Skip to content

Commit

Permalink
prefetch-dependencies: support for cachi2 config file
Browse files Browse the repository at this point in the history
Some behaviour configuring options are (rightfully) not exposed via CLI
options, e.g. setting a timeout on HTTP requests which may be useful
for users to set on slower connections and large artifact downloads
where the default backend timeouts are simply not long enough.
Allow consumers to pass a configuration YAML file to cachi2 to tweak
supported behavioural traits.

Signed-off-by: Erik Skultety <[email protected]>
  • Loading branch information
eskultety committed Jul 19, 2024
1 parent 881800c commit ca4addd
Show file tree
Hide file tree
Showing 4 changed files with 62 additions and 2 deletions.
1 change: 1 addition & 0 deletions task/prefetch-dependencies-oci-ta/0.1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ https://github.com/containerbuildsystem/cachi2#basic-usage.
|SOURCE_ARTIFACT|The Trusted Artifact URI pointing to the artifact with the application source code.||true|
|caTrustConfigMapKey|The name of the key in the ConfigMap that contains the CA bundle data.|ca-bundle.crt|false|
|caTrustConfigMapName|The name of the ConfigMap to read CA bundle data from.|trusted-ca|false|
|config-file-content|Pass configuration to cachi2. Note this needs to be passed as a YAML-formatted config dump, not as a file path! ||true|
|dev-package-managers|Enable in-development package managers. WARNING: the behavior may change at any time without notice. Use at your own risk. |false|false|
|input|Configures project packages that will have their dependencies prefetched.||true|
|log-level|Set cachi2 log level (debug, info, warning, error)|info|false|
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,10 @@ spec:
description: The name of the ConfigMap to read CA bundle data from.
type: string
default: trusted-ca
- name: config-file-content
description: |
Pass configuration to cachi2.
Note this needs to be passed as a YAML-formatted config dump, not as a file path!
- name: dev-package-managers
description: |
Enable in-development package managers. WARNING: the behavior may change at any time without notice. Use at your own risk.
Expand Down Expand Up @@ -56,6 +60,8 @@ spec:
the application source code.
type: string
volumes:
- name: config
emptyDir: {}
- name: trusted-ca
configMap:
items:
Expand All @@ -79,7 +85,12 @@ spec:
performing http(s) requests.
optional: true
stepTemplate:
env:
- name: CONFIG_FILE
value: $(params.config-file-content)
volumeMounts:
- mountPath: /mnt/config
name: config
- mountPath: /var/workdir
name: workdir
steps:
Expand All @@ -104,6 +115,15 @@ spec:
args:
- use
- $(params.SOURCE_ARTIFACT)=/var/workdir/source
- name: sanitize-cachi2-config-file-with-yq
image: quay.io/konflux-ci/yq@sha256:974dea6375ee9df561ffd3baf994db2b61777a71f3bcf0050c5dca91ac9b3430
script: |
if [ -n "${CONFIG_FILE}" ]; then
# we need to drop 'goproxy_url' for safety reasons until cachi2 decides what the SBOM
# impact of this configuration option will be:
# https://github.com/containerbuildsystem/cachi2/issues/577
yq 'del(.goproxy_url)' <<<"${CONFIG_FILE}" >/mnt/config/config.yaml
fi
- name: prefetch-dependencies
image: quay.io/redhat-appstudio/cachi2:0.8.0@sha256:5cf15d6f3fb151a3e12c8a17024062b7cc62b0c3e1b165e4a9fa5bf7a77bdc30
volumeMounts:
Expand Down Expand Up @@ -132,6 +152,12 @@ spec:
exit 0
fi
if [ -f /mnt/config/config.yaml ]; then
config_flag=--config-file=/mnt/config/config.yaml
else
config_flag=""
fi
if [ "$DEV_PACKAGE_MANAGERS" = "true" ]; then
dev_pacman_flag=--dev-package-managers
else
Expand Down Expand Up @@ -167,7 +193,7 @@ spec:
update-ca-trust
fi
cachi2 --log-level="$LOG_LEVEL" fetch-deps \
cachi2 --log-level="$LOG_LEVEL" $config_flag fetch-deps \
$dev_pacman_flag \
--source=/var/workdir/source \
--output=/var/workdir/cachi2/output \
Expand Down
1 change: 1 addition & 0 deletions task/prefetch-dependencies/0.1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ See docs at https://github.com/containerbuildsystem/cachi2#basic-usage.
|input|Configures project packages that will have their dependencies prefetched.||true|
|dev-package-managers|Enable in-development package managers. WARNING: the behavior may change at any time without notice. Use at your own risk. |false|false|
|log-level|Set cachi2 log level (debug, info, warning, error)|info|false|
|config-file-content|Pass configuration to cachi2. Note this needs to be passed as a YAML-formatted config dump, not as a file path! ||true|
|caTrustConfigMapName|The name of the ConfigMap to read CA bundle data from.|trusted-ca|false|
|caTrustConfigMapKey|The name of the key in the ConfigMap that contains the CA bundle data.|ca-bundle.crt|false|

