Remove non-container build support

Author: rnc

README.adoc

@@ -34,7 +34,6 @@ The following environment variables are configurable and may be set by the user
 | GIT_DEPLOY_TOKEN | Authentication token
 | GIT_DEPLOY_URL | The URL for the Git service (GitHub/GitLab are supported) to archive the sources
 | GIT_DISABLE_SSL_VERIFICATION | Whether to disable SSL verification for Git archival service communication
-| JBS_CONTAINER_BUILD | Use Konflux tasks to build using containers (default: `true`)
 | JBS_QUAY_IMAGE_CONTROLLER | The name for the operator image repository. Defaults to `hacbs-jvm-controller`.
 | JBS_QUAY_IMAGE_TAG | The tag for the images (defaults to `dev`)
 | JBS_QUAY_ORG | JBS images are pulled by default from the `QUAY_USERNAME` organization. This may be overridden by changing this

deploy/base-development.sh

@@ -33,9 +33,6 @@ fi
 if [ -z "$JBS_S3_SYNC_ENABLED" ]; then
     export JBS_S3_SYNC_ENABLED=false
 fi
-if [ -z "$JBS_CONTAINER_BUILDS" ]; then
-    export JBS_CONTAINER_BUILDS=true
-fi
 if [ -z "$JBS_MAX_MEMORY" ]; then
     export JBS_MAX_MEMORY=4096
 fi
@@ -81,7 +78,6 @@ ${GIT_DEPLOY_TOKEN}
 ${GIT_DEPLOY_URL}
 ${GIT_DISABLE_SSL_VERIFICATION}
 ${JBS_BUILD_IMAGE_SECRET}
-${JBS_CONTAINER_BUILDS}
 ${JBS_GIT_CREDENTIALS}
 ${JBS_QUAY_IMAGE_CONTROLLER}
 ${JBS_QUAY_IMAGE_TAG}

deploy/base/config.yaml

@@ -5,7 +5,6 @@ metadata:
   name: jvm-build-config
 spec:
   enableRebuilds: true
-  containerBuilds: ${JBS_CONTAINER_BUILDS}
   mavenBaseLocations:
     maven-repository-300-jboss: "https://repository.jboss.org/nexus/content/groups/public/"
     maven-repository-301-confluent: "https://packages.confluent.io/maven"

deploy/crds/base/jvmbuildservice.io_jbsconfigs.yaml

@@ -92,10 +92,6 @@ spec:
                   workerThreads:
                     type: string
                 type: object
-              containerBuilds:
-                description: Whether to use a standard build pipeline or build in
-                  a Docker container via buildah.
-                type: boolean
               enableRebuilds:
                 type: boolean
               gitSourceArchive:

java-components/resource-model/src/main/resources/crds/jvmbuildservice.io_jbsconfigs.yaml

@@ -92,10 +92,6 @@ spec:
                   workerThreads:
                     type: string
                 type: object
-              containerBuilds:
-                description: Whether to use a standard build pipeline or build in
-                  a Docker container via buildah.
-                type: boolean
               enableRebuilds:
                 type: boolean
               gitSourceArchive:

openshift-with-appstudio-test/e2e/util.go

@@ -295,8 +295,7 @@ func setupConfig(t *testing.T, namespace string) *testArgs {
 			Name:      v1alpha1.JBSConfigName,
 		},
 		Spec: v1alpha1.JBSConfigSpec{
-			EnableRebuilds:  true,
-			ContainerBuilds: true,
+			EnableRebuilds: true,
 			MavenBaseLocations: map[string]string{
 				"maven-repository-300-jboss":     "https://repository.jboss.org/nexus/content/groups/public/",
 				"maven-repository-301-confluent": "https://packages.confluent.io/maven",
@@ -1070,7 +1069,6 @@ func setupMinikube(t *testing.T, namespace string) *testArgs {
 		},
 		Spec: v1alpha1.JBSConfigSpec{
 			EnableRebuilds:    true,
-			ContainerBuilds:   true,
 			AdditionalRecipes: []string{"https://github.com/jvm-build-service-test-data/recipe-repo"},
 			BuildSettings: v1alpha1.BuildSettings{
 				BuildRequestMemory: "512Mi",

