diff --git a/.github/workflows/shellspec.yaml b/.github/workflows/shellspec.yaml index b8637189a4..5b676c800f 100644 --- a/.github/workflows/shellspec.yaml +++ b/.github/workflows/shellspec.yaml @@ -21,6 +21,8 @@ jobs: fetch-depth: 0 - uses: jerop/tkn@v0.1.0 + with: + version: v0.32.2 - name: Shellspec run: hack/test-shellspec.sh diff --git a/.tekton/pull-request.yaml b/.tekton/pull-request.yaml index 8f8832692e..671e31db56 100644 --- a/.tekton/pull-request.yaml +++ b/.tekton/pull-request.yaml @@ -1,5 +1,5 @@ --- -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: PipelineRun metadata: name: build-definitions-pull-request diff --git a/.tekton/push.yaml b/.tekton/push.yaml index 89a7bd810d..518be0b464 100644 --- a/.tekton/push.yaml +++ b/.tekton/push.yaml @@ -1,5 +1,5 @@ --- -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: PipelineRun metadata: name: build-definitions-bundle-push diff --git a/.tekton/tasks/buildah.yaml b/.tekton/tasks/buildah.yaml index 3a185c4dc9..86fc5bfc60 100644 --- a/.tekton/tasks/buildah.yaml +++ b/.tekton/tasks/buildah.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: annotations: @@ -45,7 +45,7 @@ spec: steps: - image: $(params.BUILDER_IMAGE) name: build - resources: + computeResources: limits: memory: 2Gi cpu: 2 @@ -67,7 +67,7 @@ spec: workingDir: $(workspaces.source.path)/source - image: $(params.BUILDER_IMAGE) name: push - resources: {} + computeResources: {} script: | buildah --storage-driver=$(params.STORAGE_DRIVER) push \ --tls-verify=$(params.TLSVERIFY) \ @@ -83,7 +83,7 @@ spec: workingDir: $(workspaces.source.path)/source - image: $(params.BUILDER_IMAGE) name: digest-to-results - resources: {} + computeResources: {} script: | cat "$(workspaces.source.path)"/source/image-digest | tee $(results.IMAGE_DIGEST.path) echo -n "$(params.IMAGE)" | tee $(results.IMAGE_URL.path) diff --git a/.tekton/tasks/e2e-test.yaml b/.tekton/tasks/e2e-test.yaml index 04667257f0..6106c1cfab 100644 --- a/.tekton/tasks/e2e-test.yaml +++ b/.tekton/tasks/e2e-test.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: e2e-test diff --git a/.tekton/tasks/ec-checks.yaml b/.tekton/tasks/ec-checks.yaml index 0a6f860389..63c2ee0a3e 100644 --- a/.tekton/tasks/ec-checks.yaml +++ b/.tekton/tasks/ec-checks.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: ec-checks diff --git a/.tekton/tasks/yaml-lint.yaml b/.tekton/tasks/yaml-lint.yaml index bff8eca3e9..e4ba67b4c9 100644 --- a/.tekton/tasks/yaml-lint.yaml +++ b/.tekton/tasks/yaml-lint.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: yaml-lint diff --git a/appstudio-utils/Dockerfile b/appstudio-utils/Dockerfile index 997543ea85..1efa11c6b6 100755 --- a/appstudio-utils/Dockerfile +++ b/appstudio-utils/Dockerfile @@ -4,7 +4,7 @@ RUN curl -L https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 - RUN curl -L https://github.com/mikefarah/yq/releases/download/v4.25.1/yq_linux_amd64 -o /usr/bin/yq && chmod +x /usr/bin/yq RUN curl -L https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/latest-4.9/openshift-client-linux.tar.gz | tar -xz -C /usr/bin/ RUN curl -L https://github.com/sigstore/cosign/releases/download/v2.1.1/cosign-linux-amd64 -o /usr/bin/cosign && chmod +x /usr/bin/cosign -RUN curl -L https://mirror.openshift.com/pub/openshift-v4/clients/pipeline/0.21.0/tkn-linux-amd64-0.21.0.tar.gz | tar -xz --no-same-owner -C /usr/bin/ +RUN curl -L https://github.com/tektoncd/cli/releases/download/v0.32.2/tkn_0.32.2_Linux_x86_64.tar.gz | tar -xz --no-same-owner -C /usr/bin/ tkn RUN curl -L https://github.com/sigstore/rekor/releases/download/v0.5.0/rekor-cli-linux-amd64 -o /usr/bin/rekor-cli && chmod +x /usr/bin/rekor-cli RUN curl -L https://github.com/open-policy-agent/conftest/releases/download/v0.32.0/conftest_0.32.0_Linux_x86_64.tar.gz | tar -xz --no-same-owner -C /usr/bin RUN curl -L https://github.com/enterprise-contract/ec-cli/releases/download/snapshot/ec_linux_amd64 -o /usr/bin/ec && chmod +x /usr/bin/ec && ec version @@ -12,7 +12,6 @@ RUN curl -L https://github.com/enterprise-contract/ec-cli/releases/download/snap RUN dnf -y --setopt=tsflags=nodocs install \ git \ skopeo \ - https://github.com/tektoncd/cli/releases/download/v0.22.0/tektoncd-cli-0.22.0_Linux-64bit.rpm \ && dnf clean all COPY util-scripts /appstudio-utils/util-scripts diff --git a/hack/generate-buildah-remote.sh b/hack/generate-buildah-remote.sh index be2ed24f13..7de6da94a1 100755 --- a/hack/generate-buildah-remote.sh +++ b/hack/generate-buildah-remote.sh @@ -1,4 +1,8 @@ #!/bin/bash SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" -podman run -v "$SCRIPTDIR"/..:/data quay.io/redhat-user-workloads/rhtap-build-tenant/multi-arch-controller/multi-arch-controller:taskgen-d1a5fd1572512ee26d0546b287a491f24a84aba9 --buildah-task=/data/task/buildah/0.1/buildah.yaml --remote-task=/data/task/buildah-remote/0.1/buildah-remote.yaml +IMG=quay.io/redhat-user-workloads/rhtap-build-tenant/multi-arch-controller/multi-arch-controller:taskgen-57750ec21414607fa20acdef7984f32bbb7730af + +podman run -v "$SCRIPTDIR"/..:/data:Z $IMG \ + --buildah-task=/data/task/buildah/0.1/buildah.yaml \ + --remote-task=/data/task/buildah-remote/0.1/buildah-remote.yaml diff --git a/partners/example-hello-world/0.1/example-hello-world.yaml b/partners/example-hello-world/0.1/example-hello-world.yaml index 472dcf9e9b..e9d2cb3e62 100644 --- a/partners/example-hello-world/0.1/example-hello-world.yaml +++ b/partners/example-hello-world/0.1/example-hello-world.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: example-hello-world diff --git a/pipelines/enterprise-contract-everything.yaml b/pipelines/enterprise-contract-everything.yaml index ace1819109..53b5ffe0b7 100644 --- a/pipelines/enterprise-contract-everything.yaml +++ b/pipelines/enterprise-contract-everything.yaml @@ -1,7 +1,7 @@ # This is a copy of enterprise-contract.yaml with a different default value for the # POLICY_CONFIGURATION parameter. This is a workaround until the UI can provide sufficient # controls to allow users to provide parameters. https://issues.redhat.com/browse/HACBS-2294 -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: enterprise-contract-everything diff --git a/pipelines/enterprise-contract-redhat-no-hermetic.yaml b/pipelines/enterprise-contract-redhat-no-hermetic.yaml index 4d4d862140..b98816d570 100644 --- a/pipelines/enterprise-contract-redhat-no-hermetic.yaml +++ b/pipelines/enterprise-contract-redhat-no-hermetic.yaml @@ -1,7 +1,7 @@ # This is a copy of enterprise-contract.yaml with a different default value for the # POLICY_CONFIGURATION parameter. This is a workaround until the UI can provide sufficient # controls to allow users to provide parameters. https://issues.redhat.com/browse/HACBS-2294 -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: enterprise-contract-redhat-no-hermetic diff --git a/pipelines/enterprise-contract-redhat.yaml b/pipelines/enterprise-contract-redhat.yaml index 59455ca438..18760b51af 100644 --- a/pipelines/enterprise-contract-redhat.yaml +++ b/pipelines/enterprise-contract-redhat.yaml @@ -1,7 +1,7 @@ # This is a copy of enterprise-contract.yaml with a different default value for the # POLICY_CONFIGURATION parameter. This is a workaround until the UI can provide sufficient # controls to allow users to provide parameters. https://issues.redhat.com/browse/HACBS-2294 -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: enterprise-contract-redhat diff --git a/pipelines/enterprise-contract-slsa3.yaml b/pipelines/enterprise-contract-slsa3.yaml index ff7f03071a..4466187719 100644 --- a/pipelines/enterprise-contract-slsa3.yaml +++ b/pipelines/enterprise-contract-slsa3.yaml @@ -1,7 +1,7 @@ # This is a copy of enterprise-contract.yaml with a different default value for the # POLICY_CONFIGURATION parameter. This is a workaround until