Skip to content

Konflux build pipeline service account migration #1230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: rhoai-2.13
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 12 additions & 6 deletions .tekton/odh-trustyai-service-operator-v2-13-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,10 @@ metadata:
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "rhoai-2.13" && !matches(source_branch, "^konflux/references") && !matches(source_branch, "^konflux/component-updates")
creationTimestamp:
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch
== "rhoai-2.13" && !matches(source_branch, "^konflux/references") && !matches(source_branch,
"^konflux/component-updates")
creationTimestamp: null
labels:
appstudio.openshift.io/application: rhoai-v2-13
appstudio.openshift.io/component: odh-trustyai-service-operator-v2-13
Expand Down Expand Up @@ -63,11 +65,13 @@ spec:
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where to build image.
description: Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
description: Path to the Dockerfile inside the context specified by parameter
path-context
name: dockerfile
type: string
- default: "false"
Expand All @@ -87,7 +91,8 @@ spec:
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
Expand Down Expand Up @@ -466,7 +471,8 @@ spec:
optional: true
- name: netrc
optional: true
taskRunTemplate: {}
taskRunTemplate:
serviceAccountName: build-pipeline-odh-trustyai-service-operator-v2-13
workspaces:
- name: git-auth
secret:
Expand Down
44 changes: 25 additions & 19 deletions .tekton/odh-trustyai-service-operator-v2-13-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,15 @@ apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/build-nudge-files: build/operator-nudging.yaml
build.appstudio.openshift.io/repo: https://github.com/red-hat-data-services/trustyai-service-operator?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/max-keep-runs: "3"
build.appstudio.openshift.io/build-nudge-files: "build/operator-nudging.yaml"
pipelinesascode.tekton.dev/on-cel-expression: |
event == "push"
&& target_branch == "rhoai-2.13"
&& ( !".tekton/**".pathChanged() || ".tekton/odh-trustyai-service-operator-v2-13-push.yaml".pathChanged() )
creationTimestamp:
pipelinesascode.tekton.dev/on-cel-expression: "event == \"push\" \n&& target_branch
== \"rhoai-2.13\"\n&& ( !\".tekton/**\".pathChanged() || \".tekton/odh-trustyai-service-operator-v2-13-push.yaml\".pathChanged()
)\n"
creationTimestamp: null
labels:
appstudio.openshift.io/application: rhoai-v2-13
appstudio.openshift.io/component: odh-trustyai-service-operator-v2-13
Expand Down Expand Up @@ -55,7 +54,7 @@ spec:
- name: send-slack-notification
params:
- name: message
value: "$(tasks.rhoai-init.results.slack-message-failure-text)"
value: $(tasks.rhoai-init.results.slack-message-failure-text)
- name: secret-name
value: rhoai-konflux-secret
- name: key-name
Expand All @@ -73,7 +72,7 @@ spec:
- input: $(tasks.status)
operator: in
values:
- "Failed"
- Failed
- input: $(tasks.rhoai-init.results.skip-slack-message)
operator: in
values:
Expand All @@ -90,11 +89,13 @@ spec:
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where to build image.
description: Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
description: Path to the Dockerfile inside the context specified by parameter
path-context
name: dockerfile
type: string
- default: "false"
Expand All @@ -114,7 +115,8 @@ spec:
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "true"
description: Build a source image.
Expand Down Expand Up @@ -149,31 +151,34 @@ spec:
- name: rhoai-init
params:
- name: pipelinerun-name
value: "$(context.pipelineRun.name)"
value: $(context.pipelineRun.name)
taskSpec:
metadata: {}
results:
- description: Notification text to be posted to slack
name: slack-message-failure-text
- description: Skip slack message
name: skip-slack-message
spec: null
steps:
- image: quay.io/rhoai-konflux/alpine:latest
name: rhoai-init
- computeResources: {}
env:
- name: slack_message
valueFrom:
secretKeyRef:
name: rhoai-konflux-secret
key: slack-component-failure-notification
name: rhoai-konflux-secret
- name: CLUSTER
valueFrom:
secretKeyRef:
name: rhoai-konflux-secret
key: CLUSTER
name: rhoai-konflux-secret
- name: BUILD_URL
valueFrom:
fieldRef:
fieldPath: metadata.labels['pipelinesascode.tekton.dev/log-url']
image: quay.io/rhoai-konflux/alpine:latest
name: rhoai-init
script: |
if echo "$BUILD_URL" | grep -F -v "$CLUSTER"; then
echo "Build URL does not match expected cluster $CLUSTER."
Expand Down Expand Up @@ -212,6 +217,8 @@ spec:
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
runAfter:
- rhoai-init
taskRef:
params:
- name: name
Expand All @@ -221,8 +228,6 @@ spec:
- name: kind
value: task
resolver: bundles
runAfter:
- rhoai-init
- name: clone-repository
params:
- name: url
Expand Down Expand Up @@ -564,7 +569,8 @@ spec:
optional: true
- name: netrc
optional: true
taskRunTemplate: {}
taskRunTemplate:
serviceAccountName: build-pipeline-odh-trustyai-service-operator-v2-13
workspaces:
- name: git-auth
secret:
Expand Down