From bbd536cff6b1ea971493b9ff0b4febab66c9b57a Mon Sep 17 00:00:00 2001 From: MohammadiIram Date: Wed, 30 Oct 2024 14:14:49 +0530 Subject: [PATCH 01/38] add changes for generic fetcher --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 4 +++- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 ++ generic_lockfile.yaml | 10 ++++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 generic_lockfile.yaml diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 409a22f5..ff2629f5 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -30,6 +30,8 @@ spec: value: Dockerfile.konflux - name: path-context value: . + - name: prefetch-input + value: '{"type": "generic_lockfile", "path": "."}' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. @@ -101,7 +103,7 @@ spec: description: Skip checks against built image name: skip-checks type: string - - default: "false" + - default: "true" description: Execute the build with network isolation name: hermetic type: string diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index 5d9c2ab9..2405ded0 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -43,6 +43,8 @@ spec: value: 'master' - name: pnc-profile value: 'prod' + - name: prefetch-input + value: '{"type": "generic_lockfile", "path": "."}' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. diff --git a/generic_lockfile.yaml b/generic_lockfile.yaml new file mode 100644 index 00000000..58003f62 --- /dev/null +++ b/generic_lockfile.yaml @@ -0,0 +1,10 @@ +metadata: + version: "1.0" +artifacts: + - download_url: https://github.com/cachito-testing/cachi2-generic/archive/refs/tags/v1.0.0.zip + checksums: + sha256: 4fbcaa2a8d17c1f8042578627c122361ab18b7973311e7e9c598696732902f87 + - download_url: https://github.com/cachito-testing/cachi2-generic/archive/refs/tags/v2.0.0.zip + target: archive.zip + checksums: + sha256: 386428a82f37345fa24b74068e0e79f4c1f2ff38d4f5c106ea14de4a2926e584 \ No newline at end of file From 98effb574d19a58c08b5546102136f397b944455 Mon Sep 17 00:00:00 2001 From: MohammadiIram Date: Wed, 30 Oct 2024 14:16:06 +0530 Subject: [PATCH 02/38] add changes for generic fetcher --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index 2405ded0..250f8bb2 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -159,7 +159,7 @@ spec: description: Skip checks against built image name: skip-checks type: string - - default: "false" + - default: "true" description: Execute the build with network isolation name: hermetic type: string From cb3afa22a2b2703cbbe4f62a385fc0838ac24df3 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 14:51:30 +0530 Subject: [PATCH 03/38] Update .tekton/odh-trustyai-service-v2-16-push.yaml Co-authored-by: Jan Koscielniak --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index 250f8bb2..f2390c68 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -44,7 +44,7 @@ spec: - name: pnc-profile value: 'prod' - name: prefetch-input - value: '{"type": "generic_lockfile", "path": "."}' + value: '{"type": "generic", "path": "."}' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. From 9b000dd4bc112b267471072652979fc544f6543a Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 14:52:06 +0530 Subject: [PATCH 04/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index ff2629f5..15120049 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -31,7 +31,7 @@ spec: - name: path-context value: . - name: prefetch-input - value: '{"type": "generic_lockfile", "path": "."}' + value: '{"type": "generic", "path": "."}' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. From c1d3d5d79dc4fe0f5e145624fd1122405e9ac38a Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 19:18:37 +0530 Subject: [PATCH 05/38] Update generic_lockfile.yaml --- generic_lockfile.yaml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/generic_lockfile.yaml b/generic_lockfile.yaml index 58003f62..e9bf26f6 100644 --- a/generic_lockfile.yaml +++ b/generic_lockfile.yaml @@ -1,10 +1,6 @@ metadata: - version: "1.0" + version: "1.0" artifacts: - - download_url: https://github.com/cachito-testing/cachi2-generic/archive/refs/tags/v1.0.0.zip - checksums: - sha256: 4fbcaa2a8d17c1f8042578627c122361ab18b7973311e7e9c598696732902f87 - - download_url: https://github.com/cachito-testing/cachi2-generic/archive/refs/tags/v2.0.0.zip - target: archive.zip - checksums: - sha256: 386428a82f37345fa24b74068e0e79f4c1f2ff38d4f5c106ea14de4a2926e584 \ No newline at end of file + - download_url: https://indy.corp.redhat.com/api/content/maven/hosted/pnc-builds/org/kie/trustyai/explainability-service/999.0.0.managedsvc-redhat-00974/explainability-service-999.0.0.managedsvc-redhat-00974.zip + checksums: + sha256: 2c87e93fab6ba2d538e4970a68e8be5973c87ef008fca4d68f1176f2477d6150 