Skip to content

Commit

Permalink
push to a unique tag in buildah tasks
Browse files Browse the repository at this point in the history 
- Built image in buildah task is pushed to
a location specified in the `IMAGE` param
- This location does not have to be unique
when running multiple PipelineRuns on the
same revision
- A race condition can occur resulting
in a failure
- Besides pushing to `IMAGE`, push to a
tag named after the TaskRun name which
should be unique
  • Loading branch information
@tnevrlka
tnevrlka committed Nov 1, 2024
1 parent 22e9708 commit f3fb8d9
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 2 deletions.
9 changes: 9 additions & 0 deletions task/buildah-oci-ta/0.2/buildah-oci-ta.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -662,6 +662,15 @@ spec:
buildah commit "${BUILDAH_ARGS[@]}" $container $IMAGE
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)"; then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
exit 1
fi
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
Expand Down
9 changes: 9 additions & 0 deletions task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -780,6 +780,15 @@ spec:
buildah commit "${BUILDAH_ARGS[@]}" $container $IMAGE
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)"; then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
exit 1
fi
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
Expand Down
11 changes: 10 additions & 1 deletion task/buildah-remote/0.2/buildah-remote.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -471,7 +471,6 @@ spec:
VOLUME_MOUNTS+=(--volume /etc/rhsm/ca/redhat-uep.pem:/run/secrets/rhsm/ca/redhat-uep.pem)
fi
# was: if [ -d "$ACTIVATION_KEY_PATH" ]; then
elif find /entitlement -name "*.pem" >> null; then
cp -r --preserve=mode "$ENTITLEMENT_PATH" /tmp/entitlement
Expand Down Expand Up @@ -758,6 +757,16 @@ spec:
buildah commit "${BUILDAH_ARGS[@]}" $container $IMAGE
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)";
then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
exit 1
fi
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
Expand Down
11 changes: 10 additions & 1 deletion task/buildah/0.2/buildah.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -392,7 +392,6 @@ spec:
VOLUME_MOUNTS+=(--volume /etc/rhsm/ca/redhat-uep.pem:/run/secrets/rhsm/ca/redhat-uep.pem)
fi
# was: if [ -d "$ACTIVATION_KEY_PATH" ]; then
elif find /entitlement -name "*.pem" >> null; then
cp -r --preserve=mode "$ENTITLEMENT_PATH" /tmp/entitlement
Expand Down Expand Up @@ -607,6 +606,16 @@ spec:
buildah commit "${BUILDAH_ARGS[@]}" $container $IMAGE
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)";
then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
exit 1
fi
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
Expand Down

0 comments on commit f3fb8d9

Please sign in to comment.