From 292c62ff078a1640d1a6bc727543484873354a1d Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Tue, 10 Dec 2024 12:22:38 +0100 Subject: [PATCH 01/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 fbc/fbc-post-release.yaml diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml new file mode 100644 index 0000000..78f2d7a --- /dev/null +++ b/fbc/fbc-post-release.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: tekton.dev/v1 +kind: Pipeline +metadata: + name: fbc-post-release +spec: + description: WIP + params: + - name: released_version + type: string + - name: snapshot + type: string + tasks: + - name: get-info + params: + - name: SNAPSHOT + value: "$(params.snapshot)" + taskSpec: + params: + - name: SNAPSHOT + type: string + steps: + - name: get-info + image: quay.io/konflux-ci/release-service-utils:e633d51cd41d73e4b3310face21bb980af7a662f + script: | + #!/usr/bin/env sh + set -eo pipefail + + echo $(params.SNAPSHOT) + get-resource "snapshot" $(params.SNAPSHOT) \ No newline at end of file From e9d2701ae7c15f14afc4b032903e4a46ae74925a Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Tue, 10 Dec 2024 13:12:42 +0100 Subject: [PATCH 02/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 78f2d7a..38777ae 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -6,8 +6,6 @@ metadata: spec: description: WIP params: - - name: released_version - type: string - name: snapshot type: string tasks: From 42353bd52233448cf29e88cd4fd3b934a67e20e4 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Wed, 11 Dec 2024 14:05:54 +0100 Subject: [PATCH 03/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 38777ae..5f1a90c 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -13,16 +13,28 @@ spec: params: - name: SNAPSHOT value: "$(params.snapshot)" + - name: IIB_INDEX_IMAGE + value: "$(results.iibIndexImage)" taskSpec: params: - name: SNAPSHOT type: string + - name: IIB_INDEX_IMAGE + type: string steps: - name: get-info - image: quay.io/konflux-ci/release-service-utils:e633d51cd41d73e4b3310face21bb980af7a662f + image: quay.io/konflux-ci/release-service-utils:cd12f6a509363ae511bf09d50be73d5edb416cdd script: | - #!/usr/bin/env sh - set -eo pipefail + #!/usr/bin/env bash + set -exo pipefail echo $(params.SNAPSHOT) + echo $(params.IIB_INDEX_IMAGE) + + snapshot=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') + snapshot_data=$(kubectl get snapshot $snapshot -oyaml) + fbc_fragment=$(echo $snapshot_data | yq '.spec.components[0].containerImage') + git_commit=$(echo $snapshot_data | yq '.spec.components[0].source.git.revision') + git_repo=$(echo $snapshot_data | yq '.spec.components[0].source.git.url') + get-resource "snapshot" $(params.SNAPSHOT) \ No newline at end of file From 269cb4602e95107095151073fc197f39777c819e Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Wed, 11 Dec 2024 14:55:53 +0100 Subject: [PATCH 04/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 5f1a90c..91d3960 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -8,13 +8,15 @@ spec: params: - name: snapshot type: string + - name: iibIndexImage + type: string tasks: - name: get-info params: - name: SNAPSHOT value: "$(params.snapshot)" - name: IIB_INDEX_IMAGE - value: "$(results.iibIndexImage)" + value: "$(params.iibIndexImage)" taskSpec: params: - name: SNAPSHOT From 8dfa4b755804d50850489d7ae84f531bec4c79bd Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Wed, 11 Dec 2024 17:37:13 +0100 Subject: [PATCH 05/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 91d3960..dc8a347 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -8,20 +8,26 @@ spec: params: - name: snapshot type: string - - name: iibIndexImage + - name: cnv_version + type: string + - name: releaseplan_id type: string tasks: - name: get-info params: - name: SNAPSHOT value: "$(params.snapshot)" - - name: IIB_INDEX_IMAGE - value: "$(params.iibIndexImage)" + - name: CNV_VERSION + value: "$(params.cnv_version)" + - name: RELEASEPLAN_ID + value: "$(params.releaseplan_id)" taskSpec: params: - name: SNAPSHOT type: string - - name: IIB_INDEX_IMAGE + - name: CNV_VERSION + type: string + - name: RELEASEPLAN_ID type: string steps: - name: get-info @@ -30,11 +36,20 @@ spec: #!/usr/bin/env bash set -exo pipefail - echo $(params.SNAPSHOT) - echo $(params.IIB_INDEX_IMAGE) + snapshot_id=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') + snapshot_data=$(kubectl get snapshot $snapshot_id -oyaml) + + release_id=$(kubectl get release -o json | \ + jq -r --arg snapshot "$snapshot_id" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ + '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | head -n 1) + + managed_pipelinerun=$(kubectl get release $release_id -oyaml | yq '.status.managedProcessing.pipelineRun') + managed_ns=$(echo "$managed_pipelinerun" | awk -F'/' '{print $1}') + managed_pipelinerun=$(echo "$managed_pipelinerun" | awk -F'/' '{print $2}') + + index_image=$(kubectl get pipelinerun $managed_pipelinerun -n $managed_ns -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') + from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" - snapshot=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') - snapshot_data=$(kubectl get snapshot $snapshot -oyaml) fbc_fragment=$(echo $snapshot_data | yq '.spec.components[0].containerImage') git_commit=$(echo $snapshot_data | yq '.spec.components[0].source.git.revision') git_repo=$(echo $snapshot_data | yq '.spec.components[0].source.git.url') From 5598a01fa487ccec03b63b04729a26f1fb1193a4 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Wed, 11 Dec 2024 18:20:38 +0100 Subject: [PATCH 06/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index dc8a347..921c309 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -39,19 +39,17 @@ spec: snapshot_id=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') snapshot_data=$(kubectl get snapshot $snapshot_id -oyaml) - release_id=$(kubectl get release -o json | \ + fbc_fragment=$(echo $snapshot_data | yq '.spec.components[0].containerImage') + git_commit=$(echo $snapshot_data | yq '.spec.components[0].source.git.revision') + git_repo=$(echo $snapshot_data | yq '.spec.components[0].source.git.url') + + release_id=$(kubectl get release --sort-by=.metadata.creationTimestamp -o json | \ jq -r --arg snapshot "$snapshot_id" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ - '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | head -n 1) + '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | tail -n 1) managed_pipelinerun=$(kubectl get release $release_id -oyaml | yq '.status.managedProcessing.pipelineRun') managed_ns=$(echo "$managed_pipelinerun" | awk -F'/' '{print $1}') managed_pipelinerun=$(echo "$managed_pipelinerun" | awk -F'/' '{print $2}') index_image=$(kubectl get pipelinerun $managed_pipelinerun -n $managed_ns -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') - from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" - - fbc_fragment=$(echo $snapshot_data | yq '.spec.components[0].containerImage') - git_commit=$(echo $snapshot_data | yq '.spec.components[0].source.git.revision') - git_repo=$(echo $snapshot_data | yq '.spec.components[0].source.git.url') - - get-resource "snapshot" $(params.SNAPSHOT) \ No newline at end of file + from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" \ No newline at end of file From ecb1b8315c422eec64384e3f59561c1bb954faf4 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 12 Dec 2024 09:39:29 +0100 Subject: [PATCH 07/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 921c309..e810446 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -37,19 +37,19 @@ spec: set -exo pipefail snapshot_id=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') - snapshot_data=$(kubectl get snapshot $snapshot_id -oyaml) + snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) - fbc_fragment=$(echo $snapshot_data | yq '.spec.components[0].containerImage') - git_commit=$(echo $snapshot_data | yq '.spec.components[0].source.git.revision') - git_repo=$(echo $snapshot_data | yq '.spec.components[0].source.git.url') + fbc_fragment=$(echo "${snapshot_data}" | yq '.spec.components[0].containerImage') + git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') + git_repo=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.url') release_id=$(kubectl get release --sort-by=.metadata.creationTimestamp -o json | \ - jq -r --arg snapshot "$snapshot_id" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ + jq -r --arg snapshot "${snapshot_id}" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | tail -n 1) - managed_pipelinerun=$(kubectl get release $release_id -oyaml | yq '.status.managedProcessing.pipelineRun') - managed_ns=$(echo "$managed_pipelinerun" | awk -F'/' '{print $1}') - managed_pipelinerun=$(echo "$managed_pipelinerun" | awk -F'/' '{print $2}') + managed_pipelinerun=$(kubectl get release "${release_id}" -oyaml | yq '.status.managedProcessing.pipelineRun') + managed_ns=$(echo "${managed_pipelinerun}" | awk -F'/' '{print $1}') + managed_pipelinerun=$(echo "${managed_pipelinerun}" | awk -F'/' '{print $2}') - index_image=$(kubectl get pipelinerun $managed_pipelinerun -n $managed_ns -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') + index_image=$(kubectl get pipelinerun "${managed_pipelinerun}" -n "${managed_ns}" -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" \ No newline at end of file From cf257c463e0c824a893612018ab01a2686990803 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 12 Dec 2024 16:47:09 +0100 Subject: [PATCH 08/60] tesT Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index e810446..2f33101 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -40,8 +40,6 @@ spec: snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) fbc_fragment=$(echo "${snapshot_data}" | yq '.spec.components[0].containerImage') - git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') - git_repo=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.url') release_id=$(kubectl get release --sort-by=.metadata.creationTimestamp -o json | \ jq -r --arg snapshot "${snapshot_id}" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ @@ -51,5 +49,15 @@ spec: managed_ns=$(echo "${managed_pipelinerun}" | awk -F'/' '{print $1}') managed_pipelinerun=$(echo "${managed_pipelinerun}" | awk -F'/' '{print $2}') - index_image=$(kubectl get pipelinerun "${managed_pipelinerun}" -n "${managed_ns}" -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') - from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" \ No newline at end of file + # index_image=$(kubectl get pipelinerun "${managed_pipelinerun}" -n "${managed_ns}" -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') + from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" + + git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') + git_repo=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.url') + mkdir cnv-fbc && cd cnv-fbc + git init + git remote add origin "${git_repo}.git" + git fetch origin "${git_commit}" --depth 1 + git checkout "${git_commit}" + image_sha=$(yq '.image' $(params.CNV_VERSION)/updated_image.yaml) + channel=$(yq '.channel' $(params.CNV_VERSION)/updated_image.yaml) From 7e9c20575e393e1db59d7c1167927fbed8184644 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Fri, 13 Dec 2024 09:30:43 +0100 Subject: [PATCH 09/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 2f33101..b3fb2dc 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -54,7 +54,7 @@ spec: git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') git_repo=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.url') - mkdir cnv-fbc && cd cnv-fbc + gitdir=$(mktemp -d) && cd "${gitdir}" git init git remote add origin "${git_repo}.git" git fetch origin "${git_commit}" --depth 1 From 873012a4894a2f965702fdebb7d529c291476898 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Fri, 13 Dec 2024 16:58:11 +0100 Subject: [PATCH 10/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index b3fb2dc..f360463 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -34,7 +34,7 @@ spec: image: quay.io/konflux-ci/release-service-utils:cd12f6a509363ae511bf09d50be73d5edb416cdd script: | #!