pkg/apis/jvmbuildservice/v1alpha1/jbsconfig_types.go

@@ -54,9 +54,6 @@ type JBSConfigSpec struct {
 	GitSourceArchive GitSourceArchive  `json:"gitSourceArchive,omitempty"`
 	CacheSettings    CacheSettings     `json:"cacheSettings,omitempty"`
 	BuildSettings    BuildSettings     `json:"buildSettings,omitempty"`
-
-	// Whether to use a standard build pipeline or build in a Docker container via buildah.
-	ContainerBuilds bool `json:"containerBuilds,omitempty"`
 }
 
 type ImageRegistrySpec struct {

pkg/reconciler/dependencybuild/buildrecipeyaml.go

@@ -333,7 +333,6 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
 		return nil, "", "", "", err
 	}
 
-	createBuildScript := createBuildScript(build)
 	pipelineParams := []tektonpipeline.ParamSpec{
 		{Name: PipelineBuildId, Type: tektonpipeline.ParamTypeString},
 		{Name: PipelineParamScmUrl, Type: tektonpipeline.ParamTypeString},
@@ -383,7 +382,7 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
 						Requests: v1.ResourceList{"memory": limits.defaultRequestMemory, "cpu": limits.defaultRequestCPU},
 						Limits:   v1.ResourceList{"memory": limits.defaultRequestMemory, "cpu": limits.defaultLimitCPU},
 					},
-					Script: gitScript + "\n" + createBuildScript,
+					Script: gitScript,
 					Env: []v1.EnvVar{
 						{Name: PipelineParamCacheUrl, Value: "$(params." + PipelineParamCacheUrl + ")"},
 						{Name: "GIT_TOKEN", ValueFrom: &v1.EnvVarSource{SecretKeyRef: &v1.SecretKeySelector{LocalObjectReference: v1.LocalObjectReference{Name: v1alpha1.GitSecretName}, Key: v1alpha1.GitSecretTokenKey, Optional: &trueBool}}},
@@ -447,172 +446,80 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
 		}
 	}
 
-	if jbsConfig.Spec.ContainerBuilds {
-		// Note - its also possible to refer to a remote pipeline ref as well as a task.
-		resolver := tektonpipeline.ResolverRef{
-			// We can use either a http or git resolver. Using http as avoids cloning an entire repository.
-			Resolver: "http",
-			Params: []tektonpipeline.Param{
-				{
-					Name: "url",
-					Value: tektonpipeline.ParamValue{
-						Type:      tektonpipeline.ParamTypeString,
-						StringVal: v1alpha1.KonfluxBuildDefinitions,
-					},
-				},
-			},
-		}
-
-		ps.Tasks = append([]tektonpipeline.PipelineTask{
+	// Note - its also possible to refer to a remote pipeline ref as well as a task.
+	resolver := tektonpipeline.ResolverRef{
+		// We can use either a http or git resolver. Using http as avoids cloning an entire repository.
+		Resolver: "http",
+		Params: []tektonpipeline.Param{
 			{
-				Name:     BuildTaskName,
-				RunAfter: runAfter,
-				TaskRef: &tektonpipeline.TaskRef{
-					// Can't specify name and resolver as they clash.
-					ResolverRef: resolver,
-				},
-				Timeout: &v12.Duration{Duration: time.Hour * v1alpha1.DefaultTimeout},
-				Params: []tektonpipeline.Param{
-					{
-						Name: "DOCKERFILE",
-						Value: tektonpipeline.ParamValue{
-							Type:      tektonpipeline.ParamTypeString,
-							StringVal: ".jbs/Containerfile"},
-					},
-					{
-						Name: "IMAGE",
-						Value: tektonpipeline.ParamValue{
-							Type:      tektonpipeline.ParamTypeString,
-							StringVal: registryArgsWithDefaults(jbsConfig, buildId)},
-					},
-					{
-						Name: "SOURCE_ARTIFACT",
-						Value: tektonpipeline.ParamValue{
-							Type:      tektonpipeline.ParamTypeString,
-							StringVal: preBuildImage,
-						},
-					},
-					{
-						Name: "ORAS_OPTIONS",
-						Value: tektonpipeline.ParamValue{
-							Type:      tektonpipeline.ParamTypeString,
-							StringVal: orasOptions,
-						},
-					},
-					{
-						Name: "TLSVERIFY",
-						Value: tektonpipeline.ParamValue{
-							Type:      tektonpipeline.ParamTypeString,
-							StringVal: tlsVerify,
-						},
-					},
+				Name: "url",
+				Value: tektonpipeline.ParamValue{
+					Type:      tektonpipeline.ParamTypeString,
+					StringVal: v1alpha1.KonfluxBuildDefinitions,
 				},
+			},
+		},
+	}
 