Expand Down
34 changes: 33 additions & 1 deletion task/prefetch-dependencies/0.1/prefetch-dependencies.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@ spec:
- description: Set cachi2 log level (debug, info, warning, error)
name: log-level
default: "info"
- description: |
Pass configuration to cachi2.
Note this needs to be passed as a YAML-formatted config dump, not as a file path!
name: config-file-content
- name: caTrustConfigMapName
type: string
description: The name of the ConfigMap to read CA bundle data from.
Expand All @@ -30,7 +34,27 @@ spec:
type: string
description: The name of the key in the ConfigMap that contains the CA bundle data.
default: ca-bundle.crt

stepTemplate:
env:
- name: CONFIG_FILE
value: $(params.config-file-content)
volumeMounts:
- name: config
mountPath: /mnt/config

steps:
- name: sanitize-cachi2-config-file-with-yq
image: quay.io/konflux-ci/yq@sha256:974dea6375ee9df561ffd3baf994db2b61777a71f3bcf0050c5dca91ac9b3430
script: |
if [ -n "${CONFIG_FILE}" ]
then
# we need to drop 'goproxy_url' for safety reasons until cachi2 decides what the SBOM
# impact of this configuration option will be:
# https://github.com/containerbuildsystem/cachi2/issues/577
yq 'del(.goproxy_url)' <<< "${CONFIG_FILE}" > /mnt/config/config.yaml
fi
- image: quay.io/redhat-appstudio/cachi2:0.8.0@sha256:5cf15d6f3fb151a3e12c8a17024062b7cc62b0c3e1b165e4a9fa5bf7a77bdc30
# per https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting
# the cluster will set imagePullPolicy to IfNotPresent
Expand Down Expand Up @@ -62,6 +86,12 @@ spec:
exit 0
fi
if [ -f /mnt/config/config.yaml ]; then
config_flag=--config-file=/mnt/config/config.yaml
else
config_flag=""
fi
if [ "$DEV_PACKAGE_MANAGERS" = "true" ]; then
dev_pacman_flag=--dev-package-managers
else
Expand Down Expand Up @@ -97,7 +127,7 @@ spec:
update-ca-trust
fi
cachi2 --log-level="$LOG_LEVEL" fetch-deps \
cachi2 --log-level="$LOG_LEVEL" $config_flag fetch-deps \
$dev_pacman_flag \
--source=$(workspaces.source.path)/source \
--output=$(workspaces.source.path)/cachi2/output \
Expand Down Expand Up @@ -133,3 +163,5 @@ spec:
- key: $(params.caTrustConfigMapKey)
path: ca-bundle.crt
optional: true
- name: config
emptyDir: {}

0 comments on commit ca4addd

Please sign in to comment.