From 094c4da5731ef55af6ddfe377bdb735d69d59d9c Mon Sep 17 00:00:00 2001 From: Stuart Douglas Date: Wed, 29 May 2024 12:46:32 +1000 Subject: [PATCH] Fix non-hermetic OCI TA builds With OCI artifacts the directory is now always there, this now checks for specific files. --- task/buildah-oci-ta/0.1/buildah-oci-ta.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml b/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml index 65578381f3..1c61de7488 100644 --- a/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml +++ b/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml @@ -211,7 +211,7 @@ spec: BUILDAH_ARGS+=("--build-arg=$build_arg") done - if [ -d "/var/workdir/cachi2" ]; then + if [ -f "/var/workdir/cachi2/cachi2.env" ]; then cp -r "/var/workdir/cachi2" /tmp/ chmod -R go+rwX /tmp/cachi2 VOLUME_MOUNTS="--volume /tmp/cachi2:/cachi2" @@ -267,7 +267,7 @@ spec: echo $container > /var/workdir/container_name # Save the SBOM produced by Cachi2 so it can be merged into the final SBOM later - if [ -d "/var/workdir/cachi2" ]; then + if [ -f "/tmp/cachi2/output/bom.json" ]; then cp /tmp/cachi2/output/bom.json ./sbom-cachi2.json fi @@ -359,7 +359,7 @@ spec: - name: merge-cachi2-sbom image: quay.io/redhat-appstudio/cachi2:0.7.0@sha256:1fc772aa3636fd0b43d62120d832e5913843e028e8cac42814b487c3a0a32bd8 script: | - if [ -d "/var/workdir/cachi2" ]; then + if [ -f "/var/workdir/sbom-cachi2.json" ]; then echo "Merging contents of sbom-cachi2.json into sbom-cyclonedx.json" /src/utils/merge_syft_sbom.py sbom-cachi2.json sbom-cyclonedx.json > sbom-temp.json mv sbom-temp.json sbom-cyclonedx.json