Skip to content

Commit b2d798a

Browse files
tecarter94tecarter94
committed
Convert domain proxy from Java to Go. Add generic internal proxy support to domain proxy. Integrate building of domain proxy into pipeline build processes. Implement domain proxy integration tests.
1 parent be23096 commit b2d798a

File tree

102 files changed

+3874
-1415
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

102 files changed

+3874
-1415
lines changed

.github/workflows/minikube.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,7 @@ jobs:
7676
export JVM_BUILD_SERVICE_IMAGE=quay.io/$JBS_QUAY_ORG/$JBS_QUAY_IMAGE_CONTROLLER:$JBS_QUAY_IMAGE_TAG
7777
export JVM_BUILD_SERVICE_CACHE_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/cache:$JBS_QUAY_IMAGE_TAG
7878
export JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:$JBS_QUAY_IMAGE_TAG
79+
export JVM_BUILD_SERVICE_DOMAIN_PROXY_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/domain-proxy:$JBS_QUAY_IMAGE_TAG
7980
8081
echo "Using worker namespace $JBS_WORKER_NAMESPACE DEV_IP $DEV_IP JVM_BUILD_SERVICE_IMAGE $JVM_BUILD_SERVICE_IMAGE"
8182
@@ -139,6 +140,7 @@ jobs:
139140
export JVM_BUILD_SERVICE_IMAGE=quay.io/$JBS_QUAY_ORG/$JBS_QUAY_IMAGE_CONTROLLER:$JBS_QUAY_IMAGE_TAG
140141
export JVM_BUILD_SERVICE_CACHE_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/cache:$JBS_QUAY_IMAGE_TAG
141142
export JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:$JBS_QUAY_IMAGE_TAG
143+
export JVM_BUILD_SERVICE_DOMAIN_PROXY_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/domain-proxy:$JBS_QUAY_IMAGE_TAG
142144
143145
echo "Using worker namespace $JBS_WORKER_NAMESPACE DEV_IP $DEV_IP JVM_BUILD_SERVICE_IMAGE $JVM_BUILD_SERVICE_IMAGE"
144146

