diff --git a/README.adoc b/README.adoc
index d71a1e91a..3bee09f26 100644
--- a/README.adoc
+++ b/README.adoc
@@ -38,7 +38,6 @@ The following environment variables are configurable and may be set by the user
| JBS_QUAY_IMAGE_TAG | The tag for the images (defaults to `dev`)
| JBS_QUAY_ORG | JBS images are pulled by default from the `QUAY_USERNAME` organization. This may be overridden by changing this
| JBS_BUILD_IMAGE_SECRET | Secret for accessing Quay.io (See below)
-| JBS_DISABLE_CACHE | Internal variable for disabling the cache
| JBS_GIT_CREDENTIALS | Support for private repositories (See below)
| JBS_MAX_MEMORY | Maximum additional memory allowed
| JBS_RECIPE_DATABASE | Recipe database to use (defaults to `https://github.com/redhat-appstudio/jvm-build-data`)
diff --git a/deploy/tasks/pre-build.yaml b/deploy/tasks/pre-build.yaml
index fe1273637..e601366c7 100644
--- a/deploy/tasks/pre-build.yaml
+++ b/deploy/tasks/pre-build.yaml
@@ -44,9 +44,13 @@ spec:
- name: RECIPE_IMAGE
description: The image from the build recipe to use
- name: BUILD_TOOL
- description: The build tool to use.
+ description: The build tool to use (ant, gradle, maven, sbt).
+ - name: BUILD_TOOL_VERSION
+ description: The build tool version to use (e.g. 3.9.5)
+ - name: JAVA_VERSION
+ description: Java version to use (7, 8, 9, 11, 17, 21, 22, 23)
- name: BUILD_PLUGINS
- description: Comma separated list of build plugins that should be disabled.
+ description: Optional comma separated list of build plugins that should be disabled.
default: ""
- name: BUILD_SCRIPT
description: The build script to embed with the Containerfile
@@ -77,8 +81,10 @@ spec:
cpu: 10m
memory: 512Mi
script: |
- $(params.BUILD_SCRIPT)
- /opt/jboss/container/java/run/run-java.sh $(params.BUILD_TOOL)-prepare $(workspaces.source.path)/source --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) --disabled-plugins=$(params.BUILD_PLUGINS)
+ /opt/jboss/container/java/run/run-java.sh $(params.BUILD_TOOL)-prepare --java-version=$(params.JAVA_VERSION) --build-tool-version=$(params.BUILD_TOOL_VERSION) --recipe-image=$(params.RECIPE_IMAGE) --request-processor-image=$(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE) --disabled-plugins=$(params.BUILD_PLUGINS) $(workspaces.source.path)/source
+ env:
+ - name: BUILD_SCRIPT
+ value: $(params.BUILD_SCRIPT)
# TODO: Look at making this optional until we know whether we need to store source
- name: create-pre-build-source
image: $(params.JVM_BUILD_SERVICE_REQPROCESSOR_IMAGE)
@@ -111,6 +117,8 @@ spec:
- --git-reuse-repository=$(params.GIT_REUSE_REPOSITORY)
- name: create-pre-build-image
image: quay.io/redhat-appstudio/build-trusted-artifacts:latest@sha256:bc10298bff7805d8bc98211cd4534b9720f365f35ce0ef263dd65802de7ff036
+ # The build-trusted-artifacts container doesn't handle REGISTRY_TOKEN but the actual .docker/config.json.
+ # Setting ORAS_OPTIONS to ensure the archive is compatible with jib (for OCIRepositoryClient) (to be removed)
script: |
echo "Creating pre-build-image archive with ORAS_OPTIONS $ORAS_OPTIONS"
export ORAS_OPTIONS="$ORAS_OPTIONS --image-spec=v1.0 --artifact-type application/vnd.oci.image.config.v1+json"
diff --git a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java
index cee48aa4e..5d421c720 100644
--- a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java
+++ b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/build/preprocessor/AbstractPreprocessor.java
@@ -1,5 +1,8 @@
package com.redhat.hacbs.container.build.preprocessor;
+import static org.apache.commons.lang3.StringUtils.isEmpty;
+import static org.apache.commons.lang3.StringUtils.isNotEmpty;
+
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
@@ -15,6 +18,10 @@
*/
public abstract class AbstractPreprocessor implements Runnable {
+ /**
+ * Equivalent to $(workspaces.source.path)/source
+ * $(workspaces.source.path) = /var/workdir/workspace
+ */
@CommandLine.Parameters(description = "The directory to process")
protected Path buildRoot;
@@ -27,36 +34,152 @@ public abstract class AbstractPreprocessor implements Runnable {
@CommandLine.Option(names = "--request-processor-image", required = true)
String buildRequestProcessorImage;
+ @CommandLine.Option(names = "--java-version", required = true)
+ String javaVersion;
+
+ @CommandLine.Option(names = "--build-tool-version", required = true)
+ String buildToolVersion;
+
protected enum ToolType {
ANT,
GRADLE,
MAVEN,
- SBT
+ SBT;
+
+ @Override
+ public String toString() {
+ return name().toLowerCase();
+ }
}
protected ToolType type;
+ /**
+ * This section creates two files within a .jbs subdirectory. The Containerfile is used
+ * by Konflux to initiate a build and the run-build.sh contains generic setup
+ * ( e.g. PATHs, directories, Maven Settings, etc) to which is appended the user build script for the main
+ * build.
+ */
@Override
public void run() {
Path jbsDirectory = Path.of(buildRoot.toString(), ".jbs");
//noinspection ResultOfMethodCallIgnored
jbsDirectory.toFile().mkdirs();
+ String buildScript = System.getenv("BUILD_SCRIPT");
+ if (isEmpty(buildScript)) {
+ Log.errorf("Unable to find BUILD_SCRIPT in environment");
+ }
+
+ Log.warnf("### Using tool %s with version %s and javaHome %s", type, buildToolVersion, javaVersion);
+ Log.warnf("### ENV %s", System.getenv("jvm-build-service"));
+
+ String javaHome;
+ if (javaVersion.equals("7") || javaVersion.equals("8")) {
+ javaHome = "/lib/jvm/java-1." + javaVersion + ".0";
+ } else {
+ javaHome = "/lib/jvm/java-" + javaVersion;
+ }
+
+ String runBuild = """
+ #!/usr/bin/env bash
+ set -o verbose
+ set -o pipefail
+ set -e
+
+ #fix this when we no longer need to run as root
+ export HOME=${HOME:=/root}
+ # Custom base working directory.
+ export JBS_WORKDIR=${JBS_WORKDIR:=/var/workdir/workspace}
+
+ export LANG="en_US.UTF-8"
+ export LC_ALL="en_US.UTF-8"
+ export JAVA_HOME=${JAVA_HOME:=%s}
+ # If we run out of memory we want the JVM to die with error code 134
+ export MAVEN_OPTS="-XX:+CrashOnOutOfMemoryError"
+ # If we run out of memory we want the JVM to die with error code 134
+ export JAVA_OPTS="-XX:+CrashOnOutOfMemoryError"
+ export %s_HOME=${%s_HOME:=/opt/%s/%s}
+ # This might get overridden by the tool home configuration above. This is
+ # useful if Gradle/Ant also requires Maven configured.