/usr/bin/env bash - set -exo pipefail + set -eo pipefail snapshot_id=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) @@ -44,12 +44,7 @@ spec: release_id=$(kubectl get release --sort-by=.metadata.creationTimestamp -o json | \ jq -r --arg snapshot "${snapshot_id}" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | tail -n 1) - - managed_pipelinerun=$(kubectl get release "${release_id}" -oyaml | yq '.status.managedProcessing.pipelineRun') - managed_ns=$(echo "${managed_pipelinerun}" | awk -F'/' '{print $1}') - managed_pipelinerun=$(echo "${managed_pipelinerun}" | awk -F'/' '{print $2}') - - # index_image=$(kubectl get pipelinerun "${managed_pipelinerun}" -n "${managed_ns}" -oyaml | yq '.status.results[] | select(.name == "iibIndexImage") | .value') + index_image=$(kubectl get release "${release_id}" -oyaml | yq '.status.artifacts.index_image.index_image') from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') @@ -61,3 +56,9 @@ spec: git checkout "${git_commit}" image_sha=$(yq '.image' $(params.CNV_VERSION)/updated_image.yaml) channel=$(yq '.channel' $(params.CNV_VERSION)/updated_image.yaml) + + echo "index_image: ${index_image}" + echo "from_index: ${from_index}" + echo "fbc_fragment: ${fbc_fragment}" + echo "image_sha to ensure integrity: ${image_sha}" + echo "channel: ${channel}" From 0a5b6b956c12a7e7229b45cd86199abd6b3a8ceb Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Mon, 16 Dec 2024 15:14:53 +0100 Subject: [PATCH 11/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index f360463..d901c39 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -56,9 +56,11 @@ spec: git checkout "${git_commit}" image_sha=$(yq '.image' $(params.CNV_VERSION)/updated_image.yaml) channel=$(yq '.channel' $(params.CNV_VERSION)/updated_image.yaml) + hco_bundle_version=$(yq '.hco-bundle-version' $(params.CNV_VERSION)/updated_image.yaml) echo "index_image: ${index_image}" echo "from_index: ${from_index}" echo "fbc_fragment: ${fbc_fragment}" echo "image_sha to ensure integrity: ${image_sha}" echo "channel: ${channel}" + echo "hco-bundle-version: ${hco_bundle_version}" From b0e8fb545f31ea40470d27a52813cf02728e7d8a Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 19 Dec 2024 12:47:52 +0100 Subject: [PATCH 12/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index d901c39..34ba766 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -32,6 +32,9 @@ spec: steps: - name: get-info image: quay.io/konflux-ci/release-service-utils:cd12f6a509363ae511bf09d50be73d5edb416cdd + envFrom: + - secretRef: + name: cnv-ci-release-token script: | #!/usr/bin/env bash set -eo pipefail @@ -49,7 +52,7 @@ spec: git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') git_repo=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.url') - gitdir=$(mktemp -d) && cd "${gitdir}" + gitfbcdir=$(mktemp -d) && cd "${gitfbcdir}" git init git remote add origin "${git_repo}.git" git fetch origin "${git_commit}" --depth 1 @@ -58,9 +61,20 @@ spec: channel=$(yq '.channel' $(params.CNV_VERSION)/updated_image.yaml) hco_bundle_version=$(yq '.hco-bundle-version' $(params.CNV_VERSION)/updated_image.yaml) - echo "index_image: ${index_image}" - echo "from_index: ${from_index}" - echo "fbc_fragment: ${fbc_fragment}" - echo "image_sha to ensure integrity: ${image_sha}" - echo "channel: ${channel}" - echo "hco-bundle-version: ${hco_bundle_version}" + gitpayloaddir=$(mktemp -d) && cd "${gitpayloaddir}" + git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads.git && cd cnv-fbc-payloads + git config --global user.name "${github_username}" + git config --global user.email "no-reply@redhat.com" + + mkdir "$(params.CNV_VERSION)" + touch "$(params.CNV_VERSION)/payload.yaml" + yq e '.index_image = ${index_image}' -i $(params.CNV_VERSION)/payload.yml + yq e '.from_index = ${from_index}' -i $(params.CNV_VERSION)/payload.yml + yq e '.fbc_fragment = ${fbc_fragment}' -i $(params.CNV_VERSION)/payload.yml + yq e '.image_sha = ${image_sha}' -i $(params.CNV_VERSION)/payload.yml + yq e '.channel = ${channel}' -i $(params.CNV_VERSION)/payload.yml + yq e '.hco_bundle_version = ${hco_bundle_version}' -i $(params.CNV_VERSION)/payload.yml + + git add . + git commit -m "Update payload" + git push origin main From c0907653d02cf86ba3305ee7408136ab4674646c Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 19 Dec 2024 13:49:10 +0100 Subject: [PATCH 13/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 34ba766..db16619 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -68,12 +68,12 @@ spec: mkdir "$(params.CNV_VERSION)" touch "$(params.CNV_VERSION)/payload.yaml" - yq e '.index_image = ${index_image}' -i $(params.CNV_VERSION)/payload.yml - yq e '.from_index = ${from_index}' -i $(params.CNV_VERSION)/payload.yml - yq e '.fbc_fragment = ${fbc_fragment}' -i $(params.CNV_VERSION)/payload.yml - yq e '.image_sha = ${image_sha}' -i $(params.CNV_VERSION)/payload.yml - yq e '.channel = ${channel}' -i $(params.CNV_VERSION)/payload.yml - yq e '.hco_bundle_version = ${hco_bundle_version}' -i $(params.CNV_VERSION)/payload.yml + yq e '.index_image = ${index_image}' -i $(params.CNV_VERSION)/payload.yaml + yq e '.from_index = ${from_index}' -i $(params.CNV_VERSION)/payload.yaml + yq e '.fbc_fragment = ${fbc_fragment}' -i $(params.CNV_VERSION)/payload.yaml + yq e '.image_sha = ${image_sha}' -i $(params.CNV_VERSION)/payload.yaml + yq e '.channel = ${channel}' -i $(params.CNV_VERSION)/payload.yaml + yq e '.hco_bundle_version = ${hco_bundle_version}' -i $(params.CNV_VERSION)/payload.yaml git add . git commit -m "Update payload" From f3100b172116aaebd7604c762e7a00e6aa4d3b59 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 19 Dec 2024 14:05:57 +0100 Subject: [PATCH 14/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index db16619..33428dd 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -68,12 +68,12 @@ spec: mkdir "$(params.CNV_VERSION)" touch "$(params.CNV_VERSION)/payload.yaml" - yq e '.index_image = ${index_image}' -i $(params.CNV_VERSION)/payload.yaml - yq e '.from_index = ${from_index}' -i $(params.CNV_VERSION)/payload.yaml - yq e '.fbc_fragment = ${fbc_fragment}' -i $(params.CNV_VERSION)/payload.yaml - yq e '.image_sha = ${image_sha}' -i $(params.CNV_VERSION)/payload.yaml - yq e '.channel = ${channel}' -i $(params.CNV_VERSION)/payload.yaml - yq e '.hco_bundle_version = ${hco_bundle_version}' -i $(params.CNV_VERSION)/payload.yaml + yq e '.index_image = "${index_image}"' -i $(params.CNV_VERSION)/payload.yaml + yq e '.from_index = "${from_index}"' -i $(params.CNV_VERSION)/payload.yaml + yq e '.fbc_fragment = "${fbc_fragment}"' -i $(params.CNV_VERSION)/payload.yaml + yq e '.image_sha = "${image_sha}"' -i $(params.CNV_VERSION)/payload.yaml + yq e '.channel = "${channel}"' -i $(params.CNV_VERSION)/payload.yaml + yq e '.hco_bundle_version = "${hco_bundle_version}"' -i $(params.CNV_VERSION)/payload.yaml git add . git commit -m "Update payload" From 8622961ca4c09528020e3542e8b6e92eb08a597b Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 19 Dec 2024 14:19:15 +0100 Subject: [PATCH 15/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 33428dd..a18a95d 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -68,12 +68,12 @@ spec: mkdir "$(params.CNV_VERSION)" touch "$(params.CNV_VERSION)/payload.yaml" - yq e '.index_image = "${index_image}"' -i $(params.CNV_VERSION)/payload.yaml - yq e '.from_index = "${from_index}"' -i $(params.CNV_VERSION)/payload.yaml - yq e '.fbc_fragment = "${fbc_fragment}"' -i $(params.CNV_VERSION)/payload.yaml - yq e '.image_sha = "${image_sha}"' -i $(params.CNV_VERSION)/payload.yaml - yq e '.channel = "${channel}"' -i $(params.CNV_VERSION)/payload.yaml - yq e '.hco_bundle_version = "${hco_bundle_version}"' -i $(params.CNV_VERSION)/payload.yaml + yq e ".index_image = \"${index_image}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".from_index = \"${from_index}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".fbc_fragment = \"${fbc_fragment}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".image_sha = \"${image_sha}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".channel = \"${channel}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml git add . git commit -m "Update payload" From 0ed659cf50cf064c853d6a4bbed502709e0136a6 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 19 Dec 2024 14:35:08 +0100 Subject: [PATCH 16/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index a18a95d..5d9eedc 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -66,7 +66,7 @@ spec: git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" - mkdir "$(params.CNV_VERSION)" + mkdir -p "$(params.CNV_VERSION)" touch "$(params.CNV_VERSION)/payload.yaml" yq e ".index_image = \"${index_image}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".from_index = \"${from_index}\"" -i $(params.CNV_VERSION)/payload.yaml From a7abbbf559c501ff9afd53b50337635f57f878ee Mon Sep 17 00:00:00 2001 From: Axuba Date: Tue, 31 Dec 2024 11:48:24 +0100 Subject: [PATCH 17/60] Add snapshot id parameter to be also exported --- fbc/fbc-post-release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 5d9eedc..decdc98 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -69,6 +69,7 @@ spec: mkdir -p "$(params.CNV_VERSION)" touch "$(params.CNV_VERSION)/payload.yaml" yq e ".index_image = \"${index_image}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".snapshot_id = \"${snapshot_id}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".from_index = \"${from_index}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".fbc_fragment = \"${fbc_fragment}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".image_sha = \"${image_sha}\"" -i $(params.CNV_VERSION)/payload.yaml From 