AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ff21c258e07e4a87fb9340de2d8aab208bc0baf6
kubernetes/dev/tekton/openliberty/test.yaml
T
allard ff21c258e0 eindelijk weer eens een push
2026-05-31 16:07:30 +02:00

132 lines
9.8 KiB
YAML
Raw Blame History

kubectl get task buildah -o yaml
apiVersion: tekton.dev/v1
kind: Task
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"tekton.dev/v1","kind":"Task","metadata":{"annotations":{"tekton.dev/categories":"Image Build","tekton.dev/displayName":"buildah","tekton.dev/pipelines.minVersion":"0.50.0","tekton.dev/platforms":"linux/amd64,linux/s390x,linux/ppc64le,linux/arm64","tekton.dev/tags":"image-build"},"labels":{"app.kubernetes.io/version":"0.9"},"name":"buildah","namespace":"default"},"spec":{"description":"Buildah task builds source into a container image and then pushes it to a container registry.\nBuildah Task builds source into a container image using Project Atomic's Buildah build tool.It uses Buildah's support for building from Dockerfiles, using its buildah bud command.This command executes the directives in the Dockerfile to assemble a container image, then pushes that image to a container registry.","params":[{"description":"Reference of the image buildah will produce.","name":"IMAGE"},{"default":"quay.io/buildah/stable:v1","description":"The location of the buildah builder image.","name":"BUILDER_IMAGE"},{"default":"overlay","description":"Set buildah storage driver","name":"STORAGE_DRIVER"},{"default":"./Dockerfile","description":"Path to the Dockerfile to build.","name":"DOCKERFILE"},{"default":".","description":"Path to the directory to use as context.","name":"CONTEXT"},{"default":"true","description":"Verify the TLS on the registry endpoint (for push/pull to a non-TLS registry)","name":"TLSVERIFY"},{"default":"oci","description":"The format of the built container, oci or docker","name":"FORMAT"},{"default":"","description":"Extra parameters passed for the build command when building images. WARNING - must be sanitized to avoid command injection","name":"BUILD_EXTRA_ARGS"},{"default":"","description":"Extra parameters passed for the push command when pushing images. WARNING - must be sanitized to avoid command injection","name":"PUSH_EXTRA_ARGS","type":"string"},{"default":"false","description":"Skip pushing the built image","name":"SKIP_PUSH"},{"default":[""],"description":"Dockerfile build arguments, array of key=value","name":"BUILD_ARGS","type":"array"}],"results":[{"description":"Digest of the image just built.","name":"IMAGE_DIGEST"},{"description":"Image repository where the built image would be pushed to","name":"IMAGE_URL"}],"steps":[{"args":["$(params.BUILD_ARGS[*])"],"env":[{"name":"PARAM_IMAGE","value":"$(params.IMAGE)"},{"name":"PARAM_STORAGE_DRIVER","value":"$(params.STORAGE_DRIVER)"},{"name":"PARAM_DOCKERFILE","value":"$(params.DOCKERFILE)"},{"name":"PARAM_CONTEXT","value":"$(params.CONTEXT)"},{"name":"PARAM_TLSVERIFY","value":"$(params.TLSVERIFY)"},{"name":"PARAM_FORMAT","value":"$(params.FORMAT)"},{"name":"PARAM_BUILD_EXTRA_ARGS","value":"$(params.BUILD_EXTRA_ARGS)"},{"name":"PARAM_PUSH_EXTRA_ARGS","value":"$(params.PUSH_EXTRA_ARGS)"},{"name":"PARAM_SKIP_PUSH","value":"$(params.SKIP_PUSH)"}],"image":"$(params.BUILDER_IMAGE)","name":"build-and-push","script":"BUILD_ARGS=()\nfor buildarg in \"$@\"\ndo\n BUILD_ARGS+=(\"--build-arg=$buildarg\")\ndone\n[ \"$(workspaces.sslcertdir.bound)\" = \"true\" ] \u0026\u0026 CERT_DIR_FLAG=\"--cert-dir=$(workspaces.sslcertdir.path)\"\n[ \"$(workspaces.dockerconfig.bound)\" = \"true\" ] \u0026\u0026 DOCKER_CONFIG=\"$(workspaces.dockerconfig.path)\" \u0026\u0026 export DOCKER_CONFIG\n# build the image (CERT_DIR_FLAG should be omitted if empty and BUILD_EXTRA_ARGS can contain multiple args)\n# shellcheck disable=SC2046,SC2086\nbuildah ${CERT_DIR_FLAG} \"--storage-driver=${PARAM_STORAGE_DRIVER}\" bud \"${BUILD_ARGS[@]}\" ${PARAM_BUILD_EXTRA_ARGS} \\\n \"--format=${PARAM_FORMAT}\" \"--tls-verify=${PARAM_TLSVERIFY}\" \\\n -f \"${PARAM_DOCKERFILE}\" -t \"${PARAM_IMAGE}\" \"${PARAM_CONTEXT}\"\n[ \"${PARAM_SKIP_PUSH}\" = \"true\" ] \u0026\u0026 echo \"Push skipped\" \u0026\u0026 exit 0\n# push the image (CERT_DIR_FLAG should be omitted if empty and PUSH_EXTRA_ARGS can contain multiple args)\n# shellcheck disable=SC2046,SC2086\nbuildah ${CERT_DIR_FLAG} \"--storage-driver=${PARAM_STORAGE_DRIVER}\" push \\\n \"--tls-verify=${PARAM_TLSVERIFY}\" --digestfile /tmp/image-digest ${PARAM_PUSH_EXTRA_ARGS} \\\n \"${PARAM_IMAGE}\" \"docker://${PARAM_IMAGE}\"\ntee \"$(results.IMAGE_DIGEST.path)\" \u003c /tmp/image-digest\nprintf '%s' \"${PARAM_IMAGE}\" | tee \"$(results.IMAGE_URL.path)\"\n","securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/var/lib/containers","name":"varlibcontainers"}],"workingDir":"$(workspaces.source.path)"}],"volumes":[{"emptyDir":{},"name":"varlibcontainers"}],"workspaces":[{"name":"source"},{"name":"sslcertdir","optional":true},{"description":"An optional workspace that allows providing a .docker/config.json file for Buildah to access the container registry. The file should be placed at the root of the Workspace with name config.json.","name":"dockerconfig","optional":true}]}}
tekton.dev/categories: Image Build
tekton.dev/displayName: buildah
tekton.dev/pipelines.minVersion: 0.50.0
tekton.dev/platforms: linux/amd64,linux/s390x,linux/ppc64le,linux/arm64
tekton.dev/tags: image-build
creationTimestamp: "2026-02-04T18:24:54Z"
generation: 1
labels:
app.kubernetes.io/version: "0.9"
name: buildah
namespace: default
resourceVersion: "482777"
uid: 534ddba1-e2d7-42b9-b2f9-01d5953e7ade
spec:
description: |-
Buildah task builds source into a container image and then pushes it to a container registry.
Buildah Task builds source into a container image using Project Atomic's Buildah build tool.It uses Buildah's support for building from Dockerfiles, using its buildah bud command.This command executes the directives in the Dockerfile to assemble a container image, then pushes that image to a container registry.
params:
- description: Reference of the image buildah will produce.
name: IMAGE
- default: quay.io/buildah/stable:v1
description: The location of the buildah builder image.
name: BUILDER_IMAGE
- default: overlay
description: Set buildah storage driver
name: STORAGE_DRIVER
- default: ./Dockerfile
description: Path to the Dockerfile to build.
name: DOCKERFILE
- default: .
description: Path to the directory to use as context.
name: CONTEXT
- default: "true"
description: Verify the TLS on the registry endpoint (for push/pull to a non-TLS
registry)
name: TLSVERIFY
- default: oci
description: The format of the built container, oci or docker
name: FORMAT
- default: ""
description: Extra parameters passed for the build command when building images.