+ export MAVEN_HOME=${MAVEN_HOME:=/opt/maven/3.8.8}
+ export GRADLE_USER_HOME="${JBS_WORKDIR}/software/settings/.gradle"
+
+ mkdir -p ${JBS_WORKDIR}/logs ${JBS_WORKDIR}/packages ${HOME}/.sbt/1.0 ${GRADLE_USER_HOME} ${HOME}/.m2
+ cd ${JBS_WORKDIR}/source
+
+ if [ -n "${JAVA_HOME}" ]; then
+ echo "JAVA_HOME:$JAVA_HOME"
+ PATH="${JAVA_HOME}/bin:$PATH"
+ fi
+
+ if [ -n "${MAVEN_HOME}" ]; then
+ """.formatted(javaHome, type.name(), type.name(), type, buildToolVersion);
+
+ runBuild += getMavenSetup();
+
+ runBuild += """
+ fi
+
+ if [ -n "${GRADLE_HOME}" ]; then
+ """;
+
+ runBuild += getGradleSetup();
+
+ runBuild += """
+ fi
+
+ if [ -n "${ANT_HOME}" ]; then
+ """;
+
+ runBuild += getAntSetup();
+
+ runBuild += """
+ fi
+
+ if [ -n "${SBT_HOME}" ]; then
+ """;
+
+ runBuild += getSbtSetup();
+
+ runBuild += """
+ fi
+ echo "PATH:$PATH"
+
+ # End of generic build script
+ """;
+
+ if (isNotEmpty(buildScript)) {
+ // Now add in the build script from either JBS or PNC. This might contain e.g. "mvn -Pfoo install"
+ runBuild += buildScript;
+ }
+ Log.warnf("### runBuild is\n%s", runBuild);
+
+ try {
+ Path runBuildSh = Paths.get(jbsDirectory.toString(), "run-build.sh");
+ Files.writeString(runBuildSh, runBuild);
+ //noinspection ResultOfMethodCallIgnored
+ runBuildSh.toFile().setExecutable(true);
+ Files.writeString(Paths.get(jbsDirectory.toString(), "Containerfile"), getContainerFile());
+ } catch (IOException e) {
+ Log.errorf("Unable to write Containerfile", e);
+ throw new RuntimeException(e);
+ }
+ }
+
+
+ private String getContainerFile() {
String containerFile = """
FROM %s
USER 0
WORKDIR /var/workdir
- RUN mkdir -p /var/workdir/software/settings /original-content/marker
- ARG CACHE_URL=""
- ENV CACHE_URL=$CACHE_URL
+ ARG PROXY_URL=""
+ ENV PROXY_URL=$PROXY_URL
COPY .jbs/run-build.sh /var/workdir
COPY . /var/workdir/workspace/source/
RUN /var/workdir/run-build.sh
""".formatted(recipeImage);
- // TODO: This is a bit of a hack but as Ant doesn't deploy and the previous implementation relied upon using the
- // BuildRequestProcessorImage we need to modify the Containerfile. In future the ant-build.sh should probably
- // encapsulate this.
if (type == ToolType.ANT) {
// Don't think we need to mess with keystore as copy-artifacts is simply calling copy commands.
containerFile +=
@@ -76,11 +199,248 @@ public void run() {
COPY --from=0 /var/workdir/workspace/artifacts /
""";
}
- try {
- Files.writeString(Paths.get(jbsDirectory.toString(), "Containerfile"), containerFile);
- } catch (IOException e) {
- Log.errorf("Unable to write Containerfile", e);
- throw new RuntimeException(e);
+
+ return containerFile;
+ }
+
+ /**
+ * This will generate the settings and toolchain into the standard $HOME/.m2 location and configure
+ * altDeploymentDirectory to be used by default.
+ */
+ private String getMavenSetup() {
+ String result = """
+ echo "MAVEN_HOME:$MAVEN_HOME"
+ PATH="${MAVEN_HOME}/bin:$PATH"
+
+ if [ ! -d "${MAVEN_HOME}" ]; then
+ echo "Maven home directory not found at ${MAVEN_HOME}" >&2
+ exit 1
+ fi
+
+ if [ -n "${PROXY_URL}" ]; then
+ cat >${HOME}/.m2/settings.xml <
+
+
+ mirror.default
+ ${PROXY_URL}
+ *
+
+
+ EOF
+ else
+ cat >${HOME}/.m2/settings.xml <
+ EOF
+ fi
+ cat >>${HOME}/.m2/settings.xml <
+
+
+ alternate
+
+ true
+
+
+
+ artifacts
+ file://${JBS_WORKDIR}/artifacts
+
+ true
+ ignore
+
+
+
+
+
+ artifacts
+ file://${JBS_WORKDIR}/artifacts
+
+ true
+ ignore
+
+
+
+
+
+ deployment
+
+ true
+
+
+
+ local::file://${JBS_WORKDIR}/artifacts
+
+
+
+
+
+ false
+ """;
+
+ // This block is only needed when running outside of JBS
+ if (isEmpty(System.getenv("jvm-build-service"))) {
+ result += """
+
+
+ indy-http
+ true
+ http
+ indy-generic-proxy
+ 80
+
+ ${BUILD_ID}+tracking
+ ${MVN_TOKEN}
+ indy|localhost
+
+
+ indy-https
+ true
+ https
+ indy-generic-proxy
+ 80
+ ${BUILD_ID}+tracking
+ ${MVN_TOKEN}
+ indy|localhost
+
+
+ """;
}
+
+ result += """
+
+ EOF
+
+ TOOLCHAINS_XML=${HOME}/.m2/toolchains.xml
+
+ cat >"$TOOLCHAINS_XML" <
+
+ EOF
+
+ if [ "%s" = "7" ]; then
+ JAVA_VERSIONS="7:1.7.0 8:1.8.0 11:11"
+ else
+ JAVA_VERSIONS="8:1.8.0 9:11 11:11 17:17 21:21 22:23 23:23"
+ fi
+
+ for i in $JAVA_VERSIONS; do
+ version=$(echo $i | cut -d : -f 1)
+ home=$(echo $i | cut -d : -f 2)
+ cat >>"$TOOLCHAINS_XML" <
+ jdk
+
+ $version
+
+
+ /usr/lib/jvm/java-$home-openjdk
+
+
+ EOF
+ done
+
+ cat >>"$TOOLCHAINS_XML" <
+ EOF
+ """.formatted(javaVersion);
+
+ return result;
+ }
+
+
+ private String getGradleSetup() {
+ return """
+ echo "GRADLE_HOME:$GRADLE_HOME"
+ PATH="${GRADLE_HOME}/bin:$PATH"
+
+ if [ ! -d "${GRADLE_HOME}" ]; then
+ echo "Gradle home directory not found at ${GRADLE_HOME}" >&2
+ exit 1
+ fi
+
+ cat > "${GRADLE_USER_HOME}"/gradle.properties << EOF
+ org.gradle.console=plain
+
+ # Increase timeouts
+ systemProp.org.gradle.internal.http.connectionTimeout=600000
+ systemProp.org.gradle.internal.http.socketTimeout=600000
+ systemProp.http.socketTimeout=600000
+ systemProp.http.connectionTimeout=600000
+
+ # Settings for
+ RELEASE_REPOSITORY_URL=file://${JBS_WORKDIR}/artifacts
+ RELEASE_SIGNING_ENABLED=false
+ mavenCentralUsername=
+ mavenCentralPassword=
+
+ # Default values for common enforced properties
+ sonatypeUsername=jbs
+ sonatypePassword=jbs
+
+ # Default deployment target
+ # https://docs.gradle.org/current/userguide/build_environment.html#sec:gradle_system_properties
+ systemProp.maven.repo.local=${JBS_WORKDIR}/artifacts
+ EOF
+ """;
+ }
+
+
+ private String getAntSetup() {
+ return """
+ echo "ANT_HOME:$ANT_HOME"
+ PATH="${ANT_HOME}/bin:$PATH"
+
+ if [ ! -d "${ANT_HOME}" ]; then
+ echo "Ant home directory not found at ${ANT_HOME}" >&2
+ exit 1
+ fi
+
+ if [ -n "${PROXY_URL}" ]; then
+ cat > ivysettings.xml << EOF
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ EOF
+ fi
+ """;
+ }
+
+ private String getSbtSetup() {
+ return """
+ echo "SBT_HOME:$SBT_HOME"
+ PATH="${SBT_HOME}/bin:$PATH"
+
+ if [ ! -d "${SBT_HOME}" ]; then
+ echo "SBT home directory not found at ${SBT_HOME}" >&2
+ exit 1
+ fi
+
+ if [ -n "${PROXY_URL}" ]; then
+ cat > "${HOME}/.sbt/repositories" <"$HOME/.sbt/1.0/global.sbt" <() {
@Override
@@ -202,7 +202,7 @@ public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) {
return FileVisitResult.CONTINUE;
}
});
- throw new RuntimeException("Deploy failed");
+ throw new RuntimeException("Verify failed");
}
for (var i : contaminatedGavs.entrySet()) {
if (!i.getValue().getAllowed()) {
@@ -219,14 +219,14 @@ public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) {
newContaminates.add(i.getValue());
}
String serialisedContaminants = ResultsUpdater.MAPPER.writeValueAsString(newContaminates);
- Log.infof("Updating results %s for deployed resources %s with contaminants %s",
+ Log.infof("Updating results %s for verified resources %s with contaminants %s",
