Skip to content

Commit

Permalink
experimental/task-containers: Auto-update tekton tasks resources\n\nU…
Browse files Browse the repository at this point in the history 
…RL: https://github.com/openshift-pipelines/task-containers\nIgnoredVersions: v0.1.0
  • Loading branch information
@openshift-merge-bot
github-actions authored and openshift-merge-bot[bot] committed May 13, 2024
1 parent 9325c02 commit bb573bc
Show file tree
Hide file tree
Showing 20 changed files with 2,632 additions and 0 deletions.
76 changes: 76 additions & 0 deletions experimental/tasks/task-buildah/0.3.1/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
`Buildah` Tekton Task
-----------------------

# Abstract

The `buildah` Task is meant to build [OCI][OCI] container images without the requirement of container runtime daemon like Docker daemon using [Buildah][Buildah], the Task results contain the image name and the SHA256 image digest.

# Usage

Please, consider the usage example below:

```yaml
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata: {}
spec:
pipelineRef:
name: task-buildah
params:
- name: IMAGE
value: your-image-name
- name: TLS_VERIFY
value: true
- name: VERBOSE
value: false
workspaces:
- name: source
persistentVolumeClaim:
claimName: your-pvc-name
```
You'll need to replace `your-image-name` with the actual name of the image you want to build, and `your-pvc-name` with the name of the PersistentVolumeClaim where your source code is stored.
In case the Container Registry requires authentication, please consider the [Tekton Pipelines documentation][tektonPipelineAuth]. In a nutshell, you need to create a Kubernetes Secret describing the following attributes:

```bash
kubectl create secret docker-registry imagestreams \
--docker-server="image-registry.openshift-image-registry.svc:5000" \
--docker-username="${REGISTRY_USERNAME}" \
--docker-password="${REGISTRY_TOKEN}"
```

Then make sure the Secret is linked with the Service-Account running the `TaskRun`/`PipelineRun`.

## Workspace

| Name | Optional | Description |
| :------------ | :------------------------: | :--------------------------- |
| `source` | `false` | Container build context, like for instnace a application source code followed by a `Containerfile`. |


## Params

| Param | Type | Default | Description |
| :------------ | :------------------------: | :--------------------------- | :------------------------- |
| `IMAGE` | `string` | (required) | Fully qualified source container image name, including tag, to be built by buildah. |
| `CONTAINERFILE_PATH` | `string` | `Containerfile` | Path to the `Containerfile` (or `Dockerfile`) relative to the `source` workspace. |
| `TLS_VERIFY` | `string` | `true` | Sets the TLS verification flags, `true` is recommended. |
| `VERBOSE` | `string` | `false` | Shows a more verbose (debug) output. |
| `SUBDIRECTORY` | `string` | `.` | Relative subdirectory to the `source` Workspace for the build-context. |
| `STORAGE_DRIVER` | `string` | `overlay` | Set buildah storage driver to reflect the currrent cluster node's settings. |
| `BUILD_EXTRA_ARGS` | `string` | `` | Extra parameters passed for the build command when building images. |
| `PUSH_EXTRA_ARGS` | `string` | `` | Extra parameters passed for the push command when pushing images. |
| `SKIP_PUSH` | `string` | `false` | Skip pushing the image to the container registry. |


## Results

| Result | Description |
| :------------ | :------------------------- |
| `IMAGE_URL` | Fully qualified image name. |
| `IMAGE_DIGEST` | SHA256 digest of the image just built. |

[tektonPipelineAuth]: https://tekton.dev/docs/pipelines/auth/#configuring-docker-authentication-for-docker
[Buildah]: https://github.com/containers/buildah
[OCI]: https://opencontainers.org/

