Skip to content

Commit

Permalink
Merge pull request #61 from redhat-appstudio/selfupdate/import-build-…
Browse files Browse the repository at this point in the history
…definitions

Sync build-definitions
  • Loading branch information
openshift-merge-bot[bot] authored Nov 15, 2024
2 parents b6aa61c + 3b1ce0f commit 6f3db94
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 17 deletions.
2 changes: 1 addition & 1 deletion pac/pipelines/gitops-pull-request-rhtap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ spec:
workspaces:
- name: source
workspace: workspace
- name: verify-enteprise-contract
- name: verify-enterprise-contract
params:
- name: IMAGES
value: $(tasks.get-images-to-verify.results.IMAGES_TO_VERIFY)
Expand Down
2 changes: 1 addition & 1 deletion pac/tasks/acs-deploy-check.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ spec:
image: registry.redhat.io/openshift4/ose-cli:4.13@sha256:73df37794ffff7de1101016c23dc623e4990810390ebdabcbbfa065214352c7c
script: |
#!/usr/bin/env bash
echo "acs-image-scan $(context.taskRun.name)"
echo "acs-deploy-check $(context.taskRun.name)"
oc annotate taskrun $(context.taskRun.name) task.results.format=application/json
oc annotate taskrun $(context.taskRun.name) task.results.type=roxctl-deployment-check
oc annotate taskrun $(context.taskRun.name) task.results.container=step-report
Expand Down
2 changes: 1 addition & 1 deletion pac/tasks/acs-image-check.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ spec:
image: registry.redhat.io/openshift4/ose-cli:4.13@sha256:73df37794ffff7de1101016c23dc623e4990810390ebdabcbbfa065214352c7c
script: |
#!/usr/bin/env bash
echo "acs-image-scan $(context.taskRun.name)"
echo "acs-image-check $(context.taskRun.name)"
oc annotate taskrun $(context.taskRun.name) task.results.format=application/json
oc annotate taskrun $(context.taskRun.name) task.results.type=roxctl-image-check
oc annotate taskrun $(context.taskRun.name) task.results.container=step-report
Expand Down
39 changes: 25 additions & 14 deletions pac/tasks/acs-image-scan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -129,20 +129,31 @@ spec:
echo "roxctl image scan"
IMAGE=${PARAM_IMAGE}@${PARAM_IMAGE_DIGEST}
./roxctl image scan \
$( [ "${PARAM_INSECURE_SKIP_TLS_VERIFY}" = "true" ] && \
echo -n "--insecure-skip-tls-verify") \
-e "${ROX_CENTRAL_ENDPOINT}" --image "$IMAGE" --output json --force \
> roxctl_image_scan_output.json
image_scan_err_code=$?
cp roxctl_image_scan_output.json /steps-shared-folder/acs-image-scan.json
if [ $image_scan_err_code -ne 0 ]; then
cat roxctl_image_scan_output.json
note='ACS image scan failed to process the image. See the task logs for more details.'
echo $note
set_test_output_result ERROR "$note"
exit 2
fi
retry=3
while true; do
retry=$(( retry - 1 ))
./roxctl image scan \
$( [ "${PARAM_INSECURE_SKIP_TLS_VERIFY}" = "true" ] && \
echo -n "--insecure-skip-tls-verify") \
-e "${ROX_CENTRAL_ENDPOINT}" --image "$IMAGE" --output json --force \
> roxctl_image_scan_output.json
image_scan_err_code=$?
cp -f roxctl_image_scan_output.json /steps-shared-folder/acs-image-scan.json
if [ $image_scan_err_code -ne 0 ]; then
cat roxctl_image_scan_output.json
if [ "$(grep -c "context deadline exceeded" roxctl_image_scan_output.json)" -ne 0 ] && [ $retry -gt 0 ]; then
echo "Retry in 5m"
sleep 300
else
note='ACS image scan failed to process the image. See the task logs for more details.'
echo "$note"
set_test_output_result ERROR "$note"
exit 2
fi
else
break
fi
done
# Set SCAN_OUTPUT result
critical=$(cat roxctl_image_scan_output.json | grep -oP '(?<="CRITICAL": )\d+')
Expand Down
6 changes: 6 additions & 0 deletions pac/tasks/git-clone.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,10 @@ spec:
name: url
- description: The commit timestamp of the checkout
name: commit-timestamp
- description: The precise URL that was fetched by this Task. This result uses Chains type hinting to include in the provenance.
name: CHAINS-GIT_URL
- description: The precise commit SHA that was fetched by this Task. This result uses Chains type hinting to include in the provenance.
name: CHAINS-GIT_COMMIT
steps:
- name: clone
env:
Expand Down Expand Up @@ -245,8 +249,10 @@ spec:
exit "${EXIT_CODE}"
fi
printf "%s" "${RESULT_SHA}" > "$(results.commit.path)"
printf "%s" "${RESULT_SHA}" > "$(results.CHAINS-GIT_COMMIT.path)"
printf "%s" "${RESULT_SHA_SHORT}" > "$(results.short-commit.path)"
printf "%s" "${PARAM_URL}" > "$(results.url.path)"
printf "%s" "${PARAM_URL}" > "$(results.CHAINS-GIT_URL.path)"
printf "%s" "$(git log -1 --pretty=%ct)" > "$(results.commit-timestamp.path)"
if [ "${PARAM_FETCH_TAGS}" = "true" ] ; then
Expand Down

0 comments on commit 6f3db94

Please sign in to comment.