Freshen pipeline definition from latest defaults #2370
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There are some small functional changes:
* Setting pipelinesascode.tekton.dev/cancel-in-progress: "true" for
pre-merge, and "false" for post-merge.
* Adding the image-digest param to the snyk task and removing the
digest from the image-url param value.
The other changes are not functionally consequential, but they make
it easier to compare the existing yaml to the newly generated yaml.
Useful vimdiff commands to review this change:
vimdiff +'set ft=yaml' .tekton/cli-main-ci-pull-request.yaml <(git show release-v0.6:.tekton/cli-v06-pull-request.yaml|yq '.spec.pipelineSpec={}')
vimdiff +'set ft=yaml' .tekton/cli-main-ci-push.yaml <(git show release-v0.6:.tekton/cli-v06-push.yaml|yq '.spec.pipelineSpec={}')
vimdiff +'set ft=yaml' .tekton/cli-build.yaml <(git show release-v0.6:.tekton/cli-v06-pull-request.yaml|yq '{"spec":.spec.pipelineSpec}')
Ref: https://issues.redhat.com/browse/EC-1135
simonbaird
force-pushed
the
freshen-pipeline-defs
branch
from
ffe390d to
04fe457
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2370 +/- ##
=======================================
Coverage 72.92% 72.92%
=======================================
Files 89 89
Lines 7783 7783
=======================================
Hits 5676 5676
Misses 2107 2107
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
simonbaird
commented
Mar 7, 2025
| - input: $(params.skip-checks) | ||
| operator: in | ||
| values: | ||
| - "false" |
Member
Author
There was a problem hiding this comment.
Not sure why the when and params swap locations, but this matches the current default pipeline.
simonbaird
commented
Mar 7, 2025
| build.appstudio.redhat.com/commit_sha: '{{revision}}' | ||
| build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}' | ||
| build.appstudio.redhat.com/target_branch: '{{target_branch}}' | ||
| pipelinesascode.tekton.dev/cancel-in-progress: "true" |
Member
Author
There was a problem hiding this comment.
This part is new and significant.
simonbaird
commented
Mar 7, 2025
| This pipeline is ideal for building container images from a Containerfile while maintaining trust after pipeline customization. | ||
| _Uses `buildah` to create a container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks. | ||
| This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-oci-ta?tab=tags)_ |
Member
Author
There was a problem hiding this comment.
Arguably the description isn't very useful, but let's add it to match the default.
joejstuart
reviewed
Mar 20, 2025
| - name: dockerfile | ||
| value: Dockerfile.dist | ||
| - name: image-expires-after | ||
| value: 5d |
Contributor
There was a problem hiding this comment.
Do we need double quotes? I didn't think so, but noticed it in other places.
Member
Author
There was a problem hiding this comment.
I think it's okay.
echo 'value: 5d' | yq -ojson
{
"value": "5d"
}
joejstuart
approved these changes
Mar 20, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There are some small functional changes:
Setting pipelinesascode.tekton.dev/cancel-in-progress: "true" for pre-merge, and "false" for post-merge.
Adding the image-digest param to the snyk task and removing the digest from the image-url param value.
The other changes are not functionally consequential, but they make it easier to compare the existing yaml to the newly generated yaml.
Ref: https://issues.redhat.com/browse/EC-1135