171 changes: 171 additions & 0 deletions experimental/tasks/task-buildah/0.3.1/task-buildah.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,171 @@
---
# Source: task-containers/templates/task-buildah.yaml
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: buildah
labels:
app.kubernetes.io/version: 0.3.1
annotations:
tekton.dev/source: "https://github.com/openshift-pipelines/task-containers"
artifacthub.io/category: integration-delivery
artifacthub.io/maintainers: |
- name: OpenShift Pipeline task maintainers
email: [email protected]
artifacthub.io/provider: Red Hat
artifacthub.io/recommendations: |
- url: https://tekton.dev/
tekton.dev/categories: containers
tekton.dev/pipelines.minVersion: 0.41.0
tekton.dev/tags: containers
spec:
description: |
Buildah task builds source into a container image and
then pushes it to a container registry.
workspaces:
- name: source
optional: false
description: |
Container build context, like for instnace a application source code
followed by a `Dockerfile`.
- name: dockerconfig
description: >-
An optional workspace that allows providing a .docker/config.json file
for Buildah to access the container registry.
The file should be placed at the root of the Workspace with name config.json
or .dockerconfigjson.
optional: true
- name: rhel-entitlement
description: >-
An optional workspace that allows providing the entitlement keys
for Buildah to access subscription. The mounted workspace contains
entitlement.pem and entitlement-key.pem.
optional: true
mountPath: /tmp/entitlement
params:
- name: IMAGE
type: string
description: |
Fully qualified container image name to be built by buildah.
- name: DOCKERFILE
type: string
default: ./Dockerfile
description: |
Path to the `Dockerfile` (or `Containerfile`) relative to the `source` workspace.
- name: CONTEXT
type: string
default: "."
description: |
Path to the directory to use as context.
- name: STORAGE_DRIVER
type: string
default: vfs
description: |
Set buildah storage driver to reflect the currrent cluster node's
settings.
- name: FORMAT
description: The format of the built container, oci or docker
default: "oci"
- name: BUILD_EXTRA_ARGS
type: string
default: ""
description: |
Extra parameters passed for the build command when building images.
- name: PUSH_EXTRA_ARGS
type: string
default: ""
description: |
Extra parameters passed for the push command when pushing images.
- name: SKIP_PUSH
default: "false"
description: |
Skip pushing the image to the container registry.
- name: TLS_VERIFY
type: string
default: "true"
description: |
Sets the TLS verification flag, `true` is recommended.
- name: VERBOSE
type: string
default: "false"
description: |
Turns on verbose logging, all commands executed will be printed out.
results:
- name: IMAGE_URL
description: |
Fully qualified image name.
- name: IMAGE_DIGEST
description: |
Digest of the image just built.
stepTemplate:
env:

- name: PARAMS_IMAGE
value: "$(params.IMAGE)"
- name: PARAMS_CONTEXT
value: "$(params.CONTEXT)"
- name: PARAMS_DOCKERFILE
value: "$(params.DOCKERFILE)"
- name: PARAMS_FORMAT
value: "$(params.FORMAT)"
- name: PARAMS_STORAGE_DRIVER
value: "$(params.STORAGE_DRIVER)"
- name: PARAMS_BUILD_EXTRA_ARGS
value: "$(params.BUILD_EXTRA_ARGS)"
- name: PARAMS_PUSH_EXTRA_ARGS
value: "$(params.PUSH_EXTRA_ARGS)"
- name: PARAMS_SKIP_PUSH
value: "$(params.SKIP_PUSH)"
- name: PARAMS_TLS_VERIFY
value: "$(params.TLS_VERIFY)"
- name: PARAMS_VERBOSE
value: "$(params.VERBOSE)"
- name: WORKSPACES_SOURCE_BOUND
value: "$(workspaces.source.bound)"
- name: WORKSPACES_SOURCE_PATH
value: "$(workspaces.source.path)"
- name: WORKSPACES_DOCKERCONFIG_BOUND
value: "$(workspaces.dockerconfig.bound)"
- name: WORKSPACES_DOCKERCONFIG_PATH
value: "$(workspaces.dockerconfig.path)"
- name: WORKSPACES_RHEL_ENTITLEMENT_BOUND
value: "$(workspaces.rhel-entitlement.bound)"
- name: WORKSPACES_RHEL_ENTITLEMENT_PATH
value: "$(workspaces.rhel-entitlement.path)"
- name: RESULTS_IMAGE_URL_PATH
value: "$(results.IMAGE_URL.path)"
- name: RESULTS_IMAGE_DIGEST_PATH
value: "$(results.IMAGE_DIGEST.path)"

steps:
- name: load-scripts
image: registry.access.redhat.com/ubi8-minimal:8.9
workingDir: /scripts
script: |
set -e
printf '%s' "IyEvdXNyL2Jpbi9lbnYgYmFzaAojCiMgV3JhcHBlciBhcm91bmQgImJ1aWxkYWggYnVkIiB0byBidWlsZCBhbmQgcHVzaCBhIGNvbnRhaW5lciBpbWFnZSBiYXNlZCBvbiBhIERvY2tlcmZpbGUuCiMKCnNob3B0IC1zIGluaGVyaXRfZXJyZXhpdApzZXQgLWV1IC1vIHBpcGVmYWlsCgpzb3VyY2UgIiQoZGlybmFtZSAke0JBU0hfU09VUkNFWzBdfSkvY29tbW9uLnNoIgpzb3VyY2UgIiQoZGlybmFtZSAke0JBU0hfU09VUkNFWzBdfSkvYnVpbGRhaC1jb21tb24uc2giCgpmdW5jdGlvbiBfYnVpbGRhaCgpIHsKICAgIGJ1aWxkYWggXAogICAgICAgIC0tc3RvcmFnZS1kcml2ZXI9IiR7UEFSQU1TX1NUT1JBR0VfRFJJVkVSfSIgXAogICAgICAgIC0tdGxzLXZlcmlmeT0iJHtQQVJBTVNfVExTX1ZFUklGWX0iIFwKICAgICAgICAkeyp9Cn0KCiMKIyBQcmVwYXJlCiMKCiMgbWFraW5nIHN1cmUgdGhlIHJlcXVpcmVkIHdvcmtzcGFjZSAic291cmNlIiBpcyBib3VuZGVkLCB3aGljaCBtZWFucyBpdHMgdm9sdW1lIGlzIGN1cnJlbnRseSBtb3VudGVkCiMgYW5kIHJlYWR5IHRvIHVzZQpwaGFzZSAiSW5zcGVjdGluZyBzb3VyY2Ugd29ya3NwYWNlICcke1dPUktTUEFDRVNfU09VUkNFX1BBVEh9JyAoUFdEPScke1BXRH0nKSIKW1sgIiR7V09SS1NQQUNFU19TT1VSQ0VfQk9VTkR9IiAhPSAidHJ1ZSIgXV0gJiYKICAgIGZhaWwgIldvcmtzcGFjZSAnc291cmNlJyBpcyBub3QgYm91bmRlZCIKCnBoYXNlICJBc3NlcnRpbmcgdGhlIGRvY2tlcmZpbGUvY29udGFpbmVyZmlsZSAnJHtET0NLRVJGSUxFX0ZVTEx9JyBleGlzdHMiCltbICEgLWYgIiR7RE9DS0VSRklMRV9GVUxMfSIgXV0gJiYKICAgIGZhaWwgIkRvY2tlcmZpbGUgbm90IGZvdW5kIGF0OiAnJHtET0NLRVJGSUxFX0ZVTEx9JyIKCnBoYXNlICJJbnNwZWN0aW5nIGNvbnRleHQgJyR7UEFSQU1TX0NPTlRFWFR9JyIKW1sgISAtZCAiJHtQQVJBTVNfQ09OVEVYVH0iIF1dICYmCiAgICBmYWlsICJDT05URVhUIHBhcmFtIGlzIG5vdCBmb3VuZCBhdCAnJHtQQVJBTVNfQ09OVEVYVH0nLCBvbiBzb3VyY2Ugd29ya3NwYWNlIgoKIyBIYW5kbGUgb3B0aW9uYWwgZG9ja2VyY29uZmlnIHNlY3JldAppZiBbWyAiJHtXT1JLU1BBQ0VTX0RPQ0tFUkNPTkZJR19CT1VORH0iID09ICJ0cnVlIiBdXTsgdGhlbgoKICAgICMgaWYgY29uZmlnLmpzb24gZXhpc3RzIGF0IHdvcmtzcGFjZSByb290LCB3ZSB1c2UgdGhhdAogICAgaWYgdGVzdCAtZiAiJHtXT1JLU1BBQ0VTX0RPQ0tFUkNPTkZJR19QQVRIfS9jb25maWcuanNvbiI7IHRoZW4KICAgICAgICBleHBvcnQgRE9DS0VSX0NPTkZJRz0iJHtXT1JLU1BBQ0VTX0RPQ0tFUkNPTkZJR19QQVRIfSIKCiAgICAgICAgIyBlbHNlIHdlIGxvb2sgZm9yIC5kb2NrZXJjb25maWdqc29uIGF0IHRoZSByb290CiAgICBlbGlmIHRlc3QgLWYgIiR7V09SS1NQQUNFU19ET0NLRVJDT05GSUdfUEFUSH0vLmRvY2tlcmNvbmZpZ2pzb24iOyB0aGVuCiAgICAgICAgIyBlbnN1cmUgLmRvY2tlciBleGlzdCBiZWZvcmUgdGhlIGNvcHlpbmcgdGhlIGNvbnRlbnQKICAgICAgICBpZiBbICEgLWQgIiRIT01FLy5kb2NrZXIiIF07IHRoZW4KICAgICAgICAgICBta2RpciAtcCAiJEhPTUUvLmRvY2tlciIKICAgICAgICBmaQogICAgICAgIGNwICIke1dPUktTUEFDRVNfRE9DS0VSQ09ORklHX1BBVEh9Ly5kb2NrZXJjb25maWdqc29uIiAiJEhPTUUvLmRvY2tlci9jb25maWcuanNvbiIKICAgICAgICBleHBvcnQgRE9DS0VSX0NPTkZJRz0iJEhPTUUvLmRvY2tlciIKCiAgICAgICAgIyBuZWVkIHRvIGVycm9yIG91dCBpZiBuZWl0aGVyIGZpbGVzIGFyZSBwcmVzZW50CiAgICBlbHNlCiAgICAgICAgZWNobyAibmVpdGhlciAnY29uZmlnLmpzb24nIG5vciAnLmRvY2tlcmNvbmZpZ2pzb24nIGZvdW5kIGF0IHdvcmtzcGFjZSByb290IgogICAgICAgIGV4aXQgMQogICAgZmkKZmkKCkVOVElUTEVNRU5UX1ZPTFVNRT0iIgppZiBbWyAiJHtXT1JLU1BBQ0VTX1JIRUxfRU5USVRMRU1FTlRfQk9VTkR9IiA9PSAidHJ1ZSIgXV07IHRoZW4KICAgIEVOVElUTEVNRU5UX1ZPTFVNRT0iLS12b2x1bWUgJHtXT1JLU1BBQ0VTX1JIRUxfRU5USVRMRU1FTlRfUEFUSH06L2V0Yy9wa2kvZW50aXRsZW1lbnQiCmZpCgojCiMgQnVpbGQKIwoKcGhhc2UgIkJ1aWxkaW5nICcke1BBUkFNU19JTUFHRX0nIGJhc2VkIG9uICcke0RPQ0tFUkZJTEVfRlVMTH0nIgoKW1sgLW4gIiR7UEFSQU1TX0JVSUxEX0VYVFJBX0FSR1N9IiBdXSAmJgogICAgcGhhc2UgIkV4dHJhICdidWlsZGFoIGJ1ZCcgYXJndW1lbnRzIGluZm9ybWVkOiAnJHtQQVJBTVNfQlVJTERfRVhUUkFfQVJHU30nIgoKX2J1aWxkYWggYnVkICR7UEFSQU1TX0JVSUxEX0VYVFJBX0FSR1N9IFwKICAgICRFTlRJVExFTUVOVF9WT0xVTUUgXAogICAgLS1uby1jYWNoZSBcCiAgICAtLWZpbGU9IiR7RE9DS0VSRklMRV9GVUxMfSIgXAogICAgLS10YWc9IiR7UEFSQU1TX0lNQUdFfSIgXAogICAgJHtQQVJBTVNfQ09OVEVYVH0KCmlmIFtbICIke1BBUkFNU19TS0lQX1BVU0h9IiA9PSAidHJ1ZSIgXV07IHRoZW4KICAgIHBoYXNlICJTa2lwcGluZyBwdXNoaW5nICcke1BBUkFNU19JTUFHRX0nIHRvIHRoZSBjb250YWluZXIgcmVnaXN0cnkhIgogICAgZXhpdCAwCmZpCgojCiMgUHVzaAojCgpwaGFzZSAiUHVzaGluZyAnJHtQQVJBTVNfSU1BR0V9JyB0byB0aGUgY29udGFpbmVyIHJlZ2lzdHJ5IgoKW1sgLW4gIiR7UEFSQU1TX1BVU0hfRVhUUkFfQVJHU30iIF1dICYmCiAgICBwaGFzZSAiRXh0cmEgJ2J1aWxkYWggYnVkJyBhcmd1bWVudHMgaW5mb3JtZWQ6ICcke1BBUkFNU19QVVNIX0VYVFJBX0FSR1N9JyIKCiMgdGVtcG9yYXJ5IGZpbGUgdG8gc3RvcmUgdGhlIGltYWdlIGRpZ2VzdCwgaW5mb3JtYXRpb24gb25seSBvYnRhaW5lZCBhZnRlciBwdXNoaW5nIHRoZSBpbWFnZSB0byB0aGUKIyBjb250YWluZXIgcmVnaXN0cnkKZGVjbGFyZSAtciBkaWdlc3RfZmlsZT0iL3RtcC9idWlsZGFoLWRpZ2VzdC50eHQiCgpfYnVpbGRhaCBwdXNoICR7UEFSQU1TX1BVU0hfRVhUUkFfQVJHU30gXAogICAgLS1kaWdlc3RmaWxlPSIke2RpZ2VzdF9maWxlfSIgXAogICAgJHtQQVJBTVNfSU1BR0V9IFwKICAgIGRvY2tlcjovLyR7UEFSQU1TX0lNQUdFfQoKIwojIFJlc3VsdHMKIwoKcGhhc2UgIkluc3BlY3RpbmcgZGlnZXN0IHJlcG9ydCAoJyR7ZGlnZXN0X2ZpbGV9JykiCgpbWyAhIC1yICIke2RpZ2VzdF9maWxlfSIgXV0gJiYKICAgIGZhaWwgIlVuYWJsZSB0byBmaW5kIGRpZ2VzdC1maWxlIGF0ICcke2RpZ2VzdF9maWxlfSciCgpkZWNsYXJlIC1yIGRpZ2VzdF9zdW09IiQoY2F0ICR7ZGlnZXN0X2ZpbGV9KSIKCltbIC16ICIke2RpZ2VzdF9zdW19IiBdXSAmJgogICAgZmFpbCAiRGlnZXN0IGZpbGUgJyR7ZGlnZXN0X2ZpbGV9JyBpcyBlbXB0eSEiCgpwaGFzZSAiU3VjY2Vzc2Z1bHkgYnVpbHQgY29udGFpbmVyIGltYWdlICcke1BBUkFNU19JTUFHRX0nICgnJHtkaWdlc3Rfc3VtfScpIgplY2hvIC1uICIke1BBUkFNU19JTUFHRX0iIHwgdGVlICR7UkVTVUxUU19JTUFHRV9VUkxfUEFUSH0KZWNobyAtbiAiJHtkaWdlc3Rfc3VtfSIgfCB0ZWUgJHtSRVNVTFRTX0lNQUdFX0RJR0VTVF9QQVRIfQo=" |base64 -d >buildah-bud.sh
