Skip to content

Commit

Permalink
Update tekton pipeline, create dockerfile
Browse files Browse the repository at this point in the history
Add tasks to inject the frontend build container

Comment out signature scan task

https://inscope.corp.redhat.com/docs/default/component/consoledot-pages/containerized-frontends/konflux-frontends/
  • Loading branch information
mshriver committed Oct 23, 2024
1 parent 392d8a1 commit df562b4
Show file tree
Hide file tree
Showing 2 changed files with 309 additions and 44 deletions.
174 changes: 152 additions & 22 deletions .tekton/idmsvc-frontend-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,135 @@ spec:
workspace: git-auth
- name: netrc
workspace: netrc
- name: parse-build-deploy-script
params:
- name: path-context
value: $(params.path-context)
taskRef:
resolver: gits
params:
- name: url
value: https://github.com/RedHatInsights/konflux-consoledot-frontend-build
- name: revision
value: 2fcdfa9b4858ac941b50ad37317c4f9aaabf91b4
- name: pathInRepo
value: tasks/parse-build-deploy-script/parse-build-deploy-script.yaml
workspaces:
- name: source
workspace: workspace
runAfter:
- clone-repository
- name: create-frontend-dockerfile
taskRef:
resolver: git
params:
- name: url
value: https://github.com/RedHatInsights/konflux-consoledot-frontend-build
- name: revision
value: 2fcdfa9b4858ac941b50ad37317c4f9aaabf91b4
- name: pathInRepo
value: tasks/create-frontend-dockerfile/create-frontend-dockerfile.yaml
workspaces:
- name: source
workspace: workspace
params:
- name: path-context
value: $(params.path-context)
- name: component
value: $(tasks.parse-build-deploy-script.results.component)
- name: image
value: $(tasks.parse-build-deploy-script.results.image)
- name: node-build-version
value: $(tasks.parse-build-deploy-script.results.node-build-version)
- name: quay-expire-time
value: $(tasks.parse-build-deploy-script.results.quay-expire-time)
- name: npm-build-script
value: $(tasks.parse-build-deploy-script.results.npm-build-script)
- name: yarn-build-script
value: $(tasks.parse-build-deploy-script.results.yarn-build-script)
- name: route-path
value: $(tasks.parse-build-deploy-script.results.route-path)
- name: beta-route-path
value: $(tasks.parse-build-deploy-script.results.beta-route-path)
- name: preview-route-path
value: $(tasks.parse-build-deploy-script.results.preview-route-path)
- name: ci-root
value: $(tasks.parse-build-deploy-script.results.ci-root)
- name: server-name
value: $(tasks.parse-build-deploy-script.results.server-name)
- name: dist-folder
value: $(tasks.parse-build-deploy-script.results.dist-folder)
runAfter:
- parse-build-deploy-script
- name: clone-repository-oci-ta
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta@sha256:0f4360ce144d46171ebd2e8f4d4575539a0600e02208ba5fc9beeb2c27ddfd4c
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
# - name: run-unit-tests
# description: Validates frontend unit tests
# params:
# - name: SOURCE_ARTIFACT
# value: $(tasks.clone-repository-oci-ta.results.SOURCE_ARTIFACT)
# runAfter:
# - clone-repository-oci-ta
# workspaces:
# - name: basic-auth
# workspace: git-auth
# taskSpec:
# params:
# - description: The Trusted Artifact URI pointing to the artifact with the application source code.
# name: SOURCE_ARTIFACT
# type: string
# volumes:
# # New volume to store a copy of the source code accessible only to this Task.
# - name: workdir
# emptyDir: {}
# stepTemplate:
# volumeMounts:
# - mountPath: /var/workdir
# name: workdir
# readOnly: false
# sidecars:
# steps:
# - name: use-trusted-artifact
# image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:8391272c4e5011120e9e7fee2c1f339e9405366110bf239dadcbc21e953ce099
# args:
# - use
# - $(params.SOURCE_ARTIFACT)=/var/workdir
# - image: registry.access.redhat.com/ubi8/nodejs-20
# workingDir: /var/workdir
# name: unit-tests
# securityContext:
# runAsUser: 0
# script: |
# #!/bin/bash
# set -ex

