From b95257ee6c7cc9b95cf8d1d47dbf8bb5b0fac774 Mon Sep 17 00:00:00 2001 From: Adrian Riobo Date: Mon, 21 Oct 2024 17:45:10 +0200 Subject: [PATCH] chore: sync crc-builder linux amd64 tekton task contract. Now all tekton tasks for builders use credentials based on worspace. Signed-off-by: Adrian Riobo --- crc-builder/oci/Containerfile.linux | 1 - .../tkn/tpl/crc-builder-arm64.tpl.yaml | 22 ++- .../tkn/tpl/crc-builder-installer.tpl.yaml | 3 + crc-builder/tkn/tpl/crc-builder.tpl.yaml | 129 ++++++++++-------- 4 files changed, 84 insertions(+), 71 deletions(-) diff --git a/crc-builder/oci/Containerfile.linux b/crc-builder/oci/Containerfile.linux index 4dcc814..fa18b9b 100644 --- a/crc-builder/oci/Containerfile.linux +++ b/crc-builder/oci/Containerfile.linux @@ -15,7 +15,6 @@ RUN microdnf -y install git make gcc libvirt-devel perl-Digest-SHA xz findutils && chmod +x /usr/local/bin/mc \ && rm /tmp/${GO_VERSION}.tar.gz -COPY lib/common.sh /usr/local/bin COPY lib/linux/entrypoint.sh /usr/local/bin/entrypoint.sh ENTRYPOINT entrypoint.sh \ No newline at end of file diff --git a/crc-builder/tkn/tpl/crc-builder-arm64.tpl.yaml b/crc-builder/tkn/tpl/crc-builder-arm64.tpl.yaml index 47c2d1e..13d26a5 100644 --- a/crc-builder/tkn/tpl/crc-builder-arm64.tpl.yaml +++ b/crc-builder/tkn/tpl/crc-builder-arm64.tpl.yaml @@ -58,13 +58,15 @@ spec: # SCM params - name: crc-scm default: https://github.com/code-ready/crc.git - - name: crc-scm-pr - default: "''" - name: crc-scm-ref default: main + - name: crc-scm-pr + default: "''" + # Target params - name: s3-folder-path + default: 'crc-binaries' # Builder params - name: builder-cpus @@ -140,19 +142,15 @@ spec: } cmd="podman run --rm --name crc-builder -d " - cmd+="-e DATALAKE_URL=$(cat /opt/s3-credentials/upload-url) " - cmd+="-e DATALAKE_ACCESS_KEY=$(cat /opt/s3-credentials/access-key) " - cmd+="-e DATALAKE_SECRET_KEY=$(cat /opt/s3-credentials/secret-key) " - # Optionals - if [[ $(params.crc-scm) != "" ]]; then - cmd+="-e CRC_SCM=$(params.crc-scm) " - fi + # SCM + cmd+="-e CRC_SCM=$(params.crc-scm) " + cmd+="-e CRC_SCM_REF=$(params.crc-scm-ref) " if [[ $(params.crc-scm-pr) != "" ]]; then cmd+="-e CRC_SCM_PR=$(params.crc-scm-pr) " fi - if [[ $(params.crc-scm-ref) != "" ]]; then - cmd+="-e CRC_SCM_REF=$(params.crc-scm-ref) " - fi + cmd+="-e DATALAKE_URL=$(cat /opt/s3-credentials/upload-url) " + cmd+="-e DATALAKE_ACCESS_KEY=$(cat /opt/s3-credentials/access-key) " + cmd+="-e DATALAKE_SECRET_KEY=$(cat /opt/s3-credentials/secret-key) " if [[ $(params.s3-folder-path) != "" ]]; then cmd+="-e UPLOAD_PATH=$(cat /opt/s3-credentials/bucket)/$(params.s3-folder-path) " fi diff --git a/crc-builder/tkn/tpl/crc-builder-installer.tpl.yaml b/crc-builder/tkn/tpl/crc-builder-installer.tpl.yaml index 70665ff..fd82959 100644 --- a/crc-builder/tkn/tpl/crc-builder-installer.tpl.yaml +++ b/crc-builder/tkn/tpl/crc-builder-installer.tpl.yaml @@ -70,6 +70,9 @@ spec: default: main - name: crc-scm-pr default: "''" + # Target params + - name: s3-folder-path + default: 'crc-binaries' # Control params - name: debug description: debug purposes extend verbosity on cmds executed on the target diff --git a/crc-builder/tkn/tpl/crc-builder.tpl.yaml b/crc-builder/tkn/tpl/crc-builder.tpl.yaml index 919afe6..03a0085 100644 --- a/crc-builder/tkn/tpl/crc-builder.tpl.yaml +++ b/crc-builder/tkn/tpl/crc-builder.tpl.yaml @@ -18,70 +18,83 @@ spec: description: >- This task will build openshift local binary for linux distributions + workspaces: + - name: s3-credentials + description: | + ocp secret holding the s3 credentials. Secret should be accessible to this