taskRun, gavs, serialisedContaminants);
resultsUpdater.updateResults(taskRun, Map.of(
"CONTAMINANTS", serialisedContaminants,
"DEPLOYED_RESOURCES", String.join(",", gavs)));
}
} catch (Exception e) {
- Log.error("Deployment failed", e);
+ Log.error("Verification failed", e);
throw new RuntimeException(e);
}
}
diff --git a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/verifier/asm/ClassVersion.java b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/verifier/asm/ClassVersion.java
index 815394bdc..fa156587c 100644
--- a/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/verifier/asm/ClassVersion.java
+++ b/java-components/build-request-processor/src/main/java/com/redhat/hacbs/container/verifier/asm/ClassVersion.java
@@ -21,6 +21,7 @@
import static org.objectweb.asm.Opcodes.V20;
import static org.objectweb.asm.Opcodes.V21;
import static org.objectweb.asm.Opcodes.V22;
+import static org.objectweb.asm.Opcodes.V23;
import static org.objectweb.asm.Opcodes.V9;
import com.redhat.hacbs.container.analyser.build.JavaVersion;
@@ -55,6 +56,7 @@ public static JavaVersion toJavaVersion(int classVersion) {
case V20 -> "20";
case V21 -> "21";
case V22 -> "22";
+ case V23 -> "23";
default -> throw new IllegalArgumentException("Unknown class version: " + classVersion);
};
return new JavaVersion(version);
diff --git a/java-components/build-request-processor/src/main/resources/gradle/repositories.gradle b/java-components/build-request-processor/src/main/resources/gradle/repositories.gradle
index 1682b4d51..e1a7e3589 100644
--- a/java-components/build-request-processor/src/main/resources/gradle/repositories.gradle
+++ b/java-components/build-request-processor/src/main/resources/gradle/repositories.gradle
@@ -4,19 +4,13 @@ apply plugin: RepositoryPlugin
class RepositoryPlugin implements Plugin {
- private static String ENTERPRISE_REPOSITORY_URL = System.getenv("CACHE_URL") != null ? System.getenv("CACHE_URL") : "http://localhost:8080/v2/cache/rebuild-default,gradle,gradleplugins/0"
-
- // Provided to allow this plugin (which routes request to the cache) to be completely disabled. Off by default.
- private static Boolean JBS_DISABLE_CACHE = System.getenv("JBS_DISABLE_CACHE") != null;
+ private static String ENTERPRISE_REPOSITORY_URL = System.getenv("PROXY_URL") != null ? System.getenv("PROXY_URL") : "http://localhost:8080/v2/cache/rebuild-default,gradle,gradleplugins/0"
// Provided to allow disabling of prior repositories. Off by default.
private static Boolean JBS_DISABLE_GRADLE_REPOSITORIES = System.getenv("JBS_DISABLE_GRADLE_REPOSITORIES") != null;
void apply(Gradle gradle) {
- if (JBS_DISABLE_CACHE) {
- return
- }
def fixRepositories = {
if (!JBS_DISABLE_GRADLE_REPOSITORIES) {
all { ArtifactRepository repo ->
diff --git a/java-components/build-request-processor/src/test/gradle/src/test/java/com/redhat/hacbs/VerifyInitFilesTest.java b/java-components/build-request-processor/src/test/gradle/src/test/java/com/redhat/hacbs/VerifyInitFilesTest.java
index 498ebb5c3..5356ca756 100644
--- a/java-components/build-request-processor/src/test/gradle/src/test/java/com/redhat/hacbs/VerifyInitFilesTest.java
+++ b/java-components/build-request-processor/src/test/gradle/src/test/java/com/redhat/hacbs/VerifyInitFilesTest.java
@@ -58,7 +58,7 @@ public boolean accept(File dir, String name) {
arguments.add("--init-script");
arguments.add(initScript.getAbsolutePath());
}
- Map env = Collections.singletonMap("CACHE_URL", "https://repo.maven.apache.org/maven2/");
+ Map env = Collections.singletonMap("PROXY_URL", "https://repo.maven.apache.org/maven2/");
for (String version : new String[] { "4.10.3", "5.6.4", "6.1.1", "6.4.1", "6.6.1",
"6.8.3", "7.0.2", "7.2", "7.4.2", "8.0.2", "8.2.1", "8.4" }) {
diff --git a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/LookupBuildInfoCommandTest.java b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/LookupBuildInfoCommandTest.java
index 6f5b62d93..ced1b7299 100644
--- a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/LookupBuildInfoCommandTest.java
+++ b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/LookupBuildInfoCommandTest.java
@@ -36,7 +36,7 @@
class LookupBuildInfoCommandTest {
private static final String TOOL_VERSIONS = "sbt:1.8.0,jdk:7;8;11;17;21,maven:3.8.8;3.9.5,ant:1.9.16;1.10.15,gradle:8.4;8.3;8.0.2;7.4.2;7.6.3;7.5.1;6.9.2;5.6.4;4.10.3";
- private static final String CACHE_URL = "https://repo1.maven.org/maven2";
+ private static final String PROXY_URL = "https://repo1.maven.org/maven2";
private static final String CACHE_PATH = "";
@@ -105,7 +105,7 @@ private BuildInfo getBuildInfo(String scmUrl, String commit, String tag) throws
}
private BuildInfo getBuildInfo(String scmUrl, String commit, String tag, String artifact) throws Exception {
- return getBuildInfo(scmUrl, commit, tag, artifact, CACHE_URL, CACHE_PATH, null);
+ return getBuildInfo(scmUrl, commit, tag, artifact, PROXY_URL, CACHE_PATH, null);
}
private BuildInfo getBuildInfo(String scmUrl, String commit, String tag, String artifact, String cacheUrl, String cachePath, String context) throws Exception {
diff --git a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/ant/IvyUtilsTest.java b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/ant/IvyUtilsTest.java
index dc524a8c1..c9e3f083d 100644
--- a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/ant/IvyUtilsTest.java
+++ b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/analyser/build/ant/IvyUtilsTest.java
@@ -15,9 +15,9 @@
class IvyUtilsTest {
private static final String IVYSETTINGS_XML = "ivysettings.xml";
- private static final String CACHE_URL = "cache-url";
+ private static final String PROXY_URL = "cache-url";
- private static final String CACHE_URL_VALUE = "$(params.CACHE_URL)";
+ private static final String PROXY_URL_VALUE = "$(params.PROXY_URL)";
private static final String DEFAULT_PATTERN = "default-pattern";
@@ -49,8 +49,8 @@ static void loadIvy() throws URISyntaxException {
void testIvySettings() {
var settings = ivy.getSettings();
settings.validate();
- var cacheUrl = settings.getVariable(CACHE_URL);
- assertThat(cacheUrl).isEqualTo(CACHE_URL_VALUE);
+ var cacheUrl = settings.getVariable(PROXY_URL);
+ assertThat(cacheUrl).isEqualTo(PROXY_URL_VALUE);
var defaultPattern = settings.getVariable(DEFAULT_PATTERN);
assertThat(defaultPattern).isEqualTo(DEFAULT_PATTERN_VALUE);
var localPattern = settings.getVariable(LOCAL_PATTERN);
diff --git a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/GradlePreprocessorTestCase.java b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/GradlePreprocessorTestCase.java
index 4f960c81a..9d45bfb76 100644
--- a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/GradlePreprocessorTestCase.java
+++ b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/GradlePreprocessorTestCase.java
@@ -24,6 +24,8 @@ public List getCommand() {
