Skip to content

Commit

Permalink
Rename 'optional' to 'additional'
Browse files Browse the repository at this point in the history
Per review feedback. This is a more straightforward name.
  • Loading branch information
ralphbean committed Jul 2, 2024
1 parent d2268a6 commit 537fe5c
Show file tree
Hide file tree
Showing 6 changed files with 60 additions and 60 deletions.
2 changes: 1 addition & 1 deletion task/buildah-oci-ta/0.1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ When prefetch-dependencies task was activated it is using its artifacts to run b
|HERMETIC|Determines if build will be executed without network access.|false|false|
|IMAGE|Reference of the image buildah will produce.||true|
|IMAGE_EXPIRES_AFTER|Delete image tag after specified time. Empty means to keep the image tag. Time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.|""|false|
|OPTIONAL_SECRET|Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$OPTIONAL_SECRET|does-not-exist|false|
|ADDITIONAL_SECRET|Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$ADDITIONAL_SECRET|does-not-exist|false|
|PREFETCH_INPUT|In case it is not empty, the prefetched content should be made available to the build.|""|false|
|SOURCE_ARTIFACT|The Trusted Artifact URI pointing to the artifact with the application source code.||true|
|SQUASH|Squash new layers added as a part of this build, as per --squash|false|false|
Expand Down
26 changes: 13 additions & 13 deletions task/buildah-oci-ta/0.1/buildah-oci-ta.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,9 @@ spec:
hours, days, and weeks, respectively.
type: string
default: ""
- name: OPTIONAL_SECRET
- name: ADDITIONAL_SECRET
description: Name of a secret which will be made available to the build
with 'buildah build --secret' at /run/secrets/$OPTIONAL_SECRET
with 'buildah build --secret' at /run/secrets/$ADDITIONAL_SECRET
type: string
default: does-not-exist
- name: PREFETCH_INPUT
Expand Down Expand Up @@ -140,10 +140,10 @@ spec:
secret:
optional: true
secretName: $(params.ENTITLEMENT_SECRET)
- name: optional-secret
- name: additional-secret
secret:
optional: true
secretName: $(params.OPTIONAL_SECRET)
secretName: $(params.ADDITIONAL_SECRET)
- name: shared
emptyDir: {}
- name: trusted-ca
Expand Down Expand Up @@ -181,8 +181,8 @@ spec:
value: $(params.SQUASH)
- name: SQUASH_ALL
value: $(params.SQUASH_ALL)
- name: OPTIONAL_SECRET
value: $(params.OPTIONAL_SECRET)
- name: ADDITIONAL_SECRET
value: $(params.ADDITIONAL_SECRET)
- name: STORAGE_DRIVER
value: vfs
- name: TARGET_STAGE
Expand Down Expand Up @@ -217,8 +217,8 @@ spec:
name: varlibcontainers
- mountPath: /entitlement
name: etc-pki-entitlement
- mountPath: /optional-secret
name: optional-secret
- mountPath: /additional-secret
name: additional-secret
- mountPath: /mnt/trusted-ca
name: trusted-ca
readOnly: true
Expand Down Expand Up @@ -349,11 +349,11 @@ spec:
echo "Adding the entitlement to the build"
fi
OPTIONAL_SECRET_PATH="/optional-secret"
if [ -d "$OPTIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$OPTIONAL_SECRET_PATH" /tmp/optional-secret
BUILDAH_ARGS+=("--secret=id=${OPTIONAL_SECRET},src=/tmp/optional-secret")
echo "Adding the secret ${OPTIONAL_SECRET} to the build, available at /run/secrets/${OPTIONAL_SECRET}"
ADDITIONAL_SECRET_PATH="/additional-secret"
if [ -d "$ADDITIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$ADDITIONAL_SECRET_PATH" /tmp/additional-secret
BUILDAH_ARGS+=("--secret=id=${ADDITIONAL_SECRET},src=/tmp/additional-secret")
echo "Adding the secret ${ADDITIONAL_SECRET} to the build, available at /run/secrets/${ADDITIONAL_SECRET}"
fi
unshare -Uf $UNSHARE_ARGS --keep-caps -r --map-users 1,1,65536 --map-groups 1,1,65536 -w ${SOURCE_CODE_DIR}/$CONTEXT -- buildah build \
