Split prebuild for jbs. Simplify for PNC.

redhat-appstudio · Dec 24, 2024 · 7d78120 · 7d78120
1 parent 033e4ad
commit 7d78120
Show file tree

Hide file tree

Showing 7 changed files with 149 additions and 17 deletions.
diff --git a/deploy/pipeline/mw-pipeline-v0.1.yaml b/deploy/pipeline/mw-pipeline-v0.1.yaml
@@ -47,6 +47,7 @@ spec:
       type: string
     - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE
       type: string
+      default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/konflux-tooling:latest"
     - name: NOTIFICATION_CONTEXT
       type: string
       default: ""

diff --git a/deploy/tasks/maven-deployment.yaml b/deploy/tasks/maven-deployment.yaml
@@ -42,7 +42,6 @@ spec:
     - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE
       description: Name of the processor image. Useful to override for development.
       type: string
-      default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest"
     - name: caTrustConfigMapKey
       description: The name of the key in the ConfigMap that contains the
         CA bundle data.

diff --git a/deploy/tasks/pre-build-jbs.yaml b/deploy/tasks/pre-build-jbs.yaml
@@ -0,0 +1,133 @@
+---
+apiVersion: tekton.dev/v1
+kind: Task
+metadata:
+  name: pre-build
+  annotations:
+    tekton.dev/pipelines.minVersion: 0.12.1
+    tekton.dev/tags: image-build, konflux
+  labels:
+    app.kubernetes.io/version: "0.1"
+    build.appstudio.redhat.com/build_type: docker
+spec:
+  description: |-
+    Sets up pre-build running the preprocessor, pushing the source and creating the OCI image.
+  params:
+    - name: IMAGE_URL
+      description: URL of the OCI image to use.
+      type: string
+    - name: NAME
+      description: Name of the pipeline run (i.e. unique dependency build name)
+      type: string
+    - name: GIT_IDENTITY
+      description: Git username. If empty, deploy-pre-build-source step will be skipped.
+      type: string
+      default: ""
+    - name: GIT_URL
+      description: String to determine whether we're using gitlab or github
+      type: string
+      default: "github"
+    - name: GIT_SSL_VERIFICATION
+      description: Whether to disable ssl verification
+      type: string
+      default: "false"
+    - name: GIT_REUSE_REPOSITORY
+      description: Whether to reuse existing git repository or create new one
+      type: string
+      default: "false"
+    - name: SCM_URL
+      description: Reference to the git repository
+      type: string
+    - name: SCM_HASH
+      description: Git hash
+      type: string
+    - name: RECIPE_IMAGE
+      description: The image from the build recipe to use
+    - name: BUILD_TOOL
+      description: The build tool to use (ant, gradle, maven, sbt).
+    - name: BUILD_TOOL_VERSION
+      description: The build tool version to use (e.g. 3.9.5)
+    - name: JAVA_VERSION
+      description: Java version to use (7, 8, 9, 11, 17, 21, 22, 23)
+    - name: BUILD_PLUGINS
+      description: Optional comma separated list of build plugins that should be disabled.
+      default: ""
+    - name: BUILD_SCRIPT
+      description: The build script to embed with the Containerfile
+    - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE
+      description: Name of the processor image. Useful to override for development.
+      type: string
+      default: "quay.io/ncross/hacbs-jvm-build-request-processor:latest"
+      # default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest"
+  results:
+    - name: PRE_BUILD_IMAGE_DIGEST
+      description: Digest of the image just built
+    - name: GIT_ARCHIVE
+      description: Git archive information
+  workspaces:
+    - description: The git repo will be cloned onto the volume backing this Workspace.
+      name: source
+      mountPath: /var/workdir
+  steps:
+    - name: preprocessor
+      image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE)
+      securityContext:
+        runAsUser: 0
+      computeResources:
+        limits:
+          cpu: 300m
+          memory: 512Mi
+        requests:
+          cpu: 10m
+          memory: 512Mi
+      script: |
+        # Complete temporary hack for backwards compatibility with JBS until tasks are ported to build-definitions
+        if [[ $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) == *"konflux-tooling"* ]]; then
+          /opt/jboss/container/java/run/run-java.sh prepare --type=$(params.BUILD_TOOL) --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) $(workspaces.source.path)/source
+        else
+          /opt/jboss/container/java/run/run-java.sh $(params.BUILD_TOOL)-prepare --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) --disabled-plugins=$(params.BUILD_PLUGINS) $(workspaces.source.path)/source
+        fi
+      env:
+        - name: BUILD_SCRIPT
+          value: $(params.BUILD_SCRIPT)
+    # TODO: Look at making this optional until we know whether we need to store source
+    - name: create-pre-build-source
+      image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE)
+      securityContext:
+        runAsUser: 0
+      computeResources:
+        limits:
+          cpu: 300m
+          memory: 512Mi
+        requests:
+          cpu: 10m
+          memory: 512Mi
+      env:
+        - name: GIT_DEPLOY_TOKEN
+          valueFrom:
+            secretKeyRef:
+              optional: true
+              name: jvm-build-git-repo-secrets
+              key: gitdeploytoken
+      args:
+        - deploy-pre-build-source
+        - --source-path=$(workspaces.source.path)/source
+        - --task-run-name=$(context.taskRun.name)
+        - --scm-uri=$(params.SCM_URL)
+        - --scm-commit=$(params.SCM_HASH)
+        - --image-id=$(params.NAME)
+        - --git-identity=$(params.GIT_IDENTITY)
+        - --git-url=$(params.GIT_URL)
+        - --git-disable-ssl-verification=$(params.GIT_SSL_VERIFICATION)
+        - --git-reuse-repository=$(params.GIT_REUSE_REPOSITORY)
+    - name: create-pre-build-image
+      image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:52f1391e6f1c472fd10bb838f64fae2ed3320c636f536014978a5ddbdfc6b3af
+      script: |
+        set -x
+        echo "IMAGE is $(params.IMAGE_URL)"
+        cat $HOME/.docker/config.json || true
+        echo "Creating pre-build-image archive"
+        create-archive --store $(params.IMAGE_URL) $(results.PRE_BUILD_IMAGE_DIGEST.path)=$(workspaces.source.path)/source
+      env:
+        - name: IMAGE_URL
+          value: $(params.IMAGE_URL)
diff --git a/deploy/tasks/pre-build.yaml b/deploy/tasks/pre-build.yaml
@@ -32,8 +32,6 @@ spec:
     - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE
       description: Name of the processor image. Useful to override for development.
       type: string
-      default: "quay.io/ncross/hacbs-jvm-build-request-processor:latest"
-      # default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest"
   results:
     - name: PRE_BUILD_IMAGE_DIGEST
       description: Digest of the image just built
@@ -53,17 +51,20 @@ spec:
         requests:
           cpu: 10m
           memory: 512Mi
-      script: |
-        /opt/jboss/container/java/run/run-java.sh prepare --type=$(params.BUILD_TOOL) --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) $(workspaces.source.path)/source
+      args:
+        - prepare
+        - --build-tool-version=$(params.BUILD_TOOL_VERSION)
+        - --java-version=$(params.JAVA_VERSION)
+        - --recipe-image=$(params.RECIPE_IMAGE)
+        - --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE)
+        - --type=$(params.BUILD_TOOL)
+        - $(workspaces.source.path)/source
       env:
         - name: BUILD_SCRIPT
           value: $(params.BUILD_SCRIPT)
     - name: create-pre-build-image
       image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:52f1391e6f1c472fd10bb838f64fae2ed3320c636f536014978a5ddbdfc6b3af
       script: |
-        set -x
-        echo "IMAGE is $(params.IMAGE_URL)"
-        cat $HOME/.docker/config.json || true
         echo "Creating pre-build-image archive"
         create-archive --store $(params.IMAGE_URL) $(results.PRE_BUILD_IMAGE_DIGEST.path)=$(workspaces.source.path)/source
       env:

diff --git a/...sor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java b/...sor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java
@@ -29,16 +29,18 @@ public abstract class AbstractPreprocessor implements Runnable {
     protected List<String> disabledPlugins;
 
     @CommandLine.Option(names = "--recipe-image", required = true)
-    String recipeImage;
+    protected String recipeImage;
 
     @CommandLine.Option(names = "--request-processor-image", required = true)
-    String buildRequestProcessorImage;
+    protected String buildRequestProcessorImage;
 
     @CommandLine.Option(names = "--java-version", required = true)
-    String javaVersion;
+    protected String javaVersion;
 
     @CommandLine.Option(names = "--build-tool-version", required = true)
-    String buildToolVersion;
+    protected String buildToolVersion;
+
+    protected ToolType type;
 
     protected enum ToolType {
         ANT,
@@ -52,8 +54,6 @@ public String toString() {
         }
     }
 
-    protected ToolType type;
-
     /**
      * This section creates two files within a <code>.jbs</code> subdirectory. The Containerfile is used
      * by Konflux to initiate a build and the <code>run-build.sh</code> contains generic setup

diff --git a/...est-processor/src/test/java/com/redhat/hacbs/container/notification/NotificationTest.java b/...est-processor/src/test/java/com/redhat/hacbs/container/notification/NotificationTest.java
@@ -56,9 +56,6 @@ public void testNotify() throws IOException, URISyntaxException {
             .uri(new URI(wireMockServer.baseUrl() + "/internal/completed"))
             .build();
 
-        System.err.println("### wiremock uri: " + wireMockServer.baseUrl());
-        // {"method":"PUT","uri":"http://localhost:8081/internal/completed","headers":[{"name":"Content-Type","value":"application/json"}],"attachment":null}
-
         NotifyCommand notifyCommand = new NotifyCommand();
         notifyCommand.status = "Succeeded";
         notifyCommand.buildId = "1234";

diff --git a/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go b/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go
@@ -48,6 +48,7 @@ type SystemConfigList struct {
 const (
 	KonfluxGitDefinition          = "https://raw.githubusercontent.com/konflux-ci/build-definitions/refs/heads/main/task/git-clone/0.1/git-clone.yaml"
 	KonfluxPreBuildDefinitions    = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/pre-build.yaml"
+	KonfluxPreBuildGitDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/pre-build-jbs.yaml"
 	KonfluxBuildDefinitions       = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/buildah-oci-ta.yaml"
 	KonfluxMavenDeployDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/maven-deployment.yaml"
 )