Update Konflux build defs and Containerfile based on review comments

Author: TamiTakamiya

.tekton/ansible-chatbot-stack-pull-request.yaml

@@ -31,8 +31,8 @@ spec:
     value: Containerfile
   - name: build-args
     value:
-    - ANSIBLE_CHATBOT_VERSION=0.1.9
-    - LLAMA_STACK_RUN_CONFIG=ansible-chatbot-run.yaml
+    - ANSIBLE_CHATBOT_VERSION=0.9.$(tasks.git-metadata.results.commit-timestamp)
+    - GIT_COMMIT=$(tasks.clone-repository.results.commit)
   pipelineSpec:
     description: |
       This pipeline is ideal for building container images from a Containerfile while maintaining trust after pipeline customization.
@@ -176,18 +176,47 @@ spec:
       workspaces:
       - name: basic-auth
         workspace: git-auth
+    - name: git-metadata
+      params:
+        - name: ociStorage
+          value: $(params.output-image).script
+        - name: ociArtifactExpiresAfter
+          value: $(params.image-expires-after)
+        - name: SCRIPT_RUNNER_IMAGE
+          value: alpine/git
+        - name: SCRIPT
+          value: |
+            #!/bin/sh
+            set -euo pipefail
+            cd "$(workspaces.source.path)/source"
+            echo -n $(date -d @$(git log -1 --format=%at) "+%Y%m%d%H%M") > $(results.commit-timestamp.path)
+        - name: HERMETIC
+          value: $(params.hermetic)
+        - name: SOURCE_ARTIFACT
+          value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
+      runAfter:
+      - clone-repository
+      taskRef:
+        params:
+        - name: name
+          value: run-script-oci-ta
+        - name: bundle
+          value: quay.io/konflux-ci/tekton-catalog/task-run-script-oci-ta:0.1@sha256:c0f627069353ebd6d1ed03c8657e281eaf11be63706ea38cc53caf16cf4ffd65
+        - name: kind
+          value: task
+        resolver: bundles
     - name: prefetch-dependencies
       params:
       - name: input
         value: $(params.prefetch-input)
       - name: SOURCE_ARTIFACT
-        value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
+        value: $(tasks.git-metadata.results.SOURCE_ARTIFACT)
       - name: ociStorage
         value: $(params.output-image).prefetch
       - name: ociArtifactExpiresAfter
         value: $(params.image-expires-after)
       runAfter:
-      - clone-repository
+      - git-metadata
       taskRef:
         params:
         - name: name
@@ -202,7 +231,7 @@ spec:
         workspace: git-auth
       - name: netrc
         workspace: netrc
-    - name: run-script
+    - name: download-providers
       params:
         - name: ociStorage
           value: $(params.output-image).script
@@ -254,14 +283,14 @@ spec:
       - name: PRIVILEGED_NESTED
         value: $(params.privileged-nested)
       - name: SOURCE_ARTIFACT
-        value: $(tasks.run-script.results.SCRIPT_ARTIFACT)
+        value: $(tasks.download-providers.results.SCRIPT_ARTIFACT)
       - name: ADDITIONAL_BASE_IMAGES
         value:
-        - $(tasks.run-script.results.SCRIPT_RUNNER_IMAGE_REFERENCE)
+        - $(tasks.download-providers.results.SCRIPT_RUNNER_IMAGE_REFERENCE)
       - name: CACHI2_ARTIFACT
         value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
       runAfter:
-      - run-script
+      - download-providers
       taskRef:
         params:
         - name: name

