Skip to content

Commit 12fa603

Browse files
dhaiducekdhaiducek
committed
Enable hermetic builds
Signed-off-by: Dale Haiducek <[email protected]>
1 parent 1041d2e commit 12fa603

File tree

3 files changed

+11
-3
lines changed

3 files changed

+11
-3
lines changed

Diff for: .tekton/gatekeeper-3-17-pull-request.yaml

+3-1
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,8 @@ spec:
3535
- linux/s390x
3636
- name: path-context
3737
value: .
38+
- name: hermetic
39+
value: true
3840
pipelineSpec:
3941
description: |
4042
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
@@ -318,7 +320,7 @@ spec:
318320
- name: name
319321
value: deprecated-image-check
320322
- name: bundle
321-
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:650330fde0773f73f6bac77ae573031c44c79165d9503b0d5ec1db3e6ef981d7
323+
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:000dfcf3583649ca07214f308126a8ef0400358a9a9cbf876fe60c1cc6affb37
322324
- name: kind
323325
value: task
324326
resolver: bundles

Diff for: .tekton/gatekeeper-3-17-push.yaml

+3-1
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@ spec:
3333
- linux-mlarge/arm64
3434
- linux/ppc64le
3535
- linux/s390x
36+
- name: hermetic
37+
value: true
3638
pipelineSpec:
3739
description: |
3840
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
@@ -316,7 +318,7 @@ spec:
316318
- name: name
317319
value: deprecated-image-check
318320
- name: bundle
319-
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:650330fde0773f73f6bac77ae573031c44c79165d9503b0d5ec1db3e6ef981d7
321+
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.4@sha256:000dfcf3583649ca07214f308126a8ef0400358a9a9cbf876fe60c1cc6affb37
320322
- name: kind
321323
value: task
322324
resolver: bundles

Diff for: build/Dockerfile.rhtap

+5-1
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,10 @@ RUN go build -mod vendor -a -ldflags "${LDFLAGS}" -o manager
1111
FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
1212
WORKDIR /
1313
COPY --from=builder /go/src/github.com/open-policy-agent/gatekeeper/manager .
14-
RUN microdnf -y update && microdnf -y clean all
14+
15+
RUN mkdir licenses/
16+
COPY LICENSE licenses/
17+
1518
USER 65532:65532
19+
1620
ENTRYPOINT ["/manager"]

0 commit comments

Comments
 (0)