command.add("gradle-prepare");
command.add("--recipe-image=foobar");
command.add("--request-processor-image=barfoo");
+ command.add("--java-version=11");
+ command.add("--build-tool-version=1.0");
args.forEach(arg -> {
command.add("-dp");
command.add(arg);
diff --git a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/MavenPreprocessorTestCase.java b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/MavenPreprocessorTestCase.java
index 470904d70..a2ed95506 100644
--- a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/MavenPreprocessorTestCase.java
+++ b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/build/MavenPreprocessorTestCase.java
@@ -24,6 +24,8 @@ public List getCommand() {
command.add("maven-prepare");
command.add("--recipe-image=foobar");
command.add("--request-processor-image=barfoo");
+ command.add("--java-version=11");
+ command.add("--build-tool-version=1.0");
args.forEach(arg -> {
command.add("-dp");
command.add(arg);
diff --git a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/deploy/DeployContaminateTest.java b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/deploy/DeployContaminateTest.java
index 1282570df..4818ea9b5 100644
--- a/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/deploy/DeployContaminateTest.java
+++ b/java-components/build-request-processor/src/test/java/com/redhat/hacbs/container/deploy/DeployContaminateTest.java
@@ -74,10 +74,10 @@ public void testDeployOnlyContaminated() throws IOException, URISyntaxException
fail("No exception thrown");
} catch (Exception e) {
List logRecords = LogCollectingTestResource.current().getRecords();
- assertTrue(e.getMessage().contains("Deploy failed"));
+ assertTrue(e.getMessage().contains("Verify failed"));
assertTrue(logRecords.stream()
.anyMatch(r -> LogCollectingTestResource.format(r)
- .contains("No content to deploy found in deploy directory")));
+ .contains("No content to verify found in directory")));
}
}
diff --git a/java-components/build-request-processor/src/test/resources/com/redhat/hacbs/container/analyser/build/ant/ivysettings.xml b/java-components/build-request-processor/src/test/resources/com/redhat/hacbs/container/analyser/build/ant/ivysettings.xml
index 74e50e008..99583742b 100644
--- a/java-components/build-request-processor/src/test/resources/com/redhat/hacbs/container/analyser/build/ant/ivysettings.xml
+++ b/java-components/build-request-processor/src/test/resources/com/redhat/hacbs/container/analyser/build/ant/ivysettings.xml
@@ -1,5 +1,5 @@
-
+
diff --git a/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go b/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go
index 8f6a33fd7..1be3c887c 100644
--- a/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go
+++ b/pkg/apis/jvmbuildservice/v1alpha1/systemconfig_types.go
@@ -47,7 +47,7 @@ type SystemConfigList struct {
const (
KonfluxGitDefinition = "https://raw.githubusercontent.com/konflux-ci/build-definitions/refs/heads/main/task/git-clone/0.1/git-clone.yaml"
- KonfluxPreBuildDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/pre-build.yaml"
+ KonfluxPreBuildDefinitions = "https://raw.githubusercontent.com/rnc/jvm-build-service/SCRIPTS/deploy/tasks/pre-build.yaml"
KonfluxBuildDefinitions = "https://raw.githubusercontent.com/konflux-ci/build-definitions/refs/heads/main/task/buildah-oci-ta/0.2/buildah-oci-ta.yaml"
KonfluxMavenDeployDefinitions = "https://raw.githubusercontent.com/redhat-appstudio/jvm-build-service/main/deploy/tasks/maven-deployment.yaml"
)
diff --git a/pkg/reconciler/artifactbuild/artifactbuild.go b/pkg/reconciler/artifactbuild/artifactbuild.go
index f559689f7..6236453cf 100644
--- a/pkg/reconciler/artifactbuild/artifactbuild.go
+++ b/pkg/reconciler/artifactbuild/artifactbuild.go
@@ -597,7 +597,9 @@ func (r *ReconcileArtifactBuild) copyAnnotations(abr *v1alpha1.ArtifactBuild, db
}
func InstallKeystoreIntoBuildRequestProcessor(args ...[]string) string {
- ret := keystore
+ // TODO: How to handle/remove the TLS support from STONEBLD-847
+ // ret := keystore
+ ret := ""
for _, cmd := range args {
ret = ret + "\n/opt/jboss/container/java/run/run-java.sh"
for _, i := range cmd {
diff --git a/pkg/reconciler/dependencybuild/buildrecipeyaml.go b/pkg/reconciler/dependencybuild/buildrecipeyaml.go
index 3e0362692..590be13d6 100644
--- a/pkg/reconciler/dependencybuild/buildrecipeyaml.go
+++ b/pkg/reconciler/dependencybuild/buildrecipeyaml.go
@@ -13,17 +13,15 @@ import (
"github.com/redhat-appstudio/jvm-build-service/pkg/apis/jvmbuildservice/v1alpha1"
"github.com/redhat-appstudio/jvm-build-service/pkg/reconciler/artifactbuild"
- "github.com/redhat-appstudio/jvm-build-service/pkg/reconciler/jbsconfig"
tektonpipeline "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
v1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/resource"
)
const (
- WorkspaceBuildSettings = "build-settings"
- WorkspaceSource = "source"
- WorkspaceMount = "/var/workdir"
- WorkspaceTls = "tls"
+ WorkspaceSource = "source"
+ WorkspaceMount = "/var/workdir"
+ WorkspaceTls = "tls"
GitTaskName = "git-clone"
PreBuildTaskName = "pre-build"
@@ -35,11 +33,6 @@ const (
//go:embed scripts/maven-build.sh
var mavenBuild string
-// used for both ant and maven
-//
-//go:embed scripts/maven-settings.sh
-var mavenSettings string
-
//go:embed scripts/gradle-build.sh
var gradleBuild string
@@ -142,39 +135,26 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
imageId := db.Name
zero := int64(0)
verifyBuiltArtifactsArgs := verifyParameters(jbsConfig, recipe)
- preBuildImageArgs, deployArgs, konfluxArgs := pipelineBuildCommands(imageId, db, jbsConfig, buildId)
+ deployArgs := []string{
+ "verify",
+ "--path=$(workspaces.source.path)/artifacts",
+ "--logs-path=$(workspaces.source.path)/logs",
+ "--task-run-name=$(context.taskRun.name)",
+ "--build-id=" + buildId,
+ "--scm-uri=" + db.Spec.ScmInfo.SCMURL,
+ "--scm-commit=" + db.Spec.ScmInfo.CommitHash,
+ }
- fmt.Printf("### Was using preBuildImageArgs %#v and konfluxArgs %#v ", preBuildImageArgs, konfluxArgs)
install := additionalPackages(recipe)
tlsVerify := "true"
if orasOptions != "" {
tlsVerify = "false"
}
- var javaHome string
- if recipe.JavaVersion == "7" || recipe.JavaVersion == "8" {
- javaHome = "/lib/jvm/java-1." + recipe.JavaVersion + ".0"
- } else {
- javaHome = "/lib/jvm/java-" + recipe.JavaVersion
- }
-
- toolEnv := []v1.EnvVar{}
- if recipe.ToolVersions["maven"] != "" {
- toolEnv = append(toolEnv, v1.EnvVar{Name: "MAVEN_HOME", Value: "/opt/maven/" + recipe.ToolVersions["maven"]})
- }
- if recipe.ToolVersions["gradle"] != "" {
- toolEnv = append(toolEnv, v1.EnvVar{Name: "GRADLE_HOME", Value: "/opt/gradle/" + recipe.ToolVersions["gradle"]})
- }
- if recipe.ToolVersions["ant"] != "" {
- toolEnv = append(toolEnv, v1.EnvVar{Name: "ANT_HOME", Value: "/opt/ant/" + recipe.ToolVersions["ant"]})
