konflux-ci · chmeliik · Jun 19, 2024 · Jun 6, 2024 · Jun 6, 2024 · Jun 9, 2024
@@ -41,6 +41,10 @@ There is a container which is used to support multiple set of tasks called `quay
 
 Shellspec tests can be run by invoking `hack/test-shellspec.sh`.
 
+### StepActions
+
+The StepActions can be found in the `stepactions` directory. StepActions are not yet bundled.
+
 ## Release
 
 Release is done by (better leave it to the [push pipeline](.tekton/push.yaml)):

@@ -1,13 +1,13 @@
 #!/bin/bash
 
-TASK=$1
-if [ ! -f "$TASK" ]; then
-  echo "Usage: $0 \$PATH_TO_TASK"
+RESOURCE=$1
+if [ ! -f "$RESOURCE" ]; then
+  echo "Usage: $0 \$PATH_TO_TASK_OR_STEPACTION"
   exit 1
 fi
-echo "# $(yq '.metadata.name' $TASK) task"
+echo "# $(yq '.metadata.name' $RESOURCE) $(yq '.kind | downcase' $RESOURCE)"
 echo
-yq '.spec.description' $TASK
+yq '.spec.description' $RESOURCE
 echo
 PARAMS=$(yq '
     .spec.params.[] |
@@ -17,7 +17,7 @@ PARAMS=$(yq '
         "|" + (.description // "" | sub("\n", " ")) +
         "|" + (.default // (.default != "*" | "")) +
         "|" + (.default != "*") + "|"
-    )' $TASK
+    )' $RESOURCE
 )
 if [ -n "$PARAMS" ]; then
   echo "## Parameters"
@@ -27,7 +27,7 @@ if [ -n "$PARAMS" ]; then
   echo
 fi
 
-RESULTS=$(yq '.spec.results.[] | ("|" + .name + "|" + (.description // "" | sub("\n", " ")) + "|")' $TASK)
+RESULTS=$(yq '.spec.results.[] | ("|" + .name + "|" + (.description // "" | sub("\n", " ")) + "|")' $RESOURCE)
 if [ -n "$RESULTS" ]; then
   echo "## Results"
   echo "|name|description|"
@@ -36,7 +36,7 @@ if [ -n "$RESULTS" ]; then
   echo
 fi
 
-WORKSPACES=$(yq '.spec.workspaces.[] | ("|" + .name + "|" + (.description // "" | sub("\n", " ")) + "|" + (.optional // "false") + "|")' $TASK)
+WORKSPACES=$(yq '.spec.workspaces.[] | ("|" + .name + "|" + (.description // "" | sub("\n", " ")) + "|" + (.optional // "false") + "|")' $RESOURCE)
 if [ -n "$WORKSPACES" ]; then
   echo "## Workspaces"
   echo "|name|description|optional|"

@@ -5,8 +5,13 @@
   ],
   "dependencyDashboard": false,
   "tekton": {
-      "fileMatch": ["\\.yaml$", "\\.yml$"],
-      "includePaths": [".tekton/**", "task/**", "pipelines/enterprise-contract*.yaml"]
+    "fileMatch": ["\\.yaml$", "\\.yml$"],
+    "includePaths": [
+      ".tekton/**",
+      "task/**",
+      "stepactions/**",
+      "pipelines/enterprise-contract*.yaml"
+    ]
   },
   "packageRules": [
     {

@@ -0,0 +1,15 @@
+# eaas-get-supported-ephemeral-cluster-versions stepaction
+
+This StepAction queries the EaaS hub cluster used to provision ephemeral clusters for testing. It returns a list of supported versions stored in a hypershift ConfigMap.
+
+## Parameters
+|name|description|default value|required|
+|---|---|---|---|
+|eaasSpaceSecretRef|Name of a secret containing credentials for accessing an EaaS space.||true|
+|insecureSkipTLSVerify|Skip TLS verification when accessing the EaaS hub cluster. This should not be set to "true" in a production environment.|false|false|
+
+## Results
+|name|description|
+|---|---|
+|versions|List of supported minor versions from newest to oldest. E.g. ["4.15","4.14","4.13"]|
+
@@ -0,0 +1,46 @@
+---
+apiVersion: tekton.dev/v1alpha1
+kind: StepAction
+metadata:
+  name: eaas-get-supported-ephemeral-cluster-versions
+spec:
+  description: >-
+    This StepAction queries the EaaS hub cluster used to provision ephemeral clusters for testing.
+    It returns a list of supported versions stored in a hypershift ConfigMap.
+  image: quay.io/redhat-appstudio/appstudio-utils@sha256:586149e3f18d966f681d956ab074b4e1d8433663d615ed86e19a3804ba952dfe
+  params:
+    - name: eaasSpaceSecretRef
+      type: string
+      description: Name of a secret containing credentials for accessing an EaaS space.
+    - name: insecureSkipTLSVerify
+      type: string
+      default: "false"
+      description: >-
+        Skip TLS verification when accessing the EaaS hub cluster.
+        This should not be set to "true" in a production environment.
+  env:
+    - name: INSECURE_SKIP_TLS_VERIFY
+      value: "$(params.insecureSkipTLSVerify)"
+    - name: KUBECONFIG
+      value: /tmp/kubeconfig
+    - name: KUBECONFIG_VALUE
+      valueFrom:
+        secretKeyRef:
+          name: $(params.eaasSpaceSecretRef)
+          key: kubeconfig
+  results:
+    - name: versions
+      type: array
+      description: List of supported minor versions from newest to oldest. E.g. ["4.15","4.14","4.13"]
+  script: |
+    #!/bin/bash
+    set -eo pipefail
+
+    trap 'rm -f "$KUBECONFIG"' EXIT
+    echo "$KUBECONFIG_VALUE" > $KUBECONFIG
+
+    OC=(oc --insecure-skip-tls-verify="$INSECURE_SKIP_TLS_VERIFY")
+    SV=$("${OC[@]}" get configmap supported-versions -n hypershift -o=jsonpath='{.data.supported-versions}')
+    VERSIONS=$(jq -c '.versions' <<< "$SV")
+    echo "Supported versions: $VERSIONS"
+    echo -n "$VERSIONS" > $(step.results.versions.path)
@@ -0,0 +1,8 @@
+# See the OWNERS docs: https://go.k8s.io/owners
+
+approvers:
+- amisstea
+- oamsalem
+- avi-biton
+- yftacherzog
+- hmariset