Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: run create-advisory late in the rh-advisories pipeline #651

Merged
merged 1 commit into from
Oct 30, 2024
Merged

fix: run create-advisory late in the rh-advisories pipeline #651

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions pipelines/rh-advisories/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,25 @@ the rh-push-to-registry-redhat-io pipeline.
| taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | Yes | https://github.com/konflux-ci/release-service-catalog.git |
| taskGitRevision | The revision in the taskGitUrl repo to be used | No | - |

## Changes in 1.5.2
johnbieren marked this conversation as resolved.
Show resolved Hide resolved
* Make sure `create-advisory` runs late in the pipeline
* Task `create-advisory` would run after `publish-pyxis-repository` which
would ensure it runs late in the pipeline. But with the changes in 1.5.0,
`publish-pyxis-repository` runs much earlier now.
* So make `create-advisory`
run after `push-rpm-data-to-pyxis` which is what `publish-pyxis-repository`
ran after originally.
* But also, add a few more `runAfter` entries to make it run as late
as possible:
* `run-file-updates`
* `rh-sign-image`
* `rh-sign-image-cosign`
* Make some other tasks' order more explicit
* No functional change, the tasks already depended on the other tasks'
results, but this makes it more explicit (and Tekton PLR UI
is known to show incorrect order when relying on task results only)


## Changes in 1.5.1
* Task `publish-pyxis-repository` should only run after `apply-mapping` has completed as it depends on the `repository`
value
Expand Down
9 changes: 7 additions & 2 deletions pipelines/rh-advisories/rh-advisories.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ kind: Pipeline
metadata:
name: rh-advisories
labels:
app.kubernetes.io/version: "1.5.1"
app.kubernetes.io/version: "1.5.2"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
Expand Down Expand Up @@ -309,6 +309,7 @@ spec:
runAfter:
- verify-enterprise-contract
- push-snapshot
- collect-cosign-params
- name: push-snapshot
retries: 5
when:
Expand Down Expand Up @@ -398,6 +399,7 @@ spec:
- embargo-check
- verify-enterprise-contract
- publish-pyxis-repository
- extract-requester-from-release
- name: create-pyxis-image
retries: 5
taskRef:
Expand Down Expand Up @@ -548,7 +550,10 @@ spec:
runAfter:
- check-data-keys
- embargo-check
- publish-pyxis-repository
- push-rpm-data-to-pyxis
johnbieren marked this conversation as resolved.
Show resolved Hide resolved
- run-file-updates
- rh-sign-image
- rh-sign-image-cosign
- name: update-cr-status
params:
- name: resource
Expand Down
6 changes: 6 additions & 0 deletions pipelines/rh-push-to-registry-redhat-io/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@ Tekton pipeline to release content to registry.redhat.io registry.
| taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | Yes | https://github.com/konflux-ci/release-service-catalog.git |
| taskGitRevision | The revision in the taskGitUrl repo to be used | No | - |

## Changes in 4.5.2
* Make task order more explicit
* No functional change, the tasks already depended on the other tasks'
results, but this makes it more explicit (and Tekton PLR UI
is known to show incorrect order when relying on task results only)

## Changes in 4.5.1
* Task `publish-pyxis-repository` should only run after `apply-mapping` has completed as it depends on the `repository`
value
Expand Down
4 changes: 3 additions & 1 deletion pipelines/rh-push-to-registry-redhat-io/rh-push-to-registry-redhat-io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ kind: Pipeline
metadata:
name: rh-push-to-registry-redhat-io
labels:
app.kubernetes.io/version: "4.5.1"
app.kubernetes.io/version: "4.5.2"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
Expand Down Expand Up @@ -264,6 +264,7 @@ spec:
workspace: release-workspace
runAfter:
- push-snapshot
- collect-cosign-params
- name: push-snapshot
retries: 5
when:
Expand Down Expand Up @@ -349,6 +350,7 @@ spec:
- verify-enterprise-contract
- apply-mapping
- publish-pyxis-repository
- extract-requester-from-release
- name: create-pyxis-image
retries: 5
taskRef:
Expand Down