE_CODE_DIR/$DOCKERFILE" ]; then dockerfile_path="$(pwd)/$SOURCE_CODE_DIR/$DOCKERFILE" elif [ -e "$DOCKERFILE" ]; then - # Custom Dockerfile location is mainly used for instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and also need to provide modified Dockerfile. + # Instrumented builds (SAST) use this custom dockerffile step as their base dockerfile_path="$DOCKERFILE" elif echo "$DOCKERFILE" | grep -q "^https\?://"; then echo "Fetch Dockerfile from $DOCKERFILE" @@ -363,7 +362,7 @@ spec: shift # Note: this may result in multiple --build-arg=KEY=value flags with the same KEY being # passed to buildah. In that case, the *last* occurrence takes precedence. This is why - # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE - they take precedence. + # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE while [[ $# -gt 0 && $1 != --* ]]; do build_args+=("$1") shift @@ -513,8 +512,7 @@ spec: if [ -n "${ADDITIONAL_VOLUME_MOUNTS-}" ]; then # ADDITIONAL_VOLUME_MOUNTS allows to specify more volumes for the build. - # This is primarily used in instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and add some other tools. + # Instrumented builds (SAST) use this step as their base and add some other tools. while read -r volume_mount; do VOLUME_MOUNTS+=("--volume=$volume_mount") done <<<"$ADDITIONAL_VOLUME_MOUNTS" diff --git a/task/buildah-remote/0.2/buildah-remote.yaml b/task/buildah-remote/0.2/buildah-remote.yaml index d3b5aceb56..6cfeb8597c 100644 --- a/task/buildah-remote/0.2/buildah-remote.yaml +++ b/task/buildah-remote/0.2/buildah-remote.yaml @@ -288,8 +288,7 @@ spec: elif [ -e "$SOURCE_CODE_DIR/$DOCKERFILE" ]; then dockerfile_path="$(pwd)/$SOURCE_CODE_DIR/$DOCKERFILE" elif [ -e "$DOCKERFILE" ]; then - # Custom Dockerfile location is mainly used for instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and also need to provide modified Dockerfile. + # Instrumented builds (SAST) use this custom dockerffile step as their base dockerfile_path="$DOCKERFILE" elif echo "$DOCKERFILE" | grep -q "^https\?://"; then echo "Fetch Dockerfile from $DOCKERFILE" @@ -345,7 +344,7 @@ spec: shift # Note: this may result in multiple --build-arg=KEY=value flags with the same KEY being # passed to buildah. In that case, the *last* occurrence takes precedence. This is why - # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE - they take precedence. + # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE while [[ $# -gt 0 && $1 != --* ]]; do build_args+=("$1"); shift; done ;; --labels) @@ -489,8 +488,7 @@ spec: if [ -n "${ADDITIONAL_VOLUME_MOUNTS-}" ]; then # ADDITIONAL_VOLUME_MOUNTS allows to specify more volumes for the build. - # This is primarily used in instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and add some other tools. + # Instrumented builds (SAST) use this step as their base and add some other tools. while read -r volume_mount; do VOLUME_MOUNTS+=("--volume=$volume_mount") done <<< "$ADDITIONAL_VOLUME_MOUNTS" diff --git a/task/buildah/0.2/buildah.yaml b/task/buildah/0.2/buildah.yaml index d91e557617..266c92c319 100644 --- a/task/buildah/0.2/buildah.yaml +++ b/task/buildah/0.2/buildah.yaml @@ -210,8 +210,7 @@ spec: elif [ -e "$SOURCE_CODE_DIR/$DOCKERFILE" ]; then dockerfile_path="$(pwd)/$SOURCE_CODE_DIR/$DOCKERFILE" elif [ -e "$DOCKERFILE" ]; then - # Custom Dockerfile location is mainly used for instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and also need to provide modified Dockerfile. + # Instrumented builds (SAST) use this custom dockerffile step as their base dockerfile_path="$DOCKERFILE" elif echo "$DOCKERFILE" | grep -q "^https\?://"; then echo "Fetch Dockerfile from $DOCKERFILE" @@ -267,7 +266,7 @@ spec: shift # Note: this may result in multiple --build-arg=KEY=value flags with the same KEY being # passed to buildah. In that case, the *last* occurrence takes precedence. This is why - # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE - they take precedence. + # we append BUILD_ARGS after the content of the BUILD_ARGS_FILE while [[ $# -gt 0 && $1 != --* ]]; do build_args+=("$1"); shift; done ;; --labels) @@ -411,8 +410,7 @@ spec: if [ -n "${ADDITIONAL_VOLUME_MOUNTS-}" ]; then # ADDITIONAL_VOLUME_MOUNTS allows to specify more volumes for the build. - # This is primarily used in instrumented builds for SAST scanning and analyzing. - # Instrumented builds use this step as their base and add some other tools. + # Instrumented builds (SAST) use this step as their base and add some other tools. while read -r volume_mount; do VOLUME_MOUNTS+=("--volume=$volume_mount") done <<< "$ADDITIONAL_VOLUME_MOUNTS"