9e83286ae8908d40c2c10af7fe5b1623a08948fb Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Wed, 15 Jan 2025 15:00:07 +0100 Subject: [PATCH 18/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index decdc98..614bfa9 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -67,13 +67,15 @@ spec: git config --global user.email "no-reply@redhat.com" mkdir -p "$(params.CNV_VERSION)" - touch "$(params.CNV_VERSION)/payload.yaml" + echo "" > "$(params.CNV_VERSION)/payload.yaml" yq e ".index_image = \"${index_image}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".snapshot_id = \"${snapshot_id}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".from_index = \"${from_index}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".fbc_fragment = \"${fbc_fragment}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".image_sha = \"${image_sha}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".channel = \"${channel}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".hco_bundle_registry_by_sha = \"${image_sha}\"" -i $(params.CNV_VERSION)/payload.yaml + image_base=$(echo "${image_sha}" | cut -d'@' -f1) + yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml git add . From 0fe16e435d9746eb97b60d744c0717befb433778 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 16 Jan 2025 12:32:58 +0100 Subject: [PATCH 19/60] test Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 614bfa9..8e383fe 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -4,7 +4,7 @@ kind: Pipeline metadata: name: fbc-post-release spec: - description: WIP + description: This tasks gets all the required data of an FBC build and commits it to a payload repository to be used in a GitOps environment. params: - name: snapshot type: string @@ -31,7 +31,7 @@ spec: type: string steps: - name: get-info - image: quay.io/konflux-ci/release-service-utils:cd12f6a509363ae511bf09d50be73d5edb416cdd + image: quay.io/konflux-ci/release-service-utils:0a58b6a6b562879e89395636d97931f2dcbb494c envFrom: - secretRef: name: cnv-ci-release-token @@ -40,13 +40,18 @@ spec: set -eo pipefail snapshot_id=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') - snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) - - fbc_fragment=$(echo "${snapshot_data}" | yq '.spec.components[0].containerImage') - release_id=$(kubectl get release --sort-by=.metadata.creationTimestamp -o json | \ jq -r --arg snapshot "${snapshot_id}" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | tail -n 1) + + released_status=$(kubectl get release "${release_id}" -oyaml | yq '.status.conditions[] | select(.type == "Released") | .status') + if [ "$released_status" != "True" ]; then + echo "Release failed. Not continuing with post-release." + exit 1 + fi + + snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) + fbc_fragment=$(echo "${snapshot_data}" | yq '.spec.components[0].containerImage') index_image=$(kubectl get release "${release_id}" -oyaml | yq '.status.artifacts.index_image.index_image') from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" From 8d3c9a0e80a94cf7d19a06f821b0a258fd690991 Mon Sep 17 00:00:00 2001 From: Axuba Date: Mon, 20 Jan 2025 11:01:28 +0100 Subject: [PATCH 20/60] Update fbc-post-release.yaml --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 8e383fe..d19832f 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -44,7 +44,7 @@ spec: jq -r --arg snapshot "${snapshot_id}" --arg releaseplan "$(params.RELEASEPLAN_ID)" \ '.items[] | select(.spec.snapshot == $snapshot and .spec.releasePlan == $releaseplan) | .metadata.name' | tail -n 1) - released_status=$(kubectl get release "${release_id}" -oyaml | yq '.status.conditions[] | select(.type == "Released") | .status') + released_status=$(kubectl get release "${release_id}" -oyaml | yq '.status.conditions[] | select(.type == "ManagedPipelineProcessed") | .status') if [ "$released_status" != "True" ]; then echo "Release failed. Not continuing with post-release." exit 1 From 67909fd61ac3fa96d5c7f0b528ec113bc77037ff Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 30 Jan 2025 10:15:31 +0100 Subject: [PATCH 21/60] Add version and releasePlan null params --- fbc/fbc-post-release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index d19832f..f5b6f50 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -82,6 +82,8 @@ spec: image_base=$(echo "${image_sha}" | cut -d'@' -f1) yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml + yq e ".version = null" -i $(params.CNV_VERSION)/payload.yaml + yq e ".releasePlan = null" -i $(params.CNV_VERSION)/payload.yaml git add . git commit -m "Update payload" From 4b00938eb1191fc3cd06efb513193c1fe358fc6d Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 30 Jan 2025 15:58:30 +0100 Subject: [PATCH 22/60] Update script Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index f5b6f50..df4afa0 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -50,10 +50,11 @@ spec: exit 1 fi + cnv_version="$(params.CNV_VERSION)" snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) fbc_fragment=$(echo "${snapshot_data}" | yq '.spec.components[0].containerImage') index_image=$(kubectl get release "${release_id}" -oyaml | yq '.status.artifacts.index_image.index_image') - from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:$(params.CNV_VERSION)" + from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:${cnv_version}" git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') git_repo=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.url') @@ -62,28 +63,29 @@ spec: git remote add origin "${git_repo}.git" git fetch origin "${git_commit}" --depth 1 git checkout "${git_commit}" - image_sha=$(yq '.image' $(params.CNV_VERSION)/updated_image.yaml) - channel=$(yq '.channel' $(params.CNV_VERSION)/updated_image.yaml) - hco_bundle_version=$(yq '.hco-bundle-version' $(params.CNV_VERSION)/updated_image.yaml) + image_sha=$(yq '.image' ${cnv_version}/updated_image.yaml) + channel=$(yq '.channel' ${cnv_version}/updated_image.yaml) + hco_bundle_version=$(yq '.hco-bundle-version' ${cnv_version}/updated_image.yaml) gitpayloaddir=$(mktemp -d) && cd "${gitpayloaddir}" git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads.git && cd cnv-fbc-payloads git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" - mkdir -p "$(params.CNV_VERSION)" - echo "" > "$(params.CNV_VERSION)/payload.yaml" - yq e ".index_image = \"${index_image}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".snapshot_id = \"${snapshot_id}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".from_index = \"${from_index}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".fbc_fragment = \"${fbc_fragment}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".channel = \"${channel}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".hco_bundle_registry_by_sha = \"${image_sha}\"" -i $(params.CNV_VERSION)/payload.yaml + save_folder="${cnv_version//./-}/stages/nightly/build" + mkdir -p "${save_folder}" + echo "" > "${save_folder}/payload.yaml" + yq e ".index_image = \"${index_image}\"" -i ${save_folder}/payload.yaml + yq e ".snapshot_id = \"${snapshot_id}\"" -i ${save_folder}/payload.yaml + yq e ".from_index = \"${from_index}\"" -i ${save_folder}/payload.yaml + yq e ".fbc_fragment = \"${fbc_fragment}\"" -i ${save_folder}/payload.yaml + yq e ".channel = \"${channel}\"" -i ${save_folder}/payload.yaml + yq e ".hco_bundle_registry_by_sha = \"${image_sha}\"" -i ${save_folder}/payload.yaml image_base=$(echo "${image_sha}" | cut -d'@' -f1) - yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i $(params.CNV_VERSION)/payload.yaml - yq e ".version = null" -i $(params.CNV_VERSION)/payload.yaml - yq e ".releasePlan = null" -i $(params.CNV_VERSION)/payload.yaml + yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i ${save_folder}/payload.yaml + yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i ${save_folder}/payload.yaml + yq e ".version = null" -i ${save_folder}/payload.yaml + yq e ".releasePlan = null" -i ${save_folder}/payload.yaml git add . git commit -m "Update payload" From d0c8e3517d5ea652dcd45bc81a027efb1482d81b Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 30 Jan 2025 16:38:16 +0100 Subject: [PATCH 23/60] Temporarily hardcode version parameter Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index df4afa0..8e7be7d 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -79,7 +79,7 @@ spec: yq e ".snapshot_id = \"${snapshot_id}\"" -i ${save_folder}/payload.yaml yq e ".from_index = \"${from_index}\"" -i ${save_folder}/payload.yaml yq e ".fbc_fragment = \"${fbc_fragment}\"" -i ${save_folder}/payload.yaml - yq e ".channel = \"${channel}\"" -i ${save_folder}/payload.yaml + yq e ".channel = \"nightly\"" -i ${save_folder}/payload.yaml yq e ".hco_bundle_registry_by_sha = \"${image_sha}\"" -i ${save_folder}/payload.yaml image_base=$(echo "${image_sha}" | cut -d'@' -f1) yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i ${save_folder}/payload.yaml From 67271600dbac68207196b031985974da58e28d50 Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Thu, 30 Jan 2025 16:50:26 +0100 Subject: [PATCH 24/60] Change stages to lanes folder Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 8e7be7d..838dbf7 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -72,7 +72,7 @@ spec: git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" - save_folder="${cnv_version//./-}/stages/nightly/build" + save_folder="${cnv_version//./-}/lanes/nightly/build" mkdir -p "${save_folder}" echo "" > "${save_folder}/payload.yaml" yq e ".index_image = \"${index_image}\"" -i ${save_folder}/payload.yaml From 990246ec035db18ecbd59c6bc38d7910e4061250 Mon Sep 17 00:00:00 2001 From: Axuba Date: Fri, 31 Jan 2025 11:46:22 +0100 Subject: [PATCH 25/60] Channel folder to commit to will now depend on the fbc channel itself --- fbc/fbc-post-release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 838dbf7..b2d8db1 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -72,14 +72,14 @@ spec: git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" - save_folder="${cnv_version//./-}/lanes/nightly/build" + save_folder="${cnv_version//./-}/lanes/${channel}/build" mkdir -p "${save_folder}" echo "" > "${save_folder}/payload.yaml" yq e ".index_image = \"${index_image}\"" -i ${save_folder}/payload.yaml yq e ".snapshot_id = \"${snapshot_id}\"" -i ${save_folder}/payload.yaml yq e ".from_index = \"${from_index}\"" -i ${save_folder}/payload.yaml yq e ".fbc_fragment = \"${fbc_fragment}\"" -i ${save_folder}/payload.yaml - yq e ".channel = \"nightly\"" -i ${save_folder}/payload.yaml + yq e ".channel = \"${channel}\"" -i ${save_folder}/payload.yaml yq e ".hco_bundle_registry_by_sha = \"${image_sha}\"" -i ${save_folder}/payload.yaml image_base=$(echo "${image_sha}" | cut -d'@' -f1) yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i ${save_folder}/payload.yaml From 4dbebd1e659567c53f001dd535010da4da001645 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 6 Feb 2025 16:48:34 +0100 Subject: [PATCH 26/60] Update fbc-post-release.yaml --- fbc/fbc-post-release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index b2d8db1..17458e1 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -86,6 +86,8 @@ spec: yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i ${save_folder}/payload.yaml yq e ".version = null" -i ${save_folder}/payload.yaml yq e ".releasePlan = null" -i ${save_folder}/payload.yaml + yq e ".freightName = null" -i ${save_folder}/payload.yaml + yq e ".freightID = null" -i ${save_folder}/payload.yaml git add . git commit -m "Update payload" From e12796d80d7130da68c47e76826dfcf993f45bc2 Mon Sep 17 00:00:00 2001 From: Tal Hason Date: Thu, 20 Feb 2025 16:58:53 +0200 Subject: [PATCH 27/60] added prNumber to the payload structure --- fbc/fbc-post-release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 17458e1..95fdcb0 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -88,6 +88,7 @@ spec: yq e ".releasePlan = null" -i ${save_folder}/payload.yaml yq e ".freightName = null" -i ${save_folder}/payload.yaml yq e ".freightID = null" -i ${save_folder}/payload.yaml + yq e ".prNumber = null" -i ${save_folder}/payload.yaml git add . git commit -m "Update payload" From e1eed2153516ac18da5289e33acf33a3ea5ac7a9 Mon Sep 17 00:00:00 2001 From: Tal Hason Date: Sun, 2 Mar 2025 17:26:56 +0200 Subject: [PATCH 28/60] added minorVersion for kargo to use --- fbc/fbc-post-release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 95fdcb0..8aa7700 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -84,6 +84,8 @@ spec: image_base=$(echo "${image_sha}" | cut -d'@' -f1) yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i ${save_folder}/payload.yaml yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i ${save_folder}/payload.yaml + # Add the minor version number from the bundle for Kargo + yq e '.minorVersion = (.hco_bundle_version | split("-") | .[0])' -i ${save_folder}/payload.yaml yq e ".version = null" -i ${save_folder}/payload.yaml yq e ".releasePlan = null" -i ${save_folder}/payload.yaml yq e ".freightName = null" -i ${save_folder}/payload.yaml From a3935a6c4c725b39bf145686efc803f80b05d1b6 Mon Sep 17 00:00:00 2001 From: Tal Hason Date: Tue, 18 Mar 2025 06:55:06 -0700 Subject: [PATCH 29/60] first release --- fbc/fbc-post-release.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 8aa7700..05662b6 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -91,6 +91,14 @@ spec: yq e ".freightName = null" -i ${save_folder}/payload.yaml yq e ".freightID = null" -i ${save_folder}/payload.yaml yq e ".prNumber = null" -i ${save_folder}/payload.yaml + # add a firstRelease flag to the payload + patch_version=$(echo "$hco_bundle_version" | grep -oP 'v\d+\.\d+\.\K\d+') + if [ "$patch_version" -eq 0 ]; then + yq -i '.firstRelease = true' ${save_folder}/payload.yaml + else + yq -i '.firstRelease = false' ${save_folder}/payload.yaml + fi + git add . git commit -m "Update payload" From 215bea291aa9d51a764f148e80fbf8cf42cfdece Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Fri, 28 Mar 2025 11:27:10 +0100 Subject: [PATCH 30/60] Separate v4.99 builds on fbc payloads Signed-off-by: Albert Jubany Juarez --- fbc/fbc-post-release.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 05662b6..8b80945 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -67,6 +67,10 @@ spec: channel=$(yq '.channel' ${cnv_version}/updated_image.yaml) hco_bundle_version=$(yq '.hco-bundle-version' ${cnv_version}/updated_image.yaml) + if [[ $hco_bundle_version == v4.99* ]]; then + cnv_version="v4.99" + fi + gitpayloaddir=$(mktemp -d) && cd "${gitpayloaddir}" git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads.git && cd cnv-fbc-payloads git config --global user.name "${github_username}" From 4d9db25eda932d9dd4dc5db21291677839372920 Mon Sep 17 00:00:00 2001 From: Axuba Date: Wed, 4 Jun 2025 16:08:10 +0200 Subject: [PATCH 31/60] Add version, releaseplan and freightname data --- fbc/fbc-post-release.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 8b80945..fce6ca9 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -90,9 +90,9 @@ spec: yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i ${save_folder}/payload.yaml # Add the minor version number from the bundle for Kargo yq e '.minorVersion = (.hco_bundle_version | split("-") | .[0])' -i ${save_folder}/payload.yaml - yq e ".version = null" -i ${save_folder}/payload.yaml - yq e ".releasePlan = null" -i ${save_folder}/payload.yaml - yq e ".freightName = null" -i ${save_folder}/payload.yaml + yq e ".version = \"${cnv_version//./-}\"" -i ${save_folder}/payload.yaml + yq e ".releasePlan = \"stage\"" -i ${save_folder}/payload.yaml + yq e ".freightName = \"${snapshot_id}\"" -i ${save_folder}/payload.yaml yq e ".freightID = null" -i ${save_folder}/payload.yaml yq e ".prNumber = null" -i ${save_folder}/payload.yaml # add a firstRelease flag to the payload From 7c2fc9f2574ac6cce2df4cddde4dae578eb756a2 Mon Sep 17 00:00:00 2001 From: Axuba Date: Fri, 6 Jun 2025 09:58:54 +0200 Subject: [PATCH 32/60] Temporarily update repo --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index fce6ca9..aa0eb67 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -72,7 +72,7 @@ spec: fi gitpayloaddir=$(mktemp -d) && cd "${gitpayloaddir}" - git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads.git && cd cnv-fbc-payloads + git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads-new.git && cd cnv-fbc-payloads git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" From 0b36a554f364ab82afb2fe1954af0bb68ac9e08d Mon Sep 17 00:00:00 2001 From: Axuba Date: Fri, 6 Jun 2025 11:33:36 +0200 Subject: [PATCH 33/60] Fix --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index aa0eb67..1329400 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -72,7 +72,7 @@ spec: fi gitpayloaddir=$(mktemp -d) && cd "${gitpayloaddir}" - git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads-new.git && cd cnv-fbc-payloads + git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads-new.git && cd cnv-fbc-payloads-new git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" From d1e07c4ae7f6a66f67c6021fb394e7f011bc16f7 Mon Sep 17 00:00:00 2001 From: Axuba Date: Fri, 6 Jun 2025 11:47:43 +0200 Subject: [PATCH 34/60] Update fbc-post-release.yaml --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 1329400..9b7bbee 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -76,7 +76,7 @@ spec: git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" - save_folder="${cnv_version//./-}/lanes/${channel}/build" + save_folder="${cnv_version//./-}/lanes/${channel}/stage" mkdir -p "${save_folder}" echo "" > "${save_folder}/payload.yaml" yq e ".index_image = \"${index_image}\"" -i ${save_folder}/payload.yaml From c29b04d288c1fd9ff4537b6bed07d01e01d1099f Mon Sep 17 00:00:00 2001 From: Tal Hason Date: Wed, 2 Jul 2025 02:08:30 -0400 Subject: [PATCH 35/60] Update fbc-post-release.yaml add hco_bundle_version to the commit message --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 9b7bbee..1f273b0 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -105,5 +105,5 @@ spec: git add . - git commit -m "Update payload" + git commit -m "Update payload $hco_bundle_version" git push origin main From e4296d57d58242c0fe77391eaaf1014bdf1aaab1 Mon Sep 17 00:00:00 2001 From: Axuba Date: Tue, 15 Jul 2025 14:28:29 +0200 Subject: [PATCH 36/60] Add rhelVersion parameter --- fbc/fbc-post-release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 1f273b0..ccb4c85 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -90,6 +90,7 @@ spec: yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i ${save_folder}/payload.yaml # Add the minor version number from the bundle for Kargo yq e '.minorVersion = (.hco_bundle_version | split("-") | .[0])' -i ${save_folder}/payload.yaml + yq e '.rhelVersion = (.minorVersion | split(".") | .[3])' -i ${save_folder}/payload.yaml yq e ".version = \"${cnv_version//./-}\"" -i ${save_folder}/payload.yaml yq e ".releasePlan = \"stage\"" -i ${save_folder}/payload.yaml yq e ".freightName = \"${snapshot_id}\"" -i ${save_folder}/payload.yaml From 1ed5ae73ed3db0872e7c50aaddaa151e8d42ccf3 Mon Sep 17 00:00:00 2001 From: Axuba Date: Mon, 25 Aug 2025 16:07:54 +0200 Subject: [PATCH 37/60] Add environment parameter --- fbc/fbc-post-release.yaml | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index ccb4c85..2bafecf 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -12,6 +12,8 @@ spec: type: string - name: releaseplan_id type: string + - name: environment + type: string tasks: - name: get-info params: @@ -21,6 +23,8 @@ spec: value: "$(params.cnv_version)" - name: RELEASEPLAN_ID value: "$(params.releaseplan_id)" + - name: ENVIRONMENT + value: "$(params.ENVIRONMENT)" taskSpec: params: - name: SNAPSHOT @@ -29,6 +33,8 @@ spec: type: string - name: RELEASEPLAN_ID type: string + - name: ENVIRONMENT + type: string steps: - name: get-info image: quay.io/konflux-ci/release-service-utils:0a58b6a6b562879e89395636d97931f2dcbb494c @@ -76,7 +82,19 @@ spec: git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" - save_folder="${cnv_version//./-}/lanes/${channel}/stage" + case $(params.ENVIRONMENT) in + "production") + NEXT_STAGE="verify-production-release" + ;; + "stage") + NEXT_STAGE="stage" + ;; + *) + echo "Unknown environment: $(params.ENVIRONMENT)" + exit 1 + ;; + esac + save_folder="${cnv_version//./-}/lanes/${channel}/${NEXT_STAGE}" mkdir -p "${save_folder}" echo "" > "${save_folder}/payload.yaml" yq e ".index_image = \"${index_image}\"" -i ${save_folder}/payload.yaml @@ -92,7 +110,7 @@ spec: yq e '.minorVersion = (.hco_bundle_version | split("-") | .[0])' -i ${save_folder}/payload.yaml yq e '.rhelVersion = (.minorVersion | split(".") | .[3])' -i ${save_folder}/payload.yaml yq e ".version = \"${cnv_version//./-}\"" -i ${save_folder}/payload.yaml - yq e ".releasePlan = \"stage\"" -i ${save_folder}/payload.yaml + yq e ".releasePlan = \"${NEXT_STAGE}\"" -i ${save_folder}/payload.yaml yq e ".freightName = \"${snapshot_id}\"" -i ${save_folder}/payload.yaml yq e ".freightID = null" -i ${save_folder}/payload.yaml yq e ".prNumber = null" -i ${save_folder}/payload.yaml From cc4c615cf53a98092d64e8e1082564c6d34006cf Mon Sep 17 00:00:00 2001 From: Axuba Date: Mon, 25 Aug 2025 17:45:50 +0200 Subject: [PATCH 38/60] Fix typo --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 2bafecf..0f3dd35 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -24,7 +24,7 @@ spec: - name: RELEASEPLAN_ID value: "$(params.releaseplan_id)" - name: ENVIRONMENT - value: "$(params.ENVIRONMENT)" + value: "$(params.environment)" taskSpec: params: - name: SNAPSHOT From 2e64cc5529e8460dbb61f636aa47c4f2532da170 Mon Sep 17 00:00:00 2001 From: Axuba Date: Wed, 26 Nov 2025 16:55:57 +0100 Subject: [PATCH 39/60] Add update-bundle pipeline (#8) --- pipelines/update-bundle.yaml | 59 ++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 pipelines/update-bundle.yaml diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml new file mode 100644 index 0000000..9a02dc2 --- /dev/null +++ b/pipelines/update-bundle.yaml @@ -0,0 +1,59 @@ +--- +apiVersion: tekton.dev/v1 +kind: Pipeline +metadata: + name: update-bundle +spec: + description: This tasks gets all the required data of an FBC build and commits it to a payload repository to be used in a GitOps environment. + params: + - name: snapshot + type: string + tasks: + - name: update-bundle + params: + - name: SNAPSHOT + value: "$(params.snapshot)" + taskSpec: + params: + - name: SNAPSHOT + type: string + steps: + - name: update-bundle + image: quay.io/konflux-ci/release-service-utils@sha256:ab9fce5bf41c15f1475d660da302f935e0999143ef4c50606846b189cb742caf + envFrom: + - secretRef: + name: hco-updater-gitlab-token + script: | + #!/usr/bin/env bash + set -eo pipefail + + SNAPSHOT_ID=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') + SNAPSHOT_DATA=$(kubectl get snapshot $SNAPSHOT_ID -ojson) + NAMESPACE=$(jq -r '.metadata.namespace' <<< "$SNAPSHOT_DATA") + VERSION=$(echo "$NAMESPACE" | cut -d'-' -f1,2) + REPO_URL="https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/${VERSION}/hco-bundle-registry.git" + + git clone $REPO_URL --depth 1 + cd hco-bundle-registry + AUTH_REPO_URL=$(echo "$REPO_URL" | sed "s|https://|https://oauth2:${GITLAB_TOKEN}@|") + git remote set-url origin "$AUTH_REPO_URL" + git config user.name "submodule-sync" + git config user.email "no-reply@redhat.com" + + IMAGES=$(jq -r '.spec.components[].containerImage' <<< "$SNAPSHOT_DATA") + for img in $IMAGES; do + image_name_sha=$(echo "${img##*/}") + image_name=$(echo "$image_name_sha" | cut -d'@' -f1) + + if [[ "$image_name" == *"-operator" ]]; then + json_file="components/hco-bundle-registry/core-params.json" + else + json_file="components/hco-bundle-registry/extra-params.json" + fi + jq ".\"${image_name}-image\" = \"${image_name_sha}\"" "$json_file" > "${json_file}.tmp" && mv "${json_file}.tmp" "$json_file" + done + + git add . + git commit -m "Update HCO bundle registry with new images" + git pull --rebase origin main + git push origin main From 3e36af39b0bf7b01055811f7411882bd0e8f88af Mon Sep 17 00:00:00 2001 From: Albert Jubany Juarez Date: Wed, 26 Nov 2025 17:40:32 +0100 Subject: [PATCH 40/60] Pull with creds Signed-off-by: Albert Jubany Juarez --- pipelines/update-bundle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 9a02dc2..1769ab5 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -32,11 +32,11 @@ spec: NAMESPACE=$(jq -r '.metadata.namespace' <<< "$SNAPSHOT_DATA") VERSION=$(echo "$NAMESPACE" | cut -d'-' -f1,2) REPO_URL="https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/${VERSION}/hco-bundle-registry.git" + REPO_URL=$(echo "$REPO_URL" | sed "s|https://|https://oauth2:${GITLAB_TOKEN}@|") git clone $REPO_URL --depth 1 cd hco-bundle-registry - AUTH_REPO_URL=$(echo "$REPO_URL" | sed "s|https://|https://oauth2:${GITLAB_TOKEN}@|") - git remote set-url origin "$AUTH_REPO_URL" + git remote set-url origin "$REPO_URL" git config user.name "submodule-sync" git config user.email "no-reply@redhat.com" From d12c626448808fd76eadd880fd8d6fa01818035b Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 27 Nov 2025 11:07:54 +0100 Subject: [PATCH 41/60] Make sure all the commits in every component are the same --- pipelines/update-bundle.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 1769ab5..416987a 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -41,6 +41,15 @@ spec: git config user.email "no-reply@redhat.com" IMAGES=$(jq -r '.spec.components[].containerImage' <<< "$SNAPSHOT_DATA") + + # Make sure all the commits in every component are the same + if jq -e '[.spec.components[].source.git.revision] | unique | length == 1' <<< "$SNAPSHOT_DATA" > /dev/null; then + echo "The snapshot has all the components pointing to the same commit, continuing." + else + echo "Commits are inconsistent!" + exit 1 + fi + for img in $IMAGES; do image_name_sha=$(echo "${img##*/}") image_name=$(echo "$image_name_sha" | cut -d'@' -f1) From 53553ee008d60919a393694a7cf67e4518c87f15 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 27 Nov 2025 15:34:18 +0100 Subject: [PATCH 42/60] Fix IIB status path as it changed --- fbc/fbc-post-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 0f3dd35..e663a5d 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -59,7 +59,7 @@ spec: cnv_version="$(params.CNV_VERSION)" snapshot_data=$(kubectl get snapshot "${snapshot_id}" -oyaml) fbc_fragment=$(echo "${snapshot_data}" | yq '.spec.components[0].containerImage') - index_image=$(kubectl get release "${release_id}" -oyaml | yq '.status.artifacts.index_image.index_image') + index_image=$(kubectl get release "${release_id}" -oyaml | yq ".status.artifacts.index_image.\"${cnv_version}\".index_image") from_index="registry-proxy.engineering.redhat.com/rh-osbs/iib-pub-pending:${cnv_version}" git_commit=$(echo "${snapshot_data}" | yq '.spec.components[0].source.git.revision') From 2297da5a30c04e0d7f411fd02fa496bf5278e9c8 Mon Sep 17 00:00:00 2001 From: Axuba Date: Wed, 10 Dec 2025 09:08:18 +0100 Subject: [PATCH 43/60] Fix operator check as now it includes -rhel suffix --- pipelines/update-bundle.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 416987a..526fc30 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -54,7 +54,7 @@ spec: image_name_sha=$(echo "${img##*/}") image_name=$(echo "$image_name_sha" | cut -d'@' -f1) - if [[ "$image_name" == *"-operator" ]]; then + if [[ "$image_name" == *"-operator-"* ]]; then json_file="components/hco-bundle-registry/core-params.json" else json_file="components/hco-bundle-registry/extra-params.json" From 545e7e33341b73c4d10be4fe83596d446ebd222a Mon Sep 17 00:00:00 2001 From: Axuba Date: Wed, 10 Dec 2025 09:10:52 +0100 Subject: [PATCH 44/60] Another fix so test images dont go to core params --- pipelines/update-bundle.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 526fc30..8ff7571 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -54,7 +54,7 @@ spec: image_name_sha=$(echo "${img##*/}") image_name=$(echo "$image_name_sha" | cut -d'@' -f1) - if [[ "$image_name" == *"-operator-"* ]]; then + if [[ "$image_name" == *"-operator-rhel"* ]]; then json_file="components/hco-bundle-registry/core-params.json" else json_file="components/hco-bundle-registry/extra-params.json" From 7847dd72e239093754c4199d47238057796102ad Mon Sep 17 00:00:00 2001 From: Axuba Date: Mon, 22 Dec 2025 11:25:48 +0100 Subject: [PATCH 45/60] Add snapshot id to a new snapshots json file --- pipelines/update-bundle.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 8ff7571..a9db9a7 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -30,6 +30,7 @@ spec: SNAPSHOT_ID=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') SNAPSHOT_DATA=$(kubectl get snapshot $SNAPSHOT_ID -ojson) NAMESPACE=$(jq -r '.metadata.namespace' <<< "$SNAPSHOT_DATA") + APPLICATION=$(jq -r '.spec.application' <<< "$SNAPSHOT_DATA") VERSION=$(echo "$NAMESPACE" | cut -d'-' -f1,2) REPO_URL="https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/${VERSION}/hco-bundle-registry.git" REPO_URL=$(echo "$REPO_URL" | sed "s|https://|https://oauth2:${GITLAB_TOKEN}@|") @@ -62,6 +63,16 @@ spec: jq ".\"${image_name}-image\" = \"${image_name_sha}\"" "$json_file" > "${json_file}.tmp" && mv "${json_file}.tmp" "$json_file" done + snapshots_file="components/hco-bundle-registry/snapshots.json" + touch ${snapshots_file} + jq -n \ + --slurpfile f "$snapshots_file" \ + --arg app "$APPLICATION" \ + --arg snap "$SNAPSHOT_ID" \ + '$f[0] // {} | .[$app] = $snap' \ + > "$snapshots_file.tmp" \ + && mv "$snapshots_file.tmp" "$snapshots_file" + git add . git commit -m "Update HCO bundle registry with new images" git pull --rebase origin main From bc659e848dd1c007154e31d4d4dfbda7564b4128 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 09:33:18 +0100 Subject: [PATCH 46/60] Push release skeleton for hco-bundle-images (#9) Signed-off-by: Albert Jubany Juarez --- pipelines/update-bundle.yaml | 117 ++++++++++++++++++++++++++++------- 1 file changed, 95 insertions(+), 22 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index a9db9a7..59160f9 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -17,9 +17,18 @@ spec: params: - name: SNAPSHOT type: string + results: + - name: snapshots-to-release + description: Contents of the snapshots.json file + - name: bundle-version + description: NVR of the bundle + volumes: + - name: quay-creds + secret: + secretName: quay-builds-creds steps: - name: update-bundle - image: quay.io/konflux-ci/release-service-utils@sha256:ab9fce5bf41c15f1475d660da302f935e0999143ef4c50606846b189cb742caf + image: quay.io/konflux-ci/release-service-utils@sha256:2f9e6863e82bbc9ddce5a290f3fd0e87657c475e3de8a832b2ef7f8d0671e7d3 envFrom: - secretRef: name: hco-updater-gitlab-token @@ -51,29 +60,93 @@ spec: exit 1 fi - for img in $IMAGES; do - image_name_sha=$(echo "${img##*/}") - image_name=$(echo "$image_name_sha" | cut -d'@' -f1) - - if [[ "$image_name" == *"-operator-rhel"* ]]; then - json_file="components/hco-bundle-registry/core-params.json" - else - json_file="components/hco-bundle-registry/extra-params.json" - fi - jq ".\"${image_name}-image\" = \"${image_name_sha}\"" "$json_file" > "${json_file}.tmp" && mv "${json_file}.tmp" "$json_file" - done - - snapshots_file="components/hco-bundle-registry/snapshots.json" - touch ${snapshots_file} - jq -n \ - --slurpfile f "$snapshots_file" \ - --arg app "$APPLICATION" \ - --arg snap "$SNAPSHOT_ID" \ - '$f[0] // {} | .[$app] = $snap' \ - > "$snapshots_file.tmp" \ - && mv "$snapshots_file.tmp" "$snapshots_file" + function update_images_snapshots() { + for img in $IMAGES; do + image_name_sha=$(echo "${img##*/}") + image_name=$(echo "$image_name_sha" | cut -d'@' -f1) + + if [[ "$image_name" == *"-operator-rhel"* ]]; then + json_file="components/hco-bundle-registry/core-params.json" + else + json_file="components/hco-bundle-registry/extra-params.json" + fi + jq ".\"${image_name}-image\" = \"${image_name_sha}\"" "$json_file" > "${json_file}.tmp" && mv "${json_file}.tmp" "$json_file" + done + + snapshots_file="components/hco-bundle-registry/snapshots.json" + touch ${snapshots_file} + jq -n \ + --slurpfile f "$snapshots_file" \ + --arg app "$APPLICATION" \ + --arg snap "$SNAPSHOT_ID" \ + '$f[0] // {} | .[$app] = $snap' \ + > "$snapshots_file.tmp" \ + && mv "$snapshots_file.tmp" "$snapshots_file" + } + + update_images_snapshots git add . git commit -m "Update HCO bundle registry with new images" git pull --rebase origin main git push origin main + + if [[ "$(params.SNAPSHOT)" == *"hco-bundle-registry"* ]]; then + REPO_REVISION=$(jq -r '.spec.components[].source.git.revision' <<< "$SNAPSHOT_DATA") + + BUNDLE_VERSION=$(cat build-bundle.json | jq -r '.metadata.Version | "\(.XY).\(.Z)-\(.release)" | sub("^v"; "")') + echo -n "$BUNDLE_VERSION" > /tekton/results/bundle-version + + # Make sure we are getting the exact snapshots from the bundle + git checkout $REPO_REVISION + + # Update the bundle snapshot as its not updated in this commit + update_images_snapshots + + SNAPSHOTS_TO_RELEASE=$(cat $snapshots_file) + echo -n "$SNAPSHOTS_TO_RELEASE" > /tekton/results/snapshots-to-release + fi + - name: push-release-chart + image: quay.io/konflux-ci/release-service-utils@sha256:2f9e6863e82bbc9ddce5a290f3fd0e87657c475e3de8a832b2ef7f8d0671e7d3 + envFrom: + - secretRef: + name: hco-updater-gitlab-token + - secretRef: + name: quay-builds-creds + volumeMounts: + - name: quay-creds + mountPath: /tekton/secrets/quay-builds-creds + readOnly: true + script: | + #!/usr/bin/env bash + set -eo pipefail + + # Only continue if its releasing hco-bundle-registry + if [[ "$(params.SNAPSHOT)" != *"hco-bundle-registry"* ]]; then + echo "Skipping push-release-chart: snapshot parameter does not contain 'hco-bundle-registry'" + exit 0 + fi + + # Read results from previous step + SNAPSHOTS_TO_RELEASE=$(cat /tekton/results/snapshots-to-release) + BUNDLE_VERSION=$(cat /tekton/results/bundle-version) + + git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 + cd release-chart/release-orchestrator + yq -i ".version = \"$BUNDLE_VERSION-skeleton\"" Chart.yaml + + # Update values.yaml with snapshots from SNAPSHOTS_TO_RELEASE + echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml + yq eval-all '. as $item ireduce ({}; . * $item)' values.yaml /tmp/snapshots_with_key.yaml -i + + DOCKER_CONFIG=$(cat /tekton/secrets/quay-builds-creds/.dockerconfigjson) + QUAY_USERNAME=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | select(.key | contains("quay.io")) | .value.username') + QUAY_PASSWORD=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | select(.key | contains("quay.io")) | .value.password') + QUAY_URL=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | .key') + + echo "${QUAY_PASSWORD}" | helm registry login quay.io --username "${QUAY_USERNAME}" --password-stdin + + PACKAGE_OUTPUT=$(helm package . 2>&1) + PACKAGE_FILE=$(echo "${PACKAGE_OUTPUT}" | grep -oP 'Successfully packaged chart and saved it to: \K.*') + + helm push $PACKAGE_FILE oci://${QUAY_URL}/release-orchestrator From ac16481b76653274399dd06f1446da2dc99bca6f Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 10:01:02 +0100 Subject: [PATCH 47/60] Use tmp for quay build creds path --- pipelines/update-bundle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 59160f9..ffcc2ff 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -115,7 +115,7 @@ spec: name: quay-builds-creds volumeMounts: - name: quay-creds - mountPath: /tekton/secrets/quay-builds-creds + mountPath: /tmp/quay-builds-creds readOnly: true script: | #!/usr/bin/env bash @@ -139,7 +139,7 @@ spec: echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml yq eval-all '. as $item ireduce ({}; . * $item)' values.yaml /tmp/snapshots_with_key.yaml -i - DOCKER_CONFIG=$(cat /tekton/secrets/quay-builds-creds/.dockerconfigjson) + DOCKER_CONFIG=$(cat /tmp/quay-builds-creds/.dockerconfigjson) QUAY_USERNAME=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | select(.key | contains("quay.io")) | .value.username') QUAY_PASSWORD=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | select(.key | contains("quay.io")) | .value.password') QUAY_URL=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | .key') From adb0e6eb749a4c7fcf318fbdbd2bf86943e79b75 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 10:35:55 +0100 Subject: [PATCH 48/60] Use pipeline tools image to push the chart --- pipelines/update-bundle.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index ffcc2ff..6fa640f 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -107,7 +107,7 @@ spec: echo -n "$SNAPSHOTS_TO_RELEASE" > /tekton/results/snapshots-to-release fi - name: push-release-chart - image: quay.io/konflux-ci/release-service-utils@sha256:2f9e6863e82bbc9ddce5a290f3fd0e87657c475e3de8a832b2ef7f8d0671e7d3 + image: quay.io/redhat-user-workloads/ocp-virt-images-tenant/pipeline-tools@sha256:18f9f819e9393891ce7ae19414a5672786e3efb120bdeaa2c254d8ba5d8e2493 envFrom: - secretRef: name: hco-updater-gitlab-token From 38c121bd7ce526a773279189f88cedb6734a8ec3 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 10:42:29 +0100 Subject: [PATCH 49/60] Check if there are actually changes before committing --- pipelines/update-bundle.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 6fa640f..24a2b4a 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -87,9 +87,14 @@ spec: update_images_snapshots git add . - git commit -m "Update HCO bundle registry with new images" - git pull --rebase origin main - git push origin main + # Check if there are actually changes before committing + if ! git diff-index --quiet HEAD; then + git commit -m "Update HCO bundle registry with new images" + git pull --rebase origin main + git push origin main + else + echo "No changes detected in the bundle registry. Skipping git push." + fi if [[ "$(params.SNAPSHOT)" == *"hco-bundle-registry"* ]]; then REPO_REVISION=$(jq -r '.spec.components[].source.git.revision' <<< "$SNAPSHOT_DATA") From b4e410cd02136555111d9882fcc15042c0a765fb Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 10:45:30 +0100 Subject: [PATCH 50/60] Increase clone depth --- pipelines/update-bundle.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 24a2b4a..acb3848 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -44,7 +44,7 @@ spec: REPO_URL="https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/${VERSION}/hco-bundle-registry.git" REPO_URL=$(echo "$REPO_URL" | sed "s|https://|https://oauth2:${GITLAB_TOKEN}@|") - git clone $REPO_URL --depth 1 + git clone $REPO_URL --depth 50 cd hco-bundle-registry git remote set-url origin "$REPO_URL" git config user.name "submodule-sync" From 800354360d6fbaf8106a0350ef929c60b097f5a8 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 10:48:43 +0100 Subject: [PATCH 51/60] Work under a tmpdir --- pipelines/update-bundle.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index acb3848..a4dd194 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -124,7 +124,7 @@ spec: readOnly: true script: | #!/usr/bin/env bash - set -eo pipefail + set -exo pipefail # Only continue if its releasing hco-bundle-registry if [[ "$(params.SNAPSHOT)" != *"hco-bundle-registry"* ]]; then @@ -136,6 +136,8 @@ spec: SNAPSHOTS_TO_RELEASE=$(cat /tekton/results/snapshots-to-release) BUNDLE_VERSION=$(cat /tekton/results/bundle-version) + TMPDIR=$(mktemp -d) + cd "$TMPDIR" git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 cd release-chart/release-orchestrator yq -i ".version = \"$BUNDLE_VERSION-skeleton\"" Chart.yaml From ce791e221054da684f5af9f1663bf3ba05571196 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 10:51:36 +0100 Subject: [PATCH 52/60] Use tmp as home, instead of default / --- pipelines/update-bundle.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index a4dd194..8fb9212 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -138,6 +138,7 @@ spec: TMPDIR=$(mktemp -d) cd "$TMPDIR" + export HOME=/tmp git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 cd release-chart/release-orchestrator yq -i ".version = \"$BUNDLE_VERSION-skeleton\"" Chart.yaml From 28d5b62e77a2e51e129d9cf5d196bacd7f9674a4 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 11:21:13 +0100 Subject: [PATCH 53/60] Fix quay url --- pipelines/update-bundle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 8fb9212..9f5c78c 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -124,7 +124,7 @@ spec: readOnly: true script: | #!/usr/bin/env bash - set -exo pipefail + set -eo pipefail # Only continue if its releasing hco-bundle-registry if [[ "$(params.SNAPSHOT)" != *"hco-bundle-registry"* ]]; then @@ -157,4 +157,4 @@ spec: PACKAGE_OUTPUT=$(helm package . 2>&1) PACKAGE_FILE=$(echo "${PACKAGE_OUTPUT}" | grep -oP 'Successfully packaged chart and saved it to: \K.*') - helm push $PACKAGE_FILE oci://${QUAY_URL}/release-orchestrator + helm push $PACKAGE_FILE oci://${QUAY_URL} From 7f6c73aa8613c790eb2cd1da3643485f4ee340b7 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 11:28:52 +0100 Subject: [PATCH 54/60] Fill releaseplan and namespace --- pipelines/update-bundle.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 9f5c78c..fa4a8f4 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -135,13 +135,16 @@ spec: # Read results from previous step SNAPSHOTS_TO_RELEASE=$(cat /tekton/results/snapshots-to-release) BUNDLE_VERSION=$(cat /tekton/results/bundle-version) + XY=$(echo "$BUNDLE_VERSION" | cut -d'.' -f1,2 | tr '.' '-') TMPDIR=$(mktemp -d) cd "$TMPDIR" export HOME=/tmp git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 cd release-chart/release-orchestrator - yq -i ".version = \"$BUNDLE_VERSION-skeleton\"" Chart.yaml + yq -i ".version = \"$BUNDLE_VERSION\"" Chart.yaml + yq -i ".global.releasePlan = \"TODO-RELEASEPLAN\"" + yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" # Update values.yaml with snapshots from SNAPSHOTS_TO_RELEASE echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml From 0b30634186445379793263e75592f29ce69668d5 Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 11:30:11 +0100 Subject: [PATCH 55/60] Fix --- pipelines/update-bundle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index fa4a8f4..57746e1 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -143,8 +143,8 @@ spec: git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 cd release-chart/release-orchestrator yq -i ".version = \"$BUNDLE_VERSION\"" Chart.yaml - yq -i ".global.releasePlan = \"TODO-RELEASEPLAN\"" - yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" + yq -i ".global.releasePlan = \"TODO-RELEASEPLAN\"" Chart.yaml + yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" Chart.yaml # Update values.yaml with snapshots from SNAPSHOTS_TO_RELEASE echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml From 05da569534efdb4178b50dfd41940c8dacae67cb Mon Sep 17 00:00:00 2001 From: Axuba Date: Thu, 8 Jan 2026 11:33:32 +0100 Subject: [PATCH 56/60] Fix typo --- pipelines/update-bundle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 57746e1..0a14eaf 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -143,8 +143,8 @@ spec: git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 cd release-chart/release-orchestrator yq -i ".version = \"$BUNDLE_VERSION\"" Chart.yaml - yq -i ".global.releasePlan = \"TODO-RELEASEPLAN\"" Chart.yaml - yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" Chart.yaml + yq -i ".global.releasePlan = \"TODO-RELEASEPLAN\"" values.yaml + yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" values.yaml # Update values.yaml with snapshots from SNAPSHOTS_TO_RELEASE echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml From 98e6950d6a36268744269cccb14f048f44998503 Mon Sep 17 00:00:00 2001 From: Axuba Date: Mon, 12 Jan 2026 15:11:11 +0100 Subject: [PATCH 57/60] Add hco bundle url to payload --- fbc/fbc-post-release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index e663a5d..3032b68 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -72,6 +72,7 @@ spec: image_sha=$(yq '.image' ${cnv_version}/updated_image.yaml) channel=$(yq '.channel' ${cnv_version}/updated_image.yaml) hco_bundle_version=$(yq '.hco-bundle-version' ${cnv_version}/updated_image.yaml) + hco_bundle_url=$(yq '.hco-bundle-url' ${cnv_version}/updated_image.yaml) if [[ $hco_bundle_version == v4.99* ]]; then cnv_version="v4.99" @@ -106,6 +107,7 @@ spec: image_base=$(echo "${image_sha}" | cut -d'@' -f1) yq e ".hco_bundle_registry_by_tag = \"${image_base}:${hco_bundle_version}\"" -i ${save_folder}/payload.yaml yq e ".hco_bundle_version = \"${hco_bundle_version}\"" -i ${save_folder}/payload.yaml + yq e ".hco_bundle_url = \"${hco_bundle_url}\"" -i ${save_folder}/payload.yaml # Add the minor version number from the bundle for Kargo yq e '.minorVersion = (.hco_bundle_version | split("-") | .[0])' -i ${save_folder}/payload.yaml yq e '.rhelVersion = (.minorVersion | split(".") | .[3])' -i ${save_folder}/payload.yaml From 82e75a0cb8191e4006db52574ddcb71c58ee2ea1 Mon Sep 17 00:00:00 2001 From: thason Date: Tue, 20 Jan 2026 16:36:18 +0200 Subject: [PATCH 58/60] Add skeleton chart version parameter to update-bundle pipeline and document pipelines in README --- fbc/fbc-post-release.yaml | 1 + pipelines/README.md | 69 +++++++++++++++++++++++++++++++++++ pipelines/update-bundle.yaml | 71 +++++++++++++++++++++++++++++------- 3 files changed, 127 insertions(+), 14 deletions(-) create mode 100644 pipelines/README.md diff --git a/fbc/fbc-post-release.yaml b/fbc/fbc-post-release.yaml index 3032b68..81e38a0 100644 --- a/fbc/fbc-post-release.yaml +++ b/fbc/fbc-post-release.yaml @@ -79,6 +79,7 @@ spec: fi gitpayloaddir=$(mktemp -d) && cd "${gitpayloaddir}" + # github_token and github_username are injected from cnv-ci-release-token secret git clone https://${github_token}@github.com/openshift-cnv/cnv-fbc-payloads-new.git && cd cnv-fbc-payloads-new git config --global user.name "${github_username}" git config --global user.email "no-reply@redhat.com" diff --git a/pipelines/README.md b/pipelines/README.md new file mode 100644 index 0000000..11b3354 --- /dev/null +++ b/pipelines/README.md @@ -0,0 +1,69 @@ +# CNV Tekton Pipelines + +Tekton pipelines for CNV component builds and releases in Konflux. + +## Pipelines + +### update-bundle + +Updates the HCO bundle registry with component snapshots and publishes the release orchestrator chart. + +**Trigger:** Runs when a component snapshot is created for `hco-bundle-registry`. + +**Parameters:** + +| Parameter | Type | Required | Default | Description | +|-----------|------|----------|---------|-------------| +| `snapshot` | string | Yes | — | Snapshot reference (e.g., `namespace/snapshot-id`) | +| `skeleton-chart-version` | string | No | `0.0.0-skeleton` | Version of skeleton chart to pull from OCI registry | + +**Steps:** + +1. **update-bundle**: Updates `hco-bundle-registry` GitLab repo with component image references +2. **push-release-chart**: Pulls skeleton chart, hydrates with snapshots, and pushes versioned chart + +**Secrets Required:** + +| Secret | Keys | Purpose | +|--------|------|---------| +| `hco-updater-gitlab-token` | `GITLAB_TOKEN` | GitLab repo access | +| `quay-builds-creds` | `.dockerconfigjson` | OCI registry push | + +**Outputs:** + +- `bundle-version`: Version string (e.g., `4.99.0-rhel9.2555`) +- `snapshots-to-release`: JSON map of component → snapshot ID + +**Version Format:** + +``` +Input: build-bundle.json { XY: "v4.99", Z: "0", os: "rhel9", release: "2555" } +Output: 4.99.0-rhel9.2555 +``` + +**Dual ReleasePlan:** + +The pipeline sets two ReleasePlans in the chart: +- `releasePlan`: For regular components (kubevirt, cdi, etc.) +- `bundleReleasePlan`: For `hco-bundle-registry` (separate Konflux pipeline) + +--- + +## Development + +### Testing Locally + +The pipelines require Konflux cluster access. For local validation: + +```bash +# Validate YAML syntax +kubectl apply --dry-run=client -f pipelines/update-bundle.yaml +``` + +### Required Tools in Pipeline Images + +- `kubectl` - Kubernetes API access +- `jq` - JSON processing +- `yq` - YAML processing +- `helm` (v3.x) - Chart operations +- `git` - Repository operations diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 0a14eaf..9cbc7a4 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -8,15 +8,22 @@ spec: params: - name: snapshot type: string + - name: skeleton-chart-version + type: string + default: "0.0.0-skeleton" tasks: - name: update-bundle params: - name: SNAPSHOT value: "$(params.snapshot)" + - name: SKELETON_CHART_VERSION + value: "$(params.skeleton-chart-version)" taskSpec: params: - name: SNAPSHOT type: string + - name: SKELETON_CHART_VERSION + type: string results: - name: snapshots-to-release description: Contents of the snapshots.json file @@ -97,9 +104,10 @@ spec: fi if [[ "$(params.SNAPSHOT)" == *"hco-bundle-registry"* ]]; then - REPO_REVISION=$(jq -r '.spec.components[].source.git.revision' <<< "$SNAPSHOT_DATA") + # Use [0] to get single value (all components have same revision, validated above) + REPO_REVISION=$(jq -r '.spec.components[0].source.git.revision' <<< "$SNAPSHOT_DATA") - BUNDLE_VERSION=$(cat build-bundle.json | jq -r '.metadata.Version | "\(.XY).\(.Z)-\(.release)" | sub("^v"; "")') + BUNDLE_VERSION=$(cat build-bundle.json | jq -r '.metadata.Version | "\(.XY).\(.Z)-\(.os).\(.release)" | sub("^v"; "")') echo -n "$BUNDLE_VERSION" > /tekton/results/bundle-version # Make sure we are getting the exact snapshots from the bundle @@ -132,6 +140,10 @@ spec: exit 0 fi + # Configuration + OCI_REGISTRY="quay.io/openshift-virtualization/release-chart" + SKELETON_VERSION="$(params.SKELETON_CHART_VERSION)" + # Read results from previous step SNAPSHOTS_TO_RELEASE=$(cat /tekton/results/snapshots-to-release) BUNDLE_VERSION=$(cat /tekton/results/bundle-version) @@ -140,24 +152,55 @@ spec: TMPDIR=$(mktemp -d) cd "$TMPDIR" export HOME=/tmp - git clone https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/release-chart.git --depth 1 - cd release-chart/release-orchestrator - yq -i ".version = \"$BUNDLE_VERSION\"" Chart.yaml - yq -i ".global.releasePlan = \"TODO-RELEASEPLAN\"" values.yaml + + # Registry login - extract first matching quay.io credentials + DOCKER_CONFIG=$(cat /tmp/quay-builds-creds/.dockerconfigjson) + QUAY_USERNAME=$(echo "${DOCKER_CONFIG}" | jq -r '[.auths | to_entries[] | select(.key | contains("quay.io"))] | first | .value.username') + QUAY_PASSWORD=$(echo "${DOCKER_CONFIG}" | jq -r '[.auths | to_entries[] | select(.key | contains("quay.io"))] | first | .value.password') + + if [[ -z "${QUAY_USERNAME}" || "${QUAY_USERNAME}" == "null" ]]; then + echo "ERROR: Could not extract quay.io credentials from secret" + exit 1 + fi + + echo "${QUAY_PASSWORD}" | helm registry login quay.io --username "${QUAY_USERNAME}" --password-stdin + + # Pull skeleton chart from OCI registry + echo "Pulling skeleton chart: oci://${OCI_REGISTRY}/release-orchestrator --version ${SKELETON_VERSION}" + helm pull "oci://${OCI_REGISTRY}/release-orchestrator" --version "${SKELETON_VERSION}" --untar + + cd release-orchestrator + + # Hydrate Chart.yaml + yq -i ".version = \"${BUNDLE_VERSION}\"" Chart.yaml + yq -i ".appVersion = \"${BUNDLE_VERSION}\"" Chart.yaml + + # Hydrate values.yaml yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" values.yaml + yq -i ".global.releasePlan = \"v${XY}-component-releaseplan\"" values.yaml + yq -i ".global.bundleReleasePlan = \"v${XY}-bundle-releaseplan\"" values.yaml # Update values.yaml with snapshots from SNAPSHOTS_TO_RELEASE echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml yq eval-all '. as $item ireduce ({}; . * $item)' values.yaml /tmp/snapshots_with_key.yaml -i - DOCKER_CONFIG=$(cat /tmp/quay-builds-creds/.dockerconfigjson) - QUAY_USERNAME=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | select(.key | contains("quay.io")) | .value.username') - QUAY_PASSWORD=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | select(.key | contains("quay.io")) | .value.password') - QUAY_URL=$(echo "${DOCKER_CONFIG}" | jq -r '.auths | to_entries[] | .key') + # Validate chart before pushing + echo "Validating chart with helm lint..." + if ! helm lint .; then + echo "ERROR: Chart validation failed" + exit 1 + fi - echo "${QUAY_PASSWORD}" | helm registry login quay.io --username "${QUAY_USERNAME}" --password-stdin + # Package and push + helm package . + PACKAGE_FILE=$(ls release-orchestrator-*.tgz 2>/dev/null | head -1) + + if [[ -z "${PACKAGE_FILE}" || ! -f "${PACKAGE_FILE}" ]]; then + echo "ERROR: Failed to find packaged chart file" + exit 1 + fi - PACKAGE_OUTPUT=$(helm package . 2>&1) - PACKAGE_FILE=$(echo "${PACKAGE_OUTPUT}" | grep -oP 'Successfully packaged chart and saved it to: \K.*') + echo "Pushing chart to oci://${OCI_REGISTRY}" + helm push "${PACKAGE_FILE}" "oci://${OCI_REGISTRY}" - helm push $PACKAGE_FILE oci://${QUAY_URL} + echo "Published release-orchestrator:${BUNDLE_VERSION} to oci://${OCI_REGISTRY}" From 193bc3e45e57077bdf9fdbcefdf5f6859540107d Mon Sep 17 00:00:00 2001 From: thason Date: Wed, 21 Jan 2026 08:51:35 +0200 Subject: [PATCH 59/60] Enhance update-bundle pipeline with detailed logging and validation steps, including snapshot data fetching, commit consistency checks, and improved error handling. Update Chart.yaml and values.yaml hydration processes, ensuring proper versioning and snapshot injection. Streamline git operations and OCI registry interactions for better clarity and reliability. --- pipelines/update-bundle.yaml | 86 ++++++++++++++++++++++++------------ 1 file changed, 57 insertions(+), 29 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 9cbc7a4..89ffe0d 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -41,29 +41,39 @@ spec: name: hco-updater-gitlab-token script: | #!/usr/bin/env bash - set -eo pipefail + set -eox pipefail + echo "=== PHASE 1: Fetching snapshot data ===" SNAPSHOT_ID=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') SNAPSHOT_DATA=$(kubectl get snapshot $SNAPSHOT_ID -ojson) NAMESPACE=$(jq -r '.metadata.namespace' <<< "$SNAPSHOT_DATA") APPLICATION=$(jq -r '.spec.application' <<< "$SNAPSHOT_DATA") VERSION=$(echo "$NAMESPACE" | cut -d'-' -f1,2) + echo "Snapshot ID: $SNAPSHOT_ID" + echo "Namespace: $NAMESPACE" + echo "Application: $APPLICATION" + echo "Version: $VERSION" + + echo "=== PHASE 2: Cloning hco-bundle-registry ===" REPO_URL="https://gitlab.cee.redhat.com/openshift-virtualization/konflux-builds/${VERSION}/hco-bundle-registry.git" REPO_URL=$(echo "$REPO_URL" | sed "s|https://|https://oauth2:${GITLAB_TOKEN}@|") - git clone $REPO_URL --depth 50 cd hco-bundle-registry git remote set-url origin "$REPO_URL" git config user.name "submodule-sync" git config user.email "no-reply@redhat.com" + echo "=== PHASE 3: Validating commit consistency ===" IMAGES=$(jq -r '.spec.components[].containerImage' <<< "$SNAPSHOT_DATA") - - # Make sure all the commits in every component are the same if jq -e '[.spec.components[].source.git.revision] | unique | length == 1' <<< "$SNAPSHOT_DATA" > /dev/null; then - echo "The snapshot has all the components pointing to the same commit, continuing." + echo "OK: All components point to the same commit" else - echo "Commits are inconsistent!" + echo "ERROR: Commits are inconsistent!" + echo "Component revisions:" + jq -r '.spec.components[] | "\(.name): \(.source.git.revision)"' <<< "$SNAPSHOT_DATA" + echo "" + echo "Unique revisions found:" + jq -r '[.spec.components[].source.git.revision] | unique | .