diff --git a/Dockerfile b/Dockerfile index 66fee3056..891330cef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM registry.access.redhat.com/ubi9/go-toolset:1.22.5-1731639025@sha256:45170b6e45114849b5d2c0e55d730ffa4a709ddf5f58b9e810548097b085e78f as builder +FROM registry.access.redhat.com/ubi9/go-toolset:1.22.7-1733160835@sha256:e8e961aebb9d3acedcabb898129e03e6516b99244eb64330e5ca599af9c7aa3d as builder # Copy the Go Modules manifests COPY go.mod go.mod diff --git a/deploy/pipeline/mw-pipeline-v0.1.yaml b/deploy/pipeline/mw-pipeline-v0.1.yaml new file mode 100644 index 000000000..01e926cb8 --- /dev/null +++ b/deploy/pipeline/mw-pipeline-v0.1.yaml @@ -0,0 +1,163 @@ +apiVersion: tekton.dev/v1 +kind: Pipeline +metadata: + name: mw-pipeline +spec: + params: + - name: QUAY_REPO + type: string + - name: URL + description: Repository URL to clone from + type: string + - name: REVISION + description: 'Revision to checkout. (branch, tag, sha, ref, etc...)' + type: string + default: main + - name: BUILD_SCRIPT + description: 'The build script to embed with the Containerfile' + type: string + default: | + date + - name: RECIPE_IMAGE + type: string + - name: BUILD_TOOL + type: string + - name: BUILD_TOOL_VERSION + type: string + - name: JAVA_VERSION + type: string + - name: MVN_REPO_DEPLOY_URL + description: Maven repository to deploy to + type: string + default: http://indyhost/ #TODO remove default + - name: MVN_REPO_DEPENDENCIES_URL + description: Maven repository to get dependencies from + type: string + - name: ACCESS_TOKEN + type: string + - name: BUILD_ID + type: string + - name: caTrustConfigMapName + type: string + - name: ENABLE_INDY_PROXY + type: string + - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE + type: string + workspaces: + - name: source + description: Workspace containing the source code + # - name: ssh-directory + # configMap: + # name: ssh-directory + tasks: + - name: git-clone + params: + - name: url + value: $(params.URL) + - name: revision + value: $(params.REVISION) + - name: verbose + value: 'true' + taskRef: + resolver: bundles + params: + - name: name + value: git-clone + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-git-clone:0.1 + - name: kind + value: task + workspaces: + - name: output + workspace: source + # - name: ssh-directory + # workspace: ssh-directory + - name: pre-build + runAfter: + - git-clone + params: + - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE + value: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) + - name: IMAGE_URL + value: $(params.QUAY_REPO):trusted-source-$(context.pipelineRun.name) + - name: NAME + value: $(context.pipelineRun.name) + - name: RECIPE_IMAGE + value: $(params.RECIPE_IMAGE) + - name: BUILD_TOOL + value: $(params.BUILD_TOOL) + - name: BUILD_TOOL_VERSION + value: $(params.BUILD_TOOL_VERSION) + - name: JAVA_VERSION + value: $(params.JAVA_VERSION) + - name: BUILD_SCRIPT + value: $(params.BUILD_SCRIPT) + # TODO: Below is needed for deploy-pre-build-source step and could be skipped if its removed. + - name: SCM_URL + value: $(params.URL) + - name: SCM_HASH + value: $(params.REVISION) + taskRef: + resolver: http + params: + - name: url + value: https://raw.githubusercontent.com/rnc/jvm-build-service/refs/heads/NCL8774/deploy/tasks/pre-build.yaml + workspaces: + - name: source + workspace: source + + - name: buildah-oci-ta + runAfter: + - pre-build + params: + - name: SOURCE_ARTIFACT + value: $(tasks.pre-build.results.PRE_BUILD_IMAGE_DIGEST) + - name: HERMETIC + value: "false" + - name: IMAGE # output image + value: $(params.QUAY_REPO):build-$(context.pipelineRun.name) + - name: DOCKERFILE # local path to the containerfile + value: .jbs/Containerfile + - name: caTrustConfigMapName + value: $(params.caTrustConfigMapName) + - name: ENABLE_INDY_PROXY + value: $(params.ENABLE_INDY_PROXY) + - name: BUILD_ARGS #TODO this should be baked in the OCI source image only a ACCESS_TOKEN should be passed + value: + - PROXY_URL=$(params.MVN_REPO_DEPENDENCIES_URL) + - BUILD_ID=$(params.BUILD_ID) + - ACCESS_TOKEN=$(params.ACCESS_TOKEN) + taskRef: + #resolver: bundles + #params: + # - name: name + # value: buildah-oci-ta + # - name: bundle + # value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.2 + # - name: kind + # value: task + + resolver: http + params: + - name: url + value: https://raw.githubusercontent.com/rnc/jvm-build-service/refs/heads/NCL8774/deploy/tasks/buildah-oci-ta.yaml + + - name: maven-deployment + runAfter: + - buildah-oci-ta + params: + - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE + value: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) + - name: IMAGE_URL + value: $(tasks.buildah-oci-ta.results.IMAGE_URL) + - name: IMAGE_DIGEST + value: $(tasks.buildah-oci-ta.results.IMAGE_DIGEST) + - name: MVN_REPO + value: $(params.MVN_REPO_DEPLOY_URL) + - name: ACCESS_TOKEN + value: $(params.ACCESS_TOKEN) + taskRef: + resolver: http + params: + - name: url + value: https://raw.githubusercontent.com/rnc/jvm-build-service/refs/heads/NCL8774/deploy/tasks/maven-deployment.yaml diff --git a/deploy/tasks/README.md b/deploy/tasks/README.md new file mode 100644 index 000000000..c7505677c --- /dev/null +++ b/deploy/tasks/README.md @@ -0,0 +1,22 @@ + + +# Task Definitions + +Note that while `pre-build.yaml` and `maven-deployment.yaml` are created by our team the `buildah-oci-yaml` is a temporary copy from https://github.com/konflux-ci/build-definitions/blob/main/task/buildah-oci-ta/0.2/buildah-oci-ta.yaml. + + +## buildah-oci-ta + +It should be base-lined to the most recent definition from Konflux build-definitions repository and then the following changes should be applied to that: + +### Indy Sidecar +Adds Indy configuration to the build: +* https://github.com/redhat-appstudio/jvm-build-service/blob/main/deploy/tasks/buildah-oci-ta.yaml#L134-L137 +* https://github.com/redhat-appstudio/jvm-build-service/blob/main/deploy/tasks/buildah-oci-ta.yaml#L170-L180 +* https://github.com/redhat-appstudio/jvm-build-service/blob/main/deploy/tasks/buildah-oci-ta.yaml#L737-L757 + + +### Trusted CA +Adds the trusted ca to the build: +* https://github.com/redhat-appstudio/jvm-build-service/blob/main/deploy/tasks/buildah-oci-ta.yaml#L504-L508 + diff --git a/deploy/tasks/maven-deployment.yaml b/deploy/tasks/maven-deployment.yaml index fef45a24b..b25d2a92f 100644 --- a/deploy/tasks/maven-deployment.yaml +++ b/deploy/tasks/maven-deployment.yaml @@ -29,6 +29,8 @@ spec: - name: MVN_PASSWORD description: Name of the secret holding the Maven repository password type: string + # https://github.com/tektoncd/pipeline/issues/8249 + default: "" - name: MVN_SERVER_ID description: Server identification in Maven settings. type: string @@ -66,7 +68,7 @@ spec: name: workdir steps: - name: restore-trusted-artifact - image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac + image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:52f1391e6f1c472fd10bb838f64fae2ed3320c636f536014978a5ddbdfc6b3af script: | echo "Restoring artifacts to workspace" URL=$IMAGE_URL diff --git a/deploy/tasks/pre-build.yaml b/deploy/tasks/pre-build.yaml index 1baf706cc..717b2da8f 100644 --- a/deploy/tasks/pre-build.yaml +++ b/deploy/tasks/pre-build.yaml @@ -57,7 +57,8 @@ spec: - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE description: Name of the processor image. Useful to override for development. type: string - default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest" + default: "quay.io/ncross/hacbs-jvm-build-request-processor:latest" + # default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest" results: - name: PRE_BUILD_IMAGE_DIGEST