-				// TODO: ### How to pass build-settings/tls information to buildah task?
-				//       Note - buildah-oci-ta task has no defined workspace
-				//Workspaces: []tektonpipeline.WorkspacePipelineTaskBinding{
-				//	//{Name: WorkspaceBuildSettings, Workspace: WorkspaceBuildSettings},
-				//	{Name: WorkspaceSource, Workspace: WorkspaceSource},
-				//	//{Name: WorkspaceTls, Workspace: WorkspaceTls},
-				//},
-			}}, ps.Tasks...)
-
-		// Results for https://github.com/konflux-ci/build-definitions/tree/main/task/buildah-oci-ta/0.2
-		// IMAGE_DIGEST
-		// IMAGE_URL
-		ps.Results = append(ps.Results, tektonpipeline.PipelineResult{Name: PipelineResultImage, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks." + BuildTaskName + ".results." + PipelineResultImage + ")"}})
-		ps.Results = append(ps.Results, tektonpipeline.PipelineResult{Name: PipelineResultImageDigest, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks." + BuildTaskName + ".results." + PipelineResultImageDigest + ")"}})
-	} else {
-		buildTask := tektonpipeline.TaskSpec{
-			Workspaces: []tektonpipeline.WorkspaceDeclaration{{Name: WorkspaceBuildSettings}, {Name: WorkspaceSource, MountPath: WorkspaceMount}, {Name: WorkspaceTls}},
-			Params:     append(pipelineParams, tektonpipeline.ParamSpec{Name: PipelineResultPreBuildImageDigest, Type: tektonpipeline.ParamTypeString}),
-			Results: []tektonpipeline.TaskResult{
-				{Name: PipelineResultImage},
-				{Name: PipelineResultImageDigest},
+	ps.Tasks = append([]tektonpipeline.PipelineTask{
+		{
+			Name:     BuildTaskName,
+			RunAfter: runAfter,
+			TaskRef: &tektonpipeline.TaskRef{
+				// Can't specify name and resolver as they clash.
+				ResolverRef: resolver,
 			},
-			Steps: []tektonpipeline.Step{
+			Timeout: &v12.Duration{Duration: time.Hour * v1alpha1.DefaultTimeout},
+			Params: []tektonpipeline.Param{
 				{
-					Name:            "restore-pre-build-source",
-					Image:           strings.TrimSpace(strings.Split(buildTrustedArtifacts, "FROM")[1]),
-					ImagePullPolicy: v1.PullIfNotPresent,
-					SecurityContext: &v1.SecurityContext{RunAsUser: &zero},
-					Env:             secretVariables,
-					Script: fmt.Sprintf(`echo "Restoring source to workspace : $(workspaces.source.path)"
-export ORAS_OPTIONS="%s"
-use-archive $(params.%s)=$(workspaces.source.path)/source
-mv $(workspaces.source.path)/source/.jbs/build.sh $(workspaces.source.path)`, orasOptions, PipelineResultPreBuildImageDigest),
+					Name: "DOCKERFILE",
+					Value: tektonpipeline.ParamValue{
+						Type:      tektonpipeline.ParamTypeString,
+						StringVal: ".jbs/Containerfile"},
 				},
 				{
-					Timeout:         &v12.Duration{Duration: time.Hour * v1alpha1.DefaultTimeout},
-					Name:            "build",
-					Image:           recipe.Image,
-					ImagePullPolicy: pullPolicy,
-					WorkingDir:      "$(workspaces." + WorkspaceSource + ".path)/source",
-					SecurityContext: &v1.SecurityContext{RunAsUser: &zero},
-					Env:             append(toolEnv, v1.EnvVar{Name: PipelineParamCacheUrl, Value: "$(params." + PipelineParamCacheUrl + ")"}),
-					ComputeResources: v1.ResourceRequirements{
-						Requests: v1.ResourceList{"memory": limits.buildRequestMemory, "cpu": limits.buildRequestCPU},
-						Limits:   v1.ResourceList{"memory": limits.buildRequestMemory, "cpu": limits.buildLimitCPU},
-					},
-					Args:   []string{"$(params.GOALS[*])"},
-					Script: "$(workspaces." + WorkspaceSource + ".path)/build.sh \"$@\"",
+					Name: "IMAGE",
+					Value: tektonpipeline.ParamValue{
+						Type:      tektonpipeline.ParamTypeString,
+						StringVal: registryArgsWithDefaults(jbsConfig, buildId)},
 				},
 				{
-					Name:            "deploy-ant-artifacts",
-					Image:           buildRequestProcessorImage,
-					ImagePullPolicy: pullPolicy,
-					SecurityContext: &v1.SecurityContext{RunAsUser: &zero},
-					Env:             secretVariables,
-					ComputeResources: v1.ResourceRequirements{
-						Requests: v1.ResourceList{"memory": limits.defaultBuildRequestMemory, "cpu": limits.defaultRequestCPU},
-						Limits:   v1.ResourceList{"memory": limits.defaultBuildRequestMemory, "cpu": limits.defaultLimitCPU},
+					Name: "SOURCE_ARTIFACT",
+					Value: tektonpipeline.ParamValue{
+						Type:      tektonpipeline.ParamTypeString,
+						StringVal: preBuildImage,
 					},
-					Script: artifactbuild.InstallKeystoreIntoBuildRequestProcessor(copyArtifactsArgs),
 				},
-				// Store post-build artifacts here using oras to match container build
 				{
-					Name:            "store-post-build-artifacts",
-					Image:           strings.TrimSpace(strings.Split(buildTrustedArtifacts, "FROM")[1]),
-					ImagePullPolicy: v1.PullIfNotPresent,
-					SecurityContext: &v1.SecurityContext{RunAsUser: &zero},
-					Env:             secretVariables,
-					Script: fmt.Sprintf(`echo "Creating post-build-image archive"
-export ORAS_OPTIONS="%s --image-spec=v1.0 --artifact-type application/vnd.oci.image.config.v1+json --no-tty --format=json"
-IMGURL=%s
-create-archive --store $IMGURL /tmp/artifacts=$(workspaces.source.path)/artifacts | tee /tmp/oras-create.json
-IMGDIGEST=$(cat /tmp/oras-create.json | grep -Ev '(Prepared artifact|Artifacts created)' | jq -r '.digest')
-echo "Storing IMGURL $IMGURL and IMGDIGEST $IMGDIGEST"
-echo -n "$IMGURL" >> $(results.%s.path)
-echo -n "$IMGDIGEST" >> $(results.%s.path)
-`, orasOptions, registryArgsWithDefaults(jbsConfig, buildId+"-artifacts"), PipelineResultImage, PipelineResultImageDigest),
+					Name: "ORAS_OPTIONS",
+					Value: tektonpipeline.ParamValue{
+						Type:      tektonpipeline.ParamTypeString,
+						StringVal: orasOptions,
+					},
 				},
-			}}
-
-		pipelineTask := []tektonpipeline.PipelineTask{{
-			Name:     BuildTaskName,
-			RunAfter: runAfter,
-			TaskSpec: &tektonpipeline.EmbeddedTask{
-				TaskSpec: buildTask,
-			},
-			Timeout: &v12.Duration{Duration: time.Hour * v1alpha1.DefaultTimeout},
-			Params: []tektonpipeline.Param{
 				{
-					Name:  PipelineResultPreBuildImageDigest,
-					Value: tektonpipeline.ParamValue{Type: tektonpipeline.ParamTypeString, StringVal: preBuildImage},
+					Name: "TLSVERIFY",
+					Value: tektonpipeline.ParamValue{
+						Type:      tektonpipeline.ParamTypeString,
+						StringVal: tlsVerify,
+					},
 				},
 			},
-			Workspaces: []tektonpipeline.WorkspacePipelineTaskBinding{
-				{Name: WorkspaceBuildSettings, Workspace: WorkspaceBuildSettings},
-				{Name: WorkspaceSource, Workspace: WorkspaceSource},
-				{Name: WorkspaceTls, Workspace: WorkspaceTls},
-			},
-		}}
-		ps.Tasks = append(pipelineTask, ps.Tasks...)
 