- }
- if recipe.ToolVersions["sbt"] != "" {
- toolEnv = append(toolEnv, v1.EnvVar{Name: "SBT_DIST", Value: "/opt/sbt/" + recipe.ToolVersions["sbt"]})
- }
- toolEnv = append(toolEnv, v1.EnvVar{Name: PipelineParamToolVersion, Value: recipe.ToolVersion})
- toolEnv = append(toolEnv, v1.EnvVar{Name: PipelineParamProjectVersion, Value: db.Spec.Version})
- toolEnv = append(toolEnv, v1.EnvVar{Name: JavaHome, Value: javaHome})
+ toolEnv := make([]v1.EnvVar, 0)
+ // Used by JBS to override the version
toolEnv = append(toolEnv, v1.EnvVar{Name: PipelineParamEnforceVersion, Value: recipe.EnforceVersion})
+ toolEnv = append(toolEnv, v1.EnvVar{Name: PipelineParamProjectVersion, Value: db.Spec.Version})
additionalMemory := recipe.AdditionalMemory
if systemConfig.Spec.MaxAdditionalMemory > 0 && additionalMemory > systemConfig.Spec.MaxAdditionalMemory {
@@ -183,23 +163,22 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
}
var buildToolSection string
if tool == "maven" {
- buildToolSection = mavenSettings + "\n" + mavenBuild
+ buildToolSection = mavenBuild
} else if tool == "gradle" {
- // We always add Maven information (in InvocationBuilder) so add the relevant settings.xml
- buildToolSection = mavenSettings + "\n" + gradleBuild
+ buildToolSection = gradleBuild
} else if tool == "sbt" {
buildToolSection = sbtBuild
} else if tool == "ant" {
- // We always add Maven information (in InvocationBuilder) so add the relevant settings.xml
- buildToolSection = mavenSettings + "\n" + antBuild
+ buildToolSection = antBuild
} else {
buildToolSection = "echo unknown build tool " + tool + " && exit 1"
}
build := buildEntryScript
- //horrible hack
- //we need to get our TLS CA's into our trust store
- //we just add it at the start of the build
- build = artifactbuild.InstallKeystoreScript() + "\n" + build
+ // TODO: How to handle/remove the TLS support from STONEBLD-847
+ ////horrible hack
+ ////we need to get our TLS CA's into our trust store
+ ////we just add it at the start of the build
+ //build = artifactbuild.InstallKeystoreScript() + "\n" + build
buildRepos := ""
if len(recipe.Repositories) > 0 {
@@ -224,14 +203,11 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
//we generate a docker file that can be used to reproduce this build
//this is for diagnostic purposes, if you have a failing build it can be really hard to figure out how to fix it without this
log.Info(fmt.Sprintf("Generating dockerfile with recipe build image %#v", recipe.Image))
- //preprocessorScript := "#!/bin/sh\n/var/workdir/software/system-java/bin/java -jar /var/workdir/software/build-request-processor/quarkus-run.jar " + doSubstitution(strings.Join(preprocessorArgs, " "), paramValues, commitTime, buildRepos) + "\n"
preprocessorScript := "#!/bin/sh\n/var/workdir/software/system-java/bin/java -jar /var/workdir/software/build-request-processor/quarkus-run.jar " + recipe.Tool + "-prepare /var/workdir/workspace --recipe-image=" + recipe.Image + " --request-processor-image=" + buildRequestProcessorImage + " --disabled-plugins=" + strings.Join(recipe.DisabledPlugins, ",")
buildScript := doSubstitution(build, paramValues, commitTime, buildRepos)
envVars := extractEnvVar(toolEnv)
cmdArgs := extractArrayParam(PipelineParamGoals, paramValues)
- konfluxScript := "#!/bin/sh\n" + envVars + "\nset -- \"$@\" " + cmdArgs + "\n\n" + buildScript
-
- fmt.Printf("### Using cacheUrl %#v paramValues %#v, commitTime %#v, buildRepos %#v\n", cacheUrl, paramValues, commitTime, buildRepos)
+ konfluxScript := "\n" + envVars + "\nset -- \"$@\" " + cmdArgs + "\n\n" + buildScript
// Diagnostic Containerfile
// TODO: Looks like diagnostic files won't work with UBI7 anymore. This needs to be followed up on; potentially
@@ -244,7 +220,7 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
"\nFROM " + recipe.Image +
"\nUSER 0" +
"\nWORKDIR /var/workdir" +
- "\nENV CACHE_URL=" + doSubstitution("$(params."+PipelineParamCacheUrl+")", paramValues, commitTime, buildRepos) +
+ "\nENV PROXY_URL=" + doSubstitution("$(params."+PipelineParamProxyUrl+")", paramValues, commitTime, buildRepos) +
"\nRUN microdnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y jq" +
"\nRUN mkdir -p /var/workdir/software/settings /original-content/marker /var/workdir/workspace/source" +
"\nCOPY --from=build-request-processor /deployments/ /var/workdir/software/build-request-processor" +
@@ -279,12 +255,8 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
{Name: PipelineParamChainsGitUrl, Type: tektonpipeline.ParamTypeString},
{Name: PipelineParamChainsGitCommit, Type: tektonpipeline.ParamTypeString},
{Name: PipelineParamGoals, Type: tektonpipeline.ParamTypeArray},
- {Name: PipelineParamJavaVersion, Type: tektonpipeline.ParamTypeString},
- {Name: PipelineParamToolVersion, Type: tektonpipeline.ParamTypeString},
{Name: PipelineParamPath, Type: tektonpipeline.ParamTypeString},
- {Name: PipelineParamEnforceVersion, Type: tektonpipeline.ParamTypeString},
- {Name: PipelineParamProjectVersion, Type: tektonpipeline.ParamTypeString},
- {Name: PipelineParamCacheUrl, Type: tektonpipeline.ParamTypeString, Default: &tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: cacheUrl}},
+ {Name: PipelineParamProxyUrl, Type: tektonpipeline.ParamTypeString, Default: &tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: cacheUrl}},
}
secretVariables := secretVariables(jbsConfig)
@@ -445,11 +417,25 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
StringVal: tool,
},
},
+ {
+ Name: "BUILD_TOOL_VERSION",
+ Value: tektonpipeline.ParamValue{
+ Type: tektonpipeline.ParamTypeString,
+ StringVal: recipe.ToolVersion,
+ },
+ },
+ {
+ Name: "JAVA_VERSION",
+ Value: tektonpipeline.ParamValue{
+ Type: tektonpipeline.ParamTypeString,
+ StringVal: recipe.JavaVersion,
+ },
+ },
{
Name: "BUILD_SCRIPT",
Value: tektonpipeline.ParamValue{
Type: tektonpipeline.ParamTypeString,
- StringVal: createKonfluxScripts(konfluxScript),
+ StringVal: konfluxScript,
},
},
{
@@ -530,19 +516,14 @@ func createPipelineSpec(log logr.Logger, tool string, commitTime int64, jbsConfi
{
Name: "BUILD_ARGS",
Value: tektonpipeline.ParamValue{
- Type: tektonpipeline.ParamTypeArray,
- ArrayVal: []string{"CACHE_URL=" + cacheUrl},
+ Type: tektonpipeline.ParamTypeArray,
+ ArrayVal: []string{
+ // This allows us to set environment variables that can be picked up by our Containerfile/build script.
+ PipelineParamProxyUrl + "=" + cacheUrl,
+ },
},
},
},
-
- // TODO: ### How to pass build-settings/tls information to buildah task?
- // Note - buildah-oci-ta task has no defined workspace
- //Workspaces: []tektonpipeline.WorkspacePipelineTaskBinding{
- // //{Name: WorkspaceBuildSettings, Workspace: WorkspaceBuildSettings},
- // {Name: WorkspaceSource, Workspace: WorkspaceSource},
- // //{Name: WorkspaceTls, Workspace: WorkspaceTls},
- //},
}}, ps.Tasks...)
