Skip to content

Commit b57f71e

Browse files
tecarter94tecarter94
authored
Merge pull request #2153 from tecarter94/domain-proxy
Domain proxy integration
2 parents be23096 + 52624af commit b57f71e

File tree

104 files changed

+4116
-1523
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

104 files changed

+4116
-1523
lines changed

.github/workflows/minikube.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,7 @@ jobs:
7676
export JVM_BUILD_SERVICE_IMAGE=quay.io/$JBS_QUAY_ORG/$JBS_QUAY_IMAGE_CONTROLLER:$JBS_QUAY_IMAGE_TAG
7777
export JVM_BUILD_SERVICE_CACHE_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/cache:$JBS_QUAY_IMAGE_TAG
7878
export JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:$JBS_QUAY_IMAGE_TAG
79+
export JVM_BUILD_SERVICE_DOMAIN_PROXY_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/domain-proxy:$JBS_QUAY_IMAGE_TAG
7980
8081
echo "Using worker namespace $JBS_WORKER_NAMESPACE DEV_IP $DEV_IP JVM_BUILD_SERVICE_IMAGE $JVM_BUILD_SERVICE_IMAGE"
8182
@@ -139,6 +140,7 @@ jobs:
139140
export JVM_BUILD_SERVICE_IMAGE=quay.io/$JBS_QUAY_ORG/$JBS_QUAY_IMAGE_CONTROLLER:$JBS_QUAY_IMAGE_TAG
140141
export JVM_BUILD_SERVICE_CACHE_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/cache:$JBS_QUAY_IMAGE_TAG
141142
export JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/build-request-processor:$JBS_QUAY_IMAGE_TAG
143+
export JVM_BUILD_SERVICE_DOMAIN_PROXY_IMAGE=quay.io/$JBS_QUAY_ORG/konflux-jbs-pnc-tenant/jvm-build-service/domain-proxy:$JBS_QUAY_IMAGE_TAG
142144
143145
echo "Using worker namespace $JBS_WORKER_NAMESPACE DEV_IP $DEV_IP JVM_BUILD_SERVICE_IMAGE $JVM_BUILD_SERVICE_IMAGE"
144146