-		for _, i := range buildTask.Results {
-			ps.Results = append(ps.Results, tektonpipeline.PipelineResult{Name: i.Name, Description: i.Description, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks." + BuildTaskName + ".results." + i.Name + ")"}})
-		}
-	}
+			// TODO: ### How to pass build-settings/tls information to buildah task?
+			//       Note - buildah-oci-ta task has no defined workspace
+			//Workspaces: []tektonpipeline.WorkspacePipelineTaskBinding{
+			//	//{Name: WorkspaceBuildSettings, Workspace: WorkspaceBuildSettings},
+			//	{Name: WorkspaceSource, Workspace: WorkspaceSource},
+			//	//{Name: WorkspaceTls, Workspace: WorkspaceTls},
+			//},
+		}}, ps.Tasks...)
+
+	// Results for https://github.com/konflux-ci/build-definitions/tree/main/task/buildah-oci-ta/0.2
+	// IMAGE_DIGEST
+	// IMAGE_URL
+	ps.Results = append(ps.Results, tektonpipeline.PipelineResult{Name: PipelineResultImage, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks." + BuildTaskName + ".results." + PipelineResultImage + ")"}})
+	ps.Results = append(ps.Results, tektonpipeline.PipelineResult{Name: PipelineResultImageDigest, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: "$(tasks." + BuildTaskName + ".results." + PipelineResultImageDigest + ")"}})
 
