Skip to content

Commit

Permalink
[MVP] Jib-Maven
Browse files Browse the repository at this point in the history
  • Loading branch information
@Aneesh-M-Bhat
Aneesh-M-Bhat committed Dec 2, 2024
1 parent 258c2cf commit 489c467
Show file tree
Hide file tree
Showing 5 changed files with 142 additions and 4 deletions.
13 changes: 12 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,17 @@ E2E_MAVEN_PARAMS_SERVER_SECRET ?= secret-maven
E2E_MAVEN_PARAMS_PROXY_SECRET ?= secret-proxy-maven
E2E_MAVEN_PARAMS_PROXY_CONFIGMAP ?= config-proxy-maven

# container registry URL, usually hostname and port
REGISTRY_URL ?= registry.registry.svc.cluster.local:32222
# container registry namespace, as in the section of the registry allowed to push images
REGISTRY_NAMESPACE ?= task-containers
# base part of a fully qualified container image name
IMAGE_BASE ?= $(REGISTRY_URL)/$(REGISTRY_NAMESPACE)

E2E_JIB_MAVEN_IMAGE ?= docker.io/aneeshmbhat/tekton-maven:latest
E2E_JIB_MAVEN_IMAGE_TAG ?= task-jib-maven:latest

E2E_JIB_MAVEN_IMAGE ?= $(IMAGE_BASE)/${E2E_JIB_MAVEN_IMAGE_TAG}
# E2E_JIB_MAVEN_IMAGE ?= docker.io/aneeshmbhat/tekton-maven:latest

# generic arguments employed on most of the targets
ARGS ?=
Expand Down Expand Up @@ -126,6 +135,8 @@ test-e2e: E2E_TESTS = $(E2E_TEST_DIR)/*.bats
test-e2e: bats