Expand Down
32 changes: 16 additions & 16 deletions task/buildah-remote-oci-ta/0.1/buildah-remote-oci-ta.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -69,8 +69,8 @@ spec:
type: string
- default: does-not-exist
description: Name of a secret which will be made available to the build with 'buildah
build --secret' at /run/secrets/$OPTIONAL_SECRET
name: OPTIONAL_SECRET
build --secret' at /run/secrets/$ADDITIONAL_SECRET
name: ADDITIONAL_SECRET
type: string
- default: ""
description: In case it is not empty, the prefetched content should be made available
Expand Down Expand Up @@ -160,8 +160,8 @@ spec:
value: $(params.SQUASH)
- name: SQUASH_ALL
value: $(params.SQUASH_ALL)
- name: OPTIONAL_SECRET
value: $(params.OPTIONAL_SECRET)
- name: ADDITIONAL_SECRET
value: $(params.ADDITIONAL_SECRET)
- name: STORAGE_DRIVER
value: vfs
- name: TARGET_STAGE
Expand Down Expand Up @@ -233,7 +233,7 @@ spec:
rsync -ra /shared/ "$SSH_HOST:$BUILD_DIR/volumes/shared/"
rsync -ra /var/workdir/ "$SSH_HOST:$BUILD_DIR/volumes/workdir/"
rsync -ra /entitlement/ "$SSH_HOST:$BUILD_DIR/volumes/etc-pki-entitlement/"
rsync -ra /optional-secret/ "$SSH_HOST:$BUILD_DIR/volumes/optional-secret/"
rsync -ra /additional-secret/ "$SSH_HOST:$BUILD_DIR/volumes/additional-secret/"
rsync -ra /mnt/trusted-ca/ "$SSH_HOST:$BUILD_DIR/volumes/trusted-ca/"
rsync -ra "$HOME/.docker/" "$SSH_HOST:$BUILD_DIR/.docker/"
rsync -ra "/tekton/results/" "$SSH_HOST:$BUILD_DIR/tekton-results/"
Expand Down Expand Up @@ -365,11 +365,11 @@ spec:
echo "Adding the entitlement to the build"
fi
OPTIONAL_SECRET_PATH="/optional-secret"
if [ -d "$OPTIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$OPTIONAL_SECRET_PATH" /tmp/optional-secret
BUILDAH_ARGS+=("--secret=id=${OPTIONAL_SECRET},src=/tmp/optional-secret")
echo "Adding the secret ${OPTIONAL_SECRET} to the build, available at /run/secrets/${OPTIONAL_SECRET}"
ADDITIONAL_SECRET_PATH="/additional-secret"
if [ -d "$ADDITIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$ADDITIONAL_SECRET_PATH" /tmp/additional-secret
BUILDAH_ARGS+=("--secret=id=${ADDITIONAL_SECRET},src=/tmp/additional-secret")
echo "Adding the secret ${ADDITIONAL_SECRET} to the build, available at /run/secrets/${ADDITIONAL_SECRET}"
fi
unshare -Uf $UNSHARE_ARGS --keep-caps -r --map-users 1,1,65536 --map-groups 1,1,65536 -w ${SOURCE_CODE_DIR}/$CONTEXT -- buildah build \
Expand Down Expand Up @@ -416,7 +416,7 @@ spec:
-e IMAGE_EXPIRES_AFTER="$IMAGE_EXPIRES_AFTER" \
-e SQUASH="$SQUASH" \
-e SQUASH_ALL="$SQUASH_ALL" \
-e OPTIONAL_SECRET="$OPTIONAL_SECRET" \
-e ADDITIONAL_SECRET="$ADDITIONAL_SECRET" \
-e STORAGE_DRIVER="$STORAGE_DRIVER" \
-e TARGET_STAGE="$TARGET_STAGE" \
-e TLSVERIFY="$TLSVERIFY" \
Expand All @@ -427,7 +427,7 @@ spec:
-v "$BUILD_DIR/volumes/shared:/shared:Z" \
-v "$BUILD_DIR/volumes/workdir:/var/workdir:Z" \
-v "$BUILD_DIR/volumes/etc-pki-entitlement:/entitlement:Z" \
-v "$BUILD_DIR/volumes/optional-secret:/optional-secret:Z" \
-v "$BUILD_DIR/volumes/additional-secret:/additional-secret:Z" \
-v "$BUILD_DIR/volumes/trusted-ca:/mnt/trusted-ca:Z" \
-v "$BUILD_DIR/.docker/:/root/.docker:Z" \
-v "$BUILD_DIR/tekton-results/:/tekton/results:Z" \
Expand All @@ -451,8 +451,8 @@ spec:
name: varlibcontainers
- mountPath: /entitlement
name: etc-pki-entitlement
- mountPath: /optional-secret
name: optional-secret
- mountPath: /additional-secret
name: additional-secret
- mountPath: /mnt/trusted-ca
name: trusted-ca
readOnly: true
Expand Down Expand Up @@ -626,10 +626,10 @@ spec:
secret:
optional: true
secretName: $(params.ENTITLEMENT_SECRET)
- name: optional-secret
- name: additional-secret
secret:
optional: true
secretName: $(params.OPTIONAL_SECRET)
secretName: $(params.ADDITIONAL_SECRET)
