diff --git a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-kn-event-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-kn-event-116.yaml index 6a77909fb..c51f15826 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-kn-event-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-kn-event-116.yaml @@ -7,8 +7,7 @@ metadata: name: kn-plugin-event-kn-event-116 spec: componentName: kn-plugin-event-kn-event-116 - application: serverless-operator-136 - + application: serverless-operator-136 source: git: url: https://github.com/openshift-knative/kn-plugin-event.git diff --git a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-sender-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-sender-116.yaml index 10869a4af..0634447e4 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-sender-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-sender-116.yaml @@ -7,8 +7,7 @@ metadata: name: kn-plugin-event-sender-116 spec: componentName: kn-plugin-event-sender-116 - application: serverless-operator-136 - + application: serverless-operator-136 source: git: url: https://github.com/openshift-knative/kn-plugin-event.git diff --git a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-eventshub-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-eventshub-116.yaml index 4ca9f3ca0..690df6a1b 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-eventshub-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-eventshub-116.yaml @@ -7,8 +7,7 @@ metadata: name: kn-plugin-event-test-eventshub-116 spec: componentName: kn-plugin-event-test-eventshub-116 - application: serverless-operator-136 - + application: serverless-operator-136 source: git: url: https://github.com/openshift-knative/kn-plugin-event.git diff --git a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-wathola-forwarder-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-wathola-forwarder-116.yaml index 574e0d3ea..5922acb31 100755 --- a/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-wathola-forwarder-116.yaml +++ b/.konflux/applications/serverless-operator-136/components/kn-plugin-event-test-wathola-forwarder-116.yaml @@ -7,8 +7,7 @@ metadata: name: kn-plugin-event-test-wathola-forwarder-116 spec: componentName: kn-plugin-event-test-wathola-forwarder-116 - application: serverless-operator-136 - + application: serverless-operator-136 source: git: url: https://github.com/openshift-knative/kn-plugin-event.git diff --git a/.tekton/docker-build.yaml b/.tekton/docker-build.yaml index f2ed278be..fabac6c80 100755 --- a/.tekton/docker-build.yaml +++ b/.tekton/docker-build.yaml @@ -1,7 +1,6 @@ apiVersion: tekton.dev/v1 kind: Pipeline metadata: - creationTimestamp: null labels: pipelines.openshift.io/runtime: generic pipelines.openshift.io/strategy: docker @@ -13,20 +12,6 @@ spec: _Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks. This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_ - finally: - - name: show-sbom - params: - - name: IMAGE_URL - value: $(tasks.build-image-index.results.IMAGE_URL) - taskRef: - params: - - name: name - value: show-sbom - - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:beb0616db051952b4b861dd8c3e00fa1c0eccbd926feddf71194d3bb3ace9ce7 - - name: kind - value: task - resolver: bundles params: - default: - linux/x86_64 @@ -73,10 +58,6 @@ spec: path-context name: dockerfile type: string - - default: "false" - description: Force rebuild image - name: rebuild - type: string - default: "false" description: Skip checks against built image name: skip-checks @@ -86,7 +67,7 @@ spec: name: hermetic type: string - default: "" - description: Build dependencies to be prefetched by Cachi2 + description: Build dependencies to be prefetched name: prefetch-input type: string - default: "" @@ -98,6 +79,14 @@ spec: description: Add built image into an OCI image index name: build-image-index type: string + - default: docker + description: The format for the resulting image's mediaType. Valid values are + oci or docker. + name: buildah-format + type: string + - default: "false" + description: Enable cache proxy configuration + name: enable-cache-proxy - default: [] description: Array of --build-arg values ("arg=value" strings) for buildah name: build-args @@ -202,12 +191,8 @@ spec: resolver: bundles - name: init params: - - name: image-url - value: $(params.output-image) - - name: rebuild - value: $(params.rebuild) - - name: skip-checks - value: $(params.skip-checks) + - name: enable-cache-proxy + value: $(params.enable-cache-proxy) taskRef: params: - name: name @@ -238,11 +223,6 @@ spec: - name: kind value: task resolver: bundles - when: - - input: $(tasks.init.results.build) - operator: in - values: - - "true" workspaces: - name: basic-auth workspace: git-auth @@ -274,6 +254,14 @@ spec: value: $(params.build-args-file) - name: PRIVILEGED_NESTED value: $(params.privileged-nested) + - name: SOURCE_URL + value: $(tasks.clone-repository.results.url) + - name: BUILDAH_FORMAT + value: $(params.buildah-format) + - name: HTTP_PROXY + value: $(tasks.init.results.http-proxy) + - name: NO_PROXY + value: $(tasks.init.results.no-proxy) - name: SOURCE_ARTIFACT value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) - name: CACHI2_ARTIFACT @@ -291,24 +279,17 @@ spec: - name: kind value: task resolver: bundles - when: - - input: $(tasks.init.results.build) - operator: in - values: - - "true" - name: build-image-index params: - name: IMAGE value: $(params.output-image) - - name: COMMIT_SHA - value: $(tasks.clone-repository.results.commit) - - name: IMAGE_EXPIRES_AFTER - value: $(params.image-expires-after) - name: ALWAYS_BUILD_INDEX value: $(params.build-image-index) - name: IMAGES value: - $(tasks.build-images.results.IMAGE_REF[*]) + - name: BUILDAH_FORMAT + value: $(params.buildah-format) runAfter: - build-images taskRef: @@ -320,11 +301,6 @@ spec: - name: kind value: task resolver: bundles - when: - - input: $(tasks.init.results.build) - operator: in - values: - - "true" - name: build-source-image params: - name: BINARY_IMAGE @@ -347,10 +323,6 @@ spec: value: task resolver: bundles when: - - input: $(tasks.init.results.build) - operator: in - values: - - "true" - input: $(params.build-source-image) operator: in values: @@ -377,7 +349,12 @@ spec: operator: in values: - "false" - - name: clair-scan + - matrix: + params: + - name: image-platform + value: + - $(params.build-platforms) + name: clair-scan params: - name: image-digest value: $(tasks.build-image-index.results.IMAGE_DIGEST) @@ -399,7 +376,12 @@ spec: operator: in values: - "false" - - name: ecosystem-cert-preflight-checks + - matrix: + params: + - name: platform + value: + - $(params.build-platforms) + name: ecosystem-cert-preflight-checks params: - name: image-url value: $(tasks.build-image-index.results.IMAGE_URL) @@ -534,7 +516,7 @@ spec: - name: name value: rpms-signature-scan - name: bundle - value: quay.io/konflux-ci/konflux-vanguard/task-rpms-signature-scan:0.2@sha256:e127e0e0a5aab1364b560436594fe7ed67abcd5f8d6dd3ef14ac1f35cf81078c + value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:65b14e54b86c3b8e7332b53ff8d2e574693fa1335f9720aec21d47e9d15686f0 - name: kind value: task resolver: bundles diff --git a/.tekton/kn-plugin-event-kn-event-116-pull-request.yaml b/.tekton/kn-plugin-event-kn-event-116-pull-request.yaml index d623fd6c8..8d5c6128a 100755 --- a/.tekton/kn-plugin-event-kn-event-116-pull-request.yaml +++ b/.tekton/kn-plugin-event-kn-event-116-pull-request.yaml @@ -21,7 +21,7 @@ spec: value: openshift/ci-operator/images/kn-event/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-kn-event-116-push.yaml b/.tekton/kn-plugin-event-kn-event-116-push.yaml index 5fe6b6e52..ac958e1c7 100755 --- a/.tekton/kn-plugin-event-kn-event-116-push.yaml +++ b/.tekton/kn-plugin-event-kn-event-116-push.yaml @@ -20,7 +20,7 @@ spec: value: openshift/ci-operator/images/kn-event/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-sender-116-pull-request.yaml b/.tekton/kn-plugin-event-sender-116-pull-request.yaml index 8d3868fa2..d6fdd4362 100755 --- a/.tekton/kn-plugin-event-sender-116-pull-request.yaml +++ b/.tekton/kn-plugin-event-sender-116-pull-request.yaml @@ -21,7 +21,7 @@ spec: value: openshift/ci-operator/images/kn-event-sender/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-sender-116-push.yaml b/.tekton/kn-plugin-event-sender-116-push.yaml index f12038d8c..f6aa3442e 100755 --- a/.tekton/kn-plugin-event-sender-116-push.yaml +++ b/.tekton/kn-plugin-event-sender-116-push.yaml @@ -20,7 +20,7 @@ spec: value: openshift/ci-operator/images/kn-event-sender/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-test-eventshub-116-pull-request.yaml b/.tekton/kn-plugin-event-test-eventshub-116-pull-request.yaml index 19a1d9629..82b839e15 100755 --- a/.tekton/kn-plugin-event-test-eventshub-116-pull-request.yaml +++ b/.tekton/kn-plugin-event-test-eventshub-116-pull-request.yaml @@ -21,7 +21,7 @@ spec: value: openshift/ci-operator/test-images/eventshub/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-test-eventshub-116-push.yaml b/.tekton/kn-plugin-event-test-eventshub-116-push.yaml index a71adcd17..0d792c7ec 100755 --- a/.tekton/kn-plugin-event-test-eventshub-116-push.yaml +++ b/.tekton/kn-plugin-event-test-eventshub-116-push.yaml @@ -20,7 +20,7 @@ spec: value: openshift/ci-operator/test-images/eventshub/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-test-wathola-forwarder-116-pull-request.yaml b/.tekton/kn-plugin-event-test-wathola-forwarder-116-pull-request.yaml index 984a23e01..27d4e9d6a 100755 --- a/.tekton/kn-plugin-event-test-wathola-forwarder-116-pull-request.yaml +++ b/.tekton/kn-plugin-event-test-wathola-forwarder-116-pull-request.yaml @@ -21,7 +21,7 @@ spec: value: openshift/ci-operator/test-images/wathola-forwarder/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime diff --git a/.tekton/kn-plugin-event-test-wathola-forwarder-116-push.yaml b/.tekton/kn-plugin-event-test-wathola-forwarder-116-push.yaml index 11f86e267..14e785763 100755 --- a/.tekton/kn-plugin-event-test-wathola-forwarder-116-push.yaml +++ b/.tekton/kn-plugin-event-test-wathola-forwarder-116-push.yaml @@ -20,7 +20,7 @@ spec: value: openshift/ci-operator/test-images/wathola-forwarder/Dockerfile - name: build-args value: - - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.23 + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.25 - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime