-
Notifications
You must be signed in to change notification settings - Fork 141
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
IMAGE_REF
result from image building Tasks
This helps in the reuse of the results when using matrix feature of Tekton. Given that the concatenation of two results from matrix-spawned Tasks is not supported, e.g. $(tasks.build-container-multiarch.results.IMAGE_URL[*])@$(tasks.build-container-multiarch.results.IMAGE_DIGEST[*]) will not expand correctly. This produces the image reference in full in the `IMAGE_REF` result, so the result from the matrix-spawned Tasks can be referenced using: $(tasks.build-container-multiarch.results.IMAGE_REF[*]) Reference: https://issues.redhat.com/browse/EC-654
- Loading branch information
Showing
23 changed files
with
156 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
# buildah-remote task | ||
|
||
Buildah task builds source code into a container image and pushes the image into container registry using buildah tool. | ||
In addition it generates a SBOM file, injects the SBOM file into final container image and pushes the SBOM file as separate image using cosign tool. | ||
When [Java dependency rebuild](https://redhat-appstudio.github.io/docs.stonesoup.io/Documentation/main/cli/proc_enabled_java_dependencies.html) is enabled it triggers rebuilds of Java artifacts. | ||
When prefetch-dependencies task was activated it is using its artifacts to run build in hermetic environment. | ||
|
||
## Parameters | ||
|name|description|default value|required| | ||
|---|---|---|---| | ||
|IMAGE|Reference of the image buildah will produce.||true| | ||
|DOCKERFILE|Path to the Dockerfile to build.|./Dockerfile|false| | ||
|CONTEXT|Path to the directory to use as context.|.|false| | ||
|TLSVERIFY|Verify the TLS on the registry endpoint (for push/pull to a non-TLS registry)|true|false| | ||
|HERMETIC|Determines if build will be executed without network access.|false|false| | ||
|PREFETCH_INPUT|In case it is not empty, the prefetched content should be made available to the build.|""|false| | ||
|IMAGE_EXPIRES_AFTER|Delete image tag after specified time. Empty means to keep the image tag. Time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.|""|false| | ||
|COMMIT_SHA|The image is built from this commit.|""|false| | ||
|YUM_REPOS_D_SRC|Path in the git repository in which yum repository files are stored|repos.d|false| | ||
|YUM_REPOS_D_FETCHED|Path in source workspace where dynamically-fetched repos are present|fetched.repos.d|false| | ||
|YUM_REPOS_D_TARGET|Target path on the container in which yum repository files should be made available|/etc/yum.repos.d|false| | ||
|TARGET_STAGE|Target stage in Dockerfile to build. If not specified, the Dockerfile is processed entirely to (and including) its last stage.|""|false| | ||
|ENTITLEMENT_SECRET|Name of secret which contains the entitlement certificates|etc-pki-entitlement|false| | ||
|ACTIVATION_KEY|Name of secret which contains subscription activation key|activation-key|false| | ||
|ADDITIONAL_SECRET|Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$ADDITIONAL_SECRET|does-not-exist|false| | ||
|BUILD_ARGS|Array of --build-arg values ("arg=value" strings)|[]|false| | ||
|BUILD_ARGS_FILE|Path to a file with build arguments, see https://www.mankier.com/1/buildah-build#--build-arg-file|""|false| | ||
|caTrustConfigMapName|The name of the ConfigMap to read CA bundle data from.|trusted-ca|false| | ||
|caTrustConfigMapKey|The name of the key in the ConfigMap that contains the CA bundle data.|ca-bundle.crt|false| | ||
|ADD_CAPABILITIES|Comma separated list of extra capabilities to add when running 'buildah build'|""|false| | ||
|SQUASH|Squash all new and previous layers added as a part of this build, as per --squash|false|false| | ||
|STORAGE_DRIVER|Storage driver to configure for buildah|vfs|false| | ||
|SKIP_UNUSED_STAGES|Whether to skip stages in Containerfile that seem unused by subsequent stages|true|false| | ||
|PLATFORM|The platform to build on||true| | ||
|
||
## Results | ||
|name|description| | ||
|---|---| | ||
|IMAGE_DIGEST|Digest of the image just built| | ||
|IMAGE_URL|Image repository where the built image was pushed| | ||
|IMAGE_REF|Image reference of the built image| | ||
|SBOM_JAVA_COMPONENTS_COUNT|The counting of Java components by publisher in JSON format| | ||
|JAVA_COMMUNITY_DEPENDENCIES|The Java dependencies that came from community sources such as Maven central.| | ||
|
||
## Workspaces | ||
|name|description|optional| | ||
|---|---|---| | ||
|source|Workspace containing the source code to build.|false| |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# rpm-ostree task | ||
|
||
RPM Ostree | ||
|
||
## Parameters | ||
|name|description|default value|required| | ||
|---|---|---|---| | ||
|IMAGE|Reference of the image rpm-ostree will produce.||true| | ||
|BUILDER_IMAGE|The location of the rpm-ostree builder image.|quay.io/redhat-user-workloads/project-sagano-tenant/ostree-builder/ostree-builder-fedora-38:d124414a81d17f31b1d734236f55272a241703d7|false| | ||
|CONTEXT|Path to the directory to use as context.|.|false| | ||
|IMAGE_FILE|The file to use to build the image||true| | ||
|TLSVERIFY|Verify the TLS on the registry endpoint (for push/pull to a non-TLS registry)|true|false| | ||
|IMAGE_EXPIRES_AFTER|Delete image tag after specified time. Empty means to keep the image tag. Time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.|""|false| | ||
|COMMIT_SHA|The image is built from this commit.|""|false| | ||
|PLATFORM|The platform to build on||true| | ||
|CONFIG_FILE|The relative path of the file used to configure the rpm-ostree tool found in source control. See https://github.com/coreos/rpm-ostree/blob/main/docs/container.md#adding-container-image-configuration|""|false| | ||
|HERMETIC|Determines if build will be executed without network access.|false|false| | ||
|
||
## Results | ||
|name|description| | ||
|---|---| | ||
|IMAGE_DIGEST|Digest of the image just built| | ||
|IMAGE_URL|Image repository where the built image was pushed| | ||
|IMAGE_REF|Image reference of the built image| | ||
|BASE_IMAGES_DIGESTS|Digests of the base images used for build| | ||
|SBOM_BLOB_URL|Reference, including digest to the SBOM blob| | ||
|
||
## Workspaces | ||
|name|description|optional| | ||
|---|---|---| | ||
|source|Workspace containing the source code to build.|false| |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.