- emptyDir: {}
name: shared
- configMap:
Expand Down
32 changes: 16 additions & 16 deletions task/buildah-remote/0.1/buildah-remote.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -80,8 +80,8 @@ spec:
type: string
- default: does-not-exist
description: Name of a secret which will be made available to the build with 'buildah
build --secret' at /run/secrets/$OPTIONAL_SECRET
name: OPTIONAL_SECRET
build --secret' at /run/secrets/$ADDITIONAL_SECRET
name: ADDITIONAL_SECRET
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings)
Expand Down Expand Up @@ -161,8 +161,8 @@ spec:
value: $(params.BUILDER_IMAGE)
- name: ENTITLEMENT_SECRET
value: $(params.ENTITLEMENT_SECRET)
- name: OPTIONAL_SECRET
value: $(params.OPTIONAL_SECRET)
- name: ADDITIONAL_SECRET
value: $(params.ADDITIONAL_SECRET)
- name: BUILD_ARGS_FILE
value: $(params.BUILD_ARGS_FILE)
- name: ADD_CAPABILITIES
Expand Down Expand Up @@ -221,7 +221,7 @@ spec:
rsync -ra $(workspaces.source.path)/ "$SSH_HOST:$BUILD_DIR/workspaces/source/"
rsync -ra /shared/ "$SSH_HOST:$BUILD_DIR/volumes/shared/"
rsync -ra /entitlement/ "$SSH_HOST:$BUILD_DIR/volumes/etc-pki-entitlement/"
rsync -ra /optional-secret/ "$SSH_HOST:$BUILD_DIR/volumes/optional-secret/"
rsync -ra /additional-secret/ "$SSH_HOST:$BUILD_DIR/volumes/additional-secret/"
rsync -ra /mnt/trusted-ca/ "$SSH_HOST:$BUILD_DIR/volumes/trusted-ca/"
rsync -ra "$HOME/.docker/" "$SSH_HOST:$BUILD_DIR/.docker/"
rsync -ra "/tekton/results/" "$SSH_HOST:$BUILD_DIR/tekton-results/"
Expand Down Expand Up @@ -357,11 +357,11 @@ spec:
echo "Adding the entitlement to the build"
fi
OPTIONAL_SECRET_PATH="/optional-secret"
if [ -d "$OPTIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$OPTIONAL_SECRET_PATH" /tmp/optional-secret
BUILDAH_ARGS+=("--secret=id=${OPTIONAL_SECRET},src=/tmp/optional-secret")
echo "Adding the secret ${OPTIONAL_SECRET} to the build, available at /run/secrets/${OPTIONAL_SECRET}"
ADDITIONAL_SECRET_PATH="/additional-secret"
if [ -d "$ADDITIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$ADDITIONAL_SECRET_PATH" /tmp/additional-secret
BUILDAH_ARGS+=("--secret=id=${ADDITIONAL_SECRET},src=/tmp/additional-secret")
echo "Adding the secret ${ADDITIONAL_SECRET} to the build, available at /run/secrets/${ADDITIONAL_SECRET}"
fi
unshare -Uf $UNSHARE_ARGS --keep-caps -r --map-users 1,1,65536 --map-groups 1,1,65536 -w ${SOURCE_CODE_DIR}/$CONTEXT -- buildah build \
Expand Down Expand Up @@ -411,7 +411,7 @@ spec:
-e TARGET_STAGE="$TARGET_STAGE" \
-e PARAM_BUILDER_IMAGE="$PARAM_BUILDER_IMAGE" \
-e ENTITLEMENT_SECRET="$ENTITLEMENT_SECRET" \
-e OPTIONAL_SECRET="$OPTIONAL_SECRET" \
-e ADDITIONAL_SECRET="$ADDITIONAL_SECRET" \
-e BUILD_ARGS_FILE="$BUILD_ARGS_FILE" \
-e ADD_CAPABILITIES="$ADD_CAPABILITIES" \
-e SQUASH="$SQUASH" \
Expand All @@ -420,7 +420,7 @@ spec:
-v "$BUILD_DIR/workspaces/source:$(workspaces.source.path):Z" \
-v "$BUILD_DIR/volumes/shared:/shared:Z" \
-v "$BUILD_DIR/volumes/etc-pki-entitlement:/entitlement:Z" \
-v "$BUILD_DIR/volumes/optional-secret:/optional-secret:Z" \
-v "$BUILD_DIR/volumes/additional-secret:/additional-secret:Z" \
-v "$BUILD_DIR/volumes/trusted-ca:/mnt/trusted-ca:Z" \
-v "$BUILD_DIR/.docker/:/root/.docker:Z" \
-v "$BUILD_DIR/tekton-results/:/tekton/results:Z" \
Expand All @@ -444,8 +444,8 @@ spec:
name: varlibcontainers
- mountPath: /entitlement
name: etc-pki-entitlement
- mountPath: /optional-secret
name: optional-secret
- mountPath: /additional-secret
name: additional-secret
- mountPath: /mnt/trusted-ca
name: trusted-ca
readOnly: true
Expand Down Expand Up @@ -627,10 +627,10 @@ spec:
secret:
optional: true
secretName: $(params.ENTITLEMENT_SECRET)
- name: optional-secret
- name: additional-secret
secret:
optional: true