.tekton/domain-proxy-pull-request.yaml

Lines changed: 34 additions & 63 deletions
Original file line numberDiff line numberDiff line change
@@ -27,18 +27,15 @@ spec:
2727
- name: image-expires-after
2828
value: 5d
2929
- name: dockerfile
30-
value: Dockerfile
30+
value: /cmd/domainproxy/docker/Dockerfile.all-in-one
31+
- name: path-context
32+
value: .
3133
pipelineSpec:
32-
description: |
33-
This pipeline is ideal for building container images from a Containerfile while reducing network traffic.
34-
35-
_Uses `buildah` to create a container image. It also optionally creates a source image and runs some build-time tests. EC will flag a violation for [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) if any tasks are added to the pipeline.
36-
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build?tab=tags)_
3734
finally:
3835
- name: show-sbom
3936
params:
4037
- name: IMAGE_URL
41-
value: $(tasks.build-image-index.results.IMAGE_URL)
38+
value: $(tasks.build-container.results.IMAGE_URL)
4239
taskRef:
4340
params:
4441
- name: name
@@ -57,7 +54,7 @@ spec:
5754
- name: image-url
5855
value: $(params.output-image)
5956
- name: build-task-status
60-
value: $(tasks.build-image-index.status)
57+
value: $(tasks.build-container.status)
6158
taskRef:
6259
params:
6360
- name: name
@@ -107,6 +104,10 @@ spec:
107104
description: Build dependencies to be prefetched by Cachi2
108105
name: prefetch-input
109106
type: string
107+
- default: "false"
108+
description: Java build
109+
name: java
110+
type: string
110111
- default: ""
111112
description: Image tag expiration time, time values could be something like
112113
1h, 2d, 3w for hours, days, and weeks, respectively.
@@ -115,10 +116,6 @@ spec:
115116
description: Build a source image.
116117
name: build-source-image
117118
type: string
118-
- default: "false"
119-
description: Add built image into an OCI image index
120-
name: build-image-index
121-
type: string
122119
- default: []
123120
description: Array of --build-arg values ("arg=value" strings) for buildah
124121
name: build-args
@@ -130,16 +127,19 @@ spec:
130127
results:
131128
- description: ""
132129
name: IMAGE_URL
133-
value: $(tasks.build-image-index.results.IMAGE_URL)
130+
value: $(tasks.build-container.results.IMAGE_URL)
134131
- description: ""
135132
name: IMAGE_DIGEST
136-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
133+
value: $(tasks.build-container.results.IMAGE_DIGEST)
137134
- description: ""
138135
name: CHAINS-GIT_URL
139136
value: $(tasks.clone-repository.results.url)
140137
- description: ""
141138
name: CHAINS-GIT_COMMIT
142139
value: $(tasks.clone-repository.results.commit)
140+
- description: ""
141+
name: JAVA_COMMUNITY_DEPENDENCIES
142+
value: $(tasks.build-container.results.JAVA_COMMUNITY_DEPENDENCIES)
143143
tasks:
144144
- name: init
145145
params:
@@ -252,41 +252,12 @@ spec:
252252
workspaces:
253253
- name: source
254254
workspace: workspace
255-
- name: build-image-index
256-
params:
257-
- name: IMAGE
258-
value: $(params.output-image)
259-
- name: COMMIT_SHA
260-
value: $(tasks.clone-repository.results.commit)
261-
- name: IMAGE_EXPIRES_AFTER
262-
value: $(params.image-expires-after)
263-
- name: ALWAYS_BUILD_INDEX
264-
value: $(params.build-image-index)
265-
- name: IMAGES
266-
value:
267-
- $(tasks.build-container.results.IMAGE_URL)@$(tasks.build-container.results.IMAGE_DIGEST)
268-
runAfter:
269-
- build-container
270-
taskRef:
271-
params:
272-
- name: name
273-
value: build-image-index
274-
- name: bundle
275-
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:ebc17bb22481160eec6eb7277df1e48b90f599bebe563cd4f046807f4e32ced3
276-
- name: kind
277-
value: task
278-
resolver: bundles
279-
when:
280-
- input: $(tasks.init.results.build)
281-
operator: in
282-
values:
283-
- "true"
284255
- name: build-source-image
285256
params:
286257
- name: BINARY_IMAGE
287258
value: $(params.output-image)
288259
runAfter:
289-
- build-image-index
260+
- build-container
290261
taskRef:
291262
params:
292263
- name: name
@@ -311,11 +282,11 @@ spec:
311282
- name: deprecated-base-image-check
312283
params:
313284
- name: IMAGE_URL
314-
value: $(tasks.build-image-index.results.IMAGE_URL)
285+
value: $(tasks.build-container.results.IMAGE_URL)
315286
- name: IMAGE_DIGEST
316-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
287+
value: $(tasks.build-container.results.IMAGE_DIGEST)
317288
runAfter:
318-
- build-image-index
289+
- build-container
319290
taskRef:
320291
params:
321292
- name: name
@@ -333,11 +304,11 @@ spec:
333304
- name: clair-scan
334305
params:
335306
- name: image-digest
336-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
307+
value: $(tasks.build-container.results.IMAGE_DIGEST)
337308
- name: image-url
338-
value: $(tasks.build-image-index.results.IMAGE_URL)
309+
value: $(tasks.build-container.results.IMAGE_URL)
339310
runAfter:
340-
- build-image-index
311+
- build-container
341312
taskRef:
342313
params:
343314
- name: name
@@ -355,9 +326,9 @@ spec:
355326
- name: ecosystem-cert-preflight-checks
356327
params:
357328
- name: image-url
358-
value: $(tasks.build-image-index.results.IMAGE_URL)
329+
value: $(tasks.build-container.results.IMAGE_URL)
359330
runAfter:
360-
- build-image-index
331+
- build-container
361332
taskRef:
362333
params:
363334
- name: name
@@ -375,11 +346,11 @@ spec:
375346
- name: sast-snyk-check
376347
params:
377348
- name: image-digest
378-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
349+
value: $(tasks.build-container.results.IMAGE_DIGEST)
379350
- name: image-url
380-
value: $(tasks.build-image-index.results.IMAGE_URL)
351+
value: $(tasks.build-container.results.IMAGE_URL)
381352
runAfter:
382-
- build-image-index
353+
- build-container
383354
taskRef:
384355
params:
385356
- name: name
@@ -400,11 +371,11 @@ spec:
400371
- name: clamav-scan
401372
params:
402373
- name: image-digest
403-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
374+
value: $(tasks.build-container.results.IMAGE_DIGEST)
404375
- name: image-url
405-
value: $(tasks.build-image-index.results.IMAGE_URL)
376+
value: $(tasks.build-container.results.IMAGE_URL)
406377
runAfter:
407-
- build-image-index
378+
- build-container
408379
taskRef:
409380
params:
410381
- name: name
@@ -422,9 +393,9 @@ spec:
422393
- name: apply-tags
423394
params:
424395
- name: IMAGE
425-
value: $(tasks.build-image-index.results.IMAGE_URL)
396+
value: $(tasks.build-container.results.IMAGE_URL)
426397
runAfter:
427-
- build-image-index
398+
- build-container
428399
taskRef:
429400
params:
430401
- name: name
@@ -437,15 +408,15 @@ spec:
437408
- name: push-dockerfile
438409
params:
439410
- name: IMAGE
440-
value: $(tasks.build-image-index.results.IMAGE_URL)
411+
value: $(tasks.build-container.results.IMAGE_URL)
441412
- name: IMAGE_DIGEST
442-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
413+
value: $(tasks.build-container.results.IMAGE_DIGEST)
443414
- name: DOCKERFILE
444415
value: $(params.dockerfile)
445416
- name: CONTEXT
446417
value: $(params.path-context)
447418
runAfter:
448-
- build-image-index
419+
- build-container
449420
taskRef:
450421
params:
451422
- name: name

0 commit comments

Comments
 (0)