.PHONY: test-e2e-jib
test-e2e-jib: REGISTRY_URL = image-registry.openshift-image-registry.svc.cluster.local:5000
test-e2e-jib: REGISTRY_NAMESPACE = $(shell oc project -q)
test-e2e-jib: prepare-e2e
test-e2e-jib: E2E_TESTS = $(E2E_TEST_DIR)/*-jib.bats
test-e2e-jib: bats
Expand Down
103 changes: 103 additions & 0 deletions jib-maven.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/maintainers: |
- name: OpenShift Pipeline task maintainers
email: [email protected]
artifacthub.io/provider: Red Hat
artifacthub.io/recommendations: |
- url: https://tekton.dev/
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"tekton.dev/v1","kind":"Task","metadata":{"annotations":{"artifacthub.io/category":"integration-delivery","artifacthub.io/maintainers":"- name: OpenShift Pipeline task maintainers\n email: [email protected]\n","artifacthub.io/provider":"Red Hat","artifacthub.io/recommendations":"- url: https://tekton.dev/\n","tekton.dev/categories":"containers","tekton.dev/pipelines.minVersion":"0.41.0","tekton.dev/tags":"containers"},"labels":{"app.kubernetes.io/version":"0.3.2"},"name":"jib-maven","namespace":"anebhat"},"spec":{"description":"This Task builds Java/Kotlin/Groovy/Scala source into a container image using Google's Jib tool. Jib works with Maven and Gradle projects, and this template is for Maven projects.","params":[{"description":"Name of the image to build","name":"IMAGE"},{"default":".","description":"The directory containing the app, relative to the source repository root","name":"DIRECTORY","type":"string"},{"default":"false","description":"Whether to allow insecure registry","name":"INSECUREREGISTRY","type":"string"},{"default":"service-ca.crt","description":"CA cert file name for insecure registry service","name":"CACERTFILE","type":"string"}],"results":[{"description":"Digest of the image just built.","name":"IMAGE_DIGEST"}],"stepTemplate":{"env":[{"name":"PARAMS_DIRECTORY","value":"$(params.DIRECTORY)"},{"name":"WORKSPACES_SOURCE_PATH","value":"$(workspaces.source.path)"},{"name":"WORKSPACES_SSLCERTDIR_PATH","value":"$(workspaces.sslcertdir.path)"},{"name":"WORKSPACES_DOCKERCONFIG_BOUND","value":"$(workspaces.dockerconfig.bound)"},{"name":"WORKSPACES_DOCKERCONFIG_PATH","value":"$(workspaces.dockerconfig.path)"},{"name":"PARAMS_CACERTFILE","value":"$(params.CACERTFILE)"},{"name":"PARAMS_INSECUREREGISTRY","value":"$(params.INSECUREREGISTRY)"},{"name":"PARAMS_IMAGE","value":"$(params.IMAGE)"},{"name":"RESULTS_IMAGE_DIGEST_PATH","value":"$(results.IMAGE_DIGEST.path)"}]},"steps":[{"env":[{"name":"HOME","value":"/tekton/home"}],"image":"registry.access.redhat.com/ubi8/openjdk-11:latest","name":"build-and-push","script":"set -e\nprintf '%s' \"IyEvYmluL2Jhc2gKCmRlY2xhcmUgLXJ4IERPQ0tFUl9DT05GSUc9IiR7V09SS1NQQUNFU19ET0NLRVJDT05GSUdfUEFUSH0iCgojIERlbGV0ZSB0aGUgdHJ1c3RzdG9yZSBjcmVhdGVkIG9uIGV4aXQKZnVuY3Rpb24gY2xlYW51cCB7CiAgICBybSAiJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyIKfQoKY2VydFBhcmFtcz0iIgoKaWYgW1sgLWYgIiR7V09SS1NQQUNFU19TU0xDRVJURElSX1BBVEh9LyR7UEFSQU1TX0NBQ0VSVEZJTEV9IiBdXTsgdGhlbgogICAgIyBjcmVhdGUgdGhlIHRydXN0c3RvcmUgd2l0aCBleGlzdGluZyBjZXJ0cyBhdmFpbGFibGUKICAgIGtleXRvb2wgLWltcG9ydGtleXN0b3JlIC1zcmNrZXlzdG9yZSAiJEpBVkFfSE9NRS9saWIvc2VjdXJpdHkvY2FjZXJ0cyIgLXNyY3N0b3JldHlwZSBKS1MgLWRlc3RrZXlzdG9yZSAiJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyIgLXN0b3JlcGFzcyAiY2hhbmdlaXQiIC1zcmNzdG9yZXBhc3MgImNoYW5nZWl0IiA+IC90bXAvbG9ncyAyPiYxCiAgICBpZiBbICQ/IC1uZSAwIF07IHRoZW4KICAgICAgICBjYXQgL3RtcC9sb2dzCiAgICAgICAgZXhpdCAxCiAgICBmaQogICAgIyBhZGQgeW91ciBjZXJ0cyB0byB0aGUgbmV3IHRydXN0c3RvcmUgY3JlYXRlZAogICAga2V5dG9vbCAtaW1wb3J0IC1rZXlzdG9yZSAiJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyIgLXN0b3JlcGFzcyAiY2hhbmdlaXQiIC1maWxlICIke1dPUktTUEFDRVNfU1NMQ0VSVERJUl9QQVRIfS8ke1BBUkFNU19DQUNFUlRGSUxFfSIgLW5vcHJvbXB0CiAgICAjIHBhc3MgdHJ1c3RzdG9yZSBkZXRhaWxzIHRvIHRoZSBtdm4gY29tbWFuZAogICAgY2VydFBhcmFtcz0iLURqYXZheC5uZXQuc3NsLnRydXN0U3RvcmU9JHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyAtRGphdmF4Lm5ldC5zc2wudHJ1c3RTdG9yZVBhc3N3b3JkPWNoYW5nZWl0IgogICAgIyBjbGVhbiB0cnVzdHN0b3JlIG9uIGV4aXQKICAgIHRyYXAgY2xlYW51cCBFWElUCmZpCgojIEJ1aWxkIGFuZCBwdXNoIHRoZSBpbWFnZQptdm4gLUIgXAogICAgLUR1c2VyLmhvbWU9IiRIT01FIiBcCiAgICAtRGppYi5hbGxvd0luc2VjdXJlUmVnaXN0cmllcz0iJHtQQVJBTVNfSU5TRUNVUkVSRUdJU1RSWX0iIFwKICAgIC1EamliLnRvLmltYWdlPSIke1BBUkFNU19JTUFHRX0iIFwKICAgICRjZXJ0UGFyYW1zIFwKICAgIGNvbXBpbGUgXAogICAgY29tLmdvb2dsZS5jbG91ZC50b29sczpqaWItbWF2ZW4tcGx1Z2luOmJ1aWxkCgpjYXQgJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS8ke1BBUkFNU19ESVJFQ1RPUll9L3RhcmdldC9qaWItaW1hZ2UuZGlnZXN0IHwgdGVlICR7UkVTVUxUU19JTUFHRV9ESUdFU1RfUEFUSH0=\" |base64 -d \u003e\"/scripts/jib-maven-build-and-push.sh\"\nchmod +x /scripts/jib-*.sh;echo \"Running Script /scripts/jib-maven-build-and-push.sh\";\n /scripts/jib-maven-build-and-push.sh;\n","securityContext":{"runAsNonRoot":true,"runAsUser":65532},"volumeMounts":[{"mountPath":"/scripts","name":"scripts-dir"}],"workingDir":"$(workspaces.source.path)/$(params.DIRECTORY)"}],"volumes":[{"emptyDir":{},"name":"empty-dir-volume"},{"emptyDir":{},"name":"scripts-dir"}],"workspaces":[{"description":"The workspace consisting of maven project.","name":"source","optional":false},{"description":"The workspace containing SSL certificates.","name":"sslcertdir","optional":true},{"description":"The workspace containing Docker configuration.","name":"dockerconfig","optional":true}]}}
