Add imageContentSources to eaas-create-ephemeral-cluster-hypershift-aws #1594
Conversation
The user may choose to pass the value as a quoted string with explicit
newlines ("\n") or by using the "|" operator, among other options. A tool
like `yq` is therefore necessary since basic variable expansion within a
heredoc isn't adequate at preventing issues with malformed yaml.
As a result. the container image was changed to one which provides both the
`yq` and `kubectl` binaries. This is a more upstream friendly image
since it's publicly pullable.
Signed-off-by: Alex Misstear <[email protected]>
amisstea
force-pushed
the
KFLUXVNGD-105
branch
from
0eb4b04
to
d2bd7a7
Compare
|
@hmariset please review |
|
/retest |
|
@konflux-ci/build-maintainers I need some help getting this added to the merge queue. Please review and merge, if possible. Thanks! |
| @@ -6,7 +6,8 @@ spec: | |||
| description: >- | |||
| This StepAction provisions an ephemeral cluster using Hypershift with 3 worker nodes in AWS. | |||
| It does so by creating a ClusterTemplateInstance in a space on an EaaS cluster. | |||
| image: registry.redhat.io/openshift4/ose-cli@sha256:15da03b04318bcc842060b71e9dd6d6c2595edb4e8fdd11b0c6781eeb03ca182 | |||
| image: public.ecr.aws/bitnami/kubectl:1.31.2@sha256:df433ab6de9adfb0223df79167719099726f946a68c1784d7739a8b6b63cd137 | |||
There was a problem hiding this comment.
There is a list of allowed registries for step images: https://github.com/release-engineering/rhtap-ec-policy/blob/ba7c0a249386ac15df6495e31140de7fb038187f/data/rule_data.yml#L10
Side note, we'll need to extend the CI check to take StepActions into account as well
There was a problem hiding this comment.
Side note, we'll need to extend the CI check to take StepActions into account as well
There was a problem hiding this comment.
Ah, good point. I'll have a look for an alternate image from those allowed registries/orgs.
There was a problem hiding this comment.
quay.io/konflux-ci/appstudio-utils might work, it contains both yq and kubectl and other tasks already use it
There was a problem hiding this comment.
I opened #1597 to upgrade the oc/kubectl version in the appstudio-utils image. I'll update this image ref once the new image is built and released.
The user may choose to pass the value as a quoted string with explicit newlines ("\n") or by using the "|" operator, among other options. A tool like
yqis therefore necessary since basic variable expansion within a heredoc isn't adequate at preventing issues with malformed yaml.As a result. the container image was changed to one which provides both the
yqandkubectlbinaries. This is a more upstream friendly image since it's publicly pullable.