the UI can provide sufficient # controls to allow users to provide parameters. https://issues.redhat.com/browse/HACBS-2294 -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: enterprise-contract-slsa3 diff --git a/pipelines/enterprise-contract.yaml b/pipelines/enterprise-contract.yaml index 0e424a2e56..e3df5771f6 100644 --- a/pipelines/enterprise-contract.yaml +++ b/pipelines/enterprise-contract.yaml @@ -2,7 +2,7 @@ # images that are built but not automatically released in order to provide early feedback to users. # When auto release is enabled, the task is executed by the release pipeline immediately after the # container images are built, thus it is not necessary to execute the task via this pipeline. -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: enterprise-contract diff --git a/pipelines/prototypes/noop.yaml b/pipelines/prototypes/noop.yaml index 688e0bc08d..13edb5ff73 100644 --- a/pipelines/prototypes/noop.yaml +++ b/pipelines/prototypes/noop.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: noop diff --git a/pipelines/prototypes/prototype-build-compliance.yaml b/pipelines/prototypes/prototype-build-compliance.yaml index a8ef17bcb9..bd3b4a451e 100644 --- a/pipelines/prototypes/prototype-build-compliance.yaml +++ b/pipelines/prototypes/prototype-build-compliance.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: prototype-compliance diff --git a/pipelines/template-build/template-build.yaml b/pipelines/template-build/template-build.yaml index 941596bf14..c108cdbb0d 100644 --- a/pipelines/template-build/template-build.yaml +++ b/pipelines/template-build/template-build.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Pipeline metadata: name: template-build diff --git a/task/build-image-manifest/0.1/build-image-manifest.yaml b/task/build-image-manifest/0.1/build-image-manifest.yaml index fd68ed238e..65af8d126f 100644 --- a/task/build-image-manifest/0.1/build-image-manifest.yaml +++ b/task/build-image-manifest/0.1/build-image-manifest.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -48,7 +48,7 @@ spec: steps: - image: quay.io/redhat-appstudio/buildah:v1.31.0@sha256:34f12c7b72ec2c28f1ded0c494b428df4791c909f1f174dd21b8ed6a57cf5ddb name: build - resources: + computeResources: limits: memory: 4Gi cpu: 2 diff --git a/task/buildah-10gb/0.1/patch.yaml b/task/buildah-10gb/0.1/patch.yaml index ef4b917ed1..3cbc78cfde 100644 --- a/task/buildah-10gb/0.1/patch.yaml +++ b/task/buildah-10gb/0.1/patch.yaml @@ -2,8 +2,8 @@ path: /metadata/name value: buildah-10gb - op: replace - path: /spec/steps/0/resources/limits/memory + path: /spec/steps/0/computeResources/limits/memory value: 10Gi - op: replace - path: /spec/steps/0/resources/requests/memory + path: /spec/steps/0/computeResources/requests/memory value: 8Gi diff --git a/task/buildah-6gb/0.1/patch.yaml b/task/buildah-6gb/0.1/patch.yaml index 236984d1a4..63b1281bba 100644 --- a/task/buildah-6gb/0.1/patch.yaml +++ b/task/buildah-6gb/0.1/patch.yaml @@ -2,8 +2,8 @@ path: /metadata/name value: buildah-6gb - op: replace - path: /spec/steps/0/resources/limits/memory + path: /spec/steps/0/computeResources/limits/memory value: 6Gi - op: replace - path: /spec/steps/0/resources/requests/memory + path: /spec/steps/0/computeResources/requests/memory value: 4Gi diff --git a/task/buildah-8gb/0.1/patch.yaml b/task/buildah-8gb/0.1/patch.yaml index 2e6e3d6df0..58a3061956 100644 --- a/task/buildah-8gb/0.1/patch.yaml +++ b/task/buildah-8gb/0.1/patch.yaml @@ -2,8 +2,8 @@ path: /metadata/name value: buildah-8gb - op: replace - path: /spec/steps/0/resources/limits/memory + path: /spec/steps/0/computeResources/limits/memory value: 8Gi - op: replace - path: /spec/steps/0/resources/requests/memory + path: /spec/steps/0/computeResources/requests/memory value: 6Gi diff --git a/task/buildah-remote/0.1/buildah-remote.yaml b/task/buildah-remote/0.1/buildah-remote.yaml index 47ae49c94d..688761a716 100644 --- a/task/buildah-remote/0.1/buildah-remote.yaml +++ b/task/buildah-remote/0.1/buildah-remote.