From 438236c10263de844fa3ba4b7678cedc34fddda5 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 21:26:04 +0530 Subject: [PATCH 06/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index f2390c68..7ddaeecd 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -344,7 +344,7 @@ spec: name: pnc-file-list steps: - name: run-pnc-build - image: quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/pnc/pnc-cli:48a761b5093bc474850b2ebcf06641825940deb7 + image: quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/pnc/pnc-cli@sha256:00f29bb186e3afedbffeb57942038f7d9ad747640e0a4ae2c53c573a8cdece74 env: - name: SSO_SERVICE_ACCOUNT_NAME valueFrom: From f4f7726e548539c9a92f06a1c2a2db99d2473ef7 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 22:45:50 +0530 Subject: [PATCH 07/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index 7ddaeecd..dca75666 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -386,6 +386,8 @@ spec: echo -e "\nGetting the list of built files (to be used later in the container build) ..." jq '[.builds[].builtArtifacts[]?.downloadUrl ]' "$PNC_CLI_OUTPUT_FILE" > "$(results.pnc-file-list.path)" + jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json + cat $(results.pnc-file-list.path) workspaces: From a578654cc058bd581bf38729564fd1e7d018e0f9 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 22:49:04 +0530 Subject: [PATCH 08/38] Update Dockerfile.konflux --- Dockerfile.konflux | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index 2ec27a88..0ceeecdf 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -29,11 +29,15 @@ ENV STAGE_DIR="/tmp/artifacts" WORKDIR $STAGE_DIR # Filter the zip files only and unzip them in /root/ -RUN echo "$PNC_FILES_JSON" | jq -r '.[] | select(test("\\.zip$"))' | \ - while read url; do wget --no-check-certificate "$url"; done && \ - for file in *.zip; do unzip -d /root/ "$file"; done - +#RUN echo "$PNC_FILES_JSON" | jq -r '.[] | select(test("\\.zip$"))' | \ + # while read url; do wget --no-check-certificate "$url"; done && \ + # for file in *.zip; do unzip -d /root/ "$file"; done +# Change to the output directory and unzip .zip files into /root/ +RUN cd /cachi2/output/deps/generic && \ + for file in *.zip; do + unzip -d /root/ "$file" + done ############################################################################### FROM registry.redhat.io/ubi8/openjdk-17-runtime@sha256:e2f33a6c60db4f4e70882a4a557eec5890997f8a1be7e3eb8971a0ff8a45a1a8 as runtime From 5ddd52e98d3356d1b7ae3222fb8c1cee31227f6c Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 22:51:17 +0530 Subject: [PATCH 09/38] Update .tekton/odh-trustyai-service-v2-16-push.yaml Co-authored-by: Jan Koscielniak --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index dca75666..0d2f5ab5 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -386,7 +386,7 @@ spec: echo -e "\nGetting the list of built files (to be used later in the container build) ..." jq '[.builds[].builtArtifacts[]?.downloadUrl ]' "$PNC_CLI_OUTPUT_FILE" > "$(results.pnc-file-list.path)" - jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json + jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json > /workspace/output/generic_lockfile.yaml cat $(results.pnc-file-list.path) From 72d320e694694c09a03208f47eaf84672c98acfb Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Wed, 30 Oct 2024 22:51:59 +0530 Subject: [PATCH 10/38] Delete generic_lockfile.yaml --- generic_lockfile.yaml | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 generic_lockfile.yaml diff --git a/generic_lockfile.yaml b/generic_lockfile.yaml deleted file mode 100644 index e9bf26f6..00000000 --- a/generic_lockfile.yaml +++ /dev/null @@ -1,6 +0,0 @@ -metadata: - version: "1.0" -artifacts: - - download_url: https://indy.corp.redhat.com/api/content/maven/hosted/pnc-builds/org/kie/trustyai/explainability-service/999.0.0.managedsvc-redhat-00974/explainability-service-999.0.0.managedsvc-redhat-00974.zip - checksums: - sha256: 2c87e93fab6ba2d538e4970a68e8be5973c87ef008fca4d68f1176f2477d6150 From a11e920aba0c91958ad29f95d97cb311c0e9828f Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 12:08:25 +0530 Subject: [PATCH 11/38] Create rpms.in.yaml --- rpms.in.