Tweak image logic for Konflux

Signed-off-by: Dale Haiducek <[email protected]>
stolostron · Nov 8, 2024 · a0e1453 · a0e1453
1 parent 4f43877
commit a0e1453
Show file tree

Hide file tree

Showing 8 changed files with 79 additions and 9 deletions.
diff --git a/.tekton/gatekeeper-operator-bundle-3-17-pull-request.yaml b/.tekton/gatekeeper-operator-bundle-3-17-pull-request.yaml
@@ -26,7 +26,7 @@ spec:
     - name: image-expires-after
       value: 5d
     - name: dockerfile
-      value: build/bundle.Dockerfile
+      value: build/bundle.Dockerfile.rhtap
     - name: path-context
       value: .
   pipelineSpec:

diff --git a/.tekton/gatekeeper-operator-bundle-3-17-push.yaml b/.tekton/gatekeeper-operator-bundle-3-17-push.yaml
@@ -23,7 +23,7 @@ spec:
     - name: output-image
       value: quay.io/redhat-user-workloads/gatekeeper-tenant/gatekeeper-operator-3-17/gatekeeper-operator-bundle-3-17:{{revision}}
     - name: dockerfile
-      value: build/bundle.Dockerfile
+      value: build/bundle.Dockerfile.rhtap
     - name: path-context
       value: .
   pipelineSpec:

diff --git a/Makefile b/Makefile
@@ -14,11 +14,11 @@ BATS_VERSION ?= 1.11.0
 
 # Versioning and replacement version for the operator bundle.
 # (Stored in files of the same name at the base of the repo.)
-VERSION ?= $(shell cat VERSION)
-REPLACES_VERSION ?= $(shell cat REPLACES_VERSION)
+VERSION := $(shell cat VERSION)
+REPLACES_VERSION := $(shell cat REPLACES_VERSION)
 # Version of the underlying Gatekeeper--defaults to the version of the operator.
 # (Can be overridden by creating a GATEKEEPER_VERSION file at the base of the repo.)
-GATEKEEPER_VERSION ?= $(shell cat GATEKEEPER_VERSION 2>/dev/null || cat VERSION)
+GATEKEEPER_VERSION := $(shell cat GATEKEEPER_VERSION 2>/dev/null || cat VERSION)
 
 # CHANNELS define the bundle channels used in the bundle.
 CHANNELS ?= stable,$(shell echo $(VERSION) | cut -d '.' -f 1-2)
@@ -187,14 +187,15 @@ update-bindata: go-bindata ## Update bindata.go file.
 	rm -rf ./$(GATEKEEPER_MANIFEST_DIR)-rendered
 	$(MAKE) fmt
 
-GATEKEEPER_IMAGE ?= quay.io/gatekeeper/gatekeeper
+GATEKEEPER_IMG_BASE ?= quay.io/gatekeeper/gatekeeper
+GATEKEEPER_IMG ?= $(GATEKEEPER_IMAGE_BASE):v$(GATEKEEPER_VERSION)
 
 .PHONY: update-gatekeeper-image
 update-gatekeeper-image: ## Update Gatekeeper image in manifests.
 	yq 'select(.kind == "Deployment") \
 		|= .spec.template.spec.containers[] \
 		|= select(.name == "manager").env[] \
-		|= select(.name == "RELATED_IMAGE_GATEKEEPER").value = "$(GATEKEEPER_IMAGE):v$(GATEKEEPER_VERSION)"' \
+		|= select(.name == "RELATED_IMAGE_GATEKEEPER").value = "$(GATEKEEPER_IMG)"' \
 		-i config/manager/manager.yaml
 
 # Set version variables for LDFLAGS

diff --git a/build/bundle.Dockerfile b/build/bundle.Dockerfile
@@ -22,7 +22,7 @@ LABEL com.redhat.openshift.versions=v4.12
 # Bundle metadata
 LABEL name=gatekeeper/gatekeeper-operator-bundle
 LABEL description="The Gatekeeper Operator installs and configures Open Policy Agent Gatekeeper."
-LABEL io.k8s.description=gatekeeper-operator-bundle
+LABEL io.k8s.description="The Gatekeeper Operator installs and configures Open Policy Agent Gatekeeper."
 LABEL summary="Red Hat Gatekeeper Operator"
 LABEL version=v3.17.0
 LABEL release=""

diff --git a/build/bundle.Dockerfile.rhtap b/build/bundle.Dockerfile.rhtap
@@ -0,0 +1,39 @@
+FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.22 AS builder
+
+WORKDIR /gatekeeper-operator
+COPY . .
+RUN /gatekeeper-operator/build/install-dependencies.sh
+RUN GOFLAGS=-mod=readonly /gatekeeper-operator/build/konflux-patch.sh
+
+FROM scratch
+
+# Copy files to locations specified by labels.
+COPY --from=builder /gatekeeper-operator/bundle/manifests /manifests/
+COPY --from=builder /gatekeeper-operator/bundle/metadata /metadata/
+
+# Core bundle annotations.
+LABEL operators.operatorframework.io.bundle.channel.default.v1=stable
+LABEL operators.operatorframework.io.bundle.channels.v1="stable,3.17"
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=gatekeeper-operator
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.34.1
+LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
+LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3
+# Red Hat annotations.
+LABEL com.redhat.component=gatekeeper-operator-bundle-container
+LABEL com.redhat.delivery.backport=false
+LABEL com.redhat.delivery.operator.bundle=true
+LABEL com.redhat.openshift.versions=v4.12
+# Bundle metadata
+LABEL name=gatekeeper/gatekeeper-operator-bundle
+LABEL description="The Gatekeeper Operator installs and configures Open Policy Agent Gatekeeper."
+LABEL io.k8s.description="The Gatekeeper Operator installs and configures Open Policy Agent Gatekeeper."
+LABEL summary="Red Hat Gatekeeper Operator"
+LABEL version=v3.17.0
+LABEL release=""
+LABEL distribution-scope=public
+LABEL maintainer="[email protected]"
+LABEL url=https://github.com/stolostron/gatekeeper-operator
+LABEL vendor="Red Hat, Inc."
diff --git a/build/install-dependencies.sh b/build/install-dependencies.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -e
+
+# https://github.com/jqlang/jq/releases/latest
+JQ_VERSION="jq-1.7.1"
+# https://github.com/mikefarah/yq/releases/latest
+YQ_VERSION="v4.44.3"
+
+ARCH=$(uname -m)
+if [[ "$ARCH" == "x86_64" ]]; then
+    ARCH="amd64"
+elif [[ "$ARCH" == "aarch64" ]]; then
+    ARCH="arm64"
+fi
+
+curl -s "https://github.com/jqlang/jq/releases/download/${JQ_VERSION}/jq-linux-${ARCH}" -o /usr/bin/jq
+chmod +x /usr/bin/jq
+
+curl -s "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_${ARCH}" -o /usr/bin/yq
+chmod +x /usr/bin/yq
diff --git a/build/konflux-patch.sh b/build/konflux-patch.sh
@@ -0,0 +1,9 @@
+#! /bin/bash
+
+# Gatekeeper Operator image
+export IMG="registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator@sha256:6e386be134d928bdb03b702e399c97e7aedecacaa3d0813183a8c5ecf13c7bc2"
+# Gatekeeper image
+export GATEKEEPER_IMG="registry.redhat.io/gatekeeper/gatekeeper-rhel9@sha256:3095f68c12c5dc3b00ce84e1c37d516d96cbcb06d42eaef5372358786956bd62"
+
+make update-gatekeeper-image
+make bundle
diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml
@@ -17,7 +17,7 @@ annotations:
   # Bundle metadata
   name: gatekeeper/gatekeeper-operator-bundle
   description: "The Gatekeeper Operator installs and configures Open Policy Agent Gatekeeper."
-  io.k8s.description: gatekeeper-operator-bundle
+  io.k8s.description: "The Gatekeeper Operator installs and configures Open Policy Agent Gatekeeper."
   summary: "Red Hat Gatekeeper Operator"
   version: v3.17.0
   release: ""