Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NVIDIA-AI-Blueprints/vulnerability-analysis
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: RHEcosystemAppEng/vulnerability-analysis
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
Able to merge. These branches can be automatically merged.
  • 7 commits
  • 1 file changed
  • 2 contributors

Commits on Nov 28, 2024

  1. chore(deps): build upstream image

    Signed-off-by: Ruben Romero Montes <rromerom@redhat.com>
    ruromero committed Nov 28, 2024
    Copy the full SHA
    a742c4c View commit details

Commits on Dec 12, 2024

  1. Copy the full SHA
    65f3236 View commit details
  2. Copy the full SHA
    34ae05a View commit details

Commits on Dec 16, 2024

  1. Copy the full SHA
    efd01af View commit details

Commits on Dec 18, 2024

  1. Copy the full SHA
    18c3d6a View commit details

Commits on Dec 30, 2024

  1. Copy the full SHA
    8534f50 View commit details

Commits on Jan 13, 2025

  1. Copy the full SHA
    bd58553 View commit details
Showing with 110 additions and 0 deletions.
  1. +110 −0 .tekton/on-push.yaml
110 changes: 110 additions & 0 deletions .tekton/on-push.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: vulnerability-analysis-upstream-push
annotations:
# The event we are targeting as seen from the webhook payload
# this can be an array too, i.e: [pull_request, push]
pipelinesascode.tekton.dev/on-event: "[push]"

# The branch or tag we are targeting (ie: main, refs/tags/*)
pipelinesascode.tekton.dev/on-target-branch: "[main]"

# Fetch the git-clone task from hub, we are able to reference later on it
# with taskRef and it will automatically be embedded into our pipeline.
pipelinesascode.tekton.dev/task: "git-clone"

# How many runs we want to keep.
pipelinesascode.tekton.dev/max-keep-runs: "5"
spec:
params:
# The variable with brackets are special to Pipelines as Code
# They will automatically be expanded with the events from Github.
- name: repo_url
value: "{{ repo_url }}"
- name: revision
value: "{{ revision }}"
- name: output-image
value: quay.io/ecosystem-appeng/agent-morpheus-rh:upstream
- name: path-context
value: .
- name: dockerfile
value: ./Dockerfile
pipelineSpec:
params:
- name: repo_url
- name: revision
- name: output-image
description: Fully Qualified Output Image
type: string
- name: path-context
default: .
description: Path to the source code of an application's component from where to build image.
type: string
- name: dockerfile
default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
type: string
workspaces:
- name: source
- name: basic-auth
tasks:
- name: fetch-repository
taskRef:
name: git-clone
workspaces:
- name: output
workspace: source
- name: basic-auth
workspace: basic-auth
params:
- name: url
value: $(params.repo_url)
- name: revision
value: $(params.revision)
- name: buildah
runAfter:
- fetch-repository
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: BUILDER_IMAGE
value: >-
registry.redhat.io/rhel8/buildah@sha256:aac6629389db17e99894c5bee0da01d4c8065d11d8c6f6e1602f9484290baa70
- name: STORAGE_DRIVER
value: vfs
- name: FORMAT
value: docker
- name: BUILD_EXTRA_ARGS
value: >-
--target base
taskRef:
kind: ClusterTask
name: buildah
workspaces:
- name: source
workspace: source
- name: dockerconfig
workspace: dockerconfig-ws
workspaces:
- name: source
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
# This workspace will inject secret to help the git-clone task to be able to
# checkout the private repositories
- name: basic-auth
secret:
secretName: "{{ git_auth_secret }}"
- name: dockerconfig-ws
secret:
secretName: ecosystem-appeng-morpheus-quay