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: annotations: @@ -8,7 +8,6 @@ metadata: labels: app.kubernetes.io/version: "0.1" build.appstudio.redhat.com/build_type: docker - build.appstudio.redhat.com/multi-platform-required: "true" name: buildah-remote spec: description: |- @@ -77,6 +76,7 @@ spec: central. name: JAVA_COMMUNITY_DEPENDENCIES stepTemplate: + computeResources: {} env: - name: BUILDAH_FORMAT value: oci @@ -98,22 +98,20 @@ spec: value: $(params.IMAGE_EXPIRES_AFTER) - name: BUILDER_IMAGE value: $(params.BUILDER_IMAGE) - name: "" - resources: {} steps: - - env: - - name: COMMIT_SHA - value: $(params.COMMIT_SHA) - image: quay.io/redhat-appstudio/multi-platform-runner:01c7670e81d5120347cf0ad13372742489985e5f@sha256:246adeaaba600e207131d63a7f706cffdcdc37d8f600c56187123ec62823ff44 - imagePullPolicy: Always - name: build - resources: + - computeResources: limits: cpu: "2" memory: 4Gi requests: cpu: 250m memory: 512Mi + env: + - name: COMMIT_SHA + value: $(params.COMMIT_SHA) + image: quay.io/redhat-appstudio/multi-platform-runner:01c7670e81d5120347cf0ad13372742489985e5f@sha256:246adeaaba600e207131d63a7f706cffdcdc37d8f600c56187123ec62823ff44 + imagePullPolicy: Always + name: build script: |- set -o verbose mkdir -p ~/.ssh @@ -247,9 +245,9 @@ spec: name: ssh readOnly: true workingDir: $(workspaces.source.path) - - image: quay.io/redhat-appstudio/syft:v0.96.0 + - computeResources: {} + image: quay.io/redhat-appstudio/syft:v0.96.0 name: sbom-syft-generate - resources: {} script: | syft dir:$(workspaces.source.path)/source --output cyclonedx-json=$(workspaces.source.path)/sbom-source.json find $(cat /workspace/container_path) -xtype l -delete @@ -257,9 +255,9 @@ spec: volumeMounts: - mountPath: /var/lib/containers name: varlibcontainers - - image: quay.io/redhat-appstudio/hacbs-jvm-build-request-processor:1d417e6f1f3e68c6c537333b5759796eddae0afc + - computeResources: {} + image: quay.io/redhat-appstudio/hacbs-jvm-build-request-processor:1d417e6f1f3e68c6c537333b5759796eddae0afc name: analyse-dependencies-java-sbom - resources: {} script: | if [ -f /var/lib/containers/java ]; then /opt/jboss/container/java/run/run-java.sh analyse-dependencies path $(cat /workspace/container_path) -s $(workspaces.source.path)/sbom-image.json --task-run-name $(context.taskRun.name) --publishers $(results.SBOM_JAVA_COMPONENTS_COUNT.path) @@ -272,9 +270,9 @@ spec: volumeMounts: - mountPath: /var/lib/containers name: varlibcontainers - - image: registry.access.redhat.com/ubi9/python-39:1-143.1696863474 + - computeResources: {} + image: registry.access.redhat.com/ubi9/python-39:1-143.1696863474 name: merge-syft-sboms - resources: {} script: | #!/bin/python3 import json @@ -307,9 +305,9 @@ spec: securityContext: runAsUser: 0 workingDir: $(workspaces.source.path) - - image: quay.io/redhat-appstudio/cachi2:0.3.0@sha256:46097f22b57e4d48a3fce96d931e08ccfe3a3e6421362d5f9353961279078eef + - computeResources: {} + image: quay.io/redhat-appstudio/cachi2:0.3.0@sha256:46097f22b57e4d48a3fce96d931e08ccfe3a3e6421362d5f9353961279078eef name: merge-cachi2-sbom - resources: {} script: | if [ -n "${PREFETCH_INPUT}" ]; then echo "Merging contents of sbom-cachi2.json into sbom-cyclonedx.json" @@ -321,9 +319,9 @@ spec: securityContext: runAsUser: 0 workingDir: $(workspaces.source.path) - - image: registry.access.redhat.com/ubi9/python-39:1-143.1696863474 + - computeResources: {} + image: registry.access.redhat.com/ubi9/python-39:1-143.1696863474 name: create-purl-sbom - resources: {} script: | #!