From 305fedb04bcfcbd547dc8038f19fbede4bcd0d1c Mon Sep 17 00:00:00 2001 From: Brian Cook Date: Thu, 18 Jul 2024 11:04:09 +0000 Subject: [PATCH] move changes from buildah-oci-ta to buildah --- task/buildah-oci-ta/0.1/buildah-oci-ta.yaml | 20 +------------------- task/buildah/0.1/buildah.yaml | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml b/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml index a4eda6b621..38d9ad4e8e 100644 --- a/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml +++ b/task/buildah-oci-ta/0.1/buildah-oci-ta.yaml @@ -59,10 +59,6 @@ spec: description: Name of secret which contains the entitlement certificates type: string default: etc-pki-entitlement - - name: ACTIVATION_KEY - default: activation-key - description: Name of secret which contains subscription activation key - type: string - name: HERMETIC description: Determines if build will be executed without network access. type: string @@ -152,10 +148,7 @@ spec: secret: optional: true secretName: $(params.ENTITLEMENT_SECRET) - - name: activation-key - secret: - optional: true - secretName: $(params.ACTIVATION_KEY) + - name: shared emptyDir: {} - name: trusted-ca @@ -185,8 +178,6 @@ spec: value: $(params.DOCKERFILE) - name: ENTITLEMENT_SECRET value: $(params.ENTITLEMENT_SECRET) - - name: ACTIVATION_KEY - value: $(params.ACTIVATION_KEY) - name: HERMETIC value: $(params.HERMETIC) - name: IMAGE @@ -231,8 +222,6 @@ spec: name: varlibcontainers - mountPath: /entitlement name: etc-pki-entitlement - - mountPath: /activation-key - name: activation-key - mountPath: /additional-secret name: additional-secret - mountPath: /mnt/trusted-ca @@ -365,13 +354,6 @@ spec: echo "Adding the entitlement to the build" fi - ACTIVATION_KEY_PATH="/activation-key" - if [ -d "$ACTIVATION_KEY_PATH" ]; then - cp -r --preserve=mode "$ACTIVATION_KEY_PATH" /tmp/activation-key - VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume /tmp/activation-key:/activation-key" - echo "Adding activation key to the build" - fi - ADDITIONAL_SECRET_PATH="/additional-secret" ADDITIONAL_SECRET_TMP="/tmp/additional-secret" if [ -d "$ADDITIONAL_SECRET_PATH" ]; then diff --git a/task/buildah/0.1/buildah.yaml b/task/buildah/0.1/buildah.yaml index 04e493dd3f..dec1ad4b44 100644 --- a/task/buildah/0.1/buildah.yaml +++ b/task/buildah/0.1/buildah.yaml @@ -71,6 +71,10 @@ spec: description: Name of secret which contains the entitlement certificates type: string default: "etc-pki-entitlement" + - name: ACTIVATION_KEY + default: activation-key + description: Name of secret which contains subscription activation key + type: string - name: ADDITIONAL_SECRET description: Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$ADDITIONAL_SECRET type: string @@ -153,6 +157,8 @@ spec: value: $(params.BUILDER_IMAGE) - name: ENTITLEMENT_SECRET value: $(params.ENTITLEMENT_SECRET) + - name: ACTIVATION_KEY + value: $(params.ACTIVATION_KEY) - name: ADDITIONAL_SECRET value: $(params.ADDITIONAL_SECRET) - name: BUILD_ARGS_FILE @@ -306,6 +312,13 @@ spec: echo "Adding the entitlement to the build" fi + ACTIVATION_KEY_PATH="/activation-key" + if [ -d "$ACTIVATION_KEY_PATH" ]; then + cp -r --preserve=mode "$ACTIVATION_KEY_PATH" /tmp/activation-key + VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume /tmp/activation-key:/activation-key" + echo "Adding activation key to the build" + fi + ADDITIONAL_SECRET_PATH="/additional-secret" ADDITIONAL_SECRET_TMP="/tmp/additional-secret" if [ -d "$ADDITIONAL_SECRET_PATH" ]; then @@ -353,6 +366,8 @@ spec: name: varlibcontainers - mountPath: "/entitlement" name: etc-pki-entitlement + - mountPath: /activation-key + name: activation-key - mountPath: "/additional-secret" name: additional-secret - name: trusted-ca @@ -543,6 +558,10 @@ spec: secret: secretName: $(params.ENTITLEMENT_SECRET) optional: true + - name: activation-key + secret: + optional: true + secretName: $(params.ACTIVATION_KEY) - name: additional-secret secret: secretName: $(params.ADDITIONAL_SECRET)