tekton.dev/categories: containers
tekton.dev/pipelines.minVersion: 0.41.0
tekton.dev/tags: containers
creationTimestamp: "2024-11-21T05:06:44Z"
generation: 1
labels:
app.kubernetes.io/version: 0.3.2
name: jib-maven
namespace: anebhat
resourceVersion: "58176"
uid: 61f6bf72-3b5f-445a-95e3-a12343f8d973
spec:
description: This Task builds Java/Kotlin/Groovy/Scala source into a container image
using Google's Jib tool. Jib works with Maven and Gradle projects, and this template
is for Maven projects.
params:
- description: Name of the image to build
name: IMAGE
type: string
- default: .
description: The directory containing the app, relative to the source repository
root
name: DIRECTORY
type: string
- default: "false"
description: Whether to allow insecure registry
name: INSECUREREGISTRY
type: string
- default: service-ca.crt
description: CA cert file name for insecure registry service
name: CACERTFILE
type: string
results:
- description: Digest of the image just built.
name: IMAGE_DIGEST
type: string
stepTemplate:
computeResources: {}
env:
- name: PARAMS_DIRECTORY
value: $(params.DIRECTORY)
- name: WORKSPACES_SOURCE_PATH
value: $(workspaces.source.path)
- name: WORKSPACES_SSLCERTDIR_PATH
value: $(workspaces.sslcertdir.path)
- name: WORKSPACES_DOCKERCONFIG_BOUND
value: $(workspaces.dockerconfig.bound)
- name: WORKSPACES_DOCKERCONFIG_PATH
value: $(workspaces.dockerconfig.path)
- name: PARAMS_CACERTFILE
value: $(params.CACERTFILE)
- name: PARAMS_INSECUREREGISTRY
value: $(params.INSECUREREGISTRY)
- name: PARAMS_IMAGE
value: $(params.IMAGE)
- name: RESULTS_IMAGE_DIGEST_PATH
value: $(results.IMAGE_DIGEST.path)
steps:
- computeResources: {}
env:
- name: HOME
value: /tekton/home
image: registry.access.redhat.com/ubi8/openjdk-11:latest
name: build-and-push
script: |
set -e
printf '%s' "IyEvYmluL2Jhc2gKCmRlY2xhcmUgLXJ4IERPQ0tFUl9DT05GSUc9IiR7V09SS1NQQUNFU19ET0NLRVJDT05GSUdfUEFUSH0iCgojIERlbGV0ZSB0aGUgdHJ1c3RzdG9yZSBjcmVhdGVkIG9uIGV4aXQKZnVuY3Rpb24gY2xlYW51cCB7CiAgICBybSAiJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyIKfQoKY2VydFBhcmFtcz0iIgoKaWYgW1sgLWYgIiR7V09SS1NQQUNFU19TU0xDRVJURElSX1BBVEh9LyR7UEFSQU1TX0NBQ0VSVEZJTEV9IiBdXTsgdGhlbgogICAgIyBjcmVhdGUgdGhlIHRydXN0c3RvcmUgd2l0aCBleGlzdGluZyBjZXJ0cyBhdmFpbGFibGUKICAgIGtleXRvb2wgLWltcG9ydGtleXN0b3JlIC1zcmNrZXlzdG9yZSAiJEpBVkFfSE9NRS9saWIvc2VjdXJpdHkvY2FjZXJ0cyIgLXNyY3N0b3JldHlwZSBKS1MgLWRlc3RrZXlzdG9yZSAiJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyIgLXN0b3JlcGFzcyAiY2hhbmdlaXQiIC1zcmNzdG9yZXBhc3MgImNoYW5nZWl0IiA+IC90bXAvbG9ncyAyPiYxCiAgICBpZiBbICQ/IC1uZSAwIF07IHRoZW4KICAgICAgICBjYXQgL3RtcC9sb2dzCiAgICAgICAgZXhpdCAxCiAgICBmaQogICAgIyBhZGQgeW91ciBjZXJ0cyB0byB0aGUgbmV3IHRydXN0c3RvcmUgY3JlYXRlZAogICAga2V5dG9vbCAtaW1wb3J0IC1rZXlzdG9yZSAiJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyIgLXN0b3JlcGFzcyAiY2hhbmdlaXQiIC1maWxlICIke1dPUktTUEFDRVNfU1NMQ0VSVERJUl9QQVRIfS8ke1BBUkFNU19DQUNFUlRGSUxFfSIgLW5vcHJvbXB0CiAgICAjIHBhc3MgdHJ1c3RzdG9yZSBkZXRhaWxzIHRvIHRoZSBtdm4gY29tbWFuZAogICAgY2VydFBhcmFtcz0iLURqYXZheC5uZXQuc3NsLnRydXN0U3RvcmU9JHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS90cnVzdHN0b3JlLmprcyAtRGphdmF4Lm5ldC5zc2wudHJ1c3RTdG9yZVBhc3N3b3JkPWNoYW5nZWl0IgogICAgIyBjbGVhbiB0cnVzdHN0b3JlIG9uIGV4aXQKICAgIHRyYXAgY2xlYW51cCBFWElUCmZpCgojIEJ1aWxkIGFuZCBwdXNoIHRoZSBpbWFnZQptdm4gLUIgXAogICAgLUR1c2VyLmhvbWU9IiRIT01FIiBcCiAgICAtRGppYi5hbGxvd0luc2VjdXJlUmVnaXN0cmllcz0iJHtQQVJBTVNfSU5TRUNVUkVSRUdJU1RSWX0iIFwKICAgIC1EamliLnRvLmltYWdlPSIke1BBUkFNU19JTUFHRX0iIFwKICAgICRjZXJ0UGFyYW1zIFwKICAgIGNvbXBpbGUgXAogICAgY29tLmdvb2dsZS5jbG91ZC50b29sczpqaWItbWF2ZW4tcGx1Z2luOmJ1aWxkCgpjYXQgJHtXT1JLU1BBQ0VTX1NPVVJDRV9QQVRIfS8ke1BBUkFNU19ESVJFQ1RPUll9L3RhcmdldC9qaWItaW1hZ2UuZGlnZXN0IHwgdGVlICR7UkVTVUxUU19JTUFHRV9ESUdFU1RfUEFUSH0=" |base64 -d >"/scripts/jib-maven-build-and-push.sh"
chmod +x /scripts/jib-*.sh;echo "Running Script /scripts/jib-maven-build-and-push.sh";
/scripts/jib-maven-build-and-push.sh;
securityContext:
runAsNonRoot: true
runAsUser: 65532
volumeMounts:
- mountPath: /scripts
name: scripts-dir
workingDir: $(workspaces.source.path)/$(params.DIRECTORY)
volumes:
- emptyDir: {}
name: empty-dir-volume
- emptyDir: {}
name: scripts-dir
workspaces:
- description: The workspace consisting of maven project.
name: source
- description: The workspace containing SSL certificates.
name: sslcertdir
optional: true
- description: The workspace containing Docker configuration.
name: dockerconfig
optional: true
3 changes: 1 addition & 2 deletions test/e2e/e2e-jib.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,9 @@ source ./test/helper/helper.sh
--param="URL=${E2E_MAVEN_PARAMS_URL}" \
--param="REVISION=${E2E_MAVEN_PARAMS_REVISION}" \
--param="VERBOSE=true" \
--param="IMAGE=${E2E_JIB_MAVEN_IMAGE}" \
--workspace="name=source,claimName=task-maven,subPath=source" \
--workspace="name=dockerconfig,secret=docker-config" \
--filename=test/e2e/resources/pipeline-maven-jib.yaml \
--filename=../pipeline-maven-jib.yaml \
--showlog
assert_success

