Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pin images used for the release pipeline #3622

Merged
merged 1 commit into from
Sep 23, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion tekton/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ spec:
- name: source
steps:
- name: build-static
image: docker.io/library/node:20.14-slim
image: docker.io/library/node:20.17.0-slim@sha256:df85129996d6b7a4ec702ebf2142cfa683f28b1d33446faec12168d122d3410d
workingDir: $(workspaces.source.path)
env:
- name: CI
Expand Down
6 changes: 3 additions & 3 deletions tekton/prerelease-checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ spec:
description: The workspace where the repo has been cloned
steps:
- name: check-git-tag
image: docker.io/alpine/git
image: docker.io/alpine/git:2.45.2@sha256:7d612867d6b2f12be0827bc70833bac7204791871c80d7c852a336479ba99104
script: |
echo "Checking git tag"
# Look for the tag in the list of tags
Expand All @@ -53,7 +53,7 @@ spec:
exit 1
fi
- name: check-github-release
image: docker.io/library/python:3.6-alpine3.9
image: docker.io/library/python:3.6-alpine3.9@sha256:368f69f11e002a63d587791bb9652009dbb19a85f015698eac40d687e6f4ab19
script: |
echo "Checking GitHub release"
PACKAGE=$(echo $(params.package) | cut -d/ -f2,3)
Expand All @@ -65,7 +65,7 @@ spec:
echo "Release $(params.versionTag) already exists for $(params.package)"
exit 1
- name: success-confirmation
image: docker.io/library/alpine
image: docker.io/library/alpine:3.20.3@sha256:beefdbd8a1da6d2915566fde36db9db0b524eb737fc57cd1367effd16dc0d06d
script: |
echo "All pre-release checks for $(params.package) @ $(params.versionTag) were successful"
echo "Happy releasing 😺"
8 changes: 4 additions & 4 deletions tekton/publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ spec:
- name: IMAGES
steps:
- name: container-registry-auth
image: gcr.io/go-containerregistry/crane:debug
image: gcr.io/go-containerregistry/crane:debug@sha256:ff0e08eeae8097d28b2381c7f7123bf542757abc68d11bff58fb882b72843785
script: |
#!/busybox/sh
set -ex
Expand All @@ -90,7 +90,7 @@ spec:
cp ${DOCKER_CONFIG} /workspace/docker-config.json

- name: run-ko
image: gcr.io/tekton-releases/dogfooding/ko-gcloud:latest
image: gcr.io/tekton-releases/dogfooding/ko-gcloud:v20240920-6c2a999d36@sha256:1756ca55a09b360028695792e638a7cc366292d7aef44c926a8cb765085664c8
env:
- name: KO_DOCKER_REPO
value: $(params.imageRegistry)/$(params.imageRegistryPath)
Expand Down Expand Up @@ -130,7 +130,7 @@ spec:
./scripts/installer release --debug --read-write --platform $(params.platforms) --tag $(params.versionTag) --output $OUTPUT_RELEASE_DIR/release-full.yaml

- name: koparse
image: gcr.io/tekton-releases/dogfooding/koparse:latest
image: gcr.io/tekton-releases/dogfooding/koparse:v20240910-ec3cf3c749@sha256:5e8a522fc1e587fc00b69a6d73e0bfdf7a29ca143537a5542eb224680d2dbf2f
script: |
set -ex

Expand All @@ -147,7 +147,7 @@ spec:
--base ${IMAGES_PATH} --images ${IMAGES} > /workspace/built_images

- name: tag-images
image: gcr.io/go-containerregistry/crane:debug
image: gcr.io/go-containerregistry/crane:debug@sha256:ff0e08eeae8097d28b2381c7f7123bf542757abc68d11bff58fb882b72843785
script: |
#!/busybox/sh
set -ex
Expand Down
2 changes: 1 addition & 1 deletion tekton/release-pipeline.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ spec:
type: string
steps:
- name: create-results
image: docker.io/library/alpine
image: docker.io/library/alpine:3.20.3@sha256:beefdbd8a1da6d2915566fde36db9db0b524eb737fc57cd1367effd16dc0d06d
script: |
BASE_URL=$(echo "$(params.releaseBucket)/previous/$(params.versionTag)")
# If the bucket is in the gs:// return the corresponding public https URL
Expand Down