// Results for https://github.com/konflux-ci/build-definitions/tree/main/task/buildah-oci-ta/0.2
@@ -660,15 +641,6 @@ func secretVariables(jbsConfig *v1alpha1.JBSConfig) []v1.EnvVar {
return secretVariables
}
-func createKonfluxScripts(konfluxScript string) string {
- ret := "mkdir -p $(workspaces." + WorkspaceSource + ".path)/source/.jbs\n"
- ret += "tee $(workspaces." + WorkspaceSource + ".path)/source/.jbs/run-build.sh <<'RHTAPEOF'\n"
- ret += konfluxScript
- ret += "\nRHTAPEOF\n"
- ret += "chmod +x $(workspaces." + WorkspaceSource + ".path)/source/.jbs/run-build.sh\n"
- return ret
-}
-
func pullPolicy(buildRequestProcessorImage string) v1.PullPolicy {
pullPolicy := v1.PullIfNotPresent
if strings.HasSuffix(buildRequestProcessorImage, ":dev") || strings.HasSuffix(buildRequestProcessorImage, ":latest") {
@@ -756,45 +728,6 @@ func additionalPackages(recipe *v1alpha1.BuildRecipe) string {
return install
}
-func pipelineBuildCommands(imageId string, db *v1alpha1.DependencyBuild, jbsConfig *v1alpha1.JBSConfig, buildId string) (string, []string, []string) {
-
- orasOptions := ""
- if jbsConfig.Annotations != nil && jbsConfig.Annotations[jbsconfig.TestRegistry] == "true" {
- orasOptions = "--insecure --plain-http"
- }
-
- preBuildImageTag := imageId + "-pre-build-image"
- // The build-trusted-artifacts container doesn't handle REGISTRY_TOKEN but the actual .docker/config.json. Was using
- // AUTHFILE to override but now switched to adding the image secret to the pipeline.
- // Setting ORAS_OPTIONS to ensure the archive is compatible with jib (for OCIRepositoryClient).
- preBuildImageArgs := fmt.Sprintf(`echo "Creating pre-build-image archive"
-export ORAS_OPTIONS="%s --image-spec=v1.0 --artifact-type application/vnd.oci.image.config.v1+json"
-create-archive --store %s $(results.%s.path)=$(workspaces.source.path)/source
-`, orasOptions, registryArgsWithDefaults(jbsConfig, preBuildImageTag), PipelineResultPreBuildImageDigest)
-
- deployArgs := []string{
- "verify",
- "--path=$(workspaces.source.path)/artifacts",
- "--logs-path=$(workspaces.source.path)/logs",
- "--task-run-name=$(context.taskRun.name)",
- "--build-id=" + buildId,
- "--scm-uri=" + db.Spec.ScmInfo.SCMURL,
- "--scm-commit=" + db.Spec.ScmInfo.CommitHash,
- }
-
- konfluxArgs := []string{
- "deploy-pre-build-source",
- "--source-path=$(workspaces.source.path)/source",
- "--task-run-name=$(context.taskRun.name)",
- "--scm-uri=" + db.Spec.ScmInfo.SCMURL,
- "--scm-commit=" + db.Spec.ScmInfo.CommitHash,
- }
- konfluxArgs = append(konfluxArgs, gitArgs(jbsConfig, db)...)
- konfluxArgs = append(konfluxArgs, "--image-id="+imageId)
-
- return preBuildImageArgs, deployArgs, konfluxArgs
-}
-
// This effectively duplicates the defaults from DeployPreBuildImageCommand.java
func registryArgsWithDefaults(jbsConfig *v1alpha1.JBSConfig, preBuildImageTag string) string {
@@ -830,23 +763,6 @@ func registryArgsWithDefaults(jbsConfig *v1alpha1.JBSConfig, preBuildImageTag st
return registryArgs.String()
}
-func gitArgs(jbsConfig *v1alpha1.JBSConfig, db *v1alpha1.DependencyBuild) []string {
- gitArgs := make([]string, 0)
- if jbsConfig.Spec.GitSourceArchive.Identity != "" {
- gitArgs = append(gitArgs, "--git-identity="+jbsConfig.Spec.GitSourceArchive.Identity)
- }
- if jbsConfig.Spec.GitSourceArchive.URL != "" {
- gitArgs = append(gitArgs, "--git-url="+jbsConfig.Spec.GitSourceArchive.URL)
- }
- if jbsConfig.Spec.GitSourceArchive.DisableSSLVerification {
- gitArgs = append(gitArgs, "--git-disable-ssl-verification")
- }
- if db.Annotations[artifactbuild.DependencyScmAnnotation] == "true" {
- gitArgs = append(gitArgs, "--git-reuse-repository")
- }
- return gitArgs
-}
-
// This is similar to ContainerRegistryDeployer.java::createImageName with the same image tag length restriction.
func prependTagToImage(imageId string, prependTag string) string {
@@ -873,7 +789,7 @@ func prependTagToImage(imageId string, prependTag string) string {
func verifyParameters(jbsConfig *v1alpha1.JBSConfig, recipe *v1alpha1.BuildRecipe) []string {
verifyBuiltArtifactsArgs := []string{
"verify-built-artifacts",
- "--repository-url=$(params.CACHE_URL)",
+ "--repository-url=$(params." + PipelineParamProxyUrl + ")",
"--deploy-path=$(workspaces.source.path)/artifacts",
"--task-run-name=$(context.taskRun.name)",
"--results-file=$(results." + PipelineResultPassedVerification + ".path)",
@@ -920,8 +836,7 @@ func doSubstitution(script string, paramValues []tektonpipeline.Param, commitTim
script = strings.ReplaceAll(script, "$(params."+i.Name+")", i.Value.StringVal)
}
}
- script = strings.ReplaceAll(script, "$(params.CACHE_URL)", "http://localhost:8080/v2/cache/rebuild"+buildRepos+"/"+strconv.FormatInt(commitTime, 10)+"/")
- script = strings.ReplaceAll(script, "$(workspaces.build-settings.path)", "/var/workdir/software/settings")
+ script = strings.ReplaceAll(script, "$(params."+PipelineParamProxyUrl+")", "http://localhost:8080/v2/cache/rebuild"+buildRepos+"/"+strconv.FormatInt(commitTime, 10)+"/")
script = strings.ReplaceAll(script, "$(workspaces.source.path)", "/var/workdir/workspace")
script = strings.ReplaceAll(script, "$(workspaces.tls.path)", "/var/workdir/software/tls/service-ca.crt")
return script
diff --git a/pkg/reconciler/dependencybuild/dependencybuild.go b/pkg/reconciler/dependencybuild/dependencybuild.go
index bda79a8d5..73446b6ed 100644
--- a/pkg/reconciler/dependencybuild/dependencybuild.go
+++ b/pkg/reconciler/dependencybuild/dependencybuild.go
@@ -49,11 +49,9 @@ const (
PipelineParamChainsGitUrl = "CHAINS-GIT_URL"
PipelineParamChainsGitCommit = "CHAINS-GIT_COMMIT"
PipelineParamGoals = "GOALS"
- PipelineParamJavaVersion = "JAVA_VERSION"
- PipelineParamToolVersion = "TOOL_VERSION"
PipelineParamEnforceVersion = "ENFORCE_VERSION"
PipelineParamProjectVersion = "PROJECT_VERSION"
- PipelineParamCacheUrl = "CACHE_URL"
+ PipelineParamProxyUrl = "PROXY_URL"
PipelineResultImage = "IMAGE_URL"