/bin/python3 import json @@ -339,9 +337,9 @@ spec: securityContext: runAsUser: 0 workingDir: $(workspaces.source.path) - - image: $(params.BUILDER_IMAGE) + - computeResources: {} + image: $(params.BUILDER_IMAGE) name: inject-sbom-and-push - resources: {} script: | # Expose base image digests buildah images --format '{{ .Name }}:{{ .Tag }}@{{ .Digest }}' | grep -v $IMAGE > $(results.BASE_IMAGES_DIGESTS.path) @@ -389,9 +387,9 @@ spec: - --type - cyclonedx - $(params.IMAGE) + computeResources: {} image: quay.io/redhat-appstudio/cosign:v2.1.1 name: upload-sbom - resources: {} workingDir: $(workspaces.source.path) volumes: - emptyDir: {} diff --git a/task/buildah/0.1/buildah.yaml b/task/buildah/0.1/buildah.yaml index d8a0f2641a..32376ccb49 100644 --- a/task/buildah/0.1/buildah.yaml +++ b/task/buildah/0.1/buildah.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -89,7 +89,7 @@ spec: steps: - image: $(params.BUILDER_IMAGE) name: build - resources: + computeResources: limits: memory: 4Gi cpu: 2 @@ -279,7 +279,7 @@ spec: - name: inject-sbom-and-push image: $(params.BUILDER_IMAGE) - resources: {} + computeResources: {} script: | # Expose base image digests buildah images --format '{{ .Name }}:{{ .Tag }}@{{ .Digest }}' | grep -v $IMAGE > $(results.BASE_IMAGES_DIGESTS.path) diff --git a/task/clair-scan/0.1/clair-scan.yaml b/task/clair-scan/0.1/clair-scan.yaml index 4233c4de63..9e67d42c94 100644 --- a/task/clair-scan/0.1/clair-scan.yaml +++ b/task/clair-scan/0.1/clair-scan.yaml @@ -1,5 +1,5 @@ --- -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/clamav-scan/0.1/clamav-scan.yaml b/task/clamav-scan/0.1/clamav-scan.yaml index 5e36ad2bc0..edf4abd9be 100644 --- a/task/clamav-scan/0.1/clamav-scan.yaml +++ b/task/clamav-scan/0.1/clamav-scan.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -37,7 +37,7 @@ spec: value: $(params.image-url) - name: IMAGE_DIGEST value: $(params.image-digest) - resources: + computeResources: limits: memory: 4Gi cpu: 2 diff --git a/task/deprecated-image-check/0.1/deprecated-image-check.yaml b/task/deprecated-image-check/0.1/deprecated-image-check.yaml index b42f1f23c1..824be03c9b 100644 --- a/task/deprecated-image-check/0.1/deprecated-image-check.yaml +++ b/task/deprecated-image-check/0.1/deprecated-image-check.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/deprecated-image-check/0.2/deprecated-image-check.yaml b/task/deprecated-image-check/0.2/deprecated-image-check.yaml index 69ddba88b0..d4de055954 100644 --- a/task/deprecated-image-check/0.2/deprecated-image-check.yaml +++ b/task/deprecated-image-check/0.2/deprecated-image-check.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/deprecated-image-check/0.3/deprecated-image-check.yaml b/task/deprecated-image-check/0.3/deprecated-image-check.yaml index 185dc37a12..977de6aa97 100644 --- a/task/deprecated-image-check/0.3/deprecated-image-check.yaml +++ b/task/deprecated-image-check/0.3/deprecated-image-check.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/fbc-related-image-check/0.1/fbc-related-image-check.yaml b/task/fbc-related-image-check/0.1/fbc-related-image-check.yaml index 6309147f39..9fc3a68c08 100644 --- a/task/fbc-related-image-check/0.1/fbc-related-image-check.yaml +++ b/task/fbc-related-image-check/0.1/fbc-related-image-check.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -19,7 +19,7 @@ spec: - name: check-related-images image: quay.io/redhat-appstudio/hacbs-test:v1.1.6@sha256:ce0ae008d221b80c7c41cf9cc5e5c43458b98d7196edd477064cad7a0c73304e workingDir: $(workspaces.workspace.path)/hacbs/$(context.task.name) - resources: + computeResources: limits: memory: 4Gi cpu: 2 diff --git a/task/fbc-validation/0.1/fbc-validation.yaml b/task/fbc-validation/0.1/fbc-validation.yaml index 9eab0f7a06..617c33eddc 100644 --- a/task/fbc-validation/0.1/fbc-validation.yaml +++ b/task/fbc-validation/0.1/fbc-validation.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -40,7 +40,7 @@ spec: capabilities: add: - SETFCAP - resources: + computeResources: limits: memory: 4Gi cpu: 2 diff --git a/task/git-clone/0.1/git-clone.yaml b/task/git-clone/0.1/git-clone.yaml index 5b3e0846b7..dfb718d4c9 100644 --- a/task/git-clone/0.1/git-clone.yaml +++ b/task/git-clone/0.1/git-clone.