description: Digest of the image just built @@ -115,7 +116,7 @@ spec: - --git-disable-ssl-verification=$(params.GIT_SSL_VERIFICATION) - --git-reuse-repository=$(params.GIT_REUSE_REPOSITORY) - name: create-pre-build-image - image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:81c4864dae6bb11595f657be887e205262e70086a05ed16ada827fd6391926ac + image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:52f1391e6f1c472fd10bb838f64fae2ed3320c636f536014978a5ddbdfc6b3af script: | echo "Creating pre-build-image archive" create-archive --store $(params.IMAGE_URL) $(results.PRE_BUILD_IMAGE_DIGEST.path)=$(workspaces.source.path)/source diff --git a/go.mod b/go.mod index b18deaed3..c98ad87c7 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/go-logr/logr v1.4.2 github.com/google/go-containerregistry v0.20.1 // indirect github.com/google/uuid v1.6.0 - github.com/konflux-ci/image-controller v0.0.0-20241106111942-98d78b2e0f48 + github.com/konflux-ci/image-controller v0.0.0-20241128141349-9986c9955e05 github.com/onsi/gomega v1.34.2 github.com/openshift/api v0.0.0-20220912161038-458ad9ca9ca5 // indirect github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142 diff --git a/go.sum b/go.sum index 96398dc73..18db6bd6a 100644 --- a/go.sum +++ b/go.sum @@ -284,8 +284,8 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= -github.com/konflux-ci/image-controller v0.0.0-20241106111942-98d78b2e0f48 h1:rSuqJEJfaWs6rucYuFxLVUcht04t5RFe1WFs5H9ZclI= -github.com/konflux-ci/image-controller v0.0.0-20241106111942-98d78b2e0f48/go.mod h1:a/94a7ohVwjq6/MayAi15Ylcahl+zzkAzVeVFak/PUQ= +github.com/konflux-ci/image-controller v0.0.0-20241128141349-9986c9955e05 h1:5Xawkybl99uEiXhkdkxWtHDWitgnf+kAjpNVTanVGRE= +github.com/konflux-ci/image-controller v0.0.0-20241128141349-9986c9955e05/go.mod h1:a/94a7ohVwjq6/MayAi15Ylcahl+zzkAzVeVFak/PUQ= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= diff --git a/java-components/build-request-processor/src/main/docker/Dockerfile.all-in-one b/java-components/build-request-processor/src/main/docker/Dockerfile.all-in-one index c825c959f..4c45473f2 100644 --- a/java-components/build-request-processor/src/main/docker/Dockerfile.all-in-one +++ b/java-components/build-request-processor/src/main/docker/Dockerfile.all-in-one @@ -5,7 +5,7 @@ COPY ./ . RUN mvn -V -B package -pl build-request-processor -am -Dmaven.test.skip -FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:c1bf8370627eaed6711ea22915b476d4216517c35c8f8268c0d39ed983bceaff +FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:0a8cf41082f11f5bc56bd9438851e54593e17051df49592e953fb59376c7d539 USER 0 WORKDIR /work/ diff --git a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java index 1cb356612..4c181422d 100644 --- a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java +++ b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java @@ -72,7 +72,6 @@ public void run() { } Log.warnf("### Using tool %s with version %s and javaHome %s", type, buildToolVersion, javaVersion); - Log.warnf("### ENV %s", System.getenv("jvm-build-service")); String javaHome; if (javaVersion.equals("7") || javaVersion.equals("8")) { @@ -151,14 +150,27 @@ public void run() { fi echo "PATH:$PATH" + update-ca-trust + + # Go through certificates and insert them into the cacerts + for cert in $(find /etc/pki/ca-trust/source/anchors -type f); do + echo "Inserting $cert into java cacerts" + keytool -import -alias $(basename $cert)-ca \\ + -file $cert \\ + -keystore /etc/pki/java/cacerts \\ + -storepass changeit --noprompt + done + # End of generic build script + + echo "Building the project ..." """; if (isNotEmpty(buildScript)) { // Now add in the build script from either JBS or PNC. This might contain e.g. "mvn -Pfoo install" runBuild += buildScript; } - Log.warnf("### runBuild is\n%s", runBuild); + Log.debugf("### runBuild is\n%s", runBuild); try { Path runBuildSh = Paths.get(jbsDirectory.toString(), "run-build.sh"); diff --git a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/maven/MavenPrepareCommand.java b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/maven/MavenPrepareCommand.java index 3ef199ef1..64db8adef 100644 --- a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/maven/MavenPrepareCommand.java +++ b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/maven/MavenPrepareCommand.java @@ -1,5 +1,7 @@ package com.redhat.hacbs.container.build.preprocessor.maven; +import static org.apache.commons.lang3.StringUtils.isNotEmpty; + import java.io.BufferedReader; import java.io.IOException; import java.nio.file.FileVisitResult; @@ -128,13 +130,14 @@ private boolean handlePlugins(List plugins, boolean topLevel) if (disabledPlugins != null) { for (String s : disabledPlugins) { - String[] ga = s.split(":"); + if (isNotEmpty(s)) { + String[] ga = s.split(":"); - if (ga.length != 2) { - throw new IOException("Error parsing groupId/artifactId: " + s); + if (ga.length != 2) { + throw new IOException("Error parsing groupId/artifactId: " + s); + } + toRemove.add(new PluginInfo(ga[0], ga[1])); } - - toRemove.add(new PluginInfo(ga[0], ga[1])); } } diff --git a/java-components/cache/src/main/docker/Dockerfile.all-in-one b/java-components/cache/src/main/docker/Dockerfile.all-in-one index d47df4e2c..4fba98bf6 100644 --- a/java-components/cache/src/main/docker/Dockerfile.all-in-one +++ b/java-components/cache/src/main/docker/Dockerfile.all-in-one @@ -7,7 +7,7 @@ RUN mkdir -p /work/cache/target/classes RUN mvn -V -B package -pl cache -am -Dmaven.test.skip -FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:c1bf8370627eaed6711ea22915b476d4216517c35c8f8268c0d39ed983bceaff +FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:0a8cf41082f11f5bc56bd9438851e54593e17051df49592e953fb59376c7d539 USER 0 WORKDIR /work/ diff --git a/java-components/cli/pom.xml b/java-components/cli/pom.xml index 7d7d7ff6f..cdaf8954a 100644 --- a/java-components/cli/pom.xml +++ b/java-components/cli/pom.xml @@ -24,6 +24,12 @@ io.github.redhat-appstudio.jvmbuild hacbs-resource-model + + + io.github.redhat-appstudio.jvmbuild + driver + + info.picocli picocli-shell-jline2 @@ -102,10 +108,12 @@ com.github.stefanbirkner system-lambda + test org.wiremock wiremock + test diff --git a/java-components/cli/src/main/docker/Dockerfile.all-in-one b/java-components/cli/src/main/docker/Dockerfile.all-in-one index a0a8d4458..e1f30403c 100644 --- a/java-components/cli/src/main/docker/Dockerfile.all-in-one +++ b/java-components/cli/src/main/docker/Dockerfile.all-in-one @@ -1,11 +1,20 @@ FROM registry.access.redhat.com/ubi8/openjdk-21@sha256:5ab904e6262629fca79d6f65fa859bfa376405522d2f660bdbfaaae2742586f1 AS builder +USER root +RUN microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y git + +USER 185 WORKDIR /work COPY ./ . -RUN mvn -V -B package -pl cli -am -DskipTests +# Quarkus GitInfo causes injection failure if there isn't a git commit to use. +RUN git init && \ + git config user.email "HACBS@redhat.com" && \ + git config user.name "HACBS" && \ + git add cli && git commit -m "CLI" -a && \ + mvn -V -B package -pl cli -am -DskipTests -FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:c1bf8370627eaed6711ea22915b476d4216517c35c8f8268c0d39ed983bceaff +FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:0a8cf41082f11f5bc56bd9438851e54593e17051df49592e953fb59376c7d539 WORKDIR /work/ COPY --from=builder /work/cli/target/quarkus-app/lib/ /deployments/lib/ diff --git a/java-components/cli/src/main/java/com/redhat/hacbs/cli/MainCommand.java b/java-components/cli/src/main/java/com/redhat/hacbs/cli/MainCommand.java index 2ce8ca361..a500361ec 100644 --- a/java-components/cli/src/main/java/com/redhat/hacbs/cli/MainCommand.java +++ b/java-components/cli/src/main/java/com/redhat/hacbs/cli/MainCommand.java @@ -6,6 +6,7 @@ import com.redhat.hacbs.cli.artifacts.ArtifactCommand; import com.redhat.hacbs.cli.builds.BuildCommand; +import com.redhat.hacbs.cli.driver.DriverCommand; import com.redhat.hacbs.cli.rebuilt.RebuiltCommand; import com.redhat.hacbs.cli.settings.SetupCommand; @@ -20,7 +21,8 @@ ArtifactCommand.class, RebuiltCommand.class, SetupCommand.class, - DiagnosticCommand.class + DiagnosticCommand.class, + DriverCommand.class }) @Vetoed public class MainCommand { diff --git a/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/Base.java b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/Base.java new file mode 100644 index 000000000..1bb6412df --- /dev/null +++ b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/Base.java @@ -0,0 +1,43 @@ +package com.redhat.hacbs.cli.driver; + +import java.util.Optional; + +import org.eclipse.microprofile.config.inject.ConfigProperty; + +import picocli.CommandLine; + +public abstract class Base { + @CommandLine.Option(names = "-n", description = "Namespace", defaultValue = "pnc-devel-tenant") + String namespace; + + @CommandLine.Option(names = "-u", description = "URL", required = true) + String url; + + @CommandLine.Option(names = "-r", description = "Revision", required = true) + String revision; + + @CommandLine.Option(names = "-t", description = "Build Tool", required = true) + String buildTool; + + @CommandLine.Option(names = "--tool-version", description = "Tool Version", required = true) + String buildToolVersion; + + @CommandLine.Option(names = "-j", description = "Java Version", required = true) + String javaVersion; + + @CommandLine.Option(names = "-s", description = "Build Script", required = true) + String buildScript; + + @CommandLine.Option(names = "--deploy", description = "Deploy URL", required = true) + String deploy; + + @CommandLine.Option(names = "--dependencies", description = "Dependencies URL", required = true) + String dependencies; + + @CommandLine.Option(names = "-i", description = "Recipe Image", defaultValue = "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service-builder-images/ubi8:latest") + String recipeImage; + + @ConfigProperty(name = "access.token") + Optional accessToken; + +} diff --git a/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/CancelPipeline.java b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/CancelPipeline.java new file mode 100644 index 000000000..c1f2a5b24 --- /dev/null +++ b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/CancelPipeline.java @@ -0,0 +1,38 @@ +package com.redhat.hacbs.cli.driver; + +import jakarta.enterprise.context.control.ActivateRequestContext; +import jakarta.inject.Inject; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.redhat.hacbs.driver.Driver; +import com.redhat.hacbs.driver.dto.CancelRequest; + +import picocli.CommandLine; + +@CommandLine.Command(name = "cancel-pipeline", mixinStandardHelpOptions = true, description = "Creates a pipeline") +public class CancelPipeline implements Runnable { + + private static final Logger logger = LoggerFactory.getLogger(CancelPipeline.class); + + @Inject + Driver driver; + + @CommandLine.Option(names = "-n", description = "Namespace", defaultValue = "pnc-devel-tenant") + String namespace; + + @CommandLine.Option(names = "-p", description = "Pipeline name") + String pipeline; + + @ActivateRequestContext // https://github.com/quarkusio/quarkus/issues/8758 + @Override + public void run() { + var cancel = CancelRequest.builder() + .namespace(namespace) + .pipelineId(pipeline) + .build(); + + driver.cancel(cancel); + } +} diff --git a/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/CreatePipeline.java b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/CreatePipeline.java new file mode 100644 index 000000000..919721f85 --- /dev/null +++ b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/CreatePipeline.java @@ -0,0 +1,55 @@ +package com.redhat.hacbs.cli.driver; + +import jakarta.enterprise.context.control.ActivateRequestContext; +import jakarta.inject.Inject; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.redhat.hacbs.driver.Driver; +import com.redhat.hacbs.driver.dto.BuildRequest; +import com.redhat.hacbs.driver.dto.BuildResponse; + +import picocli.CommandLine; + +@CommandLine.Command(name = "create-pipeline", mixinStandardHelpOptions = true, description = "Creates a pipeline") +public class CreatePipeline extends Base implements Runnable { + + private static final Logger logger = LoggerFactory.getLogger(CreatePipeline.class); + + @Inject + Driver driver; + + @CommandLine.Option(names = "--quay", description = "Quay repo", defaultValue = "quay.io/redhat-user-workloads-stage/pnc-devel-tenant/pnc-konflux") + String quayRepo; + + @CommandLine.Option(names = "--processor", description = "Request Process Image", defaultValue = "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest") + String processor; + + @ActivateRequestContext // https://github.com/quarkusio/quarkus/issues/8758 + @Override + public void run() { + driver.setQuayRepo(quayRepo); + driver.setProcessor(processor); + driver.setAccessToken(accessToken.orElse("")); + + BuildRequest request = BuildRequest.builder() + .namespace(namespace) + .scmUrl(url) + .scmRevision(revision) + .buildTool(buildTool) + .buildToolVersion(buildToolVersion) + .javaVersion(javaVersion) + .buildScript(buildScript) + .repositoryDeployUrl(deploy) + .repositoryDependencyUrl(dependencies) + .repositoryBuildContentId("test-maven-konflux-int-0001") + .recipeImage(recipeImage) + // Just use default from buildah-oci-ta for now. + .podMemoryOverride("4Gi") + .build(); + BuildResponse b = driver.create(request); + + logger.info("Got response {}", b); + } +} diff --git a/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/DriverCommand.java b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/DriverCommand.java new file mode 100644 index 000000000..0aad27088 --- /dev/null +++ b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/DriverCommand.java @@ -0,0 +1,8 @@ +package com.redhat.hacbs.cli.driver; + +import picocli.CommandLine; + +@CommandLine.Command(name = "driver", subcommands = { + Fabric8.class, CreatePipeline.class, CancelPipeline.class }, mixinStandardHelpOptions = true) +public class DriverCommand { +} diff --git a/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/Fabric8.java b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/Fabric8.java new file mode 100644 index 000000000..a37c73387 --- /dev/null +++ b/java-components/cli/src/main/java/com/redhat/hacbs/cli/driver/Fabric8.java @@ -0,0 +1,142 @@ +package com.redhat.hacbs.cli.driver; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import io.fabric8.kubernetes.api.model.Quantity; +import io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder; +import io.fabric8.kubernetes.client.KubernetesClient; +import io.fabric8.tekton.client.TektonClient; +import io.fabric8.tekton.pipeline.v1.Param; +import io.fabric8.tekton.pipeline.v1.ParamBuilder; +import io.fabric8.tekton.pipeline.v1.PipelineRun; +import io.fabric8.tekton.pipeline.v1.PipelineRunBuilder; +import io.fabric8.tekton.pipeline.v1.PipelineTaskRunSpec; +import io.fabric8.tekton.pipeline.v1.PipelineTaskRunSpecBuilder; +import io.fabric8.tekton.pipeline.v1.TaskRunStepSpecBuilder; +import io.fabric8.tekton.pipeline.v1.WorkspaceBinding; +import io.fabric8.tekton.pipeline.v1.WorkspaceBindingBuilder; +import io.quarkus.arc.Arc; +import io.quarkus.arc.InstanceHandle; +import picocli.CommandLine; + +/** + * Experiment