PipelineResultImageDigest = "IMAGE_DIGEST"
PipelineResultPreBuildImageDigest = "PRE_BUILD_IMAGE_DIGEST"
@@ -591,10 +589,6 @@ func (r *ReconcileDependencyBuild) handleStateBuilding(ctx context.Context, db *
{Name: PipelineParamChainsGitCommit, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: db.Spec.ScmInfo.CommitHash}},
{Name: PipelineParamPath, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: contextDir}},
{Name: PipelineParamGoals, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeArray, ArrayVal: attempt.Recipe.CommandLine}},
- {Name: PipelineParamEnforceVersion, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: attempt.Recipe.EnforceVersion}},
- {Name: PipelineParamProjectVersion, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: db.Spec.Version}},
- {Name: PipelineParamToolVersion, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: attempt.Recipe.ToolVersion}},
- {Name: PipelineParamJavaVersion, Value: tektonpipeline.ResultValue{Type: tektonpipeline.ParamTypeString, StringVal: attempt.Recipe.JavaVersion}},
}
orasOptions := ""
@@ -626,7 +620,6 @@ func (r *ReconcileDependencyBuild) handleStateBuilding(ctx context.Context, db *
qty, _ := resource.ParseQuantity("1Gi")
pr.Spec.Params = paramValues
pr.Spec.Workspaces = []tektonpipeline.WorkspaceBinding{
- {Name: WorkspaceBuildSettings, EmptyDir: &v1.EmptyDirVolumeSource{}},
{Name: WorkspaceSource, VolumeClaimTemplate: &v1.PersistentVolumeClaim{
Spec: v1.PersistentVolumeClaimSpec{
AccessModes: []v1.PersistentVolumeAccessMode{v1.ReadWriteOnce},
@@ -636,18 +629,26 @@ func (r *ReconcileDependencyBuild) handleStateBuilding(ctx context.Context, db *
},
}},
}
- if orasOptions != "" {
- pr.Spec.TaskRunTemplate = tektonpipeline.PipelineTaskRunTemplate{
- PodTemplate: &pod.Template{
- Env: []v1.EnvVar{
- {
- Name: "ORAS_OPTIONS",
- Value: orasOptions,
- },
+ // Setting a default environment variable to represent being run inside the operator
+ pr.Spec.TaskRunTemplate = tektonpipeline.PipelineTaskRunTemplate{
+ PodTemplate: &pod.Template{
+ Env: []v1.EnvVar{
+ {
+ Name: util.ControllerNamespace,
+ Value: util.ControllerDeploymentName,
},
},
- }
+ },
}
+ if orasOptions != "" {
+ pr.Spec.TaskRunTemplate.PodTemplate.Env = append([]v1.EnvVar{
+ {
+ Name: "ORAS_OPTIONS",
+ Value: orasOptions,
+ },
+ }, pr.Spec.TaskRunTemplate.PodTemplate.Env...)
+ }
+
if jbsConfig.Annotations != nil && jbsConfig.Annotations[jbsconfig.CITests] == "true" {
log.Info(fmt.Sprintf("Configuring resources for %#v", BuildTaskName))
podMemR, _ := resource.ParseQuantity("1792Mi")
diff --git a/pkg/reconciler/dependencybuild/dependencybuild_test.go b/pkg/reconciler/dependencybuild/dependencybuild_test.go
index ee367504b..2ce668d63 100644
--- a/pkg/reconciler/dependencybuild/dependencybuild_test.go
+++ b/pkg/reconciler/dependencybuild/dependencybuild_test.go
@@ -228,7 +228,7 @@ func TestStateDetect(t *testing.T) {
g.Expect(or.Name).Should(Equal(db.Name))
}
}
- g.Expect(len(tr.Spec.Params)).Should(Equal(12))
+ g.Expect(len(tr.Spec.Params)).Should(Equal(8))
for _, param := range tr.Spec.Params {
switch param.Name {
case PipelineParamScmHash:
@@ -244,10 +244,6 @@ func TestStateDetect(t *testing.T) {
g.Expect(param.Value.StringVal).Should(Equal("some-url"))
case PipelineParamGoals:
g.Expect(param.Value.ArrayVal).Should(ContainElement("testgoal"))
- case PipelineParamEnforceVersion:
- g.Expect(param.Value.StringVal).Should(BeEmpty())
- case PipelineParamToolVersion:
- g.Expect(param.Value.StringVal).Should(Equal("3.8"))
}
}
}
diff --git a/pkg/reconciler/dependencybuild/scripts/ant-build.sh b/pkg/reconciler/dependencybuild/scripts/ant-build.sh
index 45696968b..de42389b4 100644
--- a/pkg/reconciler/dependencybuild/scripts/ant-build.sh
+++ b/pkg/reconciler/dependencybuild/scripts/ant-build.sh
@@ -1,32 +1,2 @@
-#!/usr/bin/env bash
-
-if [ ! -d "${ANT_HOME}" ]; then
- echo "Ant home directory not found at ${ANT_HOME}" >&2
- exit 1
-fi
-
-if [ -z ${JBS_DISABLE_CACHE+x} ]; then
- # XXX: It's possible that build.xml is not in the root directory
- cat > ivysettings.xml << EOF
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-EOF
-fi
-
echo "Running $(which ant) with arguments: $@"
-eval "ant $@" | tee $(workspaces.source.path)/logs/ant.log
+eval "ant $@" | tee ${JBS_WORKDIR}/logs/ant.log
diff --git a/pkg/reconciler/dependencybuild/scripts/build-entry.sh b/pkg/reconciler/dependencybuild/scripts/build-entry.sh
index 30c8b1cf2..45df6cc6b 100644
--- a/pkg/reconciler/dependencybuild/scripts/build-entry.sh
+++ b/pkg/reconciler/dependencybuild/scripts/build-entry.sh
@@ -1,51 +1,11 @@
#!/usr/bin/env bash
-set -o verbose
-set -eu
-set -o pipefail
-
-cd $(workspaces.source.path)/source
if [ -n "$(params.CONTEXT_DIR)" ]
then
cd $(params.CONTEXT_DIR)
fi
-if [ ! -z ${JAVA_HOME+x} ]; then
- echo "JAVA_HOME:$JAVA_HOME"
- PATH="${JAVA_HOME}/bin:$PATH"
-fi
-
-if [ ! -z ${MAVEN_HOME+x} ]; then
- echo "MAVEN_HOME:$MAVEN_HOME"
- PATH="${MAVEN_HOME}/bin:$PATH"
-fi
-
-if [ ! -z ${GRADLE_HOME+x} ]; then
- echo "GRADLE_HOME:$GRADLE_HOME"
- PATH="${GRADLE_HOME}/bin:$PATH"
-fi
-
-if [ ! -z ${ANT_HOME+x} ]; then
- echo "ANT_HOME:$ANT_HOME"
- PATH="${ANT_HOME}/bin:$PATH"
-fi
-
-if [ ! -z ${SBT_DIST+x} ]; then
- echo "SBT_DIST:$SBT_DIST"
- PATH="${SBT_DIST}/bin:$PATH"
-fi
-echo "PATH:$PATH"
-
-#fix this when we no longer need to run as root
-export HOME=/root
-
-mkdir -p $(workspaces.source.path)/logs $(workspaces.source.path)/packages
-
{{INSTALL_PACKAGE_SCRIPT}}
-
-#This is replaced when the task is created by the golang code
{{PRE_BUILD_SCRIPT}}
-
{{BUILD}}
-
{{POST_BUILD_SCRIPT}}
diff --git a/pkg/reconciler/dependencybuild/scripts/gradle-build.sh b/pkg/reconciler/dependencybuild/scripts/gradle-build.sh
index f708705d1..d49927765 100644
--- a/pkg/reconciler/dependencybuild/scripts/gradle-build.sh
+++ b/pkg/reconciler/dependencybuild/scripts/gradle-build.sh
@@ -1,29 +1,6 @@
-#!/usr/bin/env bash
