k8s manifests

3 years ago · 0a269a87b1
5 changed files with 18 additions and 13 deletions
--- a/k8s/buildconfig.yaml
+++ b/k8s/buildconfig.yaml
--- a/k8s/imagestream.yaml
+++ b/k8s/imagestream.yaml
@ -0,0 +1,5 @@
 kind: ImageStream
 apiVersion: image.openshift.io/v1
 metadata:
  name: function
 spec:
--- a/k8s/pipeline.yaml
+++ b/k8s/pipeline.yaml
@ -6,11 +6,6 @@ spec:
  workspaces:
  - name: scratch
  params:
  - name: buildahPlatforms
    type: array
    default:
    - linux/x86_64
    - linux/arm64/v8
  - name: gitRepositoryURL
    type: string
  - name: outputContainerImage
@ -38,9 +33,6 @@ spec:
      value: latest
    - name: outputContainerImage
      value: "$(params.outputContainerImage)"
    - name: buildahPlatforms
      value:
      - "$(params.buildahPlatforms[*])"
    workspaces:
    - name: src
      workspace: scratch
--- a/k8s/task-buildah.yaml
+++ b/k8s/task-buildah.yaml
@ -8,6 +8,9 @@ spec:
    type: string
  - name: outputContainerImage
    type: string
  results:
  - name: imageDigest
    description: The digest of the built image manifest
  workspaces:
  - name: src
    mountPath: /src
@ -18,6 +21,8 @@ spec:
    image: quay.io/containers/buildah:$(params.buildahVersion)
    workingDir: /src
    env:
    - name: RESULT_IMAGE_DIGEST
      value: "$(results.imageDigest.path)"
    - name: TARGET_IMAGE
      value: "$(params.outputContainerImage)"
    securityContext:
@ -32,7 +37,7 @@ spec:
      function build () {
        echo "========================================================="
-        echo " buildah build $TARGET_IMAGE
+        echo " buildah build $TARGET_IMAGE"
        echo "========================================================="
        echo
@ -50,7 +55,13 @@ spec:
        echo " buildah push $1"
        echo "========================================================="
        echo
-        buildah manifest push --storage-driver vfs --all tekton "docker://$1"
+
        # buildah requires a slight modification to the push secret provided by the service
        # account to use it for pushing the image
        cp /var/run/secrets/openshift.io/push/.dockercfg /tmp
        echo "{ \"auths\": $(cat /var/run/secrets/openshift.io/push/.dockercfg) }" > /tmp/.dockercfg
        buildah manifest push --storage-driver vfs --all tekton "docker://$1" --digestfile "$RESULT_IMAGE_DIGEST" --tls-verify=false --authfile /tmp/.dockercfg
        echo
      }
--- a/k8s/task-git-clone.yaml
+++ b/k8s/task-git-clone.yaml
@ -163,9 +163,6 @@ spec:
        value: $(workspaces.ssl-ca-directory.bound)
      - name: WORKSPACE_SSL_CA_DIRECTORY_PATH
        value: $(workspaces.ssl-ca-directory.path)
      securityContext:
        runAsNonRoot: true
        runAsUser: 65532
      script: |
        #!/usr/bin/env sh
        set -eu