Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(RELEASE-1291): use trusted artifacts #784

Open
wants to merge 20 commits into
base: development
Choose a base branch
from
Open

feat(RELEASE-1291): use trusted artifacts #784

wants to merge 20 commits into from
+3,589 −272

Conversation

scoheb
Copy link
Collaborator

@scoheb scoheb commented Jan 23, 2025
edited
Loading

Describe your changes

  • in an effort to move away from PVCs, we are trying
    trusted artifacts based on https://github.com/konflux-ci/build-trusted-artifacts/tree/main
  • tasks that have been updated now support 2 modes:
    • PVC based workspaces
    • Trusted artifacts with emptyDir workspaces
  • CI changes:
    • it now attempts to detect if a Trusted Artifacts based task has been changes and runs the tests with trusted artifacts enabled.
    • tests now create a on-local-cluster registry.

requires konflux-ci/release-service@c92d422 for use on real clusters

Relevant Jira

Checklist before requesting a review

  • I have marked as draft or added do not merge label if there's a dependency PR
    • If you want reviews on your draft PR, you can add reviewers or add the release-service-maintainers handle if you are unsure who to tag
  • My commit message includes Signed-off-by: My name <email>
  • I have bumped the task/pipeline version string and updated changelog in the relevant README
  • I read CONTRIBUTING.MD and commit formatting

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jan 23, 2025

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@scoheb scoheb force-pushed the use-trusted-artifacts branch 28 times, most recently from c5831b5 to 92310a3 Compare January 28, 2025 18:28
@scoheb scoheb force-pushed the use-trusted-artifacts branch 4 times, most recently from 99ee85f to 7764841 Compare February 3, 2025 18:23
scoheb added 20 commits February 3, 2025 13:40
@scoheb
feat(RELEASE-1387): use trusted artifacts
9079f98 
- in an effort to move away from PVCs, we are trying
  trusted artifacts.
- this PR makes the following changes:
  - PipelineRun uses an EmptyDir now for the workspace
  - the subDirectory parameter is removed
  - the data path is now saved as an artifact in quay
  - the check-result task then uses it for testing
  - a local registry is installed on the cluster under test
    in order to create and use trusted artifacts during testing
- If we go ahead with this, then we would create a new task
  called `collect-data-oci-ta` alongside `collect-data`
  and gradually build up new `-oci-ta` pipelines.

Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): use ta for verify-access
a72b63a 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): use ta for reduce-snapshot
b86f755 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): remove debug
59788cc 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): use ta for apply-mapping
85c9529 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): test pipeline
bc6f7c0 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): cleanup
ff9ee53 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): before rework back to subdir
2230552 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): use subdirectory for collect-data
75f3cbe 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): collect-data uses both workspace types
55b1125 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): change variable names
e63a4b2 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): reduce-snapshot uses both workspace types
ffbabf1 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): apply-mapping uses both workspace types
3e6025b 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): reduce step count
f8f2a8d 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): pvc version
6e0e3f5 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): fix apply-labels tests
04b6ef6 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): support 2 runs of tasks
52e3398 
- 1 run as PVC based
- 1 run as Trusted Artifacts based if found

Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): remove debug
08e126a 
- remove DEBUG env vars

Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): fix yamllint errors
20a62da 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb
feat(RELEASE-1387): update versions and readme
b8b89bc 
Signed-off-by: Scott Hebert <[email protected]>
@scoheb scoheb force-pushed the use-trusted-artifacts branch from 7764841 to b8b89bc Compare February 3, 2025 18:40
@scoheb scoheb changed the title feat: use trusted artifacts feat(RELEASE-1291): use trusted artifacts Feb 3, 2025
@scoheb scoheb marked this pull request as ready for review February 3, 2025 18:43
@scoheb scoheb requested a review from a team as a code owner February 3, 2025 18:43
@scoheb scoheb requested a review from mmalina February 3, 2025 18:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mmalina mmalina Awaiting requested review from mmalina

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@scoheb @mmalina