 	postBuildTask := tektonpipeline.TaskSpec{
 		Workspaces: []tektonpipeline.WorkspaceDeclaration{{Name: WorkspaceBuildSettings}, {Name: WorkspaceSource, MountPath: WorkspaceMount}, {Name: WorkspaceTls}},
@@ -724,14 +631,6 @@ func secretVariables(jbsConfig *v1alpha1.JBSConfig) []v1.EnvVar {
 	return secretVariables
 }
 
-func createBuildScript(build string) string {
-	ret := "tee $(workspaces." + WorkspaceSource + ".path)/build.sh <<'RHTAPEOF'\n"
-	ret += build
-	ret += "\nRHTAPEOF\n"
-	ret += "chmod +x $(workspaces." + WorkspaceSource + ".path)/build.sh\n"
-	return ret
-}
-
 func createKonfluxScripts(containerfile string, konfluxScript string) string {
 	ret := "mkdir -p $(workspaces." + WorkspaceSource + ".path)/source/.jbs\n"
 	ret += "tee $(workspaces." + WorkspaceSource + ".path)/source/.jbs/Containerfile <<'RHTAPEOF'\n"
@@ -858,7 +757,6 @@ func pipelineBuildCommands(imageId string, db *v1alpha1.DependencyBuild, jbsConf
 	// Setting ORAS_OPTIONS to ensure the archive is compatible with jib (for OCIRepositoryClient).
 	preBuildImageArgs := fmt.Sprintf(`echo "Creating pre-build-image archive"
 export ORAS_OPTIONS="%s --image-spec=v1.0 --artifact-type application/vnd.oci.image.config.v1+json"
-cp $(workspaces.source.path)/build.sh $(workspaces.source.path)/source/.jbs
 create-archive --store %s $(results.%s.path)=$(workspaces.source.path)/source
 `, orasOptions, registryArgsWithDefaults(jbsConfig, preBuildImageTag), PipelineResultPreBuildImageDigest)
 
@@ -877,9 +775,6 @@ create-archive --store %s $(results.%s.path)=$(workspaces.source.path)/source
 		"--scm-uri=" + db.Spec.ScmInfo.SCMURL,
 		"--scm-commit=" + db.Spec.ScmInfo.CommitHash,
 	}
-	if !jbsConfig.Spec.ContainerBuilds {
-		deployArgs = append(deployArgs, "--build-info-path=$(workspaces.source.path)/build-info")
-	}
 
 	konfluxArgs := []string{
 		"deploy-pre-build-source",