alihan/openshift-mcp-server
1
0
Fork 0
mirror of https://github.com/openshift/openshift-mcp-server.git synced 2025-10-17 14:27:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

Red Hat Konflux update openshift-mcp-server

Browse Source 
Signed-off-by: red-hat-konflux <konflux@no-reply.konflux-ci.dev>
This commit is contained in:
red-hat-konflux
2025-08-09 05:47:28 +00:00
parent 32ab9872f2
commit 3d5093c5c2
2 changed files with 74 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
.tekton/openshift-mcp-server-pull-request.yaml
View File

@@ -27,16 +27,19 @@ spec:
value: quay.io/redhat-user-workloads/crt-nshift-lightspeed-tenant/openshift-mcp-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux/x86_64
- name: dockerfile
value: Dockerfile
- name: path-context
value: .
pipelineSpec:
description: |
This pipeline is ideal for building container images from a Containerfile while maintaining trust after pipeline customization.
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
_Uses `buildah` to create a container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-oci-ta?tab=tags)_
_Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
finally:
- name: show-sbom
params:
@@ -97,7 +100,7 @@ spec:
description: Build a source image.
name: build-source-image
type: string
- default: "false"
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
@@ -114,6 +117,12 @@ spec:
VMs
name: privileged-nested
type: string
- default:
- linux/x86_64
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
results:
- description: ""
name: IMAGE_URL
@@ -200,7 +209,12 @@ spec:
workspace: git-auth
- name: netrc
workspace: netrc
- name: build-container
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
@@ -227,14 +241,16 @@ spec:
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-oci-ta
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:d78d8abba7a84faa391d8b3b23be49ad8c09e9b1c0cabaed3919f64100cead2d
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:e1c03f2be119f8000100ac10cba614cf7d0d77597a04aa74bc72d91df183bc5b
- name: kind
value: task
resolver: bundles
@@ -255,9 +271,9 @@ spec:
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-container.results.IMAGE_URL)@$(tasks.build-container.results.IMAGE_DIGEST)
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-container
- build-images
taskRef:
params:
- name: name
@@ -346,7 +362,12 @@ spec:
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
- matrix:
params:
- name: platform
value:
- $(params.build-platforms)
name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
@@ -392,7 +413,12 @@ spec:
operator: in
values:
- "false"
- name: clamav-scan
- matrix:
params:
- name: image-arch
value:
- $(params.build-platforms)
name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)

48
.tekton/openshift-mcp-server-push.yaml
View File

@@ -24,16 +24,19 @@ spec:
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/crt-nshift-lightspeed-tenant/openshift-mcp-server:{{revision}}
- name: build-platforms
value:
- linux/x86_64
- name: dockerfile
value: Dockerfile
- name: path-context
value: .
pipelineSpec:
description: |
This pipeline is ideal for building container images from a Containerfile while maintaining trust after pipeline customization.
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
_Uses `buildah` to create a container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-oci-ta?tab=tags)_
_Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://conforma.dev/docs/policy/packages/release_trusted_task.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
finally:
- name: show-sbom
params:
@@ -94,7 +97,7 @@ spec:
description: Build a source image.
name: build-source-image
type: string
- default: "false"
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
@@ -111,6 +114,12 @@ spec:
VMs
name: privileged-nested
type: string
- default:
- linux/x86_64
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
results:
- description: ""
name: IMAGE_URL
@@ -197,7 +206,12 @@ spec:
workspace: git-auth
- name: netrc
workspace: netrc
- name: build-container
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
@@ -224,14 +238,16 @@ spec:
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-oci-ta
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta:0.4@sha256:d78d8abba7a84faa391d8b3b23be49ad8c09e9b1c0cabaed3919f64100cead2d
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:e1c03f2be119f8000100ac10cba614cf7d0d77597a04aa74bc72d91df183bc5b
- name: kind
value: task
resolver: bundles
@@ -252,9 +268,9 @@ spec:
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-container.results.IMAGE_URL)@$(tasks.build-container.results.IMAGE_DIGEST)
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-container
- build-images
taskRef:
params:
- name: name
@@ -343,7 +359,12 @@ spec:
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
- matrix:
params:
- name: platform
value:
- $(params.build-platforms)
name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
@@ -389,7 +410,12 @@ spec:
operator: in
values:
- "false"
- name: clamav-scan
- matrix:
params:
- name: image-arch
value:
- $(params.build-platforms)
name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)