Skip to content

Commit 33e2fdf

Browse files
feat(KONFLUX-4158): add fbc-fips-check task to FBC pipeline (#1166)
* feat(KONFLUX-4158): add fbc-fips-check task to FBC pipeline This commit adds the fbc-fips-check to the FBC pipeline. It also adds a template file named images-mirror-set.yaml which is required by the FIPS task itself and will be used by other tasks in the future. Signed-off-by: yashvardhannanavati <22090997+yashvardhannanavati@users.noreply.github.com> Update .tekton/images-mirror-set.yaml * add related images * update patch_catalog.py * Keep related images --------- Co-authored-by: yashvardhannanavati <22090997+yashvardhannanavati@users.noreply.github.com>
1 parent 9384dd2 commit 33e2fdf

File tree

5 files changed

+72
-11
lines changed

5 files changed

+72
-11
lines changed

.tekton/images-mirror-set.yaml

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
---
2+
apiVersion: operator.openshift.io/v1alpha1
3+
kind: ImageDigestMirrorSet
4+
metadata:
5+
name: example-mirror-set
6+
spec:
7+
imageDigestMirrors:
8+
- mirrors:
9+
- quay.io/redhat-user-workloads/ocp-network-observab-tenant/netobserv-operator/network-observability-operator
10+
source: registry.redhat.io/network-observability/network-observability-rhel9-operator
11+
- mirrors:
12+
- quay.io/redhat-user-workloads/ocp-network-observab-tenant/netobserv-operator/flowlogs-pipeline
13+
source: registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9
14+
- mirrors:
15+
- quay.io/redhat-user-workloads/ocp-network-observab-tenant/netobserv-operator/netobserv-ebpf-agent
16+
source: registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9
17+
- mirrors:
18+
- quay.io/redhat-user-workloads/ocp-network-observab-tenant/netobserv-operator/network-observability-console-plugin
19+
source: registry.redhat.io/network-observability/network-observability-console-plugin-rhel9
20+
- mirrors:
21+
- quay.io/redhat-user-workloads/ocp-network-observab-tenant/netobserv-operator/network-observability-cli-container
22+
source: registry.redhat.io/network-observability/network-observability-cli-rhel9
23+
- mirrors:
24+
- quay.io/redhat-user-workloads/ocp-network-observab-tenant/netobserv-operator/network-observability-operator-bundle
25+
source: registry.redhat.io/network-observability/network-observability-operator-bundle

.tekton/pipeline-fbc-ref.yaml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -252,6 +252,30 @@ spec:
252252
operator: in
253253
values:
254254
- "true"
255+
- name: fbc-fips-check-oci-ta
256+
params:
257+
- name: image-digest
258+
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
259+
- name: image-url
260+
value: $(tasks.build-image-index.results.IMAGE_URL)
261+
- name: SOURCE_ARTIFACT
262+
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
263+
runAfter:
264+
- build-image-index
265+
taskRef:
266+
params:
267+
- name: name
268+
value: fbc-fips-check-oci-ta
269+
- name: bundle
270+
value: quay.io/konflux-ci/tekton-catalog/task-fbc-fips-check-oci-ta:0.1@sha256:2e6900f5755fca70f8eebfcf004f39dd9adf6b488c8828f35a1b24862a9f81cf
271+
- name: kind
272+
value: task
273+
resolver: bundles
274+
when:
275+
- input: $(params.skip-checks)
276+
operator: in
277+
values:
278+
- "false"
255279
- name: deprecated-base-image-check
256280
params:
257281
- name: IMAGE_URL

catalog/rc.yaml

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -994,13 +994,14 @@ properties:
994994
name: Red Hat
995995
url: https://www.redhat.com
996996
relatedImages:
997-
- image:
998-
registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:652c4315efe070dd4e3b91af036e9baa7bdeb9c6f1864b94b99f7795cfc5db88
999-
name: ''
1000-
- image:
1001-
registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:821f89fd102065ee8c1d14414b46ed332c2d22c6d0cf305386433245b4319c50
1002-
name: ''
1003-
- image:
1004-
registry.redhat.io/openshift4/ose-kube-rbac-proxy-rhel9@sha256:3fa22124916523b958c67af8ad652e73a2c3d68bb5579da1cba1ade537f3b7ae
1005-
name: ''
997+
- image: registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:625c61b35f6da4c363e97560562ea0483abbc9d656439a2a1a5e459f7c787d0c
998+
name: console_plugin
999+
- image: registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:4357c47a999973c65e16f8ac9ae418140de5a57826431f7c0dbd9cda597479ee
1000+
name: ebpf_agent
1001+
- image: registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:df416b77ce2e24110e23c0d0478e916fcf249a889f4be855e1834d0dd5d51af1
1002+
name: flowlogs_pipeline
1003+
- image: registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:8c2066523686a9ccad39043686d67b6c63c3a835691ceec48180758e168ed181
1004+
name: ""
1005+
- image: registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:17ed869827a412b801943cecc2b7be0e7f4dd8d0f84bcf4d4ebada0c9eec06a2
1006+
name: manager
10061007
schema: olm.bundle

hack/patch_catalog.py

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,15 @@
11
import os
22
from sys import exit as sys_exit
3-
from datetime import datetime
43
from ruamel.yaml import YAML
54
yaml = YAML()
65
yaml.explicit_start = True
76

87
version = os.getenv('VERSION')
98
bundle_image = os.getenv('BUNDLE_IMAGE_PULLSPEC')
9+
operator_image = os.getenv('OPERATOR_IMAGE_PULLSPEC')
10+
ebpf_image = os.getenv('EBPF_IMAGE_PULLSPEC')
11+
flp_image = os.getenv('FLP_IMAGE_PULLSPEC')
12+
console_image = os.getenv('CONSOLE_IMAGE_PULLSPEC')
1013
package_name = "network-observability-operator"
1114
package_full_name = '{}.v{}'.format(package_name, version)
1215

@@ -33,5 +36,13 @@ def dump_index(pathn, index):
3336
for relatedImage in index[0]["relatedImages"]:
3437
if relatedImage["image"][0:95] == "registry.redhat.io/network-observability/network-observability-operator-bundle":
3538
relatedImage["image"] = bundle_image
39+
elif relatedImage["name"] == "manager":
40+
relatedImage["image"] = operator_image
41+
elif relatedImage["name"] == "ebpf_agent":
42+
relatedImage["image"] = ebpf_image
43+
elif relatedImage["name"] == "flowlogs_pipeline":
44+
relatedImage["image"] = flp_image
45+
elif relatedImage["name"] == "console_plugin":
46+
relatedImage["image"] = console_image
3647

3748
dump_index(os.getenv('TARGET_INDEX_FILE'), index)

hack/patch_csv.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ def dump_manifest(pathn, manifest):
7575
csv['spec']['maturity'] = 'stable'
7676

7777
# remove relatedImages from spec as it is picked up from ENV instead (having them in both places generates a build error)
78-
csv['spec'].pop('relatedImages', None)
78+
# csv['spec'].pop('relatedImages', None)
7979

8080
csv['spec']['version'] = version
8181
csv['spec']['replaces'] = 'network-observability-operator.v{}'.format(replaces)

0 commit comments

Comments
 (0)