only - see if Fabric8 can be used to create the entire pipelinerun object rather + * than reading a definition from yaml. + */ +@Deprecated +@CommandLine.Command(name = "fabric8", mixinStandardHelpOptions = true, description = "Creates a pipeline") +public class Fabric8 extends Base implements Runnable { + + @Override + public void run() { + + PipelineRun run; + + try (InstanceHandle instanceHandle = Arc.container().instance(TektonClient.class)) { + + // Experiment with creating gitlab project-ncl/konflux-integration/-/blob/main/deploy/mw-pipeline-run-v0.1.yaml + PipelineRunBuilder pipelineRunBuilder = new PipelineRunBuilder() + .withNewMetadata().withGenerateName("hacbs-pipeline-").endMetadata() + .withNewSpec() + .withNewPipelineRef().withResolver("git").withParams(getGitParams()).endPipelineRef() + .withWorkspaces(getWorkspace()) + .withParams(embedParams()) + .withTaskRunSpecs(configureTaskRunSpecs()) + .endSpec(); + run = pipelineRunBuilder.build(); + } + try (InstanceHandle instanceHandle = Arc.container().instance(KubernetesClient.class)) { + PipelineRun created = instanceHandle.get().resource(run).create(); + System.err.println("### run created : " + created); + // final CountDownLatch closeLatch = new CountDownLatch(1); + // instanceHandle.get().resource(run).watch(new Watcher<>() { + // @Override + // public void eventReceived(Action action, PipelineRun resource) { + // System.out.println("### event action " + action.name()); + // switch (action.name()) { + // case "ADDED": + // System.out.println("### added " + resource.getMetadata().getName()); + // break; + // case "DELETED": + // break; + // case "MODIFIED": + // System.out.println( + // "### added " + resource.getMetadata().getName() + " and status " + resource.getStatus() + // .getResults()); + // break; + // // default: + // } + // } + // + // @Override + // public void onClose(WatcherException cause) { + // System.out.println("### close " + cause); + // closeLatch.countDown(); + // } + // }); + // closeLatch.await(); + // } catch (InterruptedException e) { + // throw new RuntimeException(e); + + // created.getStatus() + } + } + + private List embedParams() { + List result = new ArrayList<>(); + // The actual parameters to be customized... + result.add(new ParamBuilder().withName("URL").withNewValue(url).build()); + result.add(new ParamBuilder().withName("REVISION").withNewValue(revision).build()); + result.add(new ParamBuilder().withName("BUILD_TOOL").withNewValue(buildTool).build()); + result.add(new ParamBuilder().withName("BUILD_TOOL_VERSION").withNewValue(buildToolVersion).build()); + result.add(new ParamBuilder().withName("JAVA_VERSION").withNewValue(javaVersion).build()); + result.add(new ParamBuilder().withName("BUILD_SCRIPT").withNewValue(buildScript).build()); + if (accessToken.isPresent()) { + result.add(new ParamBuilder().withName("ACCESS_TOKEN").withNewValue(accessToken.get()).build()); + } else { + System.err.println("Access token not set"); + } + // TODO: Hard code these per now, same as in pipelinerun yaml + result.add(new ParamBuilder().withName("MVN_REPO_DEPLOY_URL").withNewValue(deploy) + .build()); + result.add(new ParamBuilder().withName("MVN_REPO_DEPENDENCIES_URL").withNewValue(deploy) + .build()); + result.add(new ParamBuilder().withName("BUILD_ID").withNewValue("test-maven-konflux-int-0001").build()); + + return result; + } + + // TODO: The memory settings in this function should be customizable for different build sizes + private List configureTaskRunSpecs() { + var stepSpec = new PipelineTaskRunSpecBuilder().withPipelineTaskName("buildah-oci-ta") + .withStepSpecs(new TaskRunStepSpecBuilder() + .withName("build") + .withComputeResources(new ResourceRequirementsBuilder() + .withLimits(Collections.singletonMap("memory", new Quantity("5Gi"))) + .withRequests(Collections.singletonMap("memory", new Quantity("5Gi"))).build()) + .build()) + .build(); + return Collections.singletonList(stepSpec); + } + + private List getGitParams() { + List result = new ArrayList<>(); + result.add(new ParamBuilder().withName("url") + .withNewValue("https://gitlab.cee.redhat.com/project-ncl/konflux-integration.git").build()); + result.add(new ParamBuilder().withName("revision").withNewValue("main").build()); + result.add(new ParamBuilder().withName("pathInRepo").withNewValue(".tekton/mw-pipeline-v0.1.yaml").build()); + return result; + } + + private WorkspaceBinding getWorkspace() { + return new WorkspaceBindingBuilder().withName("source").withNewVolumeClaimTemplate() + .withNewSpec() + .addToAccessModes("ReadWriteOnce") + .withNewResources().withRequests(Collections.singletonMap("storage", new Quantity("1Gi"))).endResources() + .endSpec() + .endVolumeClaimTemplate() + .build(); + } +} diff --git a/java-components/cli/src/test/java/com/redhat/hacbs/cli/MockOidcClient.java b/java-components/cli/src/test/java/com/redhat/hacbs/cli/MockOidcClient.java new file mode 100644 index 000000000..c7f0bf077 --- /dev/null +++ b/java-components/cli/src/test/java/com/redhat/hacbs/cli/MockOidcClient.java @@ -0,0 +1,41 @@ +package com.redhat.hacbs.cli; + +import java.io.IOException; +import java.time.Duration; +import java.time.temporal.ChronoUnit; +import java.util.Map; + +import io.quarkus.oidc.client.OidcClient; +import io.quarkus.oidc.client.Tokens; +import io.quarkus.test.Mock; +import io.smallrye.mutiny.Uni; + +/** + * From PNC + * BuildDriver + */ +@Mock +public class MockOidcClient implements OidcClient { + + @Override + public Uni getTokens(Map additionalGrantParameters) { + return Uni.createFrom() + .item(new Tokens("accessToken", 1L, Duration.of(5, ChronoUnit.MINUTES), "refreshToken", 1L, null, null)); + } + + @Override + public Uni refreshTokens(String refreshToken, Map additionalGrantParameters) { + return null; + } + + @Override + public Uni revokeAccessToken(String accessToken, Map additionalParameters) { + return null; + } + + @Override + public void close() throws IOException { + + } +} diff --git a/java-components/cli/src/test/resources/application.yaml b/java-components/cli/src/test/resources/application.yaml new file mode 100644 index 000000000..3fd73ac10 --- /dev/null +++ b/java-components/cli/src/test/resources/application.yaml @@ -0,0 +1,5 @@ +quarkus: + oidc: + enabled: false + oidc-client: + enabled: false diff --git a/java-components/driver/pom.xml b/java-components/driver/pom.xml new file mode 100644 index 000000000..33eb872f2 --- /dev/null +++ b/java-components/driver/pom.xml @@ -0,0 +1,166 @@ + + + 4.0.0 + + io.github.redhat-appstudio.jvmbuild + jvm-build-service-parent + 999-SNAPSHOT + + driver + Driver + + + 1.18.32 + 1.12.0 + + + + + io.quarkus + quarkus-oidc + + + io.quarkus + quarkus-oidc-client + + + io.quarkus + quarkus-openshift-client + + + io.quarkus + quarkus-rest-jackson + + + io.quarkus + quarkus-rest-client-jackson + + + io.quarkiverse.tektonclient + quarkus-tekton-client + + + org.apache.commons + commons-text + ${version.commons-text} + + + io.quarkus + quarkus-info + + + org.jboss.pnc + pnc-api + 3.0.0 + + + + + + + + + + org.projectlombok + lombok + ${version.lombok} + provided + + + io.quarkus + quarkus-junit5 + test + + + io.quarkus + quarkus-junit5-mockito + test + + + io.rest-assured + rest-assured + test + + + io.quarkus + quarkus-test-kubernetes-client + test + + + + + + ${quarkus.platform.group-id} + quarkus-maven-plugin + ${quarkus.platform.version} + true + + + + build + generate-code + generate-code-tests + + + + + + maven-surefire-plugin + ${surefire-plugin.version} + + + org.jboss.logmanager.LogManager + ${maven.home} + + + + + org.apache.maven.plugins + maven-jar-plugin + + + + ${maven.build.timestamp} + + + + + + + + + native + + + native + + + + + + maven-failsafe-plugin + ${surefire-plugin.version} + + + + integration-test + verify + + + + ${project.build.directory}/${project.build.finalName}-runner + org.jboss.logmanager.LogManager + ${maven.home} + + + + + + + + + native + + + + diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/Driver.