From ed327d3d046e258988a6d1feed61609032f623a5 Mon Sep 17 00:00:00 2001 From: Thomas Vitale Date: Sat, 8 Apr 2023 23:06:03 +0200 Subject: [PATCH] Update task images (#1) * Update task images * Update test dependencies --- .github/workflows/release.yml | 2 +- .../git-write-config-and-pr-task.yml | 4 +- .../config-writer/git-write-config-task.yml | 2 +- .../config-writer/image-write-config-task.yml | 4 +- .../config/scanning/grype-scan-image-task.yml | 2 +- .../scanning/grype-scan-source-task.yml | 4 +- .../config/scanning/trivy-scan-image-task.yml | 2 +- .../scanning/trivy-scan-source-task.yml | 4 +- package/config/testing/java-test-pipeline.yml | 46 +++++++++++++++++++ test/integration/kuttl-test.yml | 4 +- test/setup/dependencies/tekton-pipelines.yml | 2 +- test/setup/kind/v1.24/kind-config.yml | 4 +- test/setup/kind/v1.25/kind-config.yml | 4 +- test/setup/kind/v1.26/kind-config.yml | 4 +- 14 files changed, 67 insertions(+), 21 deletions(-) create mode 100644 package/config/testing/java-test-pipeline.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dbe8386..8d3e8f7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,6 +18,6 @@ jobs: registry-server: ghcr.io registry-username: ${{ github.actor }} image: ${{ github.repository }} - version: 0.1.0 + version: 0.1.1 secrets: pull-request-token: ${{ secrets.GH_ORG_PAT }} diff --git a/package/config/config-writer/git-write-config-and-pr-task.yml b/package/config/config-writer/git-write-config-and-pr-task.yml index 52ddcb0..500ef68 100644 --- a/package/config/config-writer/git-write-config-and-pr-task.yml +++ b/package/config/config-writer/git-write-config-and-pr-task.yml @@ -66,7 +66,7 @@ spec: mountPath: /workspaces/repo-dir steps: - name: prepare-config-files - image: paketobuildpacks/build-jammy-base:0.1.47 + image: paketobuildpacks/build-jammy-base:0.1.48 workingDir: /tekton/home securityContext: runAsNonRoot: true @@ -125,7 +125,7 @@ spec: echo "$commit_branch" > /workspaces/repo-dir/commit_branch - name: open-pr - image: ghcr.io/jenkins-x/jx-scm:0.2.19 + image: ghcr.io/jenkins-x/jx-scm:0.2.21 workingDir: /tekton/home script: | #!/usr/bin/env sh diff --git a/package/config/config-writer/git-write-config-task.yml b/package/config/config-writer/git-write-config-task.yml index ac40f10..a76d137 100644 --- a/package/config/config-writer/git-write-config-task.yml +++ b/package/config/config-writer/git-write-config-task.yml @@ -39,7 +39,7 @@ spec: mountPath: /workspace/config-dir steps: - name: prepare-config-files - image: paketobuildpacks/build-jammy-base:0.1.47 + image: paketobuildpacks/build-jammy-base:0.1.48 workingDir: /tekton/home securityContext: runAsNonRoot: true diff --git a/package/config/config-writer/image-write-config-task.yml b/package/config/config-writer/image-write-config-task.yml index 6906e8c..8205911 100644 --- a/package/config/config-writer/image-write-config-task.yml +++ b/package/config/config-writer/image-write-config-task.yml @@ -23,7 +23,7 @@ spec: mountPath: /workspace/config-dir steps: - name: prepare-config-files - image: paketobuildpacks/build-jammy-base:0.1.47 + image: paketobuildpacks/build-jammy-base:0.1.48 workingDir: /tekton/home securityContext: runAsNonRoot: true @@ -36,7 +36,7 @@ spec: eval "$(cat files.json | jq -r 'to_entries | .[] | @sh "mkdir -p $(dirname \(.key)) && echo \(.value) > \(.key) && mv \(.key) $(workspaces.config-dir.path)/"')" - name: publish-config-bundle - image: paketobuildpacks/build-jammy-base:0.1.47 + image: paketobuildpacks/build-jammy-base:0.1.48 workingDir: /tekton/home securityContext: runAsNonRoot: true diff --git a/package/config/scanning/grype-scan-image-task.yml b/package/config/scanning/grype-scan-image-task.yml index ad8670f..2fbf7b9 100644 --- a/package/config/scanning/grype-scan-image-task.yml +++ b/package/config/scanning/grype-scan-image-task.yml @@ -16,5 +16,5 @@ spec: - "--only-fixed" steps: - name: scan - image: anchore/grype:v0.59.1 + image: anchore/grype:v0.61.0 args: ["$(params.image)", "$(params.grype-args[*])"] diff --git a/package/config/scanning/grype-scan-source-task.yml b/package/config/scanning/grype-scan-source-task.yml index a57633b..9d98ada 100644 --- a/package/config/scanning/grype-scan-source-task.yml +++ b/package/config/scanning/grype-scan-source-task.yml @@ -21,7 +21,7 @@ spec: mountPath: /workspace/source-dir steps: - name: prepare - image: paketobuildpacks/build-jammy-base:0.1.47 + image: paketobuildpacks/build-jammy-base:0.1.48 workingDir: /tekton/home securityContext: runAsNonRoot: true @@ -31,6 +31,6 @@ spec: cd $(params.source-subpath) mv * $(workspaces.source-dir.path) - name: scan - image: anchore/grype:v0.59.1 + image: anchore/grype:v0.61.0 workingDir: $(workspaces.source-dir.path) args: ["dir:.", "$(params.grype-args[*])"] diff --git a/package/config/scanning/trivy-scan-image-task.yml b/package/config/scanning/trivy-scan-image-task.yml index ca479c3..b9a9b63 100644 --- a/package/config/scanning/trivy-scan-image-task.yml +++ b/package/config/scanning/trivy-scan-image-task.yml @@ -16,5 +16,5 @@ spec: - "--ignore-unfixed" steps: - name: scan - image: aquasec/trivy:0.38.3 + image: aquasec/trivy:0.39.0 args: ["image", "$(params.trivy-args[*])", "$(params.image)"] diff --git a/package/config/scanning/trivy-scan-source-task.yml b/package/config/scanning/trivy-scan-source-task.yml index 3426e59..ca9e1ca 100644 --- a/package/config/scanning/trivy-scan-source-task.yml +++ b/package/config/scanning/trivy-scan-source-task.yml @@ -21,7 +21,7 @@ spec: mountPath: /workspace/source-dir steps: - name: prepare - image: paketobuildpacks/build-jammy-base:0.1.47 + image: paketobuildpacks/build-jammy-base:0.1.48 workingDir: /tekton/home securityContext: runAsNonRoot: true @@ -31,6 +31,6 @@ spec: cd $(params.source-subpath) mv * $(workspaces.source-dir.path) - name: scan - image: aquasec/trivy:0.38.3 + image: aquasec/trivy:0.39.0 workingDir: $(workspaces.source-dir.path) args: ["fs", "$(params.trivy-args[*])", "."] diff --git a/package/config/testing/java-test-pipeline.yml b/package/config/testing/java-test-pipeline.yml new file mode 100644 index 0000000..85587a8 --- /dev/null +++ b/package/config/testing/java-test-pipeline.yml @@ -0,0 +1,46 @@ +--- +apiVersion: tekton.dev/v1 +kind: Pipeline +metadata: + name: java-test-pipeline + labels: + apps.kadras.io/pipeline: test + apps.kadras.io/language: java +spec: + description: Runs tests for a Java application using Gradle or Maven. + params: + - name: source-url + - name: source-revision + - name: source-subpath + tasks: + - name: test + params: + - name: source-url + value: $(params.source-url) + - name: source-revision + value: $(params.source-revision) + - name: source-subpath + value: $(params.source-subpath) + taskSpec: + params: + - name: source-url + - name: source-revision + - name: source-subpath + steps: + - name: test + image: cgr.dev/chainguard/jdk:openjdk-17 + securityContext: + runAsNonRoot: true + script: |- + wget -qO- $(params.source-url) | tar xvz -m + cd $(params.source-subpath) + if [ -f gradlew ]; then + chmod +x ./gradlew + ./gradlew build --no-daemon + elif [ -f mvnw ]; then + chmod +x ./mvnw + ./mvnw test + else + echo "ERROR. This pipeline supports only Java projects using the Maven or Gradle wrappers." + exit 1 + fi diff --git a/test/integration/kuttl-test.yml b/test/integration/kuttl-test.yml index 75e7f32..03ceac8 100644 --- a/test/integration/kuttl-test.yml +++ b/test/integration/kuttl-test.yml @@ -17,8 +17,8 @@ commands: - script: | kubectl config set-context --current --namespace=tests && \ kapp deploy -a tekton-pipelines-package -y \ - -f https://github.com/kadras-io/package-for-tekton-pipelines/releases/download/v0.46.0/package.yml \ - -f https://github.com/kadras-io/package-for-tekton-pipelines/releases/download/v0.46.0/metadata.yml + -f https://github.com/kadras-io/package-for-tekton-pipelines/releases/download/v0.46.0+kadras.2/package.yml \ + -f https://github.com/kadras-io/package-for-tekton-pipelines/releases/download/v0.46.0+kadras.2/metadata.yml - script: | kubectl config set-context --current --namespace=tests && \ kapp deploy -a dependencies -y -f ./test/setup/dependencies diff --git a/test/setup/dependencies/tekton-pipelines.yml b/test/setup/dependencies/tekton-pipelines.yml index ad97da2..accb768 100644 --- a/test/setup/dependencies/tekton-pipelines.yml +++ b/test/setup/dependencies/tekton-pipelines.yml @@ -12,4 +12,4 @@ spec: packageRef: refName: tekton-pipelines.packages.kadras.io versionSelection: - constraints: 0.46.0 + constraints: 0.46.0+kadras.2 diff --git a/test/setup/kind/v1.24/kind-config.yml b/test/setup/kind/v1.24/kind-config.yml index c8b4d22..580e675 100644 --- a/test/setup/kind/v1.24/kind-config.yml +++ b/test/setup/kind/v1.24/kind-config.yml @@ -3,6 +3,6 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane - image: kindest/node:v1.24.7 + image: kindest/node:v1.24.12 - role: worker - image: kindest/node:v1.24.7 + image: kindest/node:v1.24.12 diff --git a/test/setup/kind/v1.25/kind-config.yml b/test/setup/kind/v1.25/kind-config.yml index 030c05e..18a17bd 100644 --- a/test/setup/kind/v1.25/kind-config.yml +++ b/test/setup/kind/v1.25/kind-config.yml @@ -3,6 +3,6 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane - image: kindest/node:v1.25.3 + image: kindest/node:v1.25.8 - role: worker - image: kindest/node:v1.25.3 + image: kindest/node:v1.25.8 diff --git a/test/setup/kind/v1.26/kind-config.yml b/test/setup/kind/v1.26/kind-config.yml index 0774507..254a0ab 100644 --- a/test/setup/kind/v1.26/kind-config.yml +++ b/test/setup/kind/v1.26/kind-config.yml @@ -3,6 +3,6 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane - image: kindest/node:v1.26.2 + image: kindest/node:v1.26.3 - role: worker - image: kindest/node:v1.26.2 + image: kindest/node:v1.26.3