Expand Down
25 changes: 25 additions & 0 deletions test/e2e/e2e-maven.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,28 @@ source ./test/helper/helper.sh
# assering the taskrun status, making sure all steps have been successful
assert_tekton_resource "pipelinerun" --partial '(Failed: 0, Cancelled 0), Skipped: 0'
}





run tkn pipeline start task-jib-maven \
--param="URL=${E2E_MAVEN_PARAMS_URL}" \
--param="REVISION=${E2E_MAVEN_PARAMS_REVISION}" \
--param="VERBOSE=true" \
--workspace="name=source,claimName=task-maven,subPath=source" \
--workspace="name=dockerconfig,secret=docker-config" \
--filename=../pipeline-maven-jib.yaml \
--showlog
assert_success

run tkn pipeline start task-jib-maven \
--param="URL=${E2E_MAVEN_PARAMS_URL}" \
--param="REVISION=${E2E_MAVEN_PARAMS_REVISION}" \
--param="VERBOSE=true" \
--param="IMAGE=${E2E_JIB_MAVEN_IMAGE}" \
--workspace="name=source,claimName=task-maven,subPath=source" \
--workspace="name=dockerconfig,secret=docker-config" \
--filename=test/e2e/resources/pipeline-maven-jib.yaml \
--showlog
assert_success
2 changes: 1 addition & 1 deletion test/e2e/resources/pipeline-maven-jib.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ spec:
- name: DIRECTORY
value: $(context.pipelineRun.name)
- name: INSECUREREGISTRY
value: "false"
value: "true"
- name: CACERTFILE
value: ""
runAfter:
Expand Down

0 comments on commit 489c467

Please sign in to comment.