secretName: $(params.OPTIONAL_SECRET)
secretName: $(params.ADDITIONAL_SECRET)
- configMap:
items:
- key: $(params.caTrustConfigMapKey)
Expand Down
2 changes: 1 addition & 1 deletion task/buildah/0.1/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ When prefetch-dependencies task was activated it is using its artifacts to run b
|YUM_REPOS_D_TARGET|Target path on the container in which yum repository files should be made available|/etc/yum.repos.d|false|
|TARGET_STAGE|Target stage in Dockerfile to build. If not specified, the Dockerfile is processed entirely to (and including) its last stage.|""|false|
|ENTITLEMENT_SECRET|Name of secret which contains the entitlement certificates|etc-pki-entitlement|false|
|OPTIONAL_SECRET|Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$OPTIONAL_SECRET|does-not-exist|false|
|ADDITIONAL_SECRET|Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$ADDITIONAL_SECRET|does-not-exist|false|
|BUILD_ARGS|Array of --build-arg values ("arg=value" strings)|[]|false|
|BUILD_ARGS_FILE|Path to a file with build arguments, see https://www.mankier.com/1/buildah-build#--build-arg-file|""|false|
|SQUASH|Squash new layers added as a part of this build, as per --squash|false|false|
Expand Down
26 changes: 13 additions & 13 deletions task/buildah/0.1/buildah.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,8 @@ spec:
description: Name of secret which contains the entitlement certificates
type: string
default: "etc-pki-entitlement"
- name: OPTIONAL_SECRET
description: Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$OPTIONAL_SECRET
- name: ADDITIONAL_SECRET
description: Name of a secret which will be made available to the build with 'buildah build --secret' at /run/secrets/$ADDITIONAL_SECRET
type: string
default: "does-not-exist"
- name: BUILD_ARGS
Expand Down Expand Up @@ -149,8 +149,8 @@ spec:
value: $(params.BUILDER_IMAGE)
- name: ENTITLEMENT_SECRET
value: $(params.ENTITLEMENT_SECRET)
- name: OPTIONAL_SECRET
value: $(params.OPTIONAL_SECRET)
- name: ADDITIONAL_SECRET
value: $(params.ADDITIONAL_SECRET)
- name: BUILD_ARGS_FILE
value: $(params.BUILD_ARGS_FILE)
- name: ADD_CAPABILITIES
Expand Down Expand Up @@ -302,11 +302,11 @@ spec:
echo "Adding the entitlement to the build"
fi
OPTIONAL_SECRET_PATH="/optional-secret"
if [ -d "$OPTIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$OPTIONAL_SECRET_PATH" /tmp/optional-secret
BUILDAH_ARGS+=("--secret=id=${OPTIONAL_SECRET},src=/tmp/optional-secret")
echo "Adding the secret ${OPTIONAL_SECRET} to the build, available at /run/secrets/${OPTIONAL_SECRET}"
ADDITIONAL_SECRET_PATH="/additional-secret"
if [ -d "$ADDITIONAL_SECRET_PATH" ]; then
cp -r --preserve=mode "$ADDITIONAL_SECRET_PATH" /tmp/additional-secret
BUILDAH_ARGS+=("--secret=id=${ADDITIONAL_SECRET},src=/tmp/additional-secret")
echo "Adding the secret ${ADDITIONAL_SECRET} to the build, available at /run/secrets/${ADDITIONAL_SECRET}"
fi
unshare -Uf $UNSHARE_ARGS --keep-caps -r --map-users 1,1,65536 --map-groups 1,1,65536 -w ${SOURCE_CODE_DIR}/$CONTEXT -- buildah build \
Expand Down Expand Up @@ -346,8 +346,8 @@ spec:
name: varlibcontainers
- mountPath: "/entitlement"
name: etc-pki-entitlement
- mountPath: "/optional-secret"
name: optional-secret
- mountPath: "/additional-secret"
name: additional-secret
- name: trusted-ca
mountPath: /mnt/trusted-ca
readOnly: true
Expand Down Expand Up @@ -530,9 +530,9 @@ spec:
secret:
secretName: $(params.ENTITLEMENT_SECRET)
optional: true
- name: optional-secret
- name: additional-secret
secret:
secretName: $(params.OPTIONAL_SECRET)
secretName: $(params.ADDITIONAL_SECRET)
optional: true
- name: trusted-ca
configMap:
Expand Down

0 comments on commit 537fe5c

Please sign in to comment.