From 7d78120cc8b9fc0ed096208854cc37105381f02b Mon Sep 17 00:00:00 2001 From: Nick Cross Date: Thu, 19 Dec 2024 14:45:14 +0000 Subject: [PATCH] Split prebuild for jbs. Simplify for PNC. --- deploy/pipeline/mw-pipeline-v0.1.yaml | 1 + deploy/tasks/maven-deployment.yaml | 1 - deploy/tasks/pre-build-jbs.yaml | 133 ++++++++++++++++++ deploy/tasks/pre-build.yaml | 15 +- .../preprocessor/AbstractPreprocessor.java | 12 +- .../notification/NotificationTest.java | 3 - .../v1alpha1/systemconfig_types.go | 1 + 7 files changed, 149 insertions(+), 17 deletions(-) create mode 100644 deploy/tasks/pre-build-jbs.yaml diff --git a/deploy/pipeline/mw-pipeline-v0.1.yaml b/deploy/pipeline/mw-pipeline-v0.1.yaml index c9303658a..473abef38 100644 --- a/deploy/pipeline/mw-pipeline-v0.1.yaml +++ b/deploy/pipeline/mw-pipeline-v0.1.yaml @@ -47,6 +47,7 @@ spec: type: string - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE type: string + default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/konflux-tooling:latest" - name: NOTIFICATION_CONTEXT type: string default: "" diff --git a/deploy/tasks/maven-deployment.yaml b/deploy/tasks/maven-deployment.yaml index b25d2a92f..939d8fff0 100644 --- a/deploy/tasks/maven-deployment.yaml +++ b/deploy/tasks/maven-deployment.yaml @@ -42,7 +42,6 @@ spec: - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE description: Name of the processor image. Useful to override for development. type: string - default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest" - name: caTrustConfigMapKey description: The name of the key in the ConfigMap that contains the CA bundle data. diff --git a/deploy/tasks/pre-build-jbs.yaml b/deploy/tasks/pre-build-jbs.yaml new file mode 100644 index 000000000..611d3d9bf --- /dev/null +++ b/deploy/tasks/pre-build-jbs.yaml @@ -0,0 +1,133 @@ +--- +apiVersion: tekton.dev/v1 +kind: Task +metadata: + name: pre-build + annotations: + tekton.dev/pipelines.minVersion: 0.12.1 + tekton.dev/tags: image-build, konflux + labels: + app.kubernetes.io/version: "0.1" + build.appstudio.redhat.com/build_type: docker +spec: + description: |- + Sets up pre-build running the preprocessor, pushing the source and creating the OCI image. + params: + - name: IMAGE_URL + description: URL of the OCI image to use. + type: string + - name: NAME + description: Name of the pipeline run (i.e. unique dependency build name) + type: string + - name: GIT_IDENTITY + description: Git username. If empty, deploy-pre-build-source step will be skipped. + type: string + default: "" + - name: GIT_URL + description: String to determine whether we're using gitlab or github + type: string + default: "github" + - name: GIT_SSL_VERIFICATION + description: Whether to disable ssl verification + type: string + default: "false" + - name: GIT_REUSE_REPOSITORY + description: Whether to reuse existing git repository or create new one + type: string + default: "false" + - name: SCM_URL + description: Reference to the git repository + type: string + - name: SCM_HASH + description: Git hash + type: string + - name: RECIPE_IMAGE + description: The image from the build recipe to use + - name: BUILD_TOOL + description: The build tool to use (ant, gradle, maven, sbt). + - name: BUILD_TOOL_VERSION + description: The build tool version to use (e.g. 3.9.5) + - name: JAVA_VERSION + description: Java version to use (7, 8, 9, 11, 17, 21, 22, 23) + - name: BUILD_PLUGINS + description: Optional comma separated list of build plugins that should be disabled. + default: "" + - name: BUILD_SCRIPT + description: The build script to embed with the Containerfile + - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE + description: Name of the processor image. Useful to override for development. + type: string + default: "quay.io/ncross/hacbs-jvm-build-request-processor:latest" + # default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest" + results: + - name: PRE_BUILD_IMAGE_DIGEST + description: Digest of the image just built + - name: GIT_ARCHIVE + description: Git archive information + workspaces: + - description: The git repo will be cloned onto the volume backing this Workspace. + name: source + mountPath: /var/workdir + steps: + - name: preprocessor + image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) + securityContext: + runAsUser: 0 + computeResources: + limits: + cpu: 300m + memory: 512Mi + requests: + cpu: 10m + memory: 512Mi + script: | + # Complete temporary hack for backwards compatibility with JBS until tasks are ported to build-definitions + if [[ $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) == *"konflux-tooling"* ]]; then + /opt/jboss/container/java/run/run-java.sh prepare --type=$(params.BUILD_TOOL) --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) $(workspaces.source.path)/source + else + /opt/jboss/container/java/run/run-java.sh $(params.BUILD_TOOL)-prepare --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) --disabled-plugins=$(params.BUILD_PLUGINS) $(workspaces.source.path)/source + fi + env: + - name: BUILD_SCRIPT + value: $(params.BUILD_SCRIPT) + # TODO: Look at making this optional until we know whether we need to store source + - name: create-pre-build-source + image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) + securityContext: + runAsUser: 0 + computeResources: + limits: + cpu: 300m + memory: 512Mi + requests: + cpu: 10m + memory: 512Mi + env: + - name: GIT_DEPLOY_TOKEN + valueFrom: + secretKeyRef: + optional: true + name: jvm-build-git-repo-secrets + key: gitdeploytoken + args: + - deploy-pre-build-source + - --source-path=$(workspaces.source.path)/source + - --task-run-name=$(context.taskRun.name) + - --scm-uri=$(params.SCM_URL) + - --scm-commit=$(params.SCM_HASH) + - --image-id=$(params.NAME) + - --git-identity=$(params.GIT_IDENTITY) + - --git-url=$(params.GIT_URL) + - --git-disable-ssl-verification=$(params.GIT_SSL_VERIFICATION) + - --git-reuse-repository=$(params.GIT_REUSE_REPOSITORY) + - name: create-pre-build-image + image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:52f1391e6f1c472fd10bb838f64fae2ed3320c636f536014978a5ddbdfc6b3af + script: | + set -x + echo "IMAGE is $(params.IMAGE_URL)" + cat $HOME/.docker/config.json || true + echo "Creating pre-build-image archive" + create-archive --store $(params.IMAGE_URL) $(results.PRE_BUILD_IMAGE_DIGEST.path)=$(workspaces.source.path)/source + env: + - name: IMAGE_URL + value: $(params.IMAGE_URL) diff --git a/deploy/tasks/pre-build.yaml b/deploy/tasks/pre-build.yaml index 01ab7a988..42b74c8d5 100644 --- a/deploy/tasks/pre-build.yaml +++ b/deploy/tasks/pre-build.yaml @@ -32,8 +32,6 @@ spec: - name: JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE description: Name of the processor image. Useful to override for development. type: string - default: "quay.io/ncross/hacbs-jvm-build-request-processor:latest" - # default: "quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:latest" results: - name: PRE_BUILD_IMAGE_DIGEST description: Digest of the image just built @@ -53,17 +51,20 @@ spec: requests: cpu: 10m memory: 512Mi - script: | - /opt/jboss/container/java/run/run-java.sh prepare --type=$(params.BUILD_TOOL) --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) $(workspaces.source.path)/source + args: + - prepare + - --build-tool-version=$(params.BUILD_TOOL_VERSION) + - --java-version=$(params.JAVA_VERSION) + - --recipe-image=$(params.RECIPE_IMAGE) + - --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) + - --type=$(params.BUILD_TOOL) + - $(workspaces.source.path)/source env: - name: BUILD_SCRIPT value: $(params.BUILD_SCRIPT) - name: create-pre-build-image image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:52f1391e6f1c472fd10bb838f64fae2ed3320c636f536014978a5ddbdfc6b3af script: | - set -x - echo "IMAGE is $(params.IMAGE_URL)" - cat $HOME/.docker/config.json || true echo "Creating pre-build-image archive" create-archive --store $(params.IMAGE_URL) $(results.PRE_BUILD_IMAGE_DIGEST.path)=$(workspaces.source.path)/source env: diff --git a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java index 5fc037608..8ae3e870a 100644 --- a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java +++ b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java @@ -29,16 +29,18 @@ public abstract class AbstractPreprocessor implements Runnable { protected List disabledPlugins; @CommandLine.Option(names = "--recipe-image", required = true) - String recipeImage; + protected String recipeImage; @CommandLine.Option(names = "--request-processor-image", required = true) - String buildRequestProcessorImage; + protected String buildRequestProcessorImage; @CommandLine.Option(names = "--java-version", required = true) - String javaVersion; + protected String javaVersion; @CommandLine.Option(names = "--build-tool-version", required = true) - String buildToolVersion; + protected String buildToolVersion; + + protected ToolType type; protected enum ToolType { ANT, @@ -52,8 +54,6 @@ public String toString() { } } - protected ToolType type; - /** * This section creates two files within a .jbs subdirectory. The Containerfile is used * by Konflux to initiate a build and the run-build.sh contains generic setup diff --git a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/notification/NotificationTest.java b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/notification/NotificationTest.java index 90723f93f..0d213c818 100644 --- a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/notification/NotificationTest.java +++ b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/notification/NotificationTest.java @@ -56,9 +56,6 @@ public void testNotify() throws IOException, URISyntaxException { .uri(new URI(wireMockServer.baseUrl() + "/internal/completed")) .build(); - System.err.println("### wiremock uri: " + wireMockServer.baseUrl()); - // {"method":"PUT","uri":"http://localhost:8081/internal/completed","headers":[{"name":"Content-Type","value":"application/json"}],"attachment":null} - NotifyCommand notifyCommand = new NotifyCommand(); notifyCommand.status = "Succeeded"; notifyCommand.buildId = "1234"; diff --git a/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go b/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go index cb21075a7..48dcffaa8 100644 --- a/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go +++ b/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go @@ -48,6 +48,7 @@ type SystemConfigList struct { const ( KonfluxGitDefinition = "https://raw.githubusercontent.com/konflux-ci/build-definitions/refs/heads/main/task/git-clone/0.1/git-clone.yaml" KonfluxPreBuildDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/pre-build.yaml" + KonfluxPreBuildGitDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/pre-build-jbs.yaml" KonfluxBuildDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/buildah-oci-ta.yaml" KonfluxMavenDeployDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/maven-deployment.yaml" )