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/Driver.java new file mode 100644 index 000000000..77b84ba65 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/Driver.java @@ -0,0 +1,153 @@ +package com.redhat.hacbs.driver; + +import static org.apache.commons.lang3.StringUtils.isEmpty; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import jakarta.enterprise.context.RequestScoped; +import jakarta.inject.Inject; + +import org.apache.commons.io.IOUtils; +import org.eclipse.microprofile.config.ConfigProvider; +import org.eclipse.microprofile.config.inject.ConfigProperty; +import org.eclipse.microprofile.rest.client.inject.RestClient; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.redhat.hacbs.driver.clients.IndyService; +import com.redhat.hacbs.driver.clients.IndyTokenRequestDTO; +import com.redhat.hacbs.driver.clients.IndyTokenResponseDTO; +import com.redhat.hacbs.driver.dto.BuildRequest; +import com.redhat.hacbs.driver.dto.BuildResponse; +import com.redhat.hacbs.driver.dto.CancelRequest; + +import io.fabric8.knative.internal.pkg.apis.Condition; +import io.fabric8.kubernetes.api.model.Quantity; +import io.fabric8.kubernetes.client.KubernetesClient; +import io.fabric8.tekton.client.TektonClient; +import io.fabric8.tekton.pipeline.v1.ParamBuilder; +import io.fabric8.tekton.pipeline.v1.PipelineRun; +import io.quarkus.oidc.client.OidcClient; +import lombok.Setter; + +@RequestScoped +public class Driver { + + private static final Logger logger = LoggerFactory.getLogger(Driver.class); + + @Inject + OidcClient oidcClient; + + @RestClient + IndyService indyService; + + @Inject + KubernetesClient client; + + @Setter + private String accessToken; + + @Setter + @ConfigProperty(name = "konflux-build-driver.konflux-processor") + String processor; + + @Setter + @ConfigProperty(name = "konflux-build-driver.quay-repo") + String quayRepo; + + @ConfigProperty(name = "konflux-build-driver.pipeline-resolver") + String resolverTarget; + + public BuildResponse create(BuildRequest buildRequest) { + IndyTokenResponseDTO tokenResponseDTO = new IndyTokenResponseDTO(accessToken); + + if (isEmpty(accessToken)) { + logger.info("Establishing token from Indy using clientId {}", + ConfigProvider.getConfig().getConfigValue("quarkus.oidc.client-id").getValue()); + tokenResponseDTO = indyService.getAuthToken( + new IndyTokenRequestDTO(buildRequest.repositoryBuildContentId()), + "Bearer " + getFreshAccessToken()); + } + + Map templateProperties = new HashMap<>(); + templateProperties.put("ACCESS_TOKEN", tokenResponseDTO.token()); + templateProperties.put("BUILD_ID", buildRequest.repositoryBuildContentId()); + templateProperties.put("BUILD_SCRIPT", buildRequest.buildScript()); + templateProperties.put("BUILD_TOOL", buildRequest.buildTool()); + templateProperties.put("BUILD_TOOL_VERSION", buildRequest.buildToolVersion()); + templateProperties.put("JAVA_VERSION", buildRequest.javaVersion()); + templateProperties.put("MVN_REPO_DEPENDENCIES_URL", buildRequest.repositoryDependencyUrl()); + templateProperties.put("MVN_REPO_DEPLOY_URL", buildRequest.repositoryDeployUrl()); + templateProperties.put("QUAY_REPO", quayRepo); + templateProperties.put("RECIPE_IMAGE", buildRequest.recipeImage()); + templateProperties.put("JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE", processor); + templateProperties.put("REVISION", buildRequest.scmRevision()); + templateProperties.put("URL", buildRequest.scmUrl()); + + PipelineRun pipelineRun = null; + try { + var tc = client.adapt(TektonClient.class); + // Various ways to create the initial PipelineRun object. We can use an objectmapper, + // client.getKubernetesSerialization() or the load calls on the Fabric8 objects. + pipelineRun = tc.v1().pipelineRuns() + .load(IOUtils.resourceToURL("pipeline.yaml", Thread.currentThread().getContextClassLoader())).item(); + } catch (IOException e) { + throw new RuntimeException(e); + } + pipelineRun = pipelineRun.edit().editOrNewSpec() + .editPipelineRef() + .editFirstParam().editOrNewValue().withStringVal(resolverTarget).endValue() + .endParam() + .endPipelineRef() + .addAllToParams(templateProperties.entrySet().stream() + .map(t -> new ParamBuilder().withName(t.getKey()).withNewValue(t.getValue()).build()).toList()) + .editFirstTaskRunSpec() + .editFirstStepSpec() + .editComputeResources() + .addToLimits("memory", new Quantity(buildRequest.podMemoryOverride())) + .addToRequests("memory", new Quantity(buildRequest.podMemoryOverride())) + .endComputeResources() + .endStepSpec() + .endTaskRunSpec() + .endSpec().build(); + + var created = client.resource(pipelineRun).inNamespace(buildRequest.namespace()).create(); + + return BuildResponse.builder().namespace(buildRequest.namespace()).pipelineId(created.getMetadata().getName()).build(); + } + + public void cancel(CancelRequest request) { + var tc = client.adapt(TektonClient.class); + var pipeline = tc.v1beta1().pipelineRuns().inNamespace(request.namespace()).withName(request.pipelineId()).get(); + + logger.info("Retrieved pipeline {}", pipeline.getMetadata().getName()); + + List conditions = new ArrayList<>(); + // https://tekton.dev/docs/pipelines/pipelineruns/#monitoring-execution-status + Condition cancelCondition = new Condition(); + cancelCondition.setType("Succeeded"); + cancelCondition.setStatus("False"); + // https://github.com/tektoncd/community/blob/main/teps/0058-graceful-pipeline-run-termination.md + cancelCondition.setReason("CancelledRunFinally"); + cancelCondition.setMessage("The PipelineRun was cancelled"); + conditions.add(cancelCondition); + + pipeline.getStatus().setConditions(conditions); + + tc.v1beta1().pipelineRuns().inNamespace(request.namespace()).resource(pipeline).updateStatus(); + } + + /** + * Get a fresh access token for the service account. This is done because we want to get a + * super-new token to be used since we're not entirely sure when the http request will be done. + * + * @return fresh access token + */ + public String getFreshAccessToken() { + return oidcClient.getTokens().await().indefinitely().getAccessToken(); + } +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyService.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyService.java new file mode 100644 index 000000000..d44fd6649 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyService.java @@ -0,0 +1,51 @@ +/** + * JBoss, Home of Professional Open Source. + * Copyright 2021 Red Hat, Inc., and individual contributors + * as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.redhat.hacbs.driver.clients; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.HeaderParam; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import org.eclipse.microprofile.rest.client.inject.RegisterRestClient; + +/** + * Indy service representing the Indy server. It uses Quarkus magical rest client to generate the client implementation + */ +@RegisterRestClient(configKey = "indy-service") +public interface IndyService { + + /** + * Ask Indy to give us the token that we will use for Maven communication with Indy, in the builder pod for the + * particular buildId + * + * @param indyTokenRequestDTO the DTO to send to Indy + * @param accessToken accessToken required to send data. Note that it should include "Bearer " + * + * @return Token DTO + */ + @Path("/api/security/auth/token") + @Produces(MediaType.APPLICATION_JSON) + @Consumes(MediaType.APPLICATION_JSON) + @POST + IndyTokenResponseDTO getAuthToken( + IndyTokenRequestDTO indyTokenRequestDTO, + @HeaderParam("Authorization") String accessToken); +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyTokenRequestDTO.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyTokenRequestDTO.java new file mode 100644 index 000000000..c5c25e321 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyTokenRequestDTO.java @@ -0,0 +1,13 @@ +package com.redhat.hacbs.driver.clients; + +import com.fasterxml.jackson.annotation.JsonProperty; + +import lombok.Builder; + +/** + * DTO of the Indy token endpoint request + */ +@Builder +public record IndyTokenRequestDTO(@JsonProperty("build-id") String buildId) { + +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyTokenResponseDTO.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyTokenResponseDTO.java new file mode 100644 index 000000000..17cf82adb --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/clients/IndyTokenResponseDTO.java @@ -0,0 +1,11 @@ +package com.redhat.hacbs.driver.clients; + +import lombok.Builder; + +/** + * DTO of the Indy token endpoint response + */ +@Builder +public record IndyTokenResponseDTO(String token) { + +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/BuildRequest.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/BuildRequest.java new file mode 100644 index 000000000..abf49b382 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/BuildRequest.java @@ -0,0 +1,14 @@ +package com.redhat.hacbs.driver.dto; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; + +import lombok.Builder; + +@Builder(builderClassName = "Builder") +@JsonIgnoreProperties(ignoreUnknown = true) +public record BuildRequest(String recipeImage, String buildTool, String buildToolVersion, String javaVersion, + String projectName, String scmUrl, String scmRevision, String buildScript, + String repositoryDependencyUrl, String repositoryDeployUrl, String repositoryBuildContentId, + String namespace, String podMemoryOverride) { + +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/BuildResponse.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/BuildResponse.java new file mode 100644 index 000000000..208f44796 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/BuildResponse.java @@ -0,0 +1,11 @@ +package com.redhat.hacbs.driver.dto; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; + +import lombok.Builder; + +@Builder(builderClassName = "Builder") +@JsonIgnoreProperties(ignoreUnknown = true) +public record BuildResponse(String pipelineId, String namespace) { + +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/CancelRequest.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/CancelRequest.java new file mode 100644 index 000000000..36aa37320 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/dto/CancelRequest.java @@ -0,0 +1,11 @@ +package com.redhat.hacbs.driver.dto; + +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; + +import lombok.Builder; + +@Builder(builderClassName = "Builder") +@JsonIgnoreProperties(ignoreUnknown = true) +public record CancelRequest(String pipelineId, String namespace) { + +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/endpoints/Public.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/endpoints/Public.java new file mode 100644 index 000000000..4b49e9fd1 --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/endpoints/Public.java @@ -0,0 +1,87 @@ +/** + * JBoss, Home of Professional Open Source. + * Copyright 2021 Red Hat, Inc., and individual contributors + * as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.redhat.hacbs.driver.endpoints; + +import jakarta.inject.Inject; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.PUT; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import org.jboss.pnc.api.dto.ComponentVersion; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.redhat.hacbs.driver.Driver; +import com.redhat.hacbs.driver.dto.BuildRequest; +import com.redhat.hacbs.driver.dto.BuildResponse; +import com.redhat.hacbs.driver.dto.CancelRequest; +import com.redhat.hacbs.driver.util.Info; + +import io.smallrye.common.annotation.RunOnVirtualThread; + +/** + * Endpoint to start/cancel the build. + * + * @author Matej Lazar + */ +@Path("/") +@Consumes(MediaType.APPLICATION_JSON) +@Produces(MediaType.APPLICATION_JSON) +public class Public { + + private static final Logger logger = LoggerFactory.getLogger(Public.class); + + @Inject + Driver driver; + + @Inject + Info info; + + @POST + @Path("/build") + @RunOnVirtualThread + // public CompletionStage build(BuildRequest buildRequest) { + public BuildResponse build(BuildRequest buildRequest) { + logger.info("Requested project build: {}", buildRequest.projectName()); + var result = driver.create(buildRequest); + logger.info("### Got {}", result); + return result; + } + + @PUT + @Path("/cancel") + @RunOnVirtualThread + public void cancel(CancelRequest cancelRequest) { + logger.info("Requested cancel: {}", cancelRequest.pipelineId()); + driver.cancel(cancelRequest); + } + + @Path("/version") + @GET + @RunOnVirtualThread + public ComponentVersion getVersion() { + var r = info.getVersion(); + logger.info("Requested version {}", r); + return r; + } +} diff --git a/java-components/driver/src/main/java/com/redhat/hacbs/driver/util/Info.java b/java-components/driver/src/main/java/com/redhat/hacbs/driver/util/Info.java new file mode 100644 index 000000000..c1780723a --- /dev/null +++ b/java-components/driver/src/main/java/com/redhat/hacbs/driver/util/Info.java @@ -0,0 +1,33 @@ +package com.redhat.hacbs.driver.util; + +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; + +import org.eclipse.microprofile.config.inject.ConfigProperty; +import org.jboss.pnc.api.dto.ComponentVersion; + +import io.quarkus.info.BuildInfo; +import io.quarkus.info.GitInfo; + +@ApplicationScoped +public class Info { + + @ConfigProperty(name = "quarkus.application.name") + String name; + + @Inject + GitInfo gitInfo; + + @Inject + BuildInfo buildInfo; + + public ComponentVersion getVersion() { + return ComponentVersion.builder() + .name(name) + .builtOn(buildInfo.time().toZonedDateTime()) + .commit(gitInfo.latestCommitId()) + .version(buildInfo.version()) + .build(); + } + +} diff --git a/java-components/driver/src/main/resources/META-INF/beans.xml b/java-components/driver/src/main/resources/META-INF/beans.xml new file mode 100644 index 000000000..e69de29bb diff --git a/java-components/driver/src/main/resources/application.yaml b/java-components/driver/src/main/resources/application.yaml new file mode 100644 index 000000000..25b24dad2 --- /dev/null +++ b/java-components/driver/src/main/resources/application.yaml @@ -0,0 +1,66 @@ +konflux-build-driver: + quay-repo: "quay.io/redhat-user-workloads-stage/pnc-devel-tenant/pnc-konflux" + konflux-processor: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest" + # TODO: This will eventually be build-definitions repository + pipeline-resolver: "https://raw.githubusercontent.com/rnc/jvm-build-service/refs/heads/NCL8774/deploy/pipeline/mw-pipeline-v0.1.yaml" +quarkus: + application: + name: konflux-build-driver + shutdown: + timeout: 300 + log: + category: + "com.redhat.hacbs": + level: DEBUG +# console: +# format: "%d{HH:mm:ss,SSS} %-5p traceId=%X{traceId}, parentId=%X{parentId}, spanId=%X{spanId}, sampled=%X{sampled} [%c{3.}] (%t) %s%e mdc:[%X]%n" +# http: +# cors: +# ~: true +# origins: "/.