.tekton/ansible-chatbot-stack-push.yaml

@@ -28,8 +28,9 @@ spec:
     value: Containerfile
   - name: build-args
     value:
-    - ANSIBLE_CHATBOT_VERSION=0.1.9
-    - LLAMA_STACK_RUN_CONFIG=ansible-chatbot-run.yaml
+    - ANSIBLE_CHATBOT_VERSION=0.9.$(tasks.git-metadata.results.commit-timestamp)
+    - IMAGE_TAGS=latest 0.9.$(tasks.git-metadata.results.commit-timestamp)
+    - GIT_COMMIT=$(tasks.clone-repository.results.commit)
   pipelineSpec:
     description: |
       This pipeline is ideal for building container images from a Containerfile while maintaining trust after pipeline customization.
@@ -173,18 +174,47 @@ spec:
       workspaces:
       - name: basic-auth
         workspace: git-auth
+    - name: git-metadata
+      params:
+        - name: ociStorage
+          value: $(params.output-image).script
+        - name: ociArtifactExpiresAfter
+          value: $(params.image-expires-after)
+        - name: SCRIPT_RUNNER_IMAGE
+          value: alpine/git
+        - name: SCRIPT
+          value: |
+            #!/bin/sh
+            set -euo pipefail
+            cd "$(workspaces.source.path)/source"
+            echo -n $(date -d @$(git log -1 --format=%at) "+%Y%m%d%H%M") > $(results.commit-timestamp.path)
+        - name: HERMETIC
+          value: $(params.hermetic)
+        - name: SOURCE_ARTIFACT
+          value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
+      runAfter:
+      - clone-repository
+      taskRef:
+        params:
+        - name: name
+          value: run-script-oci-ta
+        - name: bundle
+          value: quay.io/konflux-ci/tekton-catalog/task-run-script-oci-ta:0.1@sha256:c0f627069353ebd6d1ed03c8657e281eaf11be63706ea38cc53caf16cf4ffd65
+        - name: kind
+          value: task
+        resolver: bundles
     - name: prefetch-dependencies
       params:
       - name: input
         value: $(params.prefetch-input)
       - name: SOURCE_ARTIFACT
-        value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
+        value: $(tasks.git-metadata.results.SOURCE_ARTIFACT)
       - name: ociStorage
         value: $(params.output-image).prefetch
       - name: ociArtifactExpiresAfter
         value: $(params.image-expires-after)
       runAfter:
-      - clone-repository
+      - git-metadata
       taskRef:
         params:
         - name: name
@@ -199,7 +229,7 @@ spec:
         workspace: git-auth
       - name: netrc
         workspace: netrc
-    - name: run-script
+    - name: download-providers
       params:
         - name: ociStorage
           value: $(params.output-image).script
@@ -251,14 +281,14 @@ spec:
       - name: PRIVILEGED_NESTED
         value: $(params.privileged-nested)
       - name: SOURCE_ARTIFACT
-        value: $(tasks.run-script.results.SCRIPT_ARTIFACT)
+        value: $(tasks.download-providers.results.SCRIPT_ARTIFACT)
       - name: ADDITIONAL_BASE_IMAGES
         value:
-        - $(tasks.run-script.results.SCRIPT_RUNNER_IMAGE_REFERENCE)
+        - $(tasks.download-providers.results.SCRIPT_RUNNER_IMAGE_REFERENCE)
       - name: CACHI2_ARTIFACT
         value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
       runAfter:
-      - run-script
+      - download-providers
       taskRef:
         params:
         - name: name

Containerfile

@@ -1,5 +1,7 @@
 # Build arguments declared in the global scope.
 ARG ANSIBLE_CHATBOT_VERSION=latest
+ARG IMAGE_TAGS=image-tags-not-defined
+ARG GIT_COMMIT=git-commit-not-defined
 
 # ======================================================
 # Transient image to construct Python venv
@@ -34,6 +36,8 @@ USER 0
 # Re-declaring arguments without a value, inherits the global default one.
 ARG APP_ROOT
 ARG ANSIBLE_CHATBOT_VERSION
+ARG IMAGE_TAGS
+ARG GIT_COMMIT
 RUN microdnf install -y --nodocs --setopt=keepcache=0 --setopt=tsflags=nodocs jq
 
 # PYTHONDONTWRITEBYTECODE 1 : disable the generation of .pyc
@@ -58,7 +62,9 @@ RUN mkdir -p /.llama/distributions/ansible-chatbot
 RUN mkdir -p /.llama/data/distributions/ansible-chatbot
 RUN echo -e "\
 {\n\
-  \"version\": \"${ANSIBLE_CHATBOT_VERSION}\" \n\
+  \"version\": \"${ANSIBLE_CHATBOT_VERSION}\", \n\
+  \"imageTags\": \"${IMAGE_TAGS}\", \n\
+  \"gitCommit\": \"${GIT_COMMIT}\" \n\
 }\n\
 " > /.llama/distributions/ansible-chatbot/ansible-chatbot-version-info.json
 ADD llama-stack/providers.d /.llama/providers.d