.tekton/domain-proxy-pull-request.yaml

Lines changed: 34 additions & 63 deletions
Original file line numberDiff line numberDiff line change
@@ -27,18 +27,15 @@ spec:
2727
- name: image-expires-after
2828
value: 5d
2929
- name: dockerfile
30-
value: Dockerfile
30+
value: /cmd/domainproxy/docker/Dockerfile.all-in-one
31+
- name: path-context
32+
value: .
3133
pipelineSpec:
32-
description: |
33-
This pipeline is ideal for building container images from a Containerfile while reducing network traffic.
34-
35-
_Uses `buildah` to create a container image. It also optionally creates a source image and runs some build-time tests. EC will flag a violation for [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) if any tasks are added to the pipeline.
36-
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build?tab=tags)_
3734
finally:
3835
- name: show-sbom
3936
params:
4037
- name: IMAGE_URL
41-
value: $(tasks.build-image-index.results.IMAGE_URL)
38+
value: $(tasks.build-container.results.IMAGE_URL)
4239
taskRef:
4340
params:
4441
- name: name
@@ -57,7 +54,7 @@ spec:
5754
- name: image-url
5855
value: $(params.output-image)
5956
- name: build-task-status
60-
value: $(tasks.build-image-index.status)
57+
value: $(tasks.build-container.status)
6158
taskRef:
6259
params:
6360
- name: name
@@ -107,6 +104,10 @@ spec:
107104
description: Build dependencies to be prefetched by Cachi2
108105
name: prefetch-input
109106
type: string
107+
- default: "false"
108+
description: Java build
109+
name: java
110+
type: string
110111
- default: ""
111112
description: Image tag expiration time, time values could be something like
112113
1h, 2d, 3w for hours, days, and weeks, respectively.
@@ -115,10 +116,6 @@ spec:
115116
description: Build a source image.
116117
name: build-source-image
117118
type: string
118-
- default: "false"
119-
description: Add built image into an OCI image index
120-
name: build-image-index
121-
type: string
122119
- default: []
123120
description: Array of --build-arg values ("arg=value" strings) for buildah
124121
name: build-args
@@ -130,16 +127,19 @@ spec:
130127
results:
131128
- description: ""
132129
name: IMAGE_URL
133-
value: $(tasks.build-image-index.results.IMAGE_URL)
130+
value: $(tasks.build-container.results.IMAGE_URL)
134131
- description: ""
135132
name: IMAGE_DIGEST
136-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
133+
value: $(tasks.build-container.results.IMAGE_DIGEST)
137134
- description: ""
138135
name: CHAINS-GIT_URL
139136
value: $(tasks.clone-repository.results.url)
140137
- description: ""
141138
name: CHAINS-GIT_COMMIT
142139
value: $(tasks.clone-repository.results.commit)
140+
- description: ""
141+
name: JAVA_COMMUNITY_DEPENDENCIES
142+
value: $(tasks.build-container.results.JAVA_COMMUNITY_DEPENDENCIES)
143143
tasks:
144144
- name: init
145145
params:
@@ -252,41 +252,12 @@ spec:
252252
workspaces:
253253
- name: source
254254
workspace: workspace
255-
- name: build-image-index
256-
params:
257-
- name: IMAGE
258-
value: $(params.output-image)
259-
- name: COMMIT_SHA
260-
value: $(tasks.clone-repository.results.commit)
261-
- name: IMAGE_EXPIRES_AFTER
262-
value: $(params.image-expires-after)
263-
- name: ALWAYS_BUILD_INDEX
264-
value: $(params.build-image-index)
265-
- name: IMAGES
266-
value:
267-
- $(tasks.build-container.results.IMAGE_URL)@$(tasks.build-container.results.IMAGE_DIGEST)
268-
runAfter:
269-
- build-container
270-
taskRef:
271-
params:
272-
- name: name
273-
value: build-image-index
274-
- name: bundle
275-
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:ebc17bb22481160eec6eb7277df1e48b90f599bebe563cd4f046807f4e32ced3
276-
- name: kind
277-
value: task
278-
resolver: bundles
279-
when:
280-
- input: $(tasks.init.results.build)
281-
operator: in
282-
values:
283-
- "true"
284255
- name: build-source-image
285256
params:
286257
- name: BINARY_IMAGE
287258
value: $(params.output-image)
288259
runAfter:
289-
- build-image-index
260+
- build-container
290261
taskRef:
291262
params:
292263
- name: name
@@ -311,11 +282,11 @@ spec:
311282
- name: deprecated-base-image-check
312283
params:
313284
- name: IMAGE_URL
314-
value: $(tasks.build-image-index.results.IMAGE_URL)
285+
value: $(tasks.build-container.results.IMAGE_URL)
315286
- name: IMAGE_DIGEST
316-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
287+
value: $(tasks.build-container.results.IMAGE_DIGEST)
317288
runAfter:
318-
- build-image-index
289+
- build-container
319290
taskRef:
320291
params:
321292
- name: name
@@ -333,11 +304,11 @@ spec:
333304
- name: clair-scan
334305
params:
335306
- name: image-digest
336-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
307+
value: $(tasks.build-container.results.IMAGE_DIGEST)
337308
- name: image-url
338-
value: $(tasks.build-image-index.results.IMAGE_URL)
309+
value: $(tasks.build-container.results.IMAGE_URL)
339310
runAfter:
340-
- build-image-index
311+
- build-container
341312
taskRef:
342313
params:
343314
- name: name
@@ -355,9 +326,9 @@ spec:
355326
- name: ecosystem-cert-preflight-checks
356327
params:
357328
- name: image-url
358-
value: $(tasks.build-image-index.results.IMAGE_URL)
329+
value: $(tasks.build-container.results.IMAGE_URL)
359330
runAfter:
360-
- build-image-index
331+
- build-container
361332
taskRef:
362333
params:
363334
- name: name
@@ -375,11 +346,11 @@ spec:
375346
- name: sast-snyk-check
376347
params:
377348
- name: image-digest
378-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
349+
value: $(tasks.build-container.results.IMAGE_DIGEST)
379350
- name: image-url
380-
value: $(tasks.build-image-index.results.IMAGE_URL)
351+
value: $(tasks.build-container.results.IMAGE_URL)
381352
runAfter:
382-
- build-image-index
353+
- build-container
383354
taskRef:
384355
params:
385356
- name: name
@@ -400,11 +371,11 @@ spec:
400371
- name: clamav-scan
401372
params:
402373
- name: image-digest
403-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
374+
value: $(tasks.build-container.results.IMAGE_DIGEST)
404375
- name: image-url
405-
value: $(tasks.build-image-index.results.IMAGE_URL)
376+
value: $(tasks.build-container.results.IMAGE_URL)
406377
runAfter:
407-
- build-image-index
378+
- build-container
408379
taskRef:
409380
params:
410381
- name: name
@@ -422,9 +393,9 @@ spec:
422393
- name: apply-tags
423394
params:
424395
- name: IMAGE
425-
value: $(tasks.build-image-index.results.IMAGE_URL)
396+
value: $(tasks.build-container.results.IMAGE_URL)
426397
runAfter:
427-
- build-image-index
398+
- build-container
428399
taskRef:
429400
params:
430401
- name: name
@@ -437,15 +408,15 @@ spec:
437408
- name: push-dockerfile
438409
params:
439410
- name: IMAGE
440-
value: $(tasks.build-image-index.results.IMAGE_URL)
411+
value: $(tasks.build-container.results.IMAGE_URL)
441412
- name: IMAGE_DIGEST
442-
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
413+
value: $(tasks.build-container.results.IMAGE_DIGEST)
443414
- name: DOCKERFILE
444415
value: $(params.dockerfile)
445416
- name: CONTEXT
446417
value: $(params.path-context)
447418
runAfter:
448-
- build-image-index
419+
- build-container
449420
taskRef:
450421
params:
451422
- name: name

0 commit comments

Comments
 (0)