*/" +# kubernetes-client: +# connection-timeout: PT30S +# request-timeout: PT30S + #namespace: default + #token: secretToken + oidc: + auth-server-url: https://keycloak-host/auth/realms/pncredhat + client-id: client + credentials: + secret: secret + # tls: + # verification: none +# keycloak: +# policy-enforcer: +# enable: false + oidc-client: + auth-server-url: https://keycloak-host/auth/realms/pncredhat + client-id: service-account + credentials: + secret: secret-of-service-account + rest-client: + indy-service: + url: "http://localhost:8080" +#"%test": +# quarkus: +# oidc: +# enabled: false +# oidc-client: +# enabled: false +# log: +# console: +# json: false +# environment-driver: +# http-client: +# connect-timeout: 1 +# request-timeout: 3 +# build-agent: +# ping-path: PingHandler +# host: localhost +# running-wait-for: 3 +# +#"%dev": +# quarkus: +# log: +# console: +# json: false diff --git a/java-components/driver/src/main/resources/pipeline.yaml b/java-components/driver/src/main/resources/pipeline.yaml new file mode 100644 index 000000000..0ebc272b6 --- /dev/null +++ b/java-components/driver/src/main/resources/pipeline.yaml @@ -0,0 +1,43 @@ +apiVersion: tekton.dev/v1 +kind: PipelineRun +metadata: + generateName: run-mw-pipeline- +spec: + pipelineRef: + # TODO: Might want in future to change this to OCI bundle reference? + resolver: http + params: + - name: url + value: "" + workspaces: + - name: source + # TODO: If we have a custom git step we can share this with prebuild thereby eliminating the need for a volumeClaimTemplate + # + # emptyDir: {} - does not share the data between tasks + # When the volume is created from a template in a PipelineRun or TaskRun it will be deleted when the PipelineRun or TaskRun is deleted. + volumeClaimTemplate: + metadata: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + status: {} + params: + - name: caTrustConfigMapName + value: custom-ca + - name: ENABLE_INDY_PROXY + value: "false" + # TODO: Should PNC set both limits and requests? See + # https://home.robusta.dev/blog/kubernetes-memory-limit + # https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + taskRunSpecs: + - pipelineTaskName: buildah-oci-ta + stepSpecs: + - name: build + computeResources: + # limits/requests memory are configured dynamically in Driver. + taskRunTemplate: + podTemplate: + env: diff --git a/java-components/driver/src/test/java/com/redhat/hacbs/driver/EndpointTest.java b/java-components/driver/src/test/java/com/redhat/hacbs/driver/EndpointTest.java new file mode 100644 index 000000000..79e8db882 --- /dev/null +++ b/java-components/driver/src/test/java/com/redhat/hacbs/driver/EndpointTest.java @@ -0,0 +1,68 @@ +package com.redhat.hacbs.driver; + +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.when; + +import jakarta.inject.Inject; + +import org.eclipse.microprofile.rest.client.inject.RestClient; +import org.jboss.pnc.api.dto.ComponentVersion; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import com.redhat.hacbs.driver.clients.IndyService; +import com.redhat.hacbs.driver.clients.IndyTokenRequestDTO; +import com.redhat.hacbs.driver.clients.IndyTokenResponseDTO; +import com.redhat.hacbs.driver.dto.BuildRequest; + +import io.fabric8.kubernetes.client.KubernetesClient; +import io.fabric8.kubernetes.client.server.mock.KubernetesServer; +import io.quarkus.test.InjectMock; +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.kubernetes.client.KubernetesTestServer; +import io.quarkus.test.kubernetes.client.WithKubernetesTestServer; +import io.restassured.RestAssured; +import io.restassured.http.ContentType; + +@WithKubernetesTestServer +@QuarkusTest +public class EndpointTest { + + @KubernetesTestServer + KubernetesServer mockServer; + + @Inject + KubernetesClient client; + + @InjectMock + @RestClient + IndyService indyService; + + @BeforeEach + public void setup() { + when(indyService.getAuthToken(any(IndyTokenRequestDTO.class), any(String.class))) + .thenReturn(new IndyTokenResponseDTO("token-for-builder-pod")); + } + + @Test + void verify() { + + BuildRequest request = BuildRequest.builder().namespace("default").podMemoryOverride("1Gi").build(); + RestAssured.given().contentType(ContentType.JSON) + .body(request) + .when() + .post("/build") + .then() + .statusCode(200); + } + + @Test + void version() { + var result = RestAssured.given() + .when() + .get("/version") + .as(ComponentVersion.class); + Assertions.assertEquals("konflux-build-driver", result.getName()); + } +} diff --git a/java-components/driver/src/test/java/com/redhat/hacbs/driver/MockOidcClient.java b/java-components/driver/src/test/java/com/redhat/hacbs/driver/MockOidcClient.java new file mode 100644 index 000000000..9f8bc88a1 --- /dev/null +++ b/java-components/driver/src/test/java/com/redhat/hacbs/driver/MockOidcClient.java @@ -0,0 +1,41 @@ +package com.redhat.hacbs.driver; + +import java.io.IOException; +import java.time.Duration; +import java.time.temporal.ChronoUnit; +import java.util.Map; + +import io.quarkus.oidc.client.OidcClient; +import io.quarkus.oidc.client.Tokens; +import io.quarkus.test.Mock; +import io.smallrye.mutiny.Uni; + +/** + * From PNC + * BuildDriver + */ +@Mock +public class MockOidcClient implements OidcClient { + + @Override + public Uni getTokens(Map additionalGrantParameters) { + return Uni.createFrom() + .item(new Tokens("accessToken", 1L, Duration.of(5, ChronoUnit.MINUTES), "refreshToken", 1L, null, null)); + } + + @Override + public Uni refreshTokens(String refreshToken, Map additionalGrantParameters) { + return null; + } + + @Override + public Uni revokeAccessToken(String accessToken, Map additionalParameters) { + return null; + } + + @Override + public void close() throws IOException { + + } +} diff --git a/java-components/driver/src/test/resources/application.yaml b/java-components/driver/src/test/resources/application.yaml new file mode 100644 index 000000000..5b08310b0 --- /dev/null +++ b/java-components/driver/src/test/resources/application.yaml @@ -0,0 +1,9 @@ +quarkus: + oidc: + enabled: false + oidc-client: + enabled: false + log: + category: + "com.redhat.hacbs": + level: DEBUG diff --git a/java-components/management-console/src/main/docker/Dockerfile.all-in-one b/java-components/management-console/src/main/docker/Dockerfile.all-in-one index d47df4e2c..4fba98bf6 100644 --- a/java-components/management-console/src/main/docker/Dockerfile.all-in-one +++ b/java-components/management-console/src/main/docker/Dockerfile.all-in-one @@ -7,7 +7,7 @@ RUN mkdir -p /work/cache/target/classes RUN mvn -V -B package -pl cache -am -Dmaven.test.skip -FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:c1bf8370627eaed6711ea22915b476d4216517c35c8f8268c0d39ed983bceaff +FROM registry.access.redhat.com/ubi8/openjdk-21-runtime@sha256:0a8cf41082f11f5bc56bd9438851e54593e17051df49592e953fb59376c7d539 USER 0 WORKDIR /work/ diff --git a/java-components/management-console/src/main/webui/package-lock.json b/java-components/management-console/src/main/webui/package-lock.json index 6fdb583e0..04cc4b44d 100644 --- a/java-components/management-console/src/main/webui/package-lock.json +++ b/java-components/management-console/src/main/webui/package-lock.json @@ -1790,9 +1790,9 @@ } }, "node_modules/@patternfly/react-charts": { - "version": "7.4.5", - "resolved": "https://registry.npmjs.org/@patternfly/react-charts/-/react-charts-7.4.5.tgz", - "integrity": "sha512-m6+y4FDCQm+Ql55KJQK1Yor799aaYgpVbIcqShtZ7Lidx9MFCfoCJxSrJTbfJHb46H+zv/LKxLtJ6dUx54qnjA==", + "version": "7.4.7", + "resolved": "https://registry.npmjs.org/@patternfly/react-charts/-/react-charts-7.4.7.tgz", + "integrity": "sha512-mrIErPp7cz4/+MfpXIUEkKY52HPKbFUUljNuUfyAcN1320/3xt1n0wrf9yz43rN9yswR336guDJv96e4E+fn3g==", "license": "MIT", "dependencies": { "@patternfly/react-styles": "^5.4.1", @@ -1824,9 +1824,9 @@ } }, "node_modules/@patternfly/react-core": { - "version": "5.4.10", - "resolved": "https://registry.npmjs.org/@patternfly/react-core/-/react-core-5.4.10.tgz", - "integrity": "sha512-lThdXKqHc9sN5AqPskZa1YmUmSwbjdkaT8neTCdMjfnBaBanYCmSCNUMYUsoB0L/2siu2Vlcp12RRaG5hZeN2g==", + "version": "5.4.11", + "resolved": "https://registry.npmjs.org/@patternfly/react-core/-/react-core-5.4.11.tgz", + "integrity": "sha512-+WgxVnnqiZiASB+zMBA8Z1YuaX32/ehJ8Y4UB+j2xIB/tjvBqKNVn7n4VPy56F+G9nJ92Kv8Tekccau6bL6jFg==", "license": "MIT", "dependencies": { "@patternfly/react-icons": "^5.4.2", @@ -1858,12 +1858,12 @@ "license": "MIT" }, "node_modules/@patternfly/react-table": { - "version": "5.4.11", - "resolved": "https://registry.npmjs.org/@patternfly/react-table/-/react-table-5.4.11.tgz", - "integrity": "sha512-TlEPx4G+49QYZxk649WUIHkRPA/JB//i29fUosrJdI6EEzpTe8keHLXe5wA9KkhCxOtna7iHPTPWv5qRiDJKSg==", + "version": "5.4.12", + "resolved": "https://registry.npmjs.org/@patternfly/react-table/-/react-table-5.4.12.tgz", + "integrity": "sha512-ZpW/49bWR9JkZCyBGBCbHNdJt0Vn34g5BaXlVF/P7Tl0WPdxFLWS5EQywiXEhu8qoOhz3uGcyGwACCJCvmqCSg==", "license": "MIT", "dependencies": { - "@patternfly/react-core": "^5.4.10", + "@patternfly/react-core": "^5.4.11", "@patternfly/react-icons": "^5.4.2", "@patternfly/react-styles": "^5.4.1", "@patternfly/react-tokens": "^5.4.1", @@ -1921,21 +1921,21 @@ "license": "MIT" }, "node_modules/@redocly/config": { - "version": "0.12.1", - "resolved": "https://registry.npmjs.org/@redocly/config/-/config-0.12.1.tgz", - "integrity": "sha512-RW3rSirfsPdr0uvATijRDU3f55SuZV3m7/ppdTDvGw4IB0cmeZRkFmqTrchxMqWP50Gfg1tpHnjdxUCNo0E2qg==", + "version": "0.17.1", + "resolved": "https://registry.npmjs.org/@redocly/config/-/config-0.17.1.tgz", + "integrity": "sha512-CEmvaJuG7pm2ylQg53emPmtgm4nW2nxBgwXzbVEHpGas/lGnMyN8Zlkgiz6rPw0unASg6VW3wlz27SOL5XFHYQ==", "dev": true, "license": "MIT" }, "node_modules/@redocly/openapi-core": { - "version": "1.25.4", - "resolved": "https://registry.npmjs.org/@redocly/openapi-core/-/openapi-core-1.25.4.tgz", - "integrity": "sha512-qnpr4Z1rzfXdtxQxt/lfGD0wW3UVrm3qhrTpzLG5R/Ze+z+1u8sSRiQHp9N+RT3IuMjh00wq59nop9x9PPa1jQ==", + "version": "1.25.15", + "resolved": "https://registry.npmjs.org/@redocly/openapi-core/-/openapi-core-1.25.15.tgz", + "integrity": "sha512-/dpr5zpGj2t1Bf7EIXEboRZm1hsJZBQfv3Q1pkivtdAEg3if2khv+b9gY68aquC6cM/2aQY2kMLy8LlY2tn+Og==", "dev": true, "license": "MIT", "dependencies": { "@redocly/ajv": "^8.11.2", - "@redocly/config": "^0.12.1", + "@redocly/config": "^0.17.0", "colorette": "^1.2.0", "https-proxy-agent": "^7.0.4", "js-levenshtein": "^1.1.6", @@ -13466,13 +13466,13 @@ } }, "node_modules/openapi-typescript": { - "version": "7.4.2", - "resolved": "https://registry.npmjs.org/openapi-typescript/-/openapi-typescript-7.4.2.tgz", - "integrity": "sha512-SvhmSTItcEAdDUcz+wzrcg6OENpMRkHqqY2hZB01FT+NOfgLcZ1B1ML6vcQrnipONHtG9AQELiKHgGTjpNGjiQ==", + "version": "7.4.4", + "resolved": "https://registry.npmjs.org/openapi-typescript/-/openapi-typescript-7.4.4.tgz", + "integrity": "sha512-7j3nktnRzlQdlHnHsrcr6Gqz8f80/RhfA2I8s1clPI+jkY0hLNmnYVKBfuUEli5EEgK1B6M+ibdS5REasPlsUw==", "dev": true, "license": "MIT", "dependencies": { - "@redocly/openapi-core": "^1.25.3", + "@redocly/openapi-core": "^1.25.9", "ansi-colors": "^4.1.3", "change-case": "^5.4.4", "parse-json": "^8.1.0", @@ -13555,9 +13555,9 @@ } }, "node_modules/openapi-typescript/node_modules/type-fest": { - "version": "4.26.1", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.26.1.tgz", - "integrity": "sha512-yOGpmOAL7CkKe/91I5O3gPICmJNLJ1G4zFYVAsRHg7M64biSnPtRj0WNQt++bRkjYOqjWXrhnUw1utzmVErAdg==", + "version": "4.30.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.30.0.tgz", + "integrity": "sha512-G6zXWS1dLj6eagy6sVhOMQiLtJdxQBHIA9Z6HFUNLOlr6MFOgzV8wvmidtPONfPtEUv0uZsy77XJNzTAfwPDaA==", "dev": true, "license": "(MIT OR CC0-1.0)", "engines": { @@ -13977,9 +13977,9 @@ } }, "node_modules/picocolors": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.0.tgz", - "integrity": "sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==", "dev": true, "license": "ISC" }, @@ -14107,9 +14107,9 @@ } }, "node_modules/postcss": { - "version": "8.4.47", - "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.47.tgz", - "integrity": "sha512-56rxCq7G/XfB4EkXq9Egn5GCqugWvDFjafDOThIdMBsI15iqPqR5r15TfSr1YPYeEI19YeaXMCbY6u88Y76GLQ==", + "version": "8.4.49", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.49.tgz", + "integrity": "sha512-OCVPnIObs4N29kxTjzLfUryOkvZEq+pf8jTF0lg8E7uETuWHA+v7j3c/xJmiqpX450191LlmZfUKkXxkTry7nA==", "dev": true, "funding": [ { @@ -14128,7 +14128,7 @@ "license": "MIT", "dependencies": { "nanoid": "^3.3.7", - "picocolors": "^1.1.0", + "picocolors": "^1.1.1", "source-map-js": "^1.2.1" }, "engines": { @@ -18384,9 +18384,9 @@ } }, "node_modules/tslib": { - "version": "2.8.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.0.tgz", - "integrity": "sha512-jWVzBLplnCmoaTr13V9dYbiQ99wvZRd0vNWaDRg+aVYRcjDF3nDksxFDE/+fkXnKhpnUUkmx5pK/v8mCtLVqZA==", + "version": "2.8.1", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", + "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", "license": "0BSD" }, "node_modules/tty-browserify": { diff --git a/java-components/pom.xml b/java-components/pom.xml index 927ad5c61..927f7d099 100644 --- a/java-components/pom.xml +++ b/java-components/pom.xml @@ -4,6 +4,12 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 + + org.jboss + jboss-parent + 47 + + io.github.redhat-appstudio.jvmbuild jvm-build-service-parent 999-SNAPSHOT @@ -40,6 +46,8 @@ UTF-8 UTF-8 + 21 + 21 21 io.quarkus.platform @@ -48,7 +56,7 @@ 3.13.0 3.4.2 - 3.5.1 + 3.5.2 2.24.1 1.12.0 6.13.4 @@ -60,7 +68,7 @@ 7.1.5 1.9.22 3.1.1 - 3.3.1 + 3.3.3 1.322 ${github-api.version}.0 @@ -82,6 +90,7 @@ common-tools common-images common-maven + driver @@ -144,6 +153,11 @@ common-maven ${project.version} + + io.github.redhat-appstudio.jvmbuild + driver + ${project.version} + io.quarkiverse.quinoa @@ -181,6 +195,11 @@ quarkus-maven-resolver 0.0.4 + + io.quarkiverse.tektonclient + quarkus-tekton-client + 1.0.1 + org.apache.maven.release @@ -252,7 +271,7 @@ org.gitlab4j gitlab4j-api - 6.0.0-rc.6 + 6.0.0-rc.7 org.kohsuke diff --git a/pkg/reconciler/dependencybuild/scripts/Dockerfile.build-trusted-artifacts b/pkg/reconciler/dependencybuild/scripts/Dockerfile.build-trusted-artifacts index 5c4f17d91..a9d0526b5 100644 --- a/pkg/reconciler/dependencybuild/scripts/Dockerfile.build-trusted-artifacts +++ b/pkg/reconciler/dependencybuild/scripts/Dockerfile.build-trusted-artifacts @@ -1,3 +1,3 @@ #This file is used to enable renovate to update the digests. It is updated by renovate then substituted into the golang code. -FROM quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:0e897921ea083450e8db518888159fd926ff10427c00009038726b4b1003c253 +FROM quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:f60a217e109434fb0a0b4a9178018871cfdf1d72177312aafedc027ec4380cac diff --git a/vendor/modules.txt b/vendor/modules.txt index cde973956..f09190ad1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -162,7 +162,7 @@ github.com/klauspost/compress/internal/cpuinfo github.com/klauspost/compress/internal/snapref github.com/klauspost/compress/zstd github.com/klauspost/compress/zstd/internal/xxhash -# github.com/konflux-ci/image-controller v0.0.0-20241106111942-98d78b2e0f48 +# github.com/konflux-ci/image-controller v0.0.0-20241128141349-9986c9955e05 ## explicit; go 1.21 github.com/konflux-ci/image-controller/api/v1alpha1 # github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de