Skip to content

Commit

Permalink
Convert pre-build task to yaml.
Browse files Browse the repository at this point in the history
  • Loading branch information
@rnc
rnc committed Sep 25, 2024
1 parent 8278d06 commit a7bc4a4
Show file tree
Hide file tree
Showing 5 changed files with 273 additions and 80 deletions.
10 changes: 3 additions & 7 deletions deploy/tasks/maven-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,10 @@ spec:
type: string
default: "quay.io/redhat-appstudio/hacbs-jvm-build-request-processor:dev"
volumes:
- name: shared
emptyDir: {}
- name: workdir
emptyDir: {}
stepTemplate:
volumeMounts:
- mountPath: /shared
name: shared
- mountPath: /var/workdir
name: workdir
steps:
Expand All @@ -70,10 +66,10 @@ spec:
runAsUser: 0
computeResources:
limits:
cpu: "1"
memory: 2Gi
cpu: 300m
memory: 512Mi
requests:
cpu: 50m
cpu: 10m
memory: 512Mi
env:
- name: MVN_REPO
Expand Down
145 changes: 145 additions & 0 deletions deploy/tasks/pre-build.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,145 @@
---
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: pre-build
annotations:
tekton.dev/pipelines.minVersion: 0.12.1
tekton.dev/tags: image-build, konflux
labels:
app.kubernetes.io/version: "0.1"
build.appstudio.redhat.com/build_type: docker
spec:
description: |-
Sets up pre-build running the preprocessor, pushing the source and creating the OCI image.
params:
- name: IMAGE_URL
description: URL of the OCI image to use.
type: string
- name: NAME
description: Name of the pipeline run (i.e. unique dependency build name)
type: string
- name: GIT_SCRIPT
description: Git clone commands
type: string
- name: GIT_IDENTITY
description: Git username
type: string
- name: GIT_URL
description: URL to determine whether we're using gitlab or github
type: string
- name: GIT_DEPLOY_TOKEN
description: Name of jvm-build-git-repo-secrets secret containing git password/token to use.
type: string
- name: GIT_SSL_VERIFICATION
description: Whether to disable ssl verification
type: string
default: "false"
- name: GIT_REUSE_REPOSITORY
description: Whether to reuse existing git repository or create new one
type: string
- name: SCM_URL
description: Reference to the git repository
type: string
- name: SCM_HASH
description: Git hash
type: string
- name: RECIPE_IMAGE
description: The image from the build recipe to use
- name: BUILD_SCRIPT
description: The build script to embed with the Containerfile
- name: PREPROCESSOR_ARGS
description: The arguments for the build preprocessor
- name: ORAS_OPTIONS
type: string
description: Optional environment variable string for build-trusted-artifacts
default: ""
- name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE
description: Name of the processor image. Useful to override for development.
type: string
default: "quay.io/redhat-appstudio/hacbs-jvm-build-request-processor:dev"
results:
- name: PRE_BUILD_IMAGE_DIGEST
description: Digest of the image just built
- name: GIT_ARCHIVE
description: Git archive information
workspaces:
- description: The git repo will be cloned onto the volume backing this Workspace.
name: source
mountPath: /var/workdir
- name: tls
steps:
# Should we use our own git clone task? Or embed (somehow) Konflux's version?
- name: git-clone
image: $(params.RECIPE_IMAGE)
computeResources:
limits:
cpu: 300m
memory: 512Mi
requests:
cpu: 10m
memory: 512Mi
securityContext:
runAsUser: 0
env:
- name: GIT_TOKEN
valueFrom:
secretKeyRef:
name: jvm-build-git-secrets
key: .git-credentials
script: |
$(params.GIT_SCRIPT)
- name: preprocessor
image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE)
securityContext:
runAsUser: 0
computeResources:
limits:
cpu: 300m
memory: 512Mi
requests:
cpu: 10m
memory: 512Mi
script: |
$(params.BUILD_SCRIPT)
/opt/jboss/container/java/run/run-java.sh $(params.PREPROCESSOR_ARGS)
- name: create-pre-build-source
image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE)
securityContext:
runAsUser: 0
computeResources:
limits:
cpu: 300m
memory: 512Mi
requests:
cpu: 10m
memory: 512Mi
env:
- name: GIT_DEPLOY_TOKEN
valueFrom:
secretKeyRef:
name: $(params.GIT_DEPLOY_TOKEN)
key: gitdeploytoken
args:
- deploy-pre-build-source
- --source-path=$(workspaces.source.path)/source
- --task-run-name=$(context.taskRun.name)
- --scm-uri=$(params.SCM_URL)
- --scm-commit=$(params.SCM_HASH)
- --image-id=$(params.NAME)
- --git-identity=$(params.GIT_IDENTITY)
- --git-url=$(params.GIT_URL)
- --git-disable-ssl-verification=$(params.GIT_SSL_VERIFICATION)
- --git-reuse-repository=$(params.GIT_REUSE_REPOSITORY)
- name: create-pre-build-image
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:d6f57d97d19008437680190908fe5444cda380f9c77d0e9efde7153720412e05
script: |
echo "Creating pre-build-image archive"
export ORAS_OPTIONS="$ORAS_OPTIONS --image-spec=v1.0 --artifact-type application/vnd.oci.image.config.v1+json"
create-archive --store $(params.IMAGE_URL) $(results.PRE_BUILD_IMAGE_DIGEST.path)=$(workspaces.source.path)/source
env:
- name: ORAS_OPTIONS
value: $(params.ORAS_OPTIONS)
- name: IMAGE_URL
value: $(params.IMAGE_URL)

4 changes: 2 additions & 2 deletions ...s/build-request-processor/src/main/java/com/redhat/hacbs/container/deploy/git/GitHub.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,11 @@ enum Type {
public GitHub(String endpoint, String identity, String token, boolean ssl)
throws IOException {
if (isNotEmpty(token)) {
github = new GitHubBuilder().withEndpoint(endpoint == null ? GITHUB_URL : endpoint)
github = new GitHubBuilder().withEndpoint(isNotEmpty(endpoint) ? endpoint : GITHUB_URL)
.withOAuthToken(token)
.build();
} else {
github = new GitHubBuilder().withEndpoint(endpoint == null ? GITHUB_URL : endpoint)
github = new GitHubBuilder().withEndpoint(isNotEmpty(endpoint) ? endpoint : GITHUB_URL)
.build();
}
owner = identity;
Expand Down
Loading

0 comments on commit a7bc4a4

Please sign in to comment.