diff --git a/pac/tasks/buildah-10gb.yaml b/pac/tasks/buildah-10gb.yaml index e354a56..c6dca23 100644 --- a/pac/tasks/buildah-10gb.yaml +++ b/pac/tasks/buildah-10gb.yaml @@ -58,6 +58,16 @@ spec: description: The image is built from this commit. name: COMMIT_SHA type: string + - default: repos.d + description: Path in the git repository in which yum repository files are stored + name: YUM_REPOS_D_SRC + - default: fetched.repos.d + description: Path in source workspace where dynamically-fetched repos are present + name: YUM_REPOS_D_FETCHED + - default: /etc/yum.repos.d + description: Target path on the container in which yum repository files should + be made available + name: YUM_REPOS_D_TARGET results: - description: Digest of the image just built name: IMAGE_DIGEST @@ -91,6 +101,12 @@ spec: value: $(params.TLSVERIFY) - name: IMAGE_EXPIRES_AFTER value: $(params.IMAGE_EXPIRES_AFTER) + - name: YUM_REPOS_D_SRC + value: $(params.YUM_REPOS_D_SRC) + - name: YUM_REPOS_D_FETCHED + value: $(params.YUM_REPOS_D_FETCHED) + - name: YUM_REPOS_D_TARGET + value: $(params.YUM_REPOS_D_TARGET) steps: - computeResources: limits: @@ -158,6 +174,19 @@ spec: echo "Prefetched content will be made available" fi + # if yum repofiles stored in git, copy them to mount point outside the source dir + if [ -d "${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}" ]; then + mkdir -p ${YUM_REPOS_D_FETCHED} + cp -r ${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}/* ${YUM_REPOS_D_FETCHED} + fi + + # if anything in the repofiles mount point (either fetched or from git), mount it + if [ -d "${YUM_REPOS_D_FETCHED}" ]; then + chmod -R go+rwX ${YUM_REPOS_D_FETCHED} + mount_point=$(realpath ${YUM_REPOS_D_FETCHED}) + VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume ${mount_point}:${YUM_REPOS_D_TARGET}" + fi + LABELS=( "--label" "build-date=$(date -u +'%Y-%m-%dT%H:%M:%S')" "--label" "architecture=$(uname -m)" diff --git a/pac/tasks/buildah-6gb.yaml b/pac/tasks/buildah-6gb.yaml index 1bed06f..6a2fbcd 100644 --- a/pac/tasks/buildah-6gb.yaml +++ b/pac/tasks/buildah-6gb.yaml @@ -58,6 +58,16 @@ spec: description: The image is built from this commit. name: COMMIT_SHA type: string + - default: repos.d + description: Path in the git repository in which yum repository files are stored + name: YUM_REPOS_D_SRC + - default: fetched.repos.d + description: Path in source workspace where dynamically-fetched repos are present + name: YUM_REPOS_D_FETCHED + - default: /etc/yum.repos.d + description: Target path on the container in which yum repository files should + be made available + name: YUM_REPOS_D_TARGET results: - description: Digest of the image just built name: IMAGE_DIGEST @@ -91,6 +101,12 @@ spec: value: $(params.TLSVERIFY) - name: IMAGE_EXPIRES_AFTER value: $(params.IMAGE_EXPIRES_AFTER) + - name: YUM_REPOS_D_SRC + value: $(params.YUM_REPOS_D_SRC) + - name: YUM_REPOS_D_FETCHED + value: $(params.YUM_REPOS_D_FETCHED) + - name: YUM_REPOS_D_TARGET + value: $(params.YUM_REPOS_D_TARGET) steps: - computeResources: limits: @@ -158,6 +174,19 @@ spec: echo "Prefetched content will be made available" fi + # if yum repofiles stored in git, copy them to mount point outside the source dir + if [ -d "${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}" ]; then + mkdir -p ${YUM_REPOS_D_FETCHED} + cp -r ${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}/* ${YUM_REPOS_D_FETCHED} + fi + + # if anything in the repofiles mount point (either fetched or from git), mount it + if [ -d "${YUM_REPOS_D_FETCHED}" ]; then + chmod -R go+rwX ${YUM_REPOS_D_FETCHED} + mount_point=$(realpath ${YUM_REPOS_D_FETCHED}) + VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume ${mount_point}:${YUM_REPOS_D_TARGET}" + fi + LABELS=( "--label" "build-date=$(date -u +'%Y-%m-%dT%H:%M:%S')" "--label" "architecture=$(uname -m)" diff --git a/pac/tasks/buildah-8gb.yaml b/pac/tasks/buildah-8gb.yaml index 1d22ce2..e984e5c 100644 --- a/pac/tasks/buildah-8gb.yaml +++ b/pac/tasks/buildah-8gb.yaml @@ -58,6 +58,16 @@ spec: description: The image is built from this commit. name: COMMIT_SHA type: string + - default: repos.d + description: Path in the git repository in which yum repository files are stored + name: YUM_REPOS_D_SRC + - default: fetched.repos.d + description: Path in source workspace where dynamically-fetched repos are present + name: YUM_REPOS_D_FETCHED + - default: /etc/yum.repos.d + description: Target path on the container in which yum repository files should + be made available + name: YUM_REPOS_D_TARGET results: - description: Digest of the image just built name: IMAGE_DIGEST @@ -91,6 +101,12 @@ spec: value: $(params.TLSVERIFY) - name: IMAGE_EXPIRES_AFTER value: $(params.IMAGE_EXPIRES_AFTER) + - name: YUM_REPOS_D_SRC + value: $(params.YUM_REPOS_D_SRC) + - name: YUM_REPOS_D_FETCHED + value: $(params.YUM_REPOS_D_FETCHED) + - name: YUM_REPOS_D_TARGET + value: $(params.YUM_REPOS_D_TARGET) steps: - computeResources: limits: @@ -158,6 +174,19 @@ spec: echo "Prefetched content will be made available" fi + # if yum repofiles stored in git, copy them to mount point outside the source dir + if [ -d "${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}" ]; then + mkdir -p ${YUM_REPOS_D_FETCHED} + cp -r ${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}/* ${YUM_REPOS_D_FETCHED} + fi + + # if anything in the repofiles mount point (either fetched or from git), mount it + if [ -d "${YUM_REPOS_D_FETCHED}" ]; then + chmod -R go+rwX ${YUM_REPOS_D_FETCHED} + mount_point=$(realpath ${YUM_REPOS_D_FETCHED}) + VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume ${mount_point}:${YUM_REPOS_D_TARGET}" + fi + LABELS=( "--label" "build-date=$(date -u +'%Y-%m-%dT%H:%M:%S')" "--label" "architecture=$(uname -m)" diff --git a/pac/tasks/buildah-remote.yaml b/pac/tasks/buildah-remote.yaml index 37e81e1..62d54bd 100644 --- a/pac/tasks/buildah-remote.yaml +++ b/pac/tasks/buildah-remote.yaml @@ -59,6 +59,16 @@ spec: description: The image is built from this commit. name: COMMIT_SHA type: string + - default: repos.d + description: Path in the git repository in which yum repository files are stored + name: YUM_REPOS_D_SRC + - default: fetched.repos.d + description: Path in source workspace where dynamically-fetched repos are present + name: YUM_REPOS_D_FETCHED + - default: /etc/yum.repos.d + description: Target path on the container in which yum repository files should + be made available + name: YUM_REPOS_D_TARGET - description: The platform to build on name: PLATFORM type: string @@ -96,6 +106,12 @@ spec: value: $(params.TLSVERIFY) - name: IMAGE_EXPIRES_AFTER value: $(params.IMAGE_EXPIRES_AFTER) + - name: YUM_REPOS_D_SRC + value: $(params.YUM_REPOS_D_SRC) + - name: YUM_REPOS_D_FETCHED + value: $(params.YUM_REPOS_D_FETCHED) + - name: YUM_REPOS_D_TARGET + value: $(params.YUM_REPOS_D_TARGET) - name: BUILDER_IMAGE value: $(params.BUILDER_IMAGE) steps: @@ -200,6 +216,19 @@ spec: echo "Prefetched content will be made available" fi + # if yum repofiles stored in git, copy them to mount point outside the source dir + if [ -d "${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}" ]; then + mkdir -p ${YUM_REPOS_D_FETCHED} + cp -r ${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}/* ${YUM_REPOS_D_FETCHED} + fi + + # if anything in the repofiles mount point (either fetched or from git), mount it + if [ -d "${YUM_REPOS_D_FETCHED}" ]; then + chmod -R go+rwX ${YUM_REPOS_D_FETCHED} + mount_point=$(realpath ${YUM_REPOS_D_FETCHED}) + VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume ${mount_point}:${YUM_REPOS_D_TARGET}" + fi + LABELS=( "--label" "build-date=$(date -u +'%Y-%m-%dT%H:%M:%S')" "--label" "architecture=$(uname -m)" @@ -242,6 +271,9 @@ spec: -e IMAGE="$IMAGE" \ -e TLSVERIFY="$TLSVERIFY" \ -e IMAGE_EXPIRES_AFTER="$IMAGE_EXPIRES_AFTER" \ + -e YUM_REPOS_D_SRC="$YUM_REPOS_D_SRC" \ + -e YUM_REPOS_D_FETCHED="$YUM_REPOS_D_FETCHED" \ + -e YUM_REPOS_D_TARGET="$YUM_REPOS_D_TARGET" \ -e COMMIT_SHA="$COMMIT_SHA" \ -v "$BUILD_DIR/workspaces/source:$(workspaces.source.path):Z" \ -v "$BUILD_DIR/.docker/:/root/.docker:Z" \ diff --git a/pac/tasks/buildah.yaml b/pac/tasks/buildah.yaml index ea33b32..3f2bf2a 100644 --- a/pac/tasks/buildah.yaml +++ b/pac/tasks/buildah.yaml @@ -57,6 +57,15 @@ spec: description: The image is built from this commit. type: string default: "" + - name: YUM_REPOS_D_SRC + description: Path in the git repository in which yum repository files are stored + default: repos.d + - name: YUM_REPOS_D_FETCHED + description: Path in source workspace where dynamically-fetched repos are present + default: fetched.repos.d + - name: YUM_REPOS_D_TARGET + description: Target path on the container in which yum repository files should be made available + default: /etc/yum.repos.d results: - description: Digest of the image just built name: IMAGE_DIGEST @@ -89,6 +98,12 @@ spec: value: $(params.TLSVERIFY) - name: IMAGE_EXPIRES_AFTER value: $(params.IMAGE_EXPIRES_AFTER) + - name: YUM_REPOS_D_SRC + value: $(params.YUM_REPOS_D_SRC) + - name: YUM_REPOS_D_FETCHED + value: $(params.YUM_REPOS_D_FETCHED) + - name: YUM_REPOS_D_TARGET + value: $(params.YUM_REPOS_D_TARGET) steps: - image: $(params.BUILDER_IMAGE) # per https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting @@ -159,6 +174,19 @@ spec: echo "Prefetched content will be made available" fi + # if yum repofiles stored in git, copy them to mount point outside the source dir + if [ -d "${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}" ]; then + mkdir -p ${YUM_REPOS_D_FETCHED} + cp -r ${SOURCE_CODE_DIR}/${YUM_REPOS_D_SRC}/* ${YUM_REPOS_D_FETCHED} + fi + + # if anything in the repofiles mount point (either fetched or from git), mount it + if [ -d "${YUM_REPOS_D_FETCHED}" ]; then + chmod -R go+rwX ${YUM_REPOS_D_FETCHED} + mount_point=$(realpath ${YUM_REPOS_D_FETCHED}) + VOLUME_MOUNTS="${VOLUME_MOUNTS} --volume ${mount_point}:${YUM_REPOS_D_TARGET}" + fi + LABELS=( "--label" "build-date=$(date -u +'%Y-%m-%dT%H:%M:%S')" "--label" "architecture=$(uname -m)" diff --git a/pac/tasks/update-infra-deployments.yaml b/pac/tasks/update-infra-deployments.yaml index 1ac957a..03da24f 100644 --- a/pac/tasks/update-infra-deployments.yaml +++ b/pac/tasks/update-infra-deployments.yaml @@ -23,9 +23,9 @@ spec: - name: GIT_IMAGE description: Image reference containing the git command default: registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8:v1.8.2-8@sha256:a538c423e7a11aae6ae582a411fdb090936458075f99af4ce5add038bb6983e8 - # per https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting - # the cluster will set imagePullPolicy to IfNotPresent - # also per direction from Ralph Bean, we want to use image digest based tags to use a cue to automation like dependabot or renovatebot to periodially submit pull requests that update the digest as new images are released. + # per https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting + # the cluster will set imagePullPolicy to IfNotPresent + # also per direction from Ralph Bean, we want to use image digest based tags to use a cue to automation like dependabot or renovatebot to periodially submit pull requests that update the digest as new images are released. - name: SCRIPT_IMAGE description: Image reference for SCRIPT execution # this image is built using https://github.com/redhat-appstudio/build-tasks-dockerfiles/blob/main/update-infra-deployments-task-scripts-image/Dockerfile @@ -95,7 +95,7 @@ spec: exit 1 fi - # Based on https://github.com/tektoncd/catalog/tree/main/task/github-app-token/0.2/ + # Based on https://github.com/tektoncd/catalog/tree/main/task/github-app-token/0.2/ - name: create-mr image: quay.io/redhat-appstudio/github-app-token@sha256:b4f2af12e9beea68055995ccdbdb86cfe1be97688c618117e5da2243dc1da18e # per https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting