diff --git a/.konflux/applications/serverless-operator-136/components/imagerepositories/kn-plugin-func-func-util-116.yaml b/.konflux/applications/serverless-operator-136/components/imagerepositories/kn-plugin-func-func-util-116.yaml new file mode 100755 index 000000000..5941aac13 --- /dev/null +++ b/.konflux/applications/serverless-operator-136/components/imagerepositories/kn-plugin-func-func-util-116.yaml @@ -0,0 +1,13 @@ +apiVersion: appstudio.redhat.com/v1alpha1 +kind: ImageRepository +metadata: + annotations: + image-controller.appstudio.redhat.com/update-component-image: "true" + labels: + appstudio.redhat.com/application: serverless-operator-136 + appstudio.redhat.com/component: kn-plugin-func-func-util-116 + name: kn-plugin-func-func-util-116 +spec: + image: + name: serverless-operator-136/kn-plugin-func-func-util + visibility: public diff --git a/.konflux/applications/serverless-operator-136/components/kn-plugin-func-func-util-116.yaml b/.konflux/applications/serverless-operator-136/components/kn-plugin-func-func-util-116.yaml new file mode 100755 index 000000000..e030cedcf --- /dev/null +++ b/.konflux/applications/serverless-operator-136/components/kn-plugin-func-func-util-116.yaml @@ -0,0 +1,22 @@ +apiVersion: appstudio.redhat.com/v1alpha1 +kind: Component +metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build","bundle":"latest"}' + build.appstudio.openshift.io/request: configure-pac-no-mr + name: kn-plugin-func-func-util-116 +spec: + componentName: kn-plugin-func-func-util-116 + application: serverless-operator-136 + + build-nudges-ref: + + - "serverless-bundle-136" + + + source: + git: + url: https://github.com/openshift-knative/kn-plugin-func.git + context: + dockerfileUrl: openshift/ci-operator/knative-images/func-util/Dockerfile + revision: release-v1.16 diff --git a/.tekton/docker-build.yaml b/.tekton/docker-build.yaml new file mode 100755 index 000000000..81ba40d0d --- /dev/null +++ b/.tekton/docker-build.yaml @@ -0,0 +1,531 @@ +apiVersion: tekton.dev/v1 +kind: Pipeline +metadata: + creationTimestamp: null + labels: + pipelines.openshift.io/runtime: generic + pipelines.openshift.io/strategy: docker + pipelines.openshift.io/used-by: build-cloud + name: docker-build +spec: + description: | + This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization. + + _Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks. + This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_ + finally: + - name: show-sbom + params: + - name: IMAGE_URL + value: $(tasks.build-image-index.results.IMAGE_URL) + taskRef: + params: + - name: name + value: show-sbom + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:945a7c9066d3e0a95d3fddb7e8a6992e4d632a2a75d8f3a9bd2ff2fef0ec9aa0 + - name: kind + value: task + resolver: bundles + params: + - default: + - linux/x86_64 + - linux/arm64 + - linux/ppc64le + - linux/s390x + description: List of platforms to build the container images on. The available + set of values is determined by the configuration of the multi-platform-controller. + name: build-platforms + type: array + - default: --all-projects --org=3e1a4cca-ebfb-495f-b64c-3cc960d566b4 --exclude=test*,vendor,third_party + description: Append arguments to Snyk code command. + name: snyk-args + type: string + - default: "true" + description: Build a source image. + name: build-source-image + type: string + - default: "false" + description: 'Enable in-development package managers. WARNING: the behavior may + change at any time without notice. Use at your own risk.' + name: prefetch-input-dev-package-managers + - default: [] + description: Additional image tags + name: additional-tags + type: array + - description: Source Repository URL + name: git-url + type: string + - default: "" + description: Revision of the Source Repository + name: revision + type: string + - description: Fully Qualified Output Image + name: output-image + type: string + - default: . + description: Path to the source code of an application's component from where + to build image. + name: path-context + type: string + - default: Dockerfile + description: Path to the Dockerfile inside the context specified by parameter + path-context + name: dockerfile + type: string + - default: "false" + description: Force rebuild image + name: rebuild + type: string + - default: "false" + description: Skip checks against built image + name: skip-checks + type: string + - default: "false" + description: Execute the build with network isolation + name: hermetic + type: string + - default: "" + description: Build dependencies to be prefetched by Cachi2 + name: prefetch-input + type: string + - default: "" + description: Image tag expiration time, time values could be something like 1h, + 2d, 3w for hours, days, and weeks, respectively. + name: image-expires-after + - default: "true" + description: Add built image into an OCI image index + name: build-image-index + type: string + - default: [] + description: Array of --build-arg values ("arg=value" strings) for buildah + name: build-args + type: array + - default: "" + description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file + name: build-args-file + type: string + results: + - description: "" + name: IMAGE_URL + value: $(tasks.build-image-index.results.IMAGE_URL) + - description: "" + name: IMAGE_DIGEST + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - description: "" + name: CHAINS-GIT_URL + value: $(tasks.clone-repository.results.url) + - description: "" + name: CHAINS-GIT_COMMIT + value: $(tasks.clone-repository.results.commit) + tasks: + - name: sast-snyk-check + params: + - name: ARGS + value: $(params.snyk-args) + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-snyk-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.3@sha256:ed777841052e05c61abc9fc66f6aad65f113bad719eeb2e04ce490fc175aaebe + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: prefetch-dependencies + params: + - name: dev-package-managers + value: $(params.prefetch-input-dev-package-managers) + - name: input + value: $(params.prefetch-input) + - name: SOURCE_ARTIFACT + value: $(tasks.clone-repository.results.SOURCE_ARTIFACT) + - name: ociStorage + value: $(params.output-image).prefetch + - name: ociArtifactExpiresAfter + value: $(params.image-expires-after) + runAfter: + - clone-repository + taskRef: + params: + - name: name + value: prefetch-dependencies-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.1@sha256:593714c3b029ef748a38d6cefea122294df2390172d7694b720be62bb416ff59 + - name: kind + value: task + resolver: bundles + workspaces: + - name: git-basic-auth + workspace: git-auth + - name: netrc + workspace: netrc + - name: apply-tags + params: + - name: ADDITIONAL_TAGS + value: $(params.additional-tags[*]) + - name: IMAGE + value: $(tasks.build-image-index.results.IMAGE_URL) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: apply-tags + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.1@sha256:fa7aa88ffe01eeeaa07c8720b27e50e27f6f136ef33595efaa16a0eb4598ea02 + - name: kind + value: task + resolver: bundles + - name: init + params: + - name: image-url + value: $(params.output-image) + - name: rebuild + value: $(params.rebuild) + - name: skip-checks + value: $(params.skip-checks) + taskRef: + params: + - name: name + value: init + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:4c6712db9419461b8c8a39523c012cb0dc061fb58563bb9170b3777d74f54659 + - name: kind + value: task + resolver: bundles + - name: clone-repository + params: + - name: url + value: $(params.git-url) + - name: revision + value: $(params.revision) + - name: ociStorage + value: $(params.output-image).git + - name: ociArtifactExpiresAfter + value: $(params.image-expires-after) + runAfter: + - init + taskRef: + params: + - name: name + value: git-clone-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:36d98ab04eaac2c964149060c773ac20df42f91527db6c40b7b250e6eeff5821 + - name: kind + value: task + resolver: bundles + when: + - input: $(tasks.init.results.build) + operator: in + values: + - "true" + workspaces: + - name: basic-auth + workspace: git-auth + - matrix: + params: + - name: PLATFORM + value: + - $(params.build-platforms) + name: build-images + params: + - name: IMAGE + value: $(params.output-image) + - name: DOCKERFILE + value: $(params.dockerfile) + - name: CONTEXT + value: $(params.path-context) + - name: HERMETIC + value: $(params.hermetic) + - name: PREFETCH_INPUT + value: $(params.prefetch-input) + - name: IMAGE_EXPIRES_AFTER + value: $(params.image-expires-after) + - name: COMMIT_SHA + value: $(tasks.clone-repository.results.commit) + - name: BUILD_ARGS + value: + - $(params.build-args[*]) + - name: BUILD_ARGS_FILE + value: $(params.build-args-file) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + - name: IMAGE_APPEND_PLATFORM + value: "true" + runAfter: + - prefetch-dependencies + taskRef: + params: + - name: name + value: buildah-remote-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.3@sha256:e7e029e27a415bde652791f251f904b347f0c197ce0a6665e0a7e82d40ae04d8 + - name: kind + value: task + resolver: bundles + when: + - input: $(tasks.init.results.build) + operator: in + values: + - "true" + - name: build-image-index + params: + - name: IMAGE + value: $(params.output-image) + - name: COMMIT_SHA + value: $(tasks.clone-repository.results.commit) + - name: IMAGE_EXPIRES_AFTER + value: $(params.image-expires-after) + - name: ALWAYS_BUILD_INDEX + value: $(params.build-image-index) + - name: IMAGES + value: + - $(tasks.build-images.results.IMAGE_REF[*]) + runAfter: + - build-images + taskRef: + params: + - name: name + value: build-image-index + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:be5e5d4ef43f14f6dc3f8da4df52b3e3b2529f9d64e706471b0317b5a07a9046 + - name: kind + value: task + resolver: bundles + when: + - input: $(tasks.init.results.build) + operator: in + values: + - "true" + - name: build-source-image + params: + - name: BINARY_IMAGE + value: $(params.output-image) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: source-build-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.1@sha256:18241f95266a5e4316449f25a600f0f035d32a81c72ecd609a7e886de1843163 + - name: kind + value: task + resolver: bundles + when: + - input: $(tasks.init.results.build) + operator: in + values: + - "true" + - input: $(params.build-source-image) + operator: in + values: + - "true" + - name: deprecated-base-image-check + params: + - name: IMAGE_URL + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: IMAGE_DIGEST + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: deprecated-image-check + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:241f87f75a6e4303fbd64b32ba1715d76fe3805c48a6c21829e6a564bcc3a576 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: clair-scan + params: + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: clair-scan + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:f636f2cbe91d9d4d9685a38c8bc680a36e17f568ec0e60a93da82d1284b488c5 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: ecosystem-cert-preflight-checks + params: + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: ecosystem-cert-preflight-checks + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.1@sha256:df8a25a3431a70544172ed4844f9d0c6229d39130633960729f825a031a7dea9 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: clamav-scan + params: + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: clamav-scan + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:0db068e8a59612472a2483f5113893d0c5c9102e9ad7647d9a4789360e5bc2dc + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: sast-shell-check + params: + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-shell-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:9b0138a597445f3887697da69c9b8b91368f0b72b98e9304fa209b43523bd6fb + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: sast-unicode-check + params: + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + - name: CACHI2_ARTIFACT + value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: sast-unicode-check-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.1@sha256:42e5ecfd7213e2c670cf75287dab4217ab9f6c41a43a04be2528218e8fc3a08f + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + - name: push-dockerfile + params: + - name: IMAGE + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: IMAGE_DIGEST + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + - name: DOCKERFILE + value: $(params.dockerfile) + - name: CONTEXT + value: $(params.path-context) + - name: SOURCE_ARTIFACT + value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: push-dockerfile-oci-ta + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:fcd9016f1cd5d1085b5e823cdf04a4e77ce80f67d0990af7853e70755aa25d54 + - name: kind + value: task + resolver: bundles + - name: rpms-signature-scan + params: + - name: image-url + value: $(tasks.build-image-index.results.IMAGE_URL) + - name: image-digest + value: $(tasks.build-image-index.results.IMAGE_DIGEST) + runAfter: + - build-image-index + taskRef: + params: + - name: name + value: rpms-signature-scan + - name: bundle + value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:3bf6d1bcd57af1095b06b4c489f965551364b1f1f72a807de9cab3c23142dca5 + - name: kind + value: task + resolver: bundles + when: + - input: $(params.skip-checks) + operator: in + values: + - "false" + workspaces: + - name: git-auth + optional: true + - name: netrc + optional: true diff --git a/.tekton/kn-plugin-func-func-util-116-pull-request.yaml b/.tekton/kn-plugin-func-func-util-116-pull-request.yaml new file mode 100755 index 000000000..c8aa18883 --- /dev/null +++ b/.tekton/kn-plugin-func-func-util-116-pull-request.yaml @@ -0,0 +1,52 @@ +apiVersion: tekton.dev/v1 +kind: PipelineRun +metadata: + annotations: + build.appstudio.openshift.io/repo: https://github.com/openshift-knative/kn-plugin-func?rev={{revision}} + build.appstudio.redhat.com/commit_sha: '{{revision}}' + build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' + build.appstudio.redhat.com/target_branch: '{{target_branch}}' + pipelinesascode.tekton.dev/max-keep-runs: "3" + pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch == "release-v1.16" + creationTimestamp: null + labels: + appstudio.openshift.io/application: serverless-operator-136 + appstudio.openshift.io/component: kn-plugin-func-func-util-116 + pipelines.appstudio.openshift.io/type: build + name: kn-plugin-func-func-util-116-on-pull-request + namespace: ocp-serverless-tenant +spec: + params: + - name: dockerfile + value: openshift/ci-operator/knative-images/func-util/Dockerfile + - name: build-args + value: + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 + - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal + - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 + - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 + - name: git-url + value: '{{source_url}}' + - name: hermetic + value: "true" + - name: image-expires-after + value: 5d + - name: output-image + value: quay.io/redhat-user-workloads/ocp-serverless-tenant/serverless-operator-136/kn-plugin-func-func-util:on-pr-{{revision}} + - name: build-platforms + value: + - linux/x86_64 + - name: revision + value: '{{revision}}' + - name: prefetch-input + value: '[{"type":"rpm"},{"path":".","type":"gomod"}]' + - name: prefetch-input-dev-package-managers + value: 'true' + pipelineRef: + name: docker-build + taskRunTemplate: {} + workspaces: + - name: git-auth + secret: + secretName: '{{ git_auth_secret }}' diff --git a/.tekton/kn-plugin-func-func-util-116-push.yaml b/.tekton/kn-plugin-func-func-util-116-push.yaml new file mode 100755 index 000000000..321b47a53 --- /dev/null +++ b/.tekton/kn-plugin-func-func-util-116-push.yaml @@ -0,0 +1,51 @@ +apiVersion: tekton.dev/v1 +kind: PipelineRun +metadata: + annotations: + build.appstudio.openshift.io/repo: https://github.com/openshift-knative/kn-plugin-func?rev={{revision}} + build.appstudio.redhat.com/commit_sha: '{{revision}}' + build.appstudio.redhat.com/target_branch: '{{target_branch}}' + pipelinesascode.tekton.dev/max-keep-runs: "3" + pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch == "release-v1.16" + creationTimestamp: null + labels: + appstudio.openshift.io/application: serverless-operator-136 + appstudio.openshift.io/component: kn-plugin-func-func-util-116 + pipelines.appstudio.openshift.io/type: build + name: kn-plugin-func-func-util-116-on-push + namespace: ocp-serverless-tenant +spec: + params: + - name: dockerfile + value: openshift/ci-operator/knative-images/func-util/Dockerfile + - name: build-args + value: + - GO_BUILDER=brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_8_golang_1.22 + - GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal + - JAVA_BUILDER=registry.access.redhat.com/ubi8/openjdk-21 + - JAVA_RUNTIME=registry.access.redhat.com/ubi8/openjdk-21-runtime + - VERSION=1.36.0 + - name: git-url + value: '{{source_url}}' + - name: hermetic + value: "true" + - name: output-image + value: quay.io/redhat-user-workloads/ocp-serverless-tenant/serverless-operator-136/kn-plugin-func-func-util:{{revision}} + - name: revision + value: '{{revision}}' + - name: additional-tags + value: + - $(context.pipelineRun.uid)-{{revision}} + - 1.36.0 + - latest + - name: prefetch-input + value: '[{"type":"rpm"},{"path":".","type":"gomod"}]' + - name: prefetch-input-dev-package-managers + value: 'true' + pipelineRef: + name: docker-build + taskRunTemplate: {} + workspaces: + - name: git-auth + secret: + secretName: '{{ git_auth_secret }}' diff --git a/openshift/ci-operator/build-image/Dockerfile b/openshift/ci-operator/build-image/Dockerfile index deaa53199..c141d4fb9 100755 --- a/openshift/ci-operator/build-image/Dockerfile +++ b/openshift/ci-operator/build-image/Dockerfile @@ -19,7 +19,7 @@ RUN wget https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 && RUN ./get-helm-3 --version v3.11.3 --no-sudo && helm version RUN GOFLAGS='' go install github.com/mikefarah/yq/v3@latest -RUN GOFLAGS='' go install -tags="exclude_graphdriver_btrfs containers_image_openpgp" github.com/containers/skopeo/cmd/skopeo@v1.16.1 +RUN GOFLAGS='' go install -tags="exclude_graphdriver_btrfs containers_image_openpgp" github.com/containers/skopeo/cmd/skopeo@v1.17.0 # go install creates $GOPATH/.cache with root permissions, we delete it here # to avoid permission issues with the runtime users diff --git a/openshift/ci-operator/knative-images/func-util/Dockerfile b/openshift/ci-operator/knative-images/func-util/Dockerfile index ddf4908fb..403b03726 100755 --- a/openshift/ci-operator/knative-images/func-util/Dockerfile +++ b/openshift/ci-operator/knative-images/func-util/Dockerfile @@ -4,6 +4,7 @@ ARG GO_RUNTIME=registry.access.redhat.com/ubi8/ubi-minimal FROM $GO_BUILDER as builder +WORKDIR /workspace COPY . . ENV CGO_ENABLED=1 @@ -14,11 +15,12 @@ RUN go build -tags strictfipsruntime,exclude_graphdriver_btrfs -o /usr/bin/main FROM $GO_RUNTIME -ARG VERSION=knative-nightly +ARG VERSION=knative-v1.16 -RUN microdnf install socat tar +RUN microdnf install socat tar COPY --from=builder /usr/bin/main /usr/bin/func-util +COPY LICENSE /licenses/ RUN ln -s /usr/bin/func-util /usr/local/bin/deploy && \ ln -s /usr/bin/func-util /usr/local/bin/scaffold && \ diff --git a/openshift/images.yaml b/openshift/images.yaml index c6b97ff23..945792e37 100755 --- a/openshift/images.yaml +++ b/openshift/images.yaml @@ -1 +1 @@ -knative.dev/func/cmd/func-util: registry.ci.openshift.org/openshift/knative-kn-plugin-func-func-util:knative-nightly +knative.dev/func/cmd/func-util: registry.ci.openshift.org/openshift/knative-kn-plugin-func-func-util:knative-v1.16 diff --git a/rpms.lock.yaml b/rpms.lock.yaml index fdaf38def..a0c7fec81 100644 --- a/rpms.lock.yaml +++ b/rpms.lock.yaml @@ -17,6 +17,10 @@ arches: url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/r/rsync-3.1.3-19.el8_7.1.x86_64.rpm" size: 420156 checksum: "sha256:7aef9de61fbf590995b07d92f99a3f3478d6c0543d7a6e1ebb6f4b1c02334283" + - repoid: ubi-8-baseos-rpms + url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/x86_64/baseos/os/Packages/t/tzdata-2024b-4.el8.noarch.rpm" + size: 486864 + checksum: "sha256:b629ec4b416d8127314c8aecce5ada2c0c102f5dbdeb48f9a3739cbcdf2ee500" - arch: aarch64 packages: - repoid: ubi-8-appstream-rpms @@ -31,6 +35,10 @@ arches: url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/aarch64/baseos/os/Packages/r/rsync-3.1.3-19.el8_7.1.aarch64.rpm" size: 410088 checksum: "sha256:d700d21063ae2b609031a3a8772012aff012899062e952ca43370c495f7e40ff" + - repoid: ubi-8-baseos-rpms + url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/aarch64/baseos/os/Packages/t/tzdata-2024b-4.el8.noarch.rpm" + size: 486864 + checksum: "sha256:b629ec4b416d8127314c8aecce5ada2c0c102f5dbdeb48f9a3739cbcdf2ee500" - arch: s390x packages: - repoid: ubi-8-appstream-rpms @@ -45,6 +53,10 @@ arches: url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/s390x/baseos/os/Packages/r/rsync-3.1.3-19.el8_7.1.s390x.rpm" size: 413364 checksum: "sha256:8819079e4ea1236eab315348584007918798776c6ea23dae5725544148316cfb" + - repoid: ubi-8-baseos-rpms + url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/s390x/baseos/os/Packages/t/tzdata-2024b-4.el8.noarch.rpm" + size: 486864 + checksum: "sha256:b629ec4b416d8127314c8aecce5ada2c0c102f5dbdeb48f9a3739cbcdf2ee500" - arch: ppc64le packages: - repoid: ubi-8-appstream-rpms @@ -59,3 +71,7 @@ arches: url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/ppc64le/baseos/os/Packages/r/rsync-3.1.3-19.el8_7.1.ppc64le.rpm" size: 442696 checksum: "sha256:698ca98abf03ab4dcc3d4d1795f4a392d33a2e84f0b1b1f4b9856b38e8ef0b77" + - repoid: ubi-8-baseos-rpms + url: "https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/ppc64le/baseos/os/Packages/t/tzdata-2024b-4.el8.noarch.rpm" + size: 486864 + checksum: "sha256:b629ec4b416d8127314c8aecce5ada2c0c102f5dbdeb48f9a3739cbcdf2ee500"