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -135,7 +135,7 @@ spec: - name: WORKSPACE_BASIC_AUTH_DIRECTORY_PATH value: $(workspaces.basic-auth.path) image: $(params.gitInitImage) - resources: {} + computeResources: {} securityContext: runAsUser: 0 script: | @@ -226,7 +226,7 @@ spec: value: $(params.subdirectory) - name: WORKSPACE_OUTPUT_PATH value: $(workspaces.output.path) - resources: {} + computeResources: {} script: | #!/usr/bin/env bash set -euo pipefail diff --git a/task/init/0.1/init.yaml b/task/init/0.1/init.yaml index aa66999813..021d309884 100644 --- a/task/init/0.1/init.yaml +++ b/task/init/0.1/init.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/prefetch-dependencies/0.1/prefetch-dependencies.yaml b/task/prefetch-dependencies/0.1/prefetch-dependencies.yaml index af8168fadc..2e9959fc76 100644 --- a/task/prefetch-dependencies/0.1/prefetch-dependencies.yaml +++ b/task/prefetch-dependencies/0.1/prefetch-dependencies.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/rpm-ostree/0.1/rpm-ostree.yaml b/task/rpm-ostree/0.1/rpm-ostree.yaml index fb73591452..45c4702e95 100644 --- a/task/rpm-ostree/0.1/rpm-ostree.yaml +++ b/task/rpm-ostree/0.1/rpm-ostree.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: annotations: @@ -65,8 +65,7 @@ spec: value: $(params.IMAGE_EXPIRES_AFTER) - name: BUILDER_IMAGE value: $(params.BUILDER_IMAGE) - name: "" - resources: {} + computeResources: {} steps: - env: - name: COMMIT_SHA @@ -74,7 +73,7 @@ spec: image: quay.io/redhat-appstudio/multi-platform-runner:01c7670e81d5120347cf0ad13372742489985e5f@sha256:246adeaaba600e207131d63a7f706cffdcdc37d8f600c56187123ec62823ff44 imagePullPolicy: Always name: build - resources: + computeResources: limits: cpu: "0.5" memory: 512Mi @@ -133,7 +132,7 @@ spec: workingDir: $(workspaces.source.path) - image: quay.io/redhat-appstudio/syft:v0.96.0 name: sbom-syft-generate - resources: + computeResources: limits: memory: 6Gi requests: @@ -145,7 +144,7 @@ spec: name: varlibcontainers - image: registry.access.redhat.com/ubi9/python-39:1-143.1696863474 name: create-purl-sbom - resources: {} + computeResources: {} script: | #!/bin/python3 import json @@ -163,7 +162,7 @@ spec: workingDir: $(workspaces.source.path) - image: quay.io/redhat-appstudio/multi-platform-runner:01c7670e81d5120347cf0ad13372742489985e5f name: inject-sbom-and-push - resources: {} + computeResources: {} script: | #!/bin/bash # Expose base image digests @@ -213,7 +212,7 @@ spec: - $(params.IMAGE) image: quay.io/redhat-appstudio/cosign:v2.1.1 name: upload-sbom - resources: {} + computeResources: {} workingDir: $(workspaces.source.path) volumes: - emptyDir: {} diff --git a/task/s2i-java/0.1/s2i-java.yaml b/task/s2i-java/0.1/s2i-java.yaml index 78a091bbeb..e2b1ec3bb7 100644 --- a/task/s2i-java/0.1/s2i-java.yaml +++ b/task/s2i-java/0.1/s2i-java.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -96,7 +96,7 @@ spec: value: /tekton/home image: registry.redhat.io/ocp-tools-4-tech-preview/source-to-image-rhel8@sha256:637c15600359cb45bc01445b5e811b6240ca239f0ebfe406b50146e34f68f631 name: s2i-gen - resources: {} + computeResources: {} workingDir: $(workspaces.source.path)/source securityContext: runAsUser: 0 @@ -127,7 +127,7 @@ spec: env: - name: COMMIT_SHA value: $(params.COMMIT_SHA) - resources: + computeResources: limits: memory: 4Gi cpu: 2 @@ -215,7 +215,7 @@ spec: - image: $(params.BUILDER_IMAGE) name: inject-sbom-and-push - resources: {} + computeResources: {} script: | # Expose base image digests buildah images --format '{{ .Name }}:{{ .Tag }}@{{ .Digest }}' | grep -v $IMAGE > $(results.BASE_IMAGES_DIGESTS.path) diff --git a/task/s2i-nodejs/0.1/s2i-nodejs.yaml b/task/s2i-nodejs/0.1/s2i-nodejs.yaml index 455c4330b2..9102c7894f 100644 --- a/task/s2i-nodejs/0.1/s2i-nodejs.yaml +++ b/task/s2i-nodejs/0.1/s2i-nodejs.