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 rpms.in.yaml diff --git a/rpms.in.yaml b/rpms.in.yaml new file mode 100644 index 00000000..0086f431 --- /dev/null +++ b/rpms.in.yaml @@ -0,0 +1,8 @@ +contentOrigin: + repofiles: + - ubi.repo +packages: + - unzip + - jq + - wget + - shadow-utils From 7c3421e15038a6cf3280c563df3cf210266b22f8 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 12:08:52 +0530 Subject: [PATCH 12/38] Create rpms.lock.yaml --- rpms.lock.yaml | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 rpms.lock.yaml diff --git a/rpms.lock.yaml b/rpms.lock.yaml new file mode 100644 index 00000000..17bdcdf5 --- /dev/null +++ b/rpms.lock.yaml @@ -0,0 +1,64 @@ +--- +lockfileVersion: 1 +lockfileVendor: redhat +arches: +- arch: x86_64 + packages: + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/appstream/os/Packages/j/jq-1.6-9.el8_10.x86_64.rpm + repoid: ubi-8-appstream-rpms + size: 207896 + checksum: sha256:baaa3660d87c4f3c12776e051b7f13835fee8918389a57673519e3389eb7aa3b + name: jq + evr: 1.6-9.el8_10 + sourcerpm: jq-1.6-9.el8_10.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/appstream/os/Packages/o/oniguruma-6.8.2-3.el8.x86_64.rpm + repoid: ubi-8-appstream-rpms + size: 192632 + checksum: sha256:1c5c91d8a33987892ec7320c08311a31245be91800aa5879e20d137971bd053f + name: oniguruma + evr: 6.8.2-3.el8 + sourcerpm: oniguruma-6.8.2-3.el8.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/appstream/os/Packages/w/wget-1.19.5-12.el8_10.x86_64.rpm + repoid: ubi-8-appstream-rpms + size: 751872 + checksum: sha256:8d609774711cea9728faf684ff7e9b389f0f3c2052aa04bcf3061950a830058b + name: wget + evr: 1.19.5-12.el8_10 + sourcerpm: wget-1.19.5-12.el8_10.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/e/expat-2.2.5-15.el8_10.x86_64.rpm + repoid: ubi-8-baseos-rpms + size: 117148 + checksum: sha256:1ae9138f9947f182ad077393c16522941bce2f225eee687a0387f0f71c416bc0 + name: expat + evr: 2.2.5-15.el8_10 + sourcerpm: expat-2.2.5-15.el8_10.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/l/libmetalink-0.1.3-7.el8.x86_64.rpm + repoid: ubi-8-baseos-rpms + size: 32784 + checksum: sha256:cd7c30d21e7240f60f0861c229e17fda43e855ab4c78fab39f47f7ae2be5720e + name: libmetalink + evr: 0.1.3-7.el8 + sourcerpm: libmetalink-0.1.3-7.el8.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/l/libsemanage-2.9-9.el8_6.x86_64.rpm + repoid: ubi-8-baseos-rpms + size: 172128 + checksum: sha256:1f686a73273028ca85b5a6ac858292d7b7d2fcbe379d6912ba12fc0a49ac4cce + name: libsemanage + evr: 2.9-9.el8_6 + sourcerpm: libsemanage-2.9-9.el8_6.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/s/shadow-utils-4.6-22.el8.x86_64.rpm + repoid: ubi-8-baseos-rpms + size: 1292332 + checksum: sha256:ea73ee201451bbca0d6d14ca434c93800f01c8fb1b9daef727a5af1a27356d07 + name: shadow-utils + evr: 2:4.6-22.el8 + sourcerpm: shadow-utils-4.6-22.el8.src.rpm + - url: https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/u/unzip-6.0-46.el8.x86_64.rpm + repoid: ubi-8-baseos-rpms + size: 200568 + checksum: sha256:af382b8bbb076e8662abf092c89ddd233796c6b8ed201d37fbcfcc07824295dd + name: unzip + evr: 6.0-46.el8 + sourcerpm: unzip-6.0-46.el8.src.rpm + source: [] + module_metadata: [] From 50952fcec9f15fd6f60a52dcf4926aedb8d97899 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 12:09:10 +0530 Subject: [PATCH 13/38] Create ubi.repo --- ubi.repo | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 ubi.repo diff --git a/ubi.repo b/ubi.repo new file mode 100644 index 00000000..bdc28e0a --- /dev/null +++ b/ubi.repo @@ -0,0 +1,70 @@ +[ubi-8-baseos-rpms] +name = Red Hat Universal Base Image 8 (RPMs) - BaseOS +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os +enabled = 1 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-baseos-debug-rpms] +name = Red Hat Universal Base Image 8 (Debug RPMs) - BaseOS +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/debug +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-baseos-source] +name = Red Hat Universal Base Image 8 (Source RPMs) - BaseOS +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/source/SRPMS +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-appstream-rpms] +name = Red Hat Universal Base Image 8 (RPMs) - AppStream +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os +enabled = 1 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-appstream-debug-rpms] +name = Red Hat Universal Base Image 8 (Debug RPMs) - AppStream +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/debug +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-appstream-source] +name = Red Hat Universal Base Image 8 (Source RPMs) - AppStream +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/source/SRPMS +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-codeready-builder-rpms] +name = Red Hat Universal Base Image 8 (RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os +enabled = 1 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-codeready-builder] +name = Red Hat Universal Base Image 8 (RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + + +[ubi-8-codeready-builder-debug-rpms] +name = Red Hat Universal Base Image 8 (Debug RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/debug +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-codeready-builder-source] +name = Red Hat Universal Base Image 8 (Source RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/source/SRPMS +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 From acfc0929416aeac6afe75a805e41f6699345e64d Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 12:10:16 +0530 Subject: [PATCH 14/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 15120049..6d794789 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -31,7 +31,7 @@ spec: - name: path-context value: . - name: prefetch-input - value: '{"type": "generic", "path": "."