Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge sbom manipulation steps #1291

Merged
merged 1 commit into from
Aug 14, 2024
Merged

Merge sbom manipulation steps #1291

merged 1 commit into from
Aug 14, 2024

Conversation

mkosiarc
Copy link
Contributor

@mkosiarc mkosiarc commented Aug 13, 2024
edited
Loading

The steps merge-syft-sboms, merge-cachi2-sbom, create-purl-sbom, create-base-images-sbom were merged into single "prepare-sboms" step. This is done because the tekton results size for a task depends on the number of steps. By reducing the number of the steps we increase the limit.

The scripts from the individual steps were moved to the build-tasks-dockerfiles repo that also contains the Dockerfile for the sbom-utility-scripts image.

STONEBLD-2608

@mkosiarc
Copy link
Contributor Author

Here is the associated PR konflux-ci/build-tasks-dockerfiles#154

@mkosiarc mkosiarc mentioned this pull request Aug 13, 2024
Merged
@mkosiarc mkosiarc marked this pull request as ready for review August 13, 2024 13:14
@mkosiarc mkosiarc marked this pull request as draft August 13, 2024 13:15
@mkosiarc mkosiarc marked this pull request as ready for review August 13, 2024 13:45
@mkosiarc
Copy link
Contributor Author

/retest

chmeliik
chmeliik reviewed Aug 13, 2024
View reviewed changes
task/buildah-oci-ta/0.2/buildah-oci-ta.yaml
#!/bin/python3
import json
echo "Merging contents of sbom-source.json and sbom-image.json into sbom-cyclonedx.json"
python3 /scripts/merge_syft_sboms.py
Copy link
Contributor

@chmeliik chmeliik Aug 13, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As the next improvement, we should make these scripts accept params for the sbom paths, similar to the merge_cachi2_sboms.py and base_images_sbom_script.py scripts.

In the current state, the scripts that don't take params just look like magic :D

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree, let's do that as a next improvement (not part of this round of PRs)

@mkosiarc mkosiarc force-pushed the merge-steps branch 2 times, most recently from c523116 to feedf32 Compare August 14, 2024 10:23
@mkosiarc
Merge sbom manipulation steps
1e73297 
The steps merge-syft-sboms, merge-cachi2-sbom, create-purl-sbom, create-base-images-sbom
were merged into single "prepare-sboms" step. This is done because the
tekton results size for a task depends on the number of steps. By
reducing the number of the steps we increase the limit.

The scripts from the individual steps were moved to the
build-tasks-dockerfiles repo that also contains the Dockerfile for the
sbom-utility-scripts image.

STONEBLD-2608

Signed-off-by: mkosiarc <[email protected]>
mmorhun
mmorhun approved these changes Aug 14, 2024
View reviewed changes
task/buildah-oci-ta/0.2/buildah-oci-ta.yaml
- name: merge-syft-sboms
image: registry.access.redhat.com/ubi9/python-39:1-192.1722518946@sha256:0176b477075984d5a502253f951d2502f0763c551275f9585ac515b9f241d73d
- name: prepare-sboms
image: quay.io/redhat-appstudio/sbom-utility-scripts-image@sha256:064eeec1cfb75abd21b533bf0d9870a7a3fb138f30192596dce28061798cbf06
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure we need -image suffix in the mage name.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't, but not sure if it is worth it renaming it now. I would have to create a new repo in quay, create additional PR in build-task-dockerfiles and update it in this one as well.

@mkosiarc mkosiarc requested a review from chmeliik August 14, 2024 10:49
@mkosiarc mkosiarc added this pull request to the merge queue Aug 14, 2024
Merged via the queue into konflux-ci:main with commit 935188b Aug 14, 2024
9 checks passed
@rh-tap-build-team rh-tap-build-team bot mentioned this pull request Aug 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mmorhun mmorhun mmorhun approved these changes

@tkdchen tkdchen tkdchen approved these changes

@tisutisu tisutisu Awaiting requested review from tisutisu

@rcerven rcerven Awaiting requested review from rcerven

@tnevrlka tnevrlka Awaiting requested review from tnevrlka

@chmeliik chmeliik Awaiting requested review from chmeliik

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@mkosiarc @tkdchen @mmorhun @chmeliik @openshift-merge-robot