-export GRADLE_USER_HOME="$(workspaces.build-settings.path)/.gradle"
-mkdir -p "${GRADLE_USER_HOME}"
-mkdir -p "${HOME}/.m2/repository"
-
-cat > "${GRADLE_USER_HOME}"/gradle.properties << EOF
-org.gradle.console=plain
-
+cat >> "${GRADLE_USER_HOME}"/gradle.properties << EOF
# For https://github.com/Kotlin/kotlinx.team.infra
versionSuffix=
-
-# Increase timeouts
-systemProp.org.gradle.internal.http.connectionTimeout=600000
-systemProp.org.gradle.internal.http.socketTimeout=600000
-systemProp.http.socketTimeout=600000
-systemProp.http.connectionTimeout=600000
-
-# Settings for
-RELEASE_REPOSITORY_URL=file:$(workspaces.source.path)/artifacts
-RELEASE_SIGNING_ENABLED=false
-mavenCentralUsername=
-mavenCentralPassword=
-
-# Default values for common enforced properties
-sonatypeUsername=jbs
-sonatypePassword=jbs
EOF
if [ -d .hacbs-init ]; then
@@ -31,33 +8,19 @@ if [ -d .hacbs-init ]; then
cp -r .hacbs-init "${GRADLE_USER_HOME}"/init.d
fi
-#if we run out of memory we want the JVM to die with error code 134
-export JAVA_OPTS="-XX:+CrashOnOutOfMemoryError"
-
-export PATH="${JAVA_HOME}/bin:${PATH}"
-
#some gradle builds get the version from the tag
#the git init task does not fetch tags
#so just create one to fool the plugin
git config user.email "HACBS@redhat.com"
git config user.name "HACBS"
-if [ -n "$(params.ENFORCE_VERSION)" ]; then
- echo "Creating tag $(params.PROJECT_VERSION) to match enforced version"
- git tag -m $(params.PROJECT_VERSION) -a $(params.PROJECT_VERSION) || true
-fi
-
-if [ ! -d "${GRADLE_HOME}" ]; then
- echo "Gradle home directory not found at ${GRADLE_HOME}" >&2
- exit 1
+if [ -n "${ENFORCE_VERSION}" ]; then
+ echo "Creating tag ${PROJECT_VERSION} to match enforced version"
+ git tag -m ${PROJECT_VERSION} -a ${PROJECT_VERSION} || true
fi
-export LANG="en_US.UTF-8"
-export LC_ALL="en_US.UTF-8"
-
#our dependency tracing breaks verification-metadata.xml
#TODO: should we disable tracing for these builds? It means we can't track dependencies directly, so we can't detect contaminants
rm -f gradle/verification-metadata.xml
echo "Running Gradle command with arguments: $@"
-
-gradle -Dmaven.repo.local=$(workspaces.source.path)/artifacts --info --stacktrace "$@" | tee $(workspaces.source.path)/logs/gradle.log
+gradle --info --stacktrace "$@" | tee ${JBS_WORKDIR}/logs/gradle.log
diff --git a/pkg/reconciler/dependencybuild/scripts/maven-build.sh b/pkg/reconciler/dependencybuild/scripts/maven-build.sh
index f4ca2bdc4..d4dffff79 100644
--- a/pkg/reconciler/dependencybuild/scripts/maven-build.sh
+++ b/pkg/reconciler/dependencybuild/scripts/maven-build.sh
@@ -1,57 +1,7 @@
-#!/usr/bin/env bash
-
-mkdir -p "${HOME}/.m2/repository"
-
-echo "MAVEN_HOME=${MAVEN_HOME}"
-
-if [ ! -d "${MAVEN_HOME}" ]; then
- echo "Maven home directory not found at ${MAVEN_HOME}" >&2
- exit 1
-fi
-
-TOOLCHAINS_XML="$(workspaces.build-settings.path)"/toolchains.xml
-
-cat >"$TOOLCHAINS_XML" <
-
-EOF
-
-if [ "$(params.JAVA_VERSION)" = "7" ]; then
- JAVA_VERSIONS="7:1.7.0 8:1.8.0 11:11"
-else
- JAVA_VERSIONS="8:1.8.0 9:11 11:11 17:17 21:21 22:22"
+if [ -n "${ENFORCE_VERSION}" ]; then
+ echo "Setting version to ${PROJECT_VERSION} to match enforced version"
+ mvn -B -e org.codehaus.mojo:versions-maven-plugin:2.8.1:set -DnewVersion="${PROJECT_VERSION}" | tee ${JBS_WORKDIR}/logs/enforce-version.log
fi
-for i in $JAVA_VERSIONS; do
- version=$(echo $i | cut -d : -f 1)
- home=$(echo $i | cut -d : -f 2)
- cat >>"$TOOLCHAINS_XML" <
- jdk
-
- $version
-
-
- /usr/lib/jvm/java-$home-openjdk
-
-
-EOF
-done
-
-cat >>"$TOOLCHAINS_XML" <
-EOF
-
-if [ -n "$(params.ENFORCE_VERSION)" ]; then
- echo "Setting version to $(params.PROJECT_VERSION) to match enforced version"
- mvn -B -e -s "$(workspaces.build-settings.path)/settings.xml" -t "$(workspaces.build-settings.path)/toolchains.xml" org.codehaus.mojo:versions-maven-plugin:2.8.1:set -DnewVersion="$(params.PROJECT_VERSION)" | tee $(workspaces.source.path)/logs/enforce-version.log
-fi
-
-#if we run out of memory we want the JVM to die with error code 134
-export MAVEN_OPTS="-XX:+CrashOnOutOfMemoryError"
-
echo "Running Maven command with arguments: $@"
-
-#we can't use array parameters directly here
-#we pass them in as goals
-mvn -V -B -e -s "$(workspaces.build-settings.path)/settings.xml" -t "$(workspaces.build-settings.path)/toolchains.xml" "$@" "-DaltDeploymentRepository=local::file:$(workspaces.source.path)/artifacts" | tee $(workspaces.source.path)/logs/maven.log
+mvn -V -B -e "$@" | tee ${JBS_WORKDIR}/logs/maven.log
diff --git a/pkg/reconciler/dependencybuild/scripts/maven-settings.sh b/pkg/reconciler/dependencybuild/scripts/maven-settings.sh
deleted file mode 100644
index 2eef7f043..000000000
--- a/pkg/reconciler/dependencybuild/scripts/maven-settings.sh
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/usr/bin/env bash
-
-if [ ! -z ${JBS_DISABLE_CACHE+x} ]; then
- cat >"$(workspaces.build-settings.path)"/settings.xml <
-EOF
-else
- cat >"$(workspaces.build-settings.path)"/settings.xml <
-
-
- mirror.default
- ${CACHE_URL}
- *
-
-
-EOF
-fi
-
-cat >>"$(workspaces.build-settings.path)"/settings.xml <
-
-
- gradle
-
-
- useJBSDeployed
-
-
-
-
- artifacts
- file://$(workspaces.source.path)/artifacts
-
- true
- ignore
-
-
-
-
-
- artifacts
- file://$(workspaces.source.path)/artifacts
-
- true
- ignore
-
-
-
-
-
-
-EOF
diff --git a/pkg/reconciler/dependencybuild/scripts/sbt-build.sh b/pkg/reconciler/dependencybuild/scripts/sbt-build.sh
index cdec09c9d..755b9c646 100644
--- a/pkg/reconciler/dependencybuild/scripts/sbt-build.sh
+++ b/pkg/reconciler/dependencybuild/scripts/sbt-build.sh
@@ -1,25 +1,3 @@
-#!/usr/bin/env bash
-
-mkdir -p "${HOME}/.sbt/1.0"
-cp -r /maven-artifacts/* "$HOME/.sbt/*" || true
-
-if [ ! -d "${SBT_DIST}" ]; then
- echo "SBT home directory not found at ${SBT_DIST}" >&2
- exit 1
-fi
-
-if [ -z ${JBS_DISABLE_CACHE+x} ]; then
- cat > "$HOME/.sbt/repositories" <"$HOME/.sbt/1.0/global.sbt" <