}' + value: '{"type": "rpm", "path": "."}' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. @@ -193,6 +193,8 @@ spec: params: - name: input value: $(params.prefetch-input) + - name: dev-package-managers + value: "true" runAfter: - clone-repository taskRef: From f71f77a4975a28d757e11ffb79cc8f07aeb1f18f Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 12:10:55 +0530 Subject: [PATCH 15/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index 0d2f5ab5..93a1cb84 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -44,7 +44,7 @@ spec: - name: pnc-profile value: 'prod' - name: prefetch-input - value: '{"type": "generic", "path": "."}' + value: '{"type": "rpm", "path": "."}' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. @@ -398,6 +398,8 @@ spec: params: - name: input value: $(params.prefetch-input) + - name: dev-package-managers + value: "true" runAfter: - pnc-cli-build taskRef: From f8e18d3f422550de4b173749930e76fa2532408d Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 12:16:38 +0530 Subject: [PATCH 16/38] Update Dockerfile.konflux --- Dockerfile.konflux | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index 0ceeecdf..2da559bd 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -16,7 +16,7 @@ ARG SOURCE_CODE=. ARG CI_CONTAINER_VERSION="unknown" -FROM registry.redhat.io/ubi8/ubi-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c AS stage +FROM registry.redhat.io/ubi8/ubi-minimal@sha256:4e07d79182a85dd10951c19f294a7b6e9dcc7d73e02efc5a969cdbd24f37e929 AS stage # Define a build argument for the PNC list of built files ARG PNC_FILES_JSON From 7acaf4acdeb92d05e89a3d659b0ed8f5ebbe6b28 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 13:28:29 +0530 Subject: [PATCH 17/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 6d794789..56b4bd5a 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -31,7 +31,7 @@ spec: - name: path-context value: . - name: prefetch-input - value: '{"type": "rpm", "path": "."}' + value: [{"path": ".", "type": "rpm"}, {"path": ".", "type": "generic"}] pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. From b6920cdd72742b9c55b3ec89f0ca09b7e70f2f1e Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 13:28:57 +0530 Subject: [PATCH 18/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index 93a1cb84..ddaaec8a 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -44,7 +44,7 @@ spec: - name: pnc-profile value: 'prod' - name: prefetch-input - value: '{"type": "rpm", "path": "."}' + value: [{"path": ".", "type": "rpm"}, {"path": ".", "type": "generic"}] pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. From a2081658fdc8655ffb99ccf4c3d3a12b2fe4c756 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 16:58:05 +0530 Subject: [PATCH 19/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 56b4bd5a..15d613fb 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -202,7 +202,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:fe7234e3824d1e65d6a7aac352e7a6bbce623d90d8d7da9aceeee108ad2c61be + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:17b60ada3c2adb88fc2af6964cc73d386b41c235424c815f8e21f9b01a34a4f5 - name: kind value: task resolver: bundles From 5cd1517e9bd7daaa45f60102717cadd49bf7b727 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 16:58:44 +0530 Subject: [PATCH 20/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index ddaaec8a..c29c6e63 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -407,7 +407,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:fe7234e3824d1e65d6a7aac352e7a6bbce623d90d8d7da9aceeee108ad2c61be + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:17b60ada3c2adb88fc2af6964cc73d386b41c235424c815f8e21f9b01a34a4f5 - name: kind value: task resolver: bundles From b3f2a91756dc09b45bfdfb7c7b78bbfcb3c9bd30 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 17:02:00 +0530 Subject: [PATCH 21/38] Update Dockerfile.konflux --- Dockerfile.konflux | 9 --------- 1 file changed, 9 deletions(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index 2da559bd..ff998322 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -18,21 +18,12 @@ ARG CI_CONTAINER_VERSION="unknown" FROM registry.redhat.io/ubi8/ubi-minimal@sha256:4e07d79182a85dd10951c19f294a7b6e9dcc7d73e02efc5a969cdbd24f37e929 AS stage -# Define a build argument for the PNC list of built files -ARG PNC_FILES_JSON -RUN echo "Files to download: $PNC_FILES_JSON" - # Install packages for the install script and extract archives RUN microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y unzip jq wget ENV STAGE_DIR="/tmp/artifacts" WORKDIR $STAGE_DIR -# Filter the zip files only and unzip them in /root/ -#RUN echo "$PNC_FILES_JSON" | jq -r '.