[]' <<< "$SNAPSHOT_DATA" exit 1 fi @@ -91,36 +101,43 @@ spec: && mv "$snapshots_file.tmp" "$snapshots_file" } + echo "=== PHASE 4: Updating image references ===" update_images_snapshots + echo "=== PHASE 5: Committing and pushing changes ===" git add . - # Check if there are actually changes before committing if ! git diff-index --quiet HEAD; then git commit -m "Update HCO bundle registry with new images" git pull --rebase origin main git push origin main + echo "OK: Changes pushed to GitLab" else - echo "No changes detected in the bundle registry. Skipping git push." + echo "SKIP: No changes detected in the bundle registry" fi if [[ "$(params.SNAPSHOT)" == *"hco-bundle-registry"* ]]; then - # Use [0] to get single value (all components have same revision, validated above) + echo "=== PHASE 6: Preparing release data for hco-bundle-registry ===" REPO_REVISION=$(jq -r '.spec.components[0].source.git.revision' <<< "$SNAPSHOT_DATA") + echo "Repo revision: $REPO_REVISION" BUNDLE_VERSION=$(cat build-bundle.json | jq -r '.metadata.Version | "\(.XY).\(.Z)-\(.os).\(.release)" | sub("^v"; "")') + echo "Bundle version: $BUNDLE_VERSION" echo -n "$BUNDLE_VERSION" > /tekton/results/bundle-version - # Make sure we are getting the exact snapshots from the bundle git checkout $REPO_REVISION - - # Update the bundle snapshot as its not updated in this commit update_images_snapshots SNAPSHOTS_TO_RELEASE=$(cat $snapshots_file) echo -n "$SNAPSHOTS_TO_RELEASE" > /tekton/results/snapshots-to-release + echo "OK: Release data written to results" fi + + echo "=== update-bundle step completed ===" - name: push-release-chart image: quay.io/redhat-user-workloads/ocp-virt-images-tenant/pipeline-tools@sha256:18f9f819e9393891ce7ae19414a5672786e3efb120bdeaa2c254d8ba5d8e2493 + env: + - name: HOME + value: /tmp envFrom: - secretRef: name: hco-updater-gitlab-token @@ -132,28 +149,32 @@ spec: readOnly: true script: | #!/usr/bin/env bash - set -eo pipefail + set -eox pipefail - # Only continue if its releasing hco-bundle-registry + echo "=== PHASE 1: Checking if hco-bundle-registry release ===" if [[ "$(params.SNAPSHOT)" != *"hco-bundle-registry"* ]]; then - echo "Skipping push-release-chart: snapshot parameter does not contain 'hco-bundle-registry'" + echo "SKIP: Snapshot does not contain 'hco-bundle-registry'" exit 0 fi + echo "OK: This is an hco-bundle-registry release" - # Configuration + echo "=== PHASE 2: Loading configuration ===" OCI_REGISTRY="quay.io/openshift-virtualization/release-chart" SKELETON_VERSION="$(params.SKELETON_CHART_VERSION)" + echo "OCI Registry: $OCI_REGISTRY" + echo "Skeleton Version: $SKELETON_VERSION" - # Read results from previous step + echo "=== PHASE 3: Reading results from previous step ===" SNAPSHOTS_TO_RELEASE=$(cat /tekton/results/snapshots-to-release) BUNDLE_VERSION=$(cat /tekton/results/bundle-version) XY=$(echo "$BUNDLE_VERSION" | cut -d'.' -f1,2 | tr '.' '-') + echo "Bundle Version: $BUNDLE_VERSION" + echo "XY Version: $XY" TMPDIR=$(mktemp -d) cd "$TMPDIR" - export HOME=/tmp - # Registry login - extract first matching quay.io credentials + echo "=== PHASE 4: Registry login ===" DOCKER_CONFIG=$(cat /tmp/quay-builds-creds/.dockerconfigjson) QUAY_USERNAME=$(echo "${DOCKER_CONFIG}" | jq -r '[.auths | to_entries[] | select(.key | contains("quay.io"))] | first | .value.username') QUAY_PASSWORD=$(echo "${DOCKER_CONFIG}" | jq -r '[.auths | to_entries[] | select(.key | contains("quay.io"))] | first | .value.password') @@ -162,36 +183,41 @@ spec: echo "ERROR: Could not extract quay.io credentials from secret" exit 1 fi + echo "OK: Extracted credentials for user: $QUAY_USERNAME" echo "${QUAY_PASSWORD}" | helm registry login quay.io --username "${QUAY_USERNAME}" --password-stdin + echo "OK: Logged in to quay.io" - # Pull skeleton chart from OCI registry - echo "Pulling skeleton chart: oci://${OCI_REGISTRY}/release-orchestrator --version ${SKELETON_VERSION}" + echo "=== PHASE 5: Pulling skeleton chart ===" + echo "Pulling: oci://${OCI_REGISTRY}/release-orchestrator --version ${SKELETON_VERSION}" helm pull "oci://${OCI_REGISTRY}/release-orchestrator" --version "${SKELETON_VERSION}" --untar - cd release-orchestrator + echo "OK: Skeleton chart extracted" - # Hydrate Chart.yaml + echo "=== PHASE 6: Hydrating Chart.yaml ===" yq -i ".version = \"${BUNDLE_VERSION}\"" Chart.yaml yq -i ".appVersion = \"${BUNDLE_VERSION}\"" Chart.yaml + echo "OK: Chart.yaml updated with version $BUNDLE_VERSION" - # Hydrate values.yaml + echo "=== PHASE 7: Hydrating values.yaml ===" yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" values.yaml yq -i ".global.releasePlan = \"v${XY}-component-releaseplan\"" values.yaml yq -i ".global.bundleReleasePlan = \"v${XY}-bundle-releaseplan\"" values.yaml + echo "OK: Global values set" - # Update values.yaml with snapshots from SNAPSHOTS_TO_RELEASE + echo "=== PHASE 8: Injecting snapshots ===" echo "$SNAPSHOTS_TO_RELEASE" | jq -r '{snapshots: .}' | yq eval -P '.' > /tmp/snapshots_with_key.yaml yq eval-all '. as $item ireduce ({}; . * $item)' values.yaml /tmp/snapshots_with_key.yaml -i + echo "OK: Snapshots injected into values.yaml" - # Validate chart before pushing - echo "Validating chart with helm lint..." + echo "=== PHASE 9: Validating chart ===" if ! helm lint .; then echo "ERROR: Chart validation failed" exit 1 fi + echo "OK: Chart passed validation" - # Package and push + echo "=== PHASE 10: Packaging chart ===" helm package . PACKAGE_FILE=$(ls release-orchestrator-*.tgz 2>/dev/null | head -1) @@ -199,8 +225,10 @@ spec: echo "ERROR: Failed to find packaged chart file" exit 1 fi + echo "OK: Packaged as $PACKAGE_FILE" - echo "Pushing chart to oci://${OCI_REGISTRY}" + echo "=== PHASE 11: Pushing to OCI registry ===" helm push "${PACKAGE_FILE}" "oci://${OCI_REGISTRY}" + echo "=== push-release-chart step completed ===" echo "Published release-orchestrator:${BUNDLE_VERSION} to oci://${OCI_REGISTRY}" From cd431777ffcf1dd7f276663f2b75d8c038ac09a7 Mon Sep 17 00:00:00 2001 From: thason Date: Wed, 21 Jan 2026 17:53:56 +0200 Subject: [PATCH 60/60] Refactor update-bundle pipeline to improve script clarity and organization. Adjust phase logging, update variable names for better context, and ensure correct handling of chart packaging and registry interactions. Enhance versioning in Chart.yaml and streamline OCI registry push process. --- pipelines/update-bundle.yaml | 44 +++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/pipelines/update-bundle.yaml b/pipelines/update-bundle.yaml index 89ffe0d..544b6f7 100644 --- a/pipelines/update-bundle.yaml +++ b/pipelines/update-bundle.yaml @@ -41,7 +41,7 @@ spec: name: hco-updater-gitlab-token script: | #!/usr/bin/env bash - set -eox pipefail + set -eo pipefail echo "=== PHASE 1: Fetching snapshot data ===" SNAPSHOT_ID=$(echo "$(params.SNAPSHOT)" | awk -F'/' '{print $2}') @@ -149,7 +149,7 @@ spec: readOnly: true script: | #!/usr/bin/env bash - set -eox pipefail + set -eo pipefail echo "=== PHASE 1: Checking if hco-bundle-registry release ===" if [[ "$(params.SNAPSHOT)" != *"hco-bundle-registry"* ]]; then @@ -158,19 +158,23 @@ spec: fi echo "OK: This is an hco-bundle-registry release" - echo "=== PHASE 2: Loading configuration ===" - OCI_REGISTRY="quay.io/openshift-virtualization/release-chart" - SKELETON_VERSION="$(params.SKELETON_CHART_VERSION)" - echo "OCI Registry: $OCI_REGISTRY" - echo "Skeleton Version: $SKELETON_VERSION" - - echo "=== PHASE 3: Reading results from previous step ===" + echo "=== PHASE 2: Reading results from previous step ===" SNAPSHOTS_TO_RELEASE=$(cat /tekton/results/snapshots-to-release) BUNDLE_VERSION=$(cat /tekton/results/bundle-version) XY=$(echo "$BUNDLE_VERSION" | cut -d'.' -f1,2 | tr '.' '-') echo "Bundle Version: $BUNDLE_VERSION" echo "XY Version: $XY" + echo "=== PHASE 3: Loading configuration ===" + CHART_NAME="hco-bundle-registry-rhel9" + SKELETON_REGISTRY="quay.io/openshift-virtualization/release-chart" + TARGET_REGISTRY="quay.io/openshift-virtualization/konflux-builds/v${XY}" + SKELETON_VERSION="$(params.SKELETON_CHART_VERSION)" + echo "Chart Name: $CHART_NAME" + echo "Skeleton Registry: $SKELETON_REGISTRY" + echo "Target Registry: $TARGET_REGISTRY" + echo "Skeleton Version: $SKELETON_VERSION" + TMPDIR=$(mktemp -d) cd "$TMPDIR" @@ -189,15 +193,19 @@ spec: echo "OK: Logged in to quay.io" echo "=== PHASE 5: Pulling skeleton chart ===" - echo "Pulling: oci://${OCI_REGISTRY}/release-orchestrator --version ${SKELETON_VERSION}" - helm pull "oci://${OCI_REGISTRY}/release-orchestrator" --version "${SKELETON_VERSION}" --untar - cd release-orchestrator + echo "Pulling: oci://${SKELETON_REGISTRY}/${CHART_NAME} --version ${SKELETON_VERSION}" + helm pull "oci://${SKELETON_REGISTRY}/${CHART_NAME}" --version "${SKELETON_VERSION}" --untar + cd "${CHART_NAME}" echo "OK: Skeleton chart extracted" echo "=== PHASE 6: Hydrating Chart.yaml ===" - yq -i ".version = \"${BUNDLE_VERSION}\"" Chart.yaml - yq -i ".appVersion = \"${BUNDLE_VERSION}\"" Chart.yaml - echo "OK: Chart.yaml updated with version $BUNDLE_VERSION" + CHART_VERSION="releases-${BUNDLE_VERSION}" + APP_VERSION="v${BUNDLE_VERSION}" + yq -i ".version = \"${CHART_VERSION}\"" Chart.yaml + yq -i ".appVersion = \"${APP_VERSION}\"" Chart.yaml + echo "OK: Chart.yaml updated" + echo " version (OCI tag): $CHART_VERSION" + echo " appVersion: $APP_VERSION" echo "=== PHASE 7: Hydrating values.yaml ===" yq -i ".global.targetNamespace = \"v${XY}-openshift-virtualization-tenant\"" values.yaml @@ -219,7 +227,7 @@ spec: echo "=== PHASE 10: Packaging chart ===" helm package . - PACKAGE_FILE=$(ls release-orchestrator-*.tgz 2>/dev/null | head -1) + PACKAGE_FILE=$(ls ${CHART_NAME}-*.tgz 2>/dev/null | head -1) if [[ -z "${PACKAGE_FILE}" || ! -f "${PACKAGE_FILE}" ]]; then echo "ERROR: Failed to find packaged chart file" @@ -228,7 +236,7 @@ spec: echo "OK: Packaged as $PACKAGE_FILE" echo "=== PHASE 11: Pushing to OCI registry ===" - helm push "${PACKAGE_FILE}" "oci://${OCI_REGISTRY}" + helm push "${PACKAGE_FILE}" "oci://${TARGET_REGISTRY}" echo "=== push-release-chart step completed ===" - echo "Published release-orchestrator:${BUNDLE_VERSION} to oci://${OCI_REGISTRY}" + echo "Published ${CHART_NAME}:${CHART_VERSION} to oci://${TARGET_REGISTRY}"