# npm install
# npm test
- name: build-container
params:
- name: IMAGE
Expand All @@ -237,6 +366,7 @@ spec:
value: $(params.build-args-file)
runAfter:
- prefetch-dependencies
- create-frontend-dockerfile
taskRef:
params:
- name: name
Expand Down Expand Up @@ -460,28 +590,28 @@ spec:
workspaces:
- name: workspace
workspace: workspace
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:7aa4d3c95e2b963e82fdda392f7cb3d61e3dab035416cf4a3a34e43cf3c9c9b8
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
# - name: rpms-signature-scan
# params:
# - name: image-url
# value: $(tasks.build-image-index.results.IMAGE_URL)
# - name: image-digest
# value: $(tasks.build-image-index.results.IMAGE_DIGEST)
# runAfter:
# - build-image-index
# taskRef:
# params:
# - name: name
# value: rpms-signature-scan
# - name: bundle
# value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:7aa4d3c95e2b963e82fdda392f7cb3d61e3dab035416cf4a3a34e43cf3c9c9b8
# - name: kind
# value: task
# resolver: bundles
# when:
# - input: $(params.skip-checks)
# operator: in
# values:
# - "false"
workspaces:
- name: workspace
- name: git-auth
Expand Down
179 changes: 157 additions & 22 deletions .tekton/idmsvc-frontend-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,140 @@ spec:
workspace: git-auth
- name: netrc
workspace: netrc
- name: parse-build-deploy-script
params:
- name: path-context
value: $(params.path-context)
taskRef:
resolver: gits
params:
- name: url
value: https://github.com/RedHatInsights/konflux-consoledot-frontend-build
- name: revision
value: 2fcdfa9b4858ac941b50ad37317c4f9aaabf91b4
- name: pathInRepo
value: tasks/parse-build-deploy-script/parse-build-deploy-script.yaml
workspaces:
- name: source
workspace: workspace
runAfter:
- clone-repository
- name: create-frontend-dockerfile
taskRef:
resolver: gits
params:
- name: url
value: https://github.com/RedHatInsights/konflux-consoledot-frontend-build
- name: revision
value: 2fcdfa9b4858ac941b50ad37317c4f9aaabf91b4
- name: pathInRepo
value: tasks/create-frontend-dockerfile/create-frontend-dockerfile.yaml
workspaces:
- name: source
workspace: workspace
params:
- name: path-context
value: $(params.path-context)
- name: component
value: $(tasks.parse-build-deploy-script.results.component)
- name: image
value: $(tasks.parse-build-deploy-script.results.image)
- name: node-build-version
value: $(tasks.parse-build-deploy-script.results.node-build-version)
- name: quay-expire-time
value: $(tasks.parse-build-deploy-script.results.quay-expire-time)
- name: npm-build-script
value: $(tasks.parse-build-deploy-script.results.npm-build-script)
- name: yarn-build-script
value: $(tasks.parse-build-deploy-script.results.yarn-build-script)
- name: route-path
value: $(tasks.parse-build-deploy-script.results.route-path)
- name: beta-route-path
value: $(tasks.parse-build-deploy-script.results.beta-route-path)
- name: preview-route-path
value: $(tasks.parse-build-deploy-script.results.preview-route-path)
- name: ci-root
value: $(tasks.parse-build-deploy-script.results.ci-root)
- name: server-name
value: $(tasks.parse-build-deploy-script.results.server-name)
- name: dist-folder
value: $(tasks.parse-build-deploy-script.results.dist-folder)
runAfter:
- parse-build-deploy-script
- name: clone-repository-oci-ta
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta@sha256:0f4360ce144d46171ebd2e8f4d4575539a0600e02208ba5fc9beeb2c27ddfd4c
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
# - name: run-unit-tests
# description: Validates frontend unit tests
# params:
# - name: SOURCE_ARTIFACT
# value: $(tasks.clone-repository-oci-ta.results.SOURCE_ARTIFACT)
# runAfter:
# - clone-repository-oci-ta
# computeResources:
# requests:
# memory: 1Gi
# requests:
# memory: 2Gi
# workspaces:
# - name: basic-auth
# workspace: git-auth
# taskSpec:
# params:
# - description: The Trusted Artifact URI pointing to the artifact with the application source code.
# name: SOURCE_ARTIFACT
# type: string
# volumes:
# # New volume to store a copy of the source code accessible only to this Task.
# - name: workdir
# emptyDir: {}
# stepTemplate:
# volumeMounts:
# - mountPath: /var/workdir
# name: workdir
# readOnly: false
# sidecars:
# steps:
# - name: use-trusted-artifact
# image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:8391272c4e5011120e9e7fee2c1f339e9405366110bf239dadcbc21e953ce099
# args:
# - use
# - $(params.SOURCE_ARTIFACT)=/var/workdir
# - image: registry.access.redhat.com/ubi8/nodejs-20
# workingDir: /var/workdir
# name: unit-tests
# securityContext:
# runAsUser: 0
# script: |
# #!/bin/bash
# set -ex

# npm install
# npm test
- name: build-container
params:
- name: IMAGE
Expand All @@ -234,6 +368,7 @@ spec:
value: $(params.build-args-file)
runAfter:
- prefetch-dependencies
- create-frontend-dockerfile
taskRef:
params:
- name: name
Expand Down Expand Up @@ -457,28 +592,28 @@ spec:
workspaces:
- name: workspace
workspace: workspace
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:7aa4d3c95e2b963e82fdda392f7cb3d61e3dab035416cf4a3a34e43cf3c9c9b8
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
# - name: rpms-signature-scan
# params:
# - name: image-url
# value: $(tasks.build-image-index.results.IMAGE_URL)
# - name: image-digest
# value: $(tasks.build-image-index.results.IMAGE_DIGEST)
# runAfter:
# - build-image-index
# taskRef:
# params:
# - name: name
# value: rpms-signature-scan
# - name: bundle
# value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:7aa4d3c95e2b963e82fdda392f7cb3d61e3dab035416cf4a3a34e43cf3c9c9b8
# - name: kind
# value: task
# resolver: bundles
# when:
# - input: $(params.skip-checks)
# operator: in
# values:
# - "false"
workspaces:
- name: workspace
- name: git-auth
Expand Down

0 comments on commit df562b4

Please sign in to comment.