task. + --- + apiVersion: v1 + kind: Secret + metadata: + name: XXXX + labels: + app.kubernetes.io/component: XXXX + type: Opaque + data: + download-url: ${download_url} + upload-url: ${upload_url} + bucket: ${bucket_value} + access-key: ${access_key} + secret-key: ${secret_key} + mountPath: /opt/s3-credentials + params: - - name: crc-scm - default: https://github.com/code-ready/crc.git - - name: crc-scm-pr - default: "''" - - name: crc-scm-ref - default: main - - name: s3-url - - name: s3-access-key - - name: s3-secret-key - - name: s3-folder-path - - name: s3-download-url + # SCM params + - name: crc-scm + default: https://github.com/code-ready/crc.git + - name: crc-scm-ref + default: main + - name: crc-scm-pr + default: "''" + # Target params + - name: s3-folder-path + default: 'crc-binaries' + results: - - name: downloadable-base-url - description: base url where the installer and the shasumfile can be downloaded - - name: distributable-name - description: distributable file name for the installer - - name: shasumfile - description: shasumfile name + - name: downloadable-base-url + description: base url where the installer and the shasumfile can be downloaded + - name: distributable-name + description: distributable file name for the installer + - name: shasumfile + description: shasumfile name steps: - - name: build - # cimage and cversion values should be passed to the template - image: cimage:cversion-linux - imagePullPolicy: Always - script: | - #!/bin/sh - DATALAKE_URL=$(params.s3-url) - DATALAKE_ACCESS_KEY=$(params.s3-access-key) - DATALAKE_SECRET_KEY=$(params.s3-secret-key) + - name: build + # cimage and cversion values should be passed to the template + image: cimage:cversion-linux + imagePullPolicy: Always + script: | + #!/bin/sh - # Optionals - if [[ $(params.crc-scm) != "" ]]; then + # SCM CRC_SCM=$(params.crc-scm) - fi - if [[ $(params.crc-scm-pr) != "" ]]; then - CRC_SCM_PR=$(params.crc-scm-pr) - fi - if [[ $(params.crc-scm-ref) != "" ]]; then CRC_SCM_REF=$(params.crc-scm-ref) - fi - if [[ $(params.s3-folder-path) != "" ]]; then - UPLOAD_PATH=$(params.s3-folder-path) - fi - - # Build installer - DEBUG=true - . entrypoint.sh - - if [[ $? -ne 0 ]]; then - exit 1 - fi + if [[ $(params.crc-scm-pr) != "" ]]; then + CRC_SCM_PR=$(params.crc-scm-pr) + fi + DATALAKE_URL=$(cat /opt/s3-credentials/upload-url) + DATALAKE_ACCESS_KEY=$(cat /opt/s3-credentials/access-key) + DATALAKE_SECRET_KEY=$(cat /opt/s3-credentials/secret-key) + UPLOAD_PATH=$(cat /opt/s3-credentials/bucket)/$(params.s3-folder-path) + + # Build installer + DEBUG=true + . entrypoint.sh + if [[ $? -ne 0 ]]; then + exit 1 + fi - # From entrypoint we can get UPLOAD_PATH env with the target bucket - echo -n "$(params.s3-download-url)/${UPLOAD_PATH}" | tee $(results.downloadable-base-url.path) - # Linux generated files - echo -n "crc-linux-amd64.tar.xz" | tee $(results.distributable-name.path) - echo -n "crc-linux-amd64.tar.xz.sha256sum" | tee $(results.shasumfile.path) - resources: - requests: - memory: 450Mi - cpu: 250m - limits: - memory: 3800Mi - cpu: 1850m - timeout: 900m \ No newline at end of file + # From entrypoint we can get UPLOAD_PATH env with the target bucket + echo -n "$(params.s3-download-url)/${UPLOAD_PATH}" | tee $(results.downloadable-base-url.path) + # Linux generated files + echo -n "crc-linux-amd64.tar.xz" | tee $(results.distributable-name.path) + echo -n "crc-linux-amd64.tar.xz.sha256sum" | tee $(results.shasumfile.path) + resources: + requests: + memory: 450Mi + cpu: 250m + limits: + memory: 3800Mi + cpu: 1850m + timeout: 900m \ No newline at end of file