WARNING - must be sanitized to avoid command injection
name: BUILD_EXTRA_ARGS
- default: ""
description: Extra parameters passed for the push command when pushing images.
WARNING - must be sanitized to avoid command injection
name: PUSH_EXTRA_ARGS
type: string
- default: "false"
description: Skip pushing the built image
name: SKIP_PUSH
- default:
- ""
description: Dockerfile build arguments, array of key=value
name: BUILD_ARGS
type: array
results:
- description: Digest of the image just built.
name: IMAGE_DIGEST
- description: Image repository where the built image would be pushed to
name: IMAGE_URL
steps:
- args:
- $(params.BUILD_ARGS[*])
env:
- name: PARAM_IMAGE
value: $(params.IMAGE)
- name: PARAM_STORAGE_DRIVER
value: $(params.STORAGE_DRIVER)
- name: PARAM_DOCKERFILE
value: $(params.DOCKERFILE)
- name: PARAM_CONTEXT
value: $(params.CONTEXT)
- name: PARAM_TLSVERIFY
value: $(params.TLSVERIFY)
- name: PARAM_FORMAT
value: $(params.FORMAT)
- name: PARAM_BUILD_EXTRA_ARGS
value: $(params.BUILD_EXTRA_ARGS)
- name: PARAM_PUSH_EXTRA_ARGS
value: $(params.PUSH_EXTRA_ARGS)
- name: PARAM_SKIP_PUSH
value: $(params.SKIP_PUSH)
image: $(params.BUILDER_IMAGE)
name: build-and-push
script: |
BUILD_ARGS=()
for buildarg in "$@"
do
BUILD_ARGS+=("--build-arg=$buildarg")
done
[ "$(workspaces.sslcertdir.bound)" = "true" ] && CERT_DIR_FLAG="--cert-dir=$(workspaces.sslcertdir.path)"
[ "$(workspaces.dockerconfig.bound)" = "true" ] && DOCKER_CONFIG="$(workspaces.dockerconfig.path)" && export DOCKER_CONFIG
# build the image (CERT_DIR_FLAG should be omitted if empty and BUILD_EXTRA_ARGS can contain multiple args)
# shellcheck disable=SC2046,SC2086
buildah ${CERT_DIR_FLAG} "--storage-driver=${PARAM_STORAGE_DRIVER}" bud "${BUILD_ARGS[@]}" ${PARAM_BUILD_EXTRA_ARGS} \
"--format=${PARAM_FORMAT}" "--tls-verify=${PARAM_TLSVERIFY}" \
-f "${PARAM_DOCKERFILE}" -t "${PARAM_IMAGE}" "${PARAM_CONTEXT}"
[ "${PARAM_SKIP_PUSH}" = "true" ] && echo "Push skipped" && exit 0
# push the image (CERT_DIR_FLAG should be omitted if empty and PUSH_EXTRA_ARGS can contain multiple args)
# shellcheck disable=SC2046,SC2086
buildah ${CERT_DIR_FLAG} "--storage-driver=${PARAM_STORAGE_DRIVER}" push \
"--tls-verify=${PARAM_TLSVERIFY}" --digestfile /tmp/image-digest ${PARAM_PUSH_EXTRA_ARGS} \
"${PARAM_IMAGE}" "docker://${PARAM_IMAGE}"
tee "$(results.IMAGE_DIGEST.path)" < /tmp/image-digest
printf '%s' "${PARAM_IMAGE}" | tee "$(results.IMAGE_URL.path)"
securityContext:
privileged: true
volumeMounts:
- mountPath: /var/lib/containers
name: varlibcontainers
workingDir: $(workspaces.source.path)
volumes:
- emptyDir: {}
name: varlibcontainers
workspaces:
- name: source
- name: sslcertdir
optional: true
- description: An optional workspace that allows providing a .docker/config.json
file for Buildah to access the container registry. The file should be placed
at the root of the Workspace with name config.json.
name: dockerconfig
optional: true
Reference in New Issue View Git Blame Copy Permalink