printf '%s' "IyEvdXNyL2Jpbi9lbnYgYmFzaAoKZGVjbGFyZSAtcnggUEFSQU1TX0lNQUdFPSIke1BBUkFNU19JTUFHRTotfSIKZGVjbGFyZSAtcnggUEFSQU1TX0RPQ0tFUkZJTEU9IiR7UEFSQU1TX0RPQ0tFUkZJTEU6LX0iCmRlY2xhcmUgLXJ4IFBBUkFNU19DT05URVhUPSIke1BBUkFNU19DT05URVhUOi19IgpkZWNsYXJlIC1yeCBQQVJBTVNfU1RPUkFHRV9EUklWRVI9IiR7UEFSQU1TX1NUT1JBR0VfRFJJVkVSOi19IgpkZWNsYXJlIC1yeCBQQVJBTVNfQlVJTERfRVhUUkFfQVJHUz0iJHtQQVJBTVNfQlVJTERfRVhUUkFfQVJHUzotfSIKZGVjbGFyZSAtcnggUEFSQU1TX1BVU0hfRVhUUkFfQVJHUz0iJHtQQVJBTVNfUFVTSF9FWFRSQV9BUkdTOi19IgpkZWNsYXJlIC1yeCBQQVJBTVNfU0tJUF9QVVNIPSIke1BBUkFNU19TS0lQX1BVU0g6LX0iCmRlY2xhcmUgLXJ4IFBBUkFNU19UTFNfVkVSSUZZPSIke1BBUkFNU19UTFNfVkVSSUZZOi19IgpkZWNsYXJlIC1yeCBQQVJBTVNfVkVSQk9TRT0iJHtQQVJBTVNfVkVSQk9TRTotfSIKCmRlY2xhcmUgLXJ4IFdPUktTUEFDRVNfU09VUkNFX1BBVEg9IiR7V09SS1NQQUNFU19TT1VSQ0VfUEFUSDotfSIKZGVjbGFyZSAtcnggV09SS1NQQUNFU19TT1VSQ0VfQk9VTkQ9IiR7V09SS1NQQUNFU19TT1VSQ0VfQk9VTkQ6LX0iCmRlY2xhcmUgLXJ4IFdPUktTUEFDRVNfRE9DS0VSQ09ORklHX1BBVEg9IiR7V09SS1NQQUNFU19ET0NLRVJDT05GSUdfUEFUSDotfSIKZGVjbGFyZSAtcnggV09SS1NQQUNFU19ET0NLRVJDT05GSUdfQk9VTkQ9IiR7V09SS1NQQUNFU19ET0NLRVJDT05GSUdfQk9VTkQ6LX0iCmRlY2xhcmUgLXJ4IFdPUktTUEFDRVNfUkhFTF9FTlRJVExFTUVOVF9QQVRIPSIke1dPUktTUEFDRVNfUkhFTF9FTlRJVExFTUVOVF9QQVRIOi19IgpkZWNsYXJlIC1yeCBXT1JLU1BBQ0VTX1JIRUxfRU5USVRMRU1FTlRfQk9VTkQ9IiR7V09SS1NQQUNFU19SSEVMX0VOVElUTEVNRU5UX0JPVU5EOi19IgoKZGVjbGFyZSAtcnggUkVTVUxUU19JTUFHRV9ESUdFU1RfUEFUSD0iJHtSRVNVTFRTX0lNQUdFX0RJR0VTVF9QQVRIOi19IgpkZWNsYXJlIC1yeCBSRVNVTFRTX0lNQUdFX1VSTF9QQVRIPSIke1JFU1VMVFNfSU1BR0VfVVJMX1BBVEg6LX0iCgojCiMgRG9ja2VyZmlsZQojCgojIGV4cG9zaW5nIHRoZSBmdWxsIHBhdGggdG8gdGhlIGNvbnRhaW5lciBmaWxlLCB3aGljaCBieSBkZWZhdWx0IHNob3VsZCBiZSByZWxhdGl2ZSB0byB0aGUgcHJpbWFyeQojIHdvcmtzcGFjZSwgdG8gcmVjZWl2ZSBhIGRpZmZlcmVudCBjb250YWluZXItZmlsZSBsb2NhdGlvbgpkZWNsYXJlIC1yIGRvY2tlcmZpbGVfb25fd3M9IiR7V09SS1NQQUNFU19TT1VSQ0VfUEFUSH0vJHtQQVJBTVNfRE9DS0VSRklMRX0iCmRlY2xhcmUgLXggRE9DS0VSRklMRV9GVUxMPSIke0RPQ0tFUkZJTEVfRlVMTDotJHtkb2NrZXJmaWxlX29uX3dzfX0iCgojCiMgQXNzZXJ0aW5nIEVudmlyb25tZW50CiMKCltbIC16ICIke0RPQ0tFUkZJTEVfRlVMTH0iIF1dICYmCiAgICBmYWlsICJ1bmFibGUgdG8gZmluZCB0aGUgRG9ja2VyZmlsZSwgRE9DS0VSRklMRSBtYXkgaGF2ZSBhbiBpbmNvcnJlY3QgbG9jYXRpb24iCgpleHBvcnRlZF9vcl9mYWlsIFwKICAgIFdPUktTUEFDRVNfU09VUkNFX1BBVEggXAogICAgUEFSQU1TX0lNQUdFCgojCiMgVmVyYm9zZSBPdXRwdXQKIwoKaWYgW1sgIiR7UEFSQU1TX1ZFUkJPU0V9IiA9PSAidHJ1ZSIgXV07IHRoZW4KICAgIHNldCAteApmaQo=" |base64 -d >buildah-common.sh
printf '%s' "IyEvdXNyL2Jpbi9lbnYgYmFzaAoKIyB0ZWt0b24ncyBob21lIGRpcmVjdG9yeQpkZWNsYXJlIC1yeCBURUtUT05fSE9NRT0iJHtURUtUT05fSE9NRTotL3Rla3Rvbi9ob21lfSIKCiMKIyBGdW5jdGlvbnMKIwoKZnVuY3Rpb24gZmFpbCgpIHsKICAgIGVjaG8gIkVSUk9SOiAkeyp9IiAyPiYxCiAgICBleGl0IDEKfQoKZnVuY3Rpb24gcGhhc2UoKSB7CiAgICBlY2hvICItLS0+IFBoYXNlOiAkeyp9Li4uIgp9CgojIGFzc2VydCBsb2NhbCB2YXJpYWJsZXMgYXJlIGV4cG9yZXRlZCBvbiB0aGUgZW52aXJvbm1lbnQKZnVuY3Rpb24gZXhwb3J0ZWRfb3JfZmFpbCgpIHsKICAgIGRlY2xhcmUgLWEgX3JlcXVpcmVkX3ZhcnM9IiR7QH0iCgogICAgZm9yIHYgaW4gJHtfcmVxdWlyZWRfdmFyc1tAXX07IGRvCiAgICAgICAgW1sgLXogIiR7IXZ9IiBdXSAmJgogICAgICAgICAgICBmYWlsICInJHt2fScgZW52aXJvbm1lbnQgdmFyaWFibGUgaXMgbm90IHNldCEiCiAgICBkb25lCgogICAgcmV0dXJuIDAKfQo=" |base64 -d >common.sh
chmod +x buildah-*.sh
volumeMounts:
- name: scripts-dir
mountPath: /scripts

- name: build
image: registry.access.redhat.com/ubi8/buildah:8.9
workingDir: /workspace/source
command:
- /scripts/buildah-bud.sh
securityContext:
capabilities:
add: ["SETFCAP"]
volumeMounts:
- name: scripts-dir
mountPath: /scripts

volumes:
- name: scripts-dir
emptyDir: {}
Loading

0 comments on commit bb573bc

Please sign in to comment.