[] | select(test("\\.zip$"))' | \ - # while read url; do wget --no-check-certificate "$url"; done && \ - # for file in *.zip; do unzip -d /root/ "$file"; done - # Change to the output directory and unzip .zip files into /root/ RUN cd /cachi2/output/deps/generic && \ for file in *.zip; do From 9a19d429e2cccd7f8d9457bca9f3ab1e5dcdf401 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 17:06:54 +0530 Subject: [PATCH 22/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 15d613fb..835099d5 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -202,7 +202,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:17b60ada3c2adb88fc2af6964cc73d386b41c235424c815f8e21f9b01a34a4f5 + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:sha256:3be04adda63fc843db5eea837cabe33317a6d4f378c559de0c7ef888103e7fd4 - name: kind value: task resolver: bundles From 71649cac832d7c7d12d110c1b83108b609bcc4f9 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 17:07:22 +0530 Subject: [PATCH 23/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 835099d5..53819361 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -202,7 +202,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:sha256:3be04adda63fc843db5eea837cabe33317a6d4f378c559de0c7ef888103e7fd4 + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:3be04adda63fc843db5eea837cabe33317a6d4f378c559de0c7ef888103e7fd4 - name: kind value: task resolver: bundles From 13a3ed2e33542983d1ead80448090e7d6bc5c602 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 17:09:16 +0530 Subject: [PATCH 24/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index c29c6e63..ffda3d02 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -407,7 +407,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:17b60ada3c2adb88fc2af6964cc73d386b41c235424c815f8e21f9b01a34a4f5 + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:3be04adda63fc843db5eea837cabe33317a6d4f378c559de0c7ef888103e7fd4 - name: kind value: task resolver: bundles From 5f1223668c88f1aa754013a07769eac04f243573 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 19:37:04 +0530 Subject: [PATCH 25/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 53819361..2a7fd03b 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -202,7 +202,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:3be04adda63fc843db5eea837cabe33317a6d4f378c559de0c7ef888103e7fd4 + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies@sha256:f53fe5482599b39ae2d1004cf09a2026fd9dd3822ab6ef46b51b4a398b0a3232 - name: kind value: task resolver: bundles From 49c3ce9fc45e9783d45afe13b819177e7b9f806c Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 19:37:39 +0530 Subject: [PATCH 26/38] Update odh-trustyai-service-v2-16-push.yaml --- .tekton/odh-trustyai-service-v2-16-push.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-push.yaml b/.tekton/odh-trustyai-service-v2-16-push.yaml index ffda3d02..58adea00 100644 --- a/.tekton/odh-trustyai-service-v2-16-push.yaml +++ b/.tekton/odh-trustyai-service-v2-16-push.yaml @@ -407,7 +407,7 @@ spec: - name: name value: prefetch-dependencies - name: bundle - value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies:0.1@sha256:3be04adda63fc843db5eea837cabe33317a6d4f378c559de0c7ef888103e7fd4 + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies@sha256:f53fe5482599b39ae2d1004cf09a2026fd9dd3822ab6ef46b51b4a398b0a3232 - name: kind value: task resolver: bundles From 66f210c00ab65d1ece1493d3088d3675246c42e3 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 19:50:59 +0530 Subject: [PATCH 27/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- ...h-trustyai-service-v2-16-pull-request.yaml | 145 +++++++++++++++++- 1 file changed, 144 insertions(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index 2a7fd03b..b0d8e2a7 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -32,6 +32,18 @@ spec: value: . - name: prefetch-input value: [{"path": ".", "type": "rpm"}, {"path": ".", "type": "generic"}] + - name: build-config-git-url + value: 'https://github.com/red-hat-data-services/RHOAI-Build-Config.git' + - name: build-config-revision + value: 