konflux-ci · zregvart · Feb 1, 2023 · Jan 31, 2023 · Jan 27, 2023 · Feb 1, 2023
diff --git a/.tekton/pull-request.yaml b/.tekton/pull-request.yaml
@@ -133,6 +133,22 @@ spec:
                     key: token
               - name: MY_GITHUB_ORG
                 value: redhat-appstudio-appdata
+      - name: check-task-pipeline-repo-existence
+        runAfter:
+          - build-bundles
+        taskSpec:
+          steps:
+            - name: fail-when-repo-is-missed
+              image: registry.redhat.io/openshift4/ose-tools-rhel8:v4.12
+              workingDir: $(workspaces.source.path)
+              script: |
+                #!/usr/bin/env bash
+                PULL_REQUEST=1 .tekton/scripts/check-task-pipeline-bundle-repos.sh
+          workspaces:
+            - name: source
+        workspaces:
+          - name: source
+            workspace: workspace
     finally:
       - name: e2e-cleanup
         params:
@@ -150,20 +166,6 @@ spec:
                 # Perform cleanup of resources created by gitops service
                 oc delete --ignore-not-found deployment --all -n $(params.e2e_test_namespace)
                 oc delete --ignore-not-found eventlisteners --all -n $(params.e2e_test_namespace)
-      - name: check-task-pipeline-repo-existence
-        taskSpec:
-          steps:
-            - name: fail-when-repo-is-missed
-              image: registry.redhat.io/openshift4/ose-cli:v4.11
-              workingDir: $(workspaces.source.path)
-              script: |
-                #!/usr/bin/env bash
-                .tekton/scripts/check-task-pipeline-bundle-repos.sh
-          workspaces:
-            - name: source
-        workspaces:
-          - name: source
-            workspace: workspace
   workspaces:
     - name: workspace
       volumeClaimTemplate:

diff --git a/.tekton/scripts/check-task-pipeline-bundle-repos.sh b/.tekton/scripts/check-task-pipeline-bundle-repos.sh
@@ -1,13 +1,24 @@
-#!/usr/bin/bash -e
+#!/usr/bin/bash
+
+set -o errexit
+set -o pipefail
+set -o nounset
 
 SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 cd "$SCRIPTDIR/../.."
 
 QUAY_ORG=redhat-appstudio-tekton-catalog
 
 locate_bundle_repo() {
-    local -r repo_name=$1
-    curl -I -s -L -w "%{http_code}\n" -o /dev/null "https://quay.io/api/v1/repository/${QUAY_ORG}/${repo_name}"
+    local -r type="$1"
+    local -r object="$2"
+    local -r version="${3}"
+
+    if [ "${PULL_REQUEST:-0}" -ne 1 ]; then
+        curl -I -s -L -w "%{http_code}\n" -o /dev/null "https://quay.io/v2/${QUAY_ORG}/${type}-${object}/manifests/${version}"
+    else
+        curl -I -s -L -w "%{http_code}\n" -o /dev/null "https://quay.io/v2/${QUAY_ORG}/pull-request-builds/manifests/${object}-${version}"
+    fi
 }
 
 has_missing_repo=
@@ -17,18 +28,21 @@ echo "Checking existence of task and pipeline bundle repositories ..."
 # tasks
 for task_file in task/*/*/*.yaml; do
     task_name=$(oc apply --dry-run=client -f "$task_file" -o jsonpath='{.metadata.name}')
-    found=$(locate_bundle_repo "task-$task_name")
+    dir=${task_file%/*}
+    version="${dir##*/}-$(git log -n 1 --pretty=format:%H -- "${task_file}")"
+    found=$(locate_bundle_repo task "$task_name" "${version}")
     if [ "$found" != "200" ]; then
         echo "Missing task bundle repo: task-$task_name"
         has_missing_repo=yes
     fi
 done
 
 # pipelines
+version="$(git rev-parse HEAD)"
 for pl_name in $(oc kustomize pipelines/ | oc apply --dry-run=client -f - -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); do
-    found=$(locate_bundle_repo "pipeline-$pl_name")
+    found=$(locate_bundle_repo pipeline "$pl_name" "${version}")
     if [ "$found" != "200" ]; then
-        echo "Missing pipeline bundle repo: pipeline-$pl_name"
+        echo "Missing pipeline bundle repo: pipeline-$pl_name ${version}"
         has_missing_repo=yes
     fi
 done

diff --git a/pipelines/kustomization.yaml b/pipelines/kustomization.yaml
@@ -6,3 +6,4 @@ resources:
 - nodejs-builder
 - enterprise-contract.yaml
 - fbc-builder
+- tekton-bundle-builder
diff --git a/pipelines/tekton-bundle-builder/kustomization.yaml b/pipelines/tekton-bundle-builder/kustomization.yaml
@@ -0,0 +1,20 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- ../template-build
+
+patches:
+# Use the template-build as a template replacing the Pipeline name and the
+# `build-container` step's task reference
+- patch: |-
+    - op: replace
+      path: /metadata/name
+      value: tekton-bundle-builder
+    - op: replace
+      path: /spec/tasks/4/taskRef
+      value:
+        name: tkn-bundle
+        version: "0.1"
+  target:
+    kind: Pipeline
+    name: template-build
diff --git a/task/tkn-bundle/0.1/.shellspec b/task/tkn-bundle/0.1/.shellspec
@@ -0,0 +1 @@
+--require spec_helper
diff --git a/task/tkn-bundle/0.1/README.md b/task/tkn-bundle/0.1/README.md
@@ -0,0 +1,50 @@
+# tkn-bundle - Tekton Task to push a Tekton Bundle to an image registry
+
+Tekton Task to build and push Tekton Bundles (OCI images) which contain
+definitions of Tekton objects, most commonly Task and Pipeline objects.
+
+Task finds all `*.yaml` or `*.yml` files within `CONTEXT`, packages and pushes
+them as a Tekton Bundle to the image repository, name and tag specified by the
+`IMAGE` parameter.
+
+## Input Parameters
+
+The task supports the following input parameters.
+
+| Name    | Example                 | Description                              |
+|---------|-------------------------|------------------------------------------|
+| IMAGE   | registry.io/my-task:tag | Reference of the image task will produce |
+| CONTEXT | my-task/0.1             | Paths to include in the bundle image     |
+
+`CONTEXT` can include multiple directories or files separated by comma or space.
+Paths can be negated with exclamation mark to prevent inclusion of certain
+directories or files. Negated paths are best placed at the end as they operate
+on collected paths preceeding them. For example if `CONTEXT` is set to
+`"0.1,!0.1/spec"` for this tree:
+
+    .
+    ├── 0.1
+    │   ├── README.md
+    │   ├── spec
+    │   │   ├── spec_helper.sh
+    │   │   ├── support
+    │   │   │   ├── jq_matcher.sh
+    │   │   │   └── task_run_subject.sh
+    │   │   ├── test1.yaml
+    │   │   ├── test2.yml
+    │   │   ├── test3.yaml
+    │   │   └── tkn-bundle_spec.sh
+    │   ├── TESTING.md
+    │   └── tkn-bundle.yaml
+    └── OWNERS
+
+Only the `0.1/tkn-bundle.yaml` file will be included in the bundle.
+
+## Results
+
+The task emits the following results.
+
+| Name         | Example                           | Description                                       |
+|--------------|-----------------------------------|---------------------------------------------------|
+| IMAGE_URL    | registry.io/my-task@sha256-abc... | Image repository where the built image was pushed |
+| IMAGE_DIGEST | abc...                            | Digest of the image just built                    |
diff --git a/task/tkn-bundle/0.1/TESTING.md b/task/tkn-bundle/0.1/TESTING.md
@@ -0,0 +1,37 @@
+# Testing tkn-bundle Tekton Task
+
+Make sure you have shellspec installed[1]. The test setup script will bring up a
+kind[2] cluster and installs Tekton Pipeline. The source is provided via the
+`source-pvc` PersistantVolumeClaim and prepopulated with the test?.y*ml files in
+order to not necesate the need for source checkout.
+
+For second and subsequent invocations the setup is quicker as it only applies
+any changes to already started and setup cluster. To delete the cluster and
+start afresh run: `kind delete cluster --name=test-tkn-bundle`.
+
+To run the tests run `shellspec` from this directory.
+
+## Example of a testing setup and session
+
+```shell
+$ pwd
+.../build-definitions/task/tkn-bundle/0.1
+$ shellspec --jobs 5
+Running: /bin/sh [bash 5.2.15(1)-release]
+namespace/tekton-pipelines created
+clusterrole.rbac.authorization.k8s.io/tekton-pipelines-controller-cluster-access created
+...
+pod "setup-1674815473" deleted
+deployment.apps/registry created
+service/registry created
+deployment.apps/registry condition met
+deployment.apps/tekton-pipelines-controller condition met
+deployment.apps/tekton-pipelines-webhook condition met
+.....
+
+Finished in 119.59 seconds (user 7.37 seconds, sys 4.03 seconds)
+2 examples, 0 failures
+```
+
+[1] https://shellspec.info/
+[2] https://kind.sigs.k8s.io/
diff --git a/task/tkn-bundle/0.1/spec/spec_helper.sh b/task/tkn-bundle/0.1/spec/spec_helper.sh
@@ -0,0 +1,10 @@
+#!/bin/env bash
+
+set -o errexit
+set -o pipefail
+set -o nounset
+
+spec_helper_configure() {
+  import 'support/task_run_subject'
+  import 'support/jq_matcher'
+}
diff --git a/task/tkn-bundle/0.1/spec/support/jq_matcher.sh b/task/tkn-bundle/0.1/spec/support/jq_matcher.sh
@@ -0,0 +1,30 @@
+#!/bin/env bash
+
+set -o errexit
+set -o pipefail
+set -o nounset
+
+shellspec_syntax 'shellspec_matcher_jq'
+
+shellspec_matcher_jq() {
+  shellspec_matcher__match() {
+    SHELLSPEC_EXPECT="$1"
+    [ "${SHELLSPEC_SUBJECT+x}" ] || return 1
+    echo "${SHELLSPEC_SUBJECT}" | jq --exit-status "${SHELLSPEC_EXPECT}" > /dev/null || return 1
+    return 0
+  }
+
+  # Message when the matcher fails with "should"
+  shellspec_matcher__failure_message() {
+    shellspec_putsn "expected: JSON $1 should evaluate with success against jq expression: $2"
+  }
+
+  # Message when the matcher fails with "should not"
+  shellspec_matcher__failure_message_when_negated() {
+    shellspec_putsn "expected: JSON $1 should not evaluate with success against jq expression: $2"
+  }
+
+  # checking for parameter count
+  shellspec_syntax_param count [ $# -eq 1 ] || return 0
+  shellspec_matcher_do_match "$@"
+}
diff --git a/task/tkn-bundle/0.1/spec/support/task_run_subject.sh b/task/tkn-bundle/0.1/spec/support/task_run_subject.sh
@@ -0,0 +1,26 @@
+#!/bin/env bash
+
+set -o errexit
+set -o pipefail
+set -o nounset
+
+shellspec_syntax 'shellspec_subject_taskrun'
+
+shellspec_subject_taskrun() {
+  # shellcheck disable=SC2034
+  SHELLSPEC_META='text'
+  shellspec_readfile_once SHELLSPEC_STDOUT "$SHELLSPEC_STDOUT_FILE"
+  if [ ${SHELLSPEC_STDOUT+x} ]; then
+    # shellcheck disable=SC2034
+    LINES=(${SHELLSPEC_STDOUT[@]})
+    TASK_RUN_NAME="${LINES[2]}" # "TaskRun(0) started:(1) tkn-bundle-run-ndjfb(2)
+    SHELLSPEC_SUBJECT="$(tkn tr describe "${TASK_RUN_NAME}" -o json)"
+    shellspec_chomp SHELLSPEC_SUBJECT
+  else
+    unset SHELLSPEC_SUBJECT ||:
+  fi
+
+  shellspec_off UNHANDLED_STDOUT
+
+  eval shellspec_syntax_dispatch modifier ${1+'"$@"'}
+}
diff --git a/task/tkn-bundle/0.1/spec/test1.yaml b/task/tkn-bundle/0.1/spec/test1.yaml
@@ -0,0 +1,4 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: test1
diff --git a/task/tkn-bundle/0.1/spec/test2.yml b/task/tkn-bundle/0.1/spec/test2.yml
@@ -0,0 +1,4 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: test2
diff --git a/task/tkn-bundle/0.1/spec/test3.yaml b/task/tkn-bundle/0.1/spec/test3.yaml
@@ -0,0 +1,4 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: test3