forked from rcarrata/devsecops-demo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
task-s2i-java-11.yaml.j2
160 lines (156 loc) · 5.16 KB
/
task-s2i-java-11.yaml.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: s2i-java-11
namespace: cicd
annotations:
tekton.dev/displayName: s2i java 11
tekton.dev/pipelines.minVersion: 0.11.3
tekton.dev/tags: 's2i, java, workspace'
spec:
description: >-
s2i-java-11 task clones a Git repository and builds and pushes a container
image using S2I and a Java 11 builder image.
params:
- default: .
description: The location of the path to run s2i from
name: PATH_CONTEXT
type: string
- default: 'true'
description: >-
Verify the TLS on the registry endpoint (for push/pull to a non-TLS
registry)
name: TLSVERIFY
type: string
- default: ''
description: Additional Maven arguments
name: MAVEN_ARGS_APPEND
type: string
- default: 'false'
description: Remove the Maven repository after the artifact is built
name: MAVEN_CLEAR_REPO
type: string
- default: ''
description: The base URL of a mirror used for retrieving artifacts
name: MAVEN_MIRROR_URL
type: string
- description: Location of the repo where image has to be pushed
name: IMAGE_NAME
type: string
- description: The tag of the image to be pushed
name: IMAGE_TAG
type: string
default: "latest"
results:
- name: IMAGE_DIGEST
description: Digest of the image just built.
steps:
- args:
- |-
echo "MAVEN_CLEAR_REPO=$(params.MAVEN_CLEAR_REPO)" > env-file
[[ '$(params.MAVEN_ARGS_APPEND)' != "" ]] &&
echo "MAVEN_ARGS_APPEND=$(params.MAVEN_ARGS_APPEND)" >> env-file
[[ '$(params.MAVEN_MIRROR_URL)' != "" ]] &&
echo "MAVEN_MIRROR_URL=$(params.MAVEN_MIRROR_URL)" >> env-file
echo "Generated Env file"
echo "------------------------------"
cat env-file
echo "------------------------------"
command:
- /bin/sh
- '-c'
image: >-
registry.redhat.io/ocp-tools-43-tech-preview/source-to-image-rhel8@sha256:562dbdac04ae9260e21d457585b3251fd8cc5310966f8fc544fb77dc544c92f8
name: gen-env-file
resources: {}
volumeMounts:
- mountPath: /env-params
name: envparams
workingDir: /env-params
- command:
- s2i
- build
- $(params.PATH_CONTEXT)
- 'image-registry.openshift-image-registry.svc:5000/openshift/java:11'
- '--image-scripts-url'
- 'image:///usr/local/s2i'
- '--as-dockerfile'
- /gen-source/Dockerfile.gen
- '--environment-file'
- /env-params/env-file
image: >-
registry.redhat.io/ocp-tools-43-tech-preview/source-to-image-rhel8@sha256:562dbdac04ae9260e21d457585b3251fd8cc5310966f8fc544fb77dc544c92f8
name: generate
resources: {}
volumeMounts:
- mountPath: /gen-source
name: gen-source
- mountPath: /env-params
name: envparams
workingDir: $(workspaces.source.path)
- command:
- buildah
- bud
- '--storage-driver=vfs'
- '--tls-verify=$(params.TLSVERIFY)'
- '--layers'
- '-f'
- /gen-source/Dockerfile.gen
- '-t'
- $(params.IMAGE_NAME):$(params.IMAGE_TAG)
- '-t'
- $(params.IMAGE_NAME):latest
- .
image: >-
registry.redhat.io/rhel8/buildah@sha256:180c4d9849b6ab0e5465d30d4f3a77765cf0d852ca1cb1efb59d6e8c9f90d467
name: build
resources: {}
volumeMounts:
- mountPath: /var/lib/containers
name: varlibcontainers
- mountPath: /gen-source
name: gen-source
workingDir: /gen-source
- command:
- buildah
- push
- '--storage-driver=vfs'
- '--tls-verify=$(params.TLSVERIFY)'
- --digestfile
- $(workspaces.source.path)/image-digest
- $(params.IMAGE_NAME):$(params.IMAGE_TAG)
- 'docker://$(params.IMAGE_NAME):$(params.IMAGE_TAG)'
image: registry.redhat.io/rhel8/buildah@sha256:180c4d9849b6ab0e5465d30d4f3a77765cf0d852ca1cb1efb59d6e8c9f90d467
name: push-tag
resources: {}
volumeMounts:
- mountPath: /var/lib/containers
name: varlibcontainers
- command:
- buildah
- push
- '--storage-driver=vfs'
- '--tls-verify=$(params.TLSVERIFY)'
- --digestfile
- $(workspaces.source.path)/image-digest
- $(params.IMAGE_NAME):$(params.IMAGE_TAG)
- 'docker://$(params.IMAGE_NAME):latest'
image: registry.redhat.io/rhel8/buildah@sha256:180c4d9849b6ab0e5465d30d4f3a77765cf0d852ca1cb1efb59d6e8c9f90d467
name: push-latest
resources: {}
volumeMounts:
- mountPath: /var/lib/containers
name: varlibcontainers
- name: digest-to-results
image: registry.redhat.io/rhel8/buildah@sha256:180c4d9849b6ab0e5465d30d4f3a77765cf0d852ca1cb1efb59d6e8c9f90d467
script: cat $(workspaces.source.path)/image-digest | tee /tekton/results/IMAGE_DIGEST
volumes:
- emptyDir: {}
name: varlibcontainers
- emptyDir: {}
name: gen-source
- emptyDir: {}
name: envparams
workspaces:
- mountPath: /workspace/source
name: source