buildah: add feature to allow pushing additional tags#1388
buildah: add feature to allow pushing additional tags#1388johanneskastl wants to merge 3 commits into
Conversation
…umber Signed-off-by: Johannes Kastl <git@johannes-kastl.de>
Signed-off-by: Johannes Kastl <git@johannes-kastl.de>
…al tags Signed-off-by: Johannes Kastl <git@johannes-kastl.de>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
/kind feature |
There was a problem hiding this comment.
Pull request overview
This PR introduces a new task/buildah version (0.10) adding support for pushing the same built image under additional tags (e.g., commit SHA/date-derived tags), alongside existing push behavior, and includes accompanying samples and e2e test scaffolding.
Changes:
- Add
ADDITIONAL_TAGSparameter and implement pushing those additional tags. - Add versioned documentation and sample PipelineRuns (dockerconfig + OpenShift internal registry).
- Add e2e test manifests and internal registry setup for the new version.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| task/buildah/0.10/buildah.yaml | Adds ADDITIONAL_TAGS param and push logic for extra tags. |
| task/buildah/0.10/README.md | Documents the 0.10 task version and parameters including ADDITIONAL_TAGS. |
| task/buildah/0.10/samples/dockerconfig.yaml | Example PipelineRun showing docker config workspace usage. |
| task/buildah/0.10/samples/openshift-internal-registry.yaml | Example PipelineRun for OpenShift internal registry + custom CA. |
| task/buildah/0.10/tests/run.yaml | Defines e2e PipelineRuns for push and skip-push scenarios. |
| task/buildah/0.10/tests/pre-apply-task-hook.sh | Test hook to add secure registry sidecar and git-clone task. |
| task/buildah/0.10/tests/internal-registry/internal-registry.yaml | Deploys an internal TLS registry for e2e tests. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # push additional tags, if PARAMS_ADDITIONAL_TAGS is not empty | ||
| # shellcheck disable=SC2046,SC2086 | ||
| if [ -n "${PARAMS_ADDITIONAL_TAGS}" ]; then | ||
| for tag in ${PARAMS_ADDITIONAL_TAGS};do | ||
| buildah ${CERT_DIR_FLAG} "--storage-driver=${PARAM_STORAGE_DRIVER}" push \ | ||
| "--tls-verify=${PARAM_TLSVERIFY}" --digestfile /tmp/image-digest ${PARAM_PUSH_EXTRA_ARGS} \ | ||
| "${PARAM_IMAGE}" "docker://${PARAM_IMAGE}":${tag} | ||
| done | ||
| fi |
| script: | | ||
| BUILD_ARGS=() | ||
| for buildarg in "$@" | ||
| do | ||
| BUILD_ARGS+=("--build-arg=$buildarg") |
| - name: ADDITIONAL_TAGS | ||
| type: string | ||
| default: "" | ||
| description: | | ||
| Additional tags for pushing the image. |
| - name: evaluate | ||
| image: alpine | ||
| script: | | ||
| #!/usr/bin/env sh | ||
| [[ "$(params.ORIGINAL_IMAGE)" = "$(params.OUTPUT_IMAGE)" ]] && exit 0 || exit 1 |
| - name: buildah | ||
| taskRef: | ||
| name: buildah | ||
| runAfter: | ||
| - fetch-repository | ||
| workspaces: | ||
| - name: source | ||
| workspace: shared-workspace | ||
| - name: sslcertdir | ||
| workspace: sslcertdir | ||
| params: | ||
| - name: IMAGE | ||
| value: registry:5000/nocode |
Changes
buildah task: add feature to allow pushing additional tags
This feature allows specifying additional tags like the commit hash or the date or similar, that will be used in addition to "latest".
Please note, those tags need to be strings, not commands like
$(date +%Y%m%d).Discussion see #1373
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
contains
/kind <type>. Valid types are bug, cleanup, design, documentation,feature, flake, misc, question, tep