'rhoai-2.16' + - name: build-config-path + value: 'trustyai-pig-builds/build-config.yaml' + - name: pnc-cli-config-git-url + value: 'https://gitlab.cee.redhat.com/project-ncl/utils.git' + - name: pnc-cli-config-revision + value: 'master' + - name: pnc-profile + value: 'prod' pipelineSpec: description: | This pipeline is ideal for building container images from a Containerfile while reducing network traffic. @@ -75,6 +87,27 @@ spec: - name: workspace workspace: workspace params: + - name: build-config-git-url + description: Source Repository URL containing the build configuration + type: string + - name: build-config-revision + default: "" + description: Revision of the Source Repository containing the build configuration + type: string + - name: build-config-path + default: "build-config.yaml" + description: Full path of the build configuration file + type: string + - description: Source Repository URL containing the PNC CLI configuration + name: pnc-cli-config-git-url + type: string + - default: "" + description: Revision of the Source Repository containing the PNC CLI configuration + name: pnc-cli-config-revision + type: string + - name: pnc-profile + value: 'prod' + - description: Source Repository URL name: git-url type: string @@ -189,6 +222,115 @@ spec: workspace: workspace - name: basic-auth workspace: git-auth + + - name: clone-build-config-repository + params: + - name: url + value: $(params.build-config-git-url) + - name: revision + value: $(params.build-config-revision) + - name: subdirectory + value: build-config + - name: sslVerify + value: false + taskRef: + params: + - name: name + value: git-clone + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-git-clone:0.1@sha256:0bb1be8363557e8e07ec34a3c5daaaaa23c9d533f0bb12f00dc604d00de50814 + - name: kind + value: task + resolver: bundles + workspaces: + - name: output + workspace: workspace + - name: basic-auth + workspace: git-auth + + - name: clone-pnc-cli-config-repository + params: + - name: url + value: $(params.pnc-cli-config-git-url) + - name: revision + value: $(params.pnc-cli-config-revision) + - name: subdirectory + value: cli-config + - name: sslVerify + value: false + runAfter: + - clone-build-config-repository + taskRef: + params: + - name: name + value: git-clone + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-git-clone:0.1@sha256:0bb1be8363557e8e07ec34a3c5daaaaa23c9d533f0bb12f00dc604d00de50814 + - name: kind + value: task + resolver: bundles + workspaces: + - name: output + workspace: workspace + - name: basic-auth + workspace: git-auth + + - name: pnc-cli-build + runAfter: + - clone-pnc-cli-config-repository + taskSpec: + results: + - description: The file containing the list of pnc built artifacts to be later installed inside the container build + name: pnc-file-list + steps: + - name: run-pnc-build + image: quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/pnc/pnc-cli:48a761b5093bc474850b2ebcf06641825940deb7 + env: + - name: SSO_SERVICE_ACCOUNT_NAME + valueFrom: + secretKeyRef: + name: pnc-secret + key: svc.account.username + - name: SSO_SERVICE_ACCOUNT_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: pnc-secret + key: svc.account.password + - name: PNC_PROFILE + valueFrom: + secretKeyRef: + name: pnc-secret + key: pnc.profile + + script: | + #!/bin/bash + set -e + + echo -e "\n=== Build config ===" + cat /workspace/output/build-config/$(params.build-config-path) + cp /workspace/output/build-config/$(params.build-config-path) /workspace/output + echo -e "====================" + + echo -e "\nReplacing credentials in the CLI config ..." + envsubst '${SSO_SERVICE_ACCOUNT_NAME} ${SSO_SERVICE_ACCOUNT_CLIENT_SECRET}' < /workspace/output/cli-config/konflux/configs/pnc_cli/config.yaml > /workspace/output/config.yaml + + echo -e "\nStarting the PNC build ..." + PNC_CLI_OUTPUT_FILE="/workspace/output/pnc-cli-run-output.json" + java -jar /home/jboss/bacon.jar pig run --mode=FORCE --downloadAttempts=3 /workspace/output -p /workspace/output --profile ${PNC_PROFILE} --jsonOutput > $PNC_CLI_OUTPUT_FILE + + echo -e "\nFinished the PNC build!" + echo -e "\n=== PNC build output ===" + cat $PNC_CLI_OUTPUT_FILE + echo -e "====================" + + echo -e "\nGetting the list of built files (to be used later in the container build) ..." + jq '[.builds[].builtArtifacts[]?.downloadUrl ]' "$PNC_CLI_OUTPUT_FILE" > "$(results.pnc-file-list.path)" + + cat $(results.pnc-file-list.path) + + workspaces: + - name: output + workspace: workspace - name: prefetch-dependencies params: - name: input @@ -196,7 +338,7 @@ spec: - name: dev-package-managers value: "true" runAfter: - - clone-repository + - pnc-cli-build taskRef: params: - name: name @@ -236,6 +378,7 @@ spec: value: $(tasks.clone-repository.results.commit) - name: BUILD_ARGS value: + - PNC_FILES_JSON=$(tasks.pnc-cli-build.results.pnc-file-list) - $(params.build-args[*]) - name: BUILD_ARGS_FILE value: $(params.build-args-file) From 8f0bc5ce81fbc406dcd22ce2aea64c9fd8685ddc Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Thu, 31 Oct 2024 20:00:20 +0530 Subject: [PATCH 28/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index b0d8e2a7..cc8b771c 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -325,6 +325,8 @@ spec: echo -e "\nGetting the list of built files (to be used later in the container build) ..." jq '[.builds[].builtArtifacts[]?.downloadUrl ]' "$PNC_CLI_OUTPUT_FILE" > "$(results.pnc-file-list.path)" + + jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json > /workspace/output/generic_lockfile.yaml cat $(results.pnc-file-list.path) From f0e07b3c6525d4e809776f4b4851c873e1c10c8a Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 10:19:32 +0530 Subject: [PATCH 29/38] Update Dockerfile.konflux --- Dockerfile.konflux | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index ff998322..ae021b36 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -25,7 +25,7 @@ ENV STAGE_DIR="/tmp/artifacts" WORKDIR $STAGE_DIR # Change to the output directory and unzip .zip files into /root/ -RUN cd /cachi2/output/deps/generic && \ +RUN cd /cachi2/source/deps/generic && \ for file in *.zip; do unzip -d /root/ "$file" done From 136e386c15cbc18b71709efe7c13bd4a48e560ce Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 10:44:52 +0530 Subject: [PATCH 30/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index cc8b771c..b3543ac7 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -284,7 +284,7 @@ spec: name: pnc-file-list steps: - name: run-pnc-build - image: quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/pnc/pnc-cli:48a761b5093bc474850b2ebcf06641825940deb7 + image: quay.io/redhat-user-workloads/konflux-jbs-pnc-tenant/pnc/pnc-cli@sha256:00f29bb186e3afedbffeb57942038f7d9ad747640e0a4ae2c53c573a8cdece74 env: - name: SSO_SERVICE_ACCOUNT_NAME valueFrom: From 5a95ade5a2a16c64e6ecf03fdead9d2b68037012 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 11:09:09 +0530 Subject: [PATCH 31/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index b3543ac7..dfe45546 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -1,5 +1,6 @@ apiVersion: tekton.dev/v1 kind: PipelineRun +#test metadata: annotations: build.appstudio.openshift.io/repo: https://github.com/red-hat-data-services/trustyai-explainability?rev={{revision}} From a2fd156dd3583c1b920d1299d762bfe13bd2254f Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 13:54:25 +0530 Subject: [PATCH 32/38] Update .tekton/odh-trustyai-service-v2-16-pull-request.yaml Co-authored-by: Jan Koscielniak --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index dfe45546..cd85845b 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -327,13 +327,15 @@ spec: echo -e "\nGetting the list of built files (to be used later in the container build) ..." jq '[.builds[].builtArtifacts[]?.downloadUrl ]' "$PNC_CLI_OUTPUT_FILE" > "$(results.pnc-file-list.path)" - jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json > /workspace/output/generic_lockfile.yaml + jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json > /workspace/source/generic_lockfile.yaml cat $(results.pnc-file-list.path) workspaces: - name: output workspace: workspace + - name: source + workspace: workspace - name: prefetch-dependencies params: - name: input From f6f9f77b0065073ec8b904bea67b5f7e05d836a6 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 20:53:52 +0530 Subject: [PATCH 33/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index cd85845b..c4c2ed6a 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -327,8 +327,7 @@ spec: echo -e "\nGetting the list of built files (to be used later in the container build) ..." jq '[.builds[].builtArtifacts[]?.downloadUrl ]' "$PNC_CLI_OUTPUT_FILE" > "$(results.pnc-file-list.path)" - jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json > /workspace/source/generic_lockfile.yaml - + jq '{metadata: {version: "1.0"}, artifacts: [.builds[].builtArtifacts[]? | select(.downloadUrl | endswith(".zip")) | {download_url: .downloadUrl , checksums: {sha256: .sha256}}] }' $PNC_CLI_OUTPUT_FILE | yq -p json > "$(workspaces.source.path)/source/generic_lockfile.yaml" cat $(results.pnc-file-list.path) workspaces: From 7facec547bcabe8af058a46254c1f3a47b2f42ea Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 22:33:58 +0530 Subject: [PATCH 34/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index c4c2ed6a..bf60eaf8 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -308,16 +308,16 @@ spec: set -e echo -e "\n=== Build config ===" - cat /workspace/output/build-config/$(params.build-config-path) - cp /workspace/output/build-config/$(params.build-config-path) /workspace/output + cat /workspace/source/build-config/$(params.build-config-path) + cp /workspace/source/build-config/$(params.build-config-path) /workspace/source echo -e "====================" echo -e "\nReplacing credentials in the CLI config ..." - envsubst '${SSO_SERVICE_ACCOUNT_NAME} ${SSO_SERVICE_ACCOUNT_CLIENT_SECRET}' < /workspace/output/cli-config/konflux/configs/pnc_cli/config.yaml > /workspace/output/config.yaml + envsubst '${SSO_SERVICE_ACCOUNT_NAME} ${SSO_SERVICE_ACCOUNT_CLIENT_SECRET}' < /workspace/source/cli-config/konflux/configs/pnc_cli/config.yaml > /workspace/source/config.yaml echo -e "\nStarting the PNC build ..." - PNC_CLI_OUTPUT_FILE="/workspace/output/pnc-cli-run-output.json" - java -jar /home/jboss/bacon.jar pig run --mode=FORCE --downloadAttempts=3 /workspace/output -p /workspace/output --profile ${PNC_PROFILE} --jsonOutput > $PNC_CLI_OUTPUT_FILE + PNC_CLI_OUTPUT_FILE="/workspace/source/pnc-cli-run-output.json" + java -jar /home/jboss/bacon.jar pig run --mode=FORCE --downloadAttempts=3 /workspace/source -p /workspace/source --profile ${PNC_PROFILE} --jsonOutput > $PNC_CLI_OUTPUT_FILE echo -e "\nFinished the PNC build!" echo -e "\n=== PNC build output ===" From 499f8350cb55f2cf12851889f58de88863265bd5 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 22:34:54 +0530 Subject: [PATCH 35/38] Update odh-trustyai-service-v2-16-pull-request.yaml --- .tekton/odh-trustyai-service-v2-16-pull-request.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml index bf60eaf8..ac64d2c7 100644 --- a/.tekton/odh-trustyai-service-v2-16-pull-request.yaml +++ b/.tekton/odh-trustyai-service-v2-16-pull-request.yaml @@ -331,8 +331,6 @@ spec: cat $(results.pnc-file-list.path) workspaces: - - name: output - workspace: workspace - name: source workspace: workspace - name: prefetch-dependencies From e07641a9032ee5885294bf72940a945d04980bf6 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 22:50:52 +0530 Subject: [PATCH 36/38] Update Dockerfile.konflux --- Dockerfile.konflux | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index ae021b36..46a6adb7 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -16,7 +16,7 @@ ARG SOURCE_CODE=. ARG CI_CONTAINER_VERSION="unknown" -FROM registry.redhat.io/ubi8/ubi-minimal@sha256:4e07d79182a85dd10951c19f294a7b6e9dcc7d73e02efc5a969cdbd24f37e929 AS stage +FROM registry.redhat.io/ubi8/ubi-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c AS stage # Install packages for the install script and extract archives RUN microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y unzip jq wget From 152dab5c47a8c4f8c88a0e6aecfd9773a7818a20 Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 23:00:50 +0530 Subject: [PATCH 37/38] Update Dockerfile.konflux --- Dockerfile.konflux | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index 46a6adb7..44ffa07e 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -16,7 +16,7 @@ ARG SOURCE_CODE=. ARG CI_CONTAINER_VERSION="unknown" -FROM registry.redhat.io/ubi8/ubi-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c AS stage +FROM registry.redhat.io/ubi8/ubi-minimal AS stage # Install packages for the install script and extract archives RUN microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y unzip jq wget From f49038f1c16e278f98a2376873fd84fb48f4a5da Mon Sep 17 00:00:00 2001 From: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com> Date: Fri, 1 Nov 2024 23:11:35 +0530 Subject: [PATCH 38/38] Update Dockerfile.konflux --- Dockerfile.konflux | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Dockerfile.konflux b/Dockerfile.konflux index 44ffa07e..90a90b78 100644 --- a/Dockerfile.konflux +++ b/Dockerfile.konflux @@ -16,7 +16,7 @@ ARG SOURCE_CODE=. ARG CI_CONTAINER_VERSION="unknown" -FROM registry.redhat.io/ubi8/ubi-minimal AS stage +FROM registry.redhat.io/ubi8/ubi-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c AS stage # Install packages for the install script and extract archives RUN microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y unzip jq wget @@ -26,9 +26,7 @@ WORKDIR $STAGE_DIR # Change to the output directory and unzip .zip files into /root/ RUN cd /cachi2/source/deps/generic && \ - for file in *.zip; do - unzip -d /root/ "$file" - done + for file in *.zip; do unzip -d /root/ "$file"; done ############################################################################### FROM registry.redhat.io/ubi8/openjdk-17-runtime@sha256:e2f33a6c60db4f4e70882a4a557eec5890997f8a1be7e3eb8971a0ff8a45a1a8 as runtime