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: @@ -81,7 +81,7 @@ spec: env: - name: HOME value: /tekton/home - resources: {} + computeResources: {} volumeMounts: - mountPath: /gen-source name: gen-source @@ -109,7 +109,7 @@ spec: env: - name: COMMIT_SHA value: $(params.COMMIT_SHA) - resources: + computeResources: limits: memory: 2Gi cpu: 2 @@ -182,7 +182,7 @@ spec: - image: $(params.BUILDER_IMAGE) name: inject-sbom-and-push - resources: {} + computeResources: {} script: | # Expose base image digests buildah images --format '{{ .Name }}:{{ .Tag }}@{{ .Digest }}' | grep -v $IMAGE > $(results.BASE_IMAGES_DIGESTS.path) diff --git a/task/sast-snyk-check/0.1/sast-snyk-check.yaml b/task/sast-snyk-check/0.1/sast-snyk-check.yaml index a491c9ef06..7eccb4e4d9 100644 --- a/task/sast-snyk-check/0.1/sast-snyk-check.yaml +++ b/task/sast-snyk-check/0.1/sast-snyk-check.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/sbom-json-check/0.1/sbom-json-check.yaml b/task/sbom-json-check/0.1/sbom-json-check.yaml index edb0cf5e4d..d00a00cb08 100644 --- a/task/sbom-json-check/0.1/sbom-json-check.yaml +++ b/task/sbom-json-check/0.1/sbom-json-check.yaml @@ -1,5 +1,5 @@ --- -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: sbom-json-check diff --git a/task/show-sbom/0.1/show-sbom.yaml b/task/show-sbom/0.1/show-sbom.yaml index ac4b00d153..0448dc6877 100644 --- a/task/show-sbom/0.1/show-sbom.yaml +++ b/task/show-sbom/0.1/show-sbom.yaml @@ -1,5 +1,5 @@ --- -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: show-sbom diff --git a/task/slack-webhook-notification/0.1/slack-webhook-notification.yaml b/task/slack-webhook-notification/0.1/slack-webhook-notification.yaml index a280e2c0ba..df5f58fd5d 100644 --- a/task/slack-webhook-notification/0.1/slack-webhook-notification.yaml +++ b/task/slack-webhook-notification/0.1/slack-webhook-notification.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/source-build/0.1/source-build.yaml b/task/source-build/0.1/source-build.yaml index beec38feb5..ff1dcfd7a0 100644 --- a/task/source-build/0.1/source-build.yaml +++ b/task/source-build/0.1/source-build.yaml @@ -1,5 +1,5 @@ --- -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: source-build @@ -37,7 +37,7 @@ spec: steps: - name: build image: quay.io/redhat-appstudio/build-definitions-source-image-build-utils:latest - resources: + computeResources: limits: memory: 2Gi cpu: 1 diff --git a/task/summary/0.1/summary.yaml b/task/summary/0.1/summary.yaml index 520f8fa70d..bbcfa8a03c 100644 --- a/task/summary/0.1/summary.yaml +++ b/task/summary/0.1/summary.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/tkn-bundle/0.1/spec/test1.yaml b/task/tkn-bundle/0.1/spec/test1.yaml index 7ce7063db8..b07d1ad2af 100644 --- a/task/tkn-bundle/0.1/spec/test1.yaml +++ b/task/tkn-bundle/0.1/spec/test1.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: test1 diff --git a/task/tkn-bundle/0.1/spec/test2.yml b/task/tkn-bundle/0.1/spec/test2.yml index 696965a4df..679d90a05b 100644 --- a/task/tkn-bundle/0.1/spec/test2.yml +++ b/task/tkn-bundle/0.1/spec/test2.yml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: test2 diff --git a/task/tkn-bundle/0.1/spec/test3.yaml b/task/tkn-bundle/0.1/spec/test3.yaml index 81d77784e9..dd853ad04f 100644 --- a/task/tkn-bundle/0.1/spec/test3.yaml +++ b/task/tkn-bundle/0.1/spec/test3.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: name: test3 diff --git a/task/tkn-bundle/0.1/spec/tkn-bundle_spec.sh b/task/tkn-bundle/0.1/spec/tkn-bundle_spec.sh index 79ec9afb46..305cd41c5b 100755 --- a/task/tkn-bundle/0.1/spec/tkn-bundle_spec.sh +++ b/task/tkn-bundle/0.1/spec/tkn-bundle_spec.sh @@ -23,7 +23,7 @@ Describe "tkn-bundle task" kubectl cluster-info 2>&1 || { echo 'ERROR: Failed to access the cluster'; return 1; } # Install Tekton Pipeline, proceed with the rest of the test of the setup - kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.42.0/release.yaml + kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.3/release.yaml # Create the test namespace kubectl create namespace test --dry-run=client -o yaml | kubectl apply -f - @@ -104,8 +104,8 @@ spec: The output should include 'Added Task: test2 to image' The output should include 'Added Task: test3 to image' The output should include 'Pushed Tekton Bundle to registry:5000/bundle' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/bundle:tag\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/bundle:tag\\z")' The taskrun should jq '.status.taskSpec.stepTemplate.env[] | select(.name == "HOME").value | test("\\A/tekton/home\\z")' End @@ -115,8 +115,8 @@ spec: The output should not include 'Added Task: test2 to image' The output should include 'Added Task: test3 to image' The output should include 'Pushed Tekton Bundle to registry:5000/sub' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/sub:tag\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/sub:tag\\z")' The taskrun should jq '.status.taskSpec.stepTemplate.env[] | select(.name == "HOME").value | test("\\A/tekton/home\\z")' End @@ -126,8 +126,8 @@ spec: The output should not include 'Added Task: test3 to image' The output should include 'Added Task: test2 to image' The output should include 'Pushed Tekton Bundle to registry:5000/file' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/file:tag\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/file:tag\\z")' The taskrun should jq '.status.taskSpec.stepTemplate.env[] | select(.name == "HOME").value | test("\\A/tekton/home\\z")' End @@ -137,8 +137,8 @@ spec: The output should include 'Added Task: test2 to image' The output should include 'Added Task: test3 to image' The output should include 'Pushed Tekton Bundle to registry:5000/mix' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/mix:tag\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/mix:tag\\z")' The taskrun should jq '.status.taskSpec.stepTemplate.env[] | select(.name == "HOME").value | test("\\A/tekton/home\\z")' End @@ -148,8 +148,8 @@ spec: The output should include 'Added Task: test1 to image' The output should include 'Added Task: test2 to image' The output should include 'Pushed Tekton Bundle to registry:5000/neg' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/neg:tag\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/neg:tag\\z")' The taskrun should jq '.status.taskSpec.stepTemplate.env[] | select(.name == "HOME").value | test("\\A/tekton/home\\z")' End @@ -159,8 +159,8 @@ spec: The output should include 'Added Task: test2 to image' The output should include 'Added Task: test3 to image' The output should include 'Pushed Tekton Bundle to registry:5000/bundle' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' - The taskrun should jq '.status.taskResults[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/bundle:summer-home\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_DIGEST").value | test("\\Asha256:[a-z0-9]+\\z")' + The taskrun should jq '.status.results[] | select(.name=="IMAGE_URL").value | test("\\Aregistry:5000/bundle:summer-home\\z")' The taskrun should jq '.status.taskSpec.stepTemplate.env[] | select(.name == "HOME").value | test("\\A/tekton/summer-home\\z")' End End diff --git a/task/tkn-bundle/0.1/tkn-bundle.yaml b/task/tkn-bundle/0.1/tkn-bundle.yaml index 457586bc24..17ca736fbf 100644 --- a/task/tkn-bundle/0.1/tkn-bundle.yaml +++ b/task/tkn-bundle/0.1/tkn-bundle.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: diff --git a/task/update-infra-deployments/0.1/update-infra-deployments.yaml b/task/update-infra-deployments/0.1/update-infra-deployments.yaml index d95edca19d..0c85b7c2fa 100644 --- a/task/update-infra-deployments/0.1/update-infra-deployments.yaml +++ b/task/update-infra-deployments/0.1/update-infra-deployments.yaml @@ -1,4 +1,4 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: Task metadata: labels: