diff --git a/pipeline-runner/steps/build_acr.go b/pipeline-runner/steps/build_acr.go index 8a83a1f8d..27649306a 100644 --- a/pipeline-runner/steps/build_acr.go +++ b/pipeline-runner/steps/build_acr.go @@ -43,7 +43,6 @@ func createACRBuildJob(rr *v1.RadixRegistration, pipelineInfo *model.PipelineInf if isUsingBuildKit(pipelineInfo) { for _, buildContainer := range buildContainers { annotations[fmt.Sprintf("container.apparmor.security.beta.kubernetes.io/%s", buildContainer.Name)] = "unconfined" - // annotations[fmt.Sprintf("container.seccomp.security.alpha.kubernetes.io/%s", buildContainer.Name)] = "unconfined" } buildPodSecurityContext = &pipelineInfo.PipelineArguments.BuildKitPodSecurityContext } @@ -326,8 +325,16 @@ func getBuildahContainerCommand(containerImageRegistry, secretArgsString, contex "-c", fmt.Sprintf("/usr/bin/buildah login --username ${BUILDAH_USERNAME} --password ${BUILDAH_PASSWORD} %s "+ "&& /usr/bin/buildah build --storage-driver=vfs --isolation=chroot "+ - "--jobs 0 %s --file %s%s --tag %s --tag %s --tag %s %s "+ - "&& /usr/bin/buildah push --storage-driver=vfs --all %s", containerImageRegistry, secretArgsString, context, dockerFileName, imageTag, clusterTypeImageTag, clusterNameImageTag, context, imageTag), + "--jobs 0 %s --file %s%s "+ + "--tag %s --tag %s --tag %s "+ + "%s "+ + "&& /usr/bin/buildah push --storage-driver=vfs --all %s "+ + "&& /usr/bin/buildah push --storage-driver=vfs --all %s "+ + "&& /usr/bin/buildah push --storage-driver=vfs --all %s ", + containerImageRegistry, secretArgsString, context, dockerFileName, + imageTag, clusterTypeImageTag, clusterNameImageTag, + context, + imageTag, clusterTypeImageTag, clusterNameImageTag), } } diff --git a/pipeline-runner/steps/promotion.go b/pipeline-runner/steps/promotion.go index 233df7c7b..fdc25e1a4 100644 --- a/pipeline-runner/steps/promotion.go +++ b/pipeline-runner/steps/promotion.go @@ -119,7 +119,7 @@ func (cli *PromoteStepImplementation) Run(pipelineInfo *model.PipelineInfo) erro radixDeployment.Labels[kube.RadixJobNameLabel] = pipelineInfo.PipelineArguments.JobName radixDeployment.Spec.Environment = pipelineInfo.PipelineArguments.ToEnvironment - err = mergeWithRadixApplication(radixApplication, radixDeployment, pipelineInfo.PipelineArguments.ToEnvironment) + err = mergeWithRadixApplication(radixApplication, radixDeployment, pipelineInfo.PipelineArguments.ToEnvironment, pipelineInfo.ComponentImages) if err != nil { return err } @@ -160,22 +160,22 @@ func areArgumentsValid(arguments model.PipelineArguments) error { return nil } -func mergeWithRadixApplication(radixConfig *v1.RadixApplication, radixDeployment *v1.RadixDeployment, environment string) error { +func mergeWithRadixApplication(radixConfig *v1.RadixApplication, radixDeployment *v1.RadixDeployment, environment string, componentImages map[string]pipeline.ComponentImage) error { defaultEnvVars := getDefaultEnvVarsFromRadixDeployment(radixDeployment) - if err := mergeComponentsWithRadixApplication(radixConfig, radixDeployment, environment, defaultEnvVars); err != nil { + if err := mergeComponentsWithRadixApplication(radixConfig, radixDeployment, environment, defaultEnvVars, componentImages); err != nil { return err } - if err := mergeJobComponentsWithRadixApplication(radixConfig, radixDeployment, environment, defaultEnvVars); err != nil { + if err := mergeJobComponentsWithRadixApplication(radixConfig, radixDeployment, environment, defaultEnvVars, componentImages); err != nil { return err } return nil } -func mergeJobComponentsWithRadixApplication(radixConfig *v1.RadixApplication, radixDeployment *v1.RadixDeployment, environment string, defaultEnvVars v1.EnvVarsMap) error { +func mergeJobComponentsWithRadixApplication(radixConfig *v1.RadixApplication, radixDeployment *v1.RadixDeployment, environment string, defaultEnvVars v1.EnvVarsMap, componentImages map[string]pipeline.ComponentImage) error { newEnvJobs, err := deployment. - NewJobComponentsBuilder(radixConfig, environment, make(map[string]pipeline.ComponentImage), defaultEnvVars). + NewJobComponentsBuilder(radixConfig, environment, componentImages, defaultEnvVars). JobComponents() if err != nil { return err @@ -190,7 +190,7 @@ func mergeJobComponentsWithRadixApplication(radixConfig *v1.RadixApplication, ra if !found { return NonExistingComponentName(radixConfig.GetName(), job.Name) } - //Environment variables, SecretRefs are taken from current configuration + // Environment variables, SecretRefs are taken from current configuration newEnvJob.Secrets = job.Secrets newEnvJob.Image = job.Image radixDeployment.Spec.Jobs[idx] = newEnvJob @@ -199,10 +199,10 @@ func mergeJobComponentsWithRadixApplication(radixConfig *v1.RadixApplication, ra return nil } -func mergeComponentsWithRadixApplication(radixConfig *v1.RadixApplication, radixDeployment *v1.RadixDeployment, environment string, defaultEnvVars v1.EnvVarsMap) error { - newEnvComponents, err := deployment.GetRadixComponentsForEnv(radixConfig, environment, make(map[string]pipeline.ComponentImage), defaultEnvVars) +func mergeComponentsWithRadixApplication(radixConfig *v1.RadixApplication, radixDeployment *v1.RadixDeployment, environment string, defaultEnvVars v1.EnvVarsMap, componentImages map[string]pipeline.ComponentImage) error { + newEnvComponents, err := deployment.GetRadixComponentsForEnv(radixConfig, environment, componentImages, defaultEnvVars) if err != nil { - return nil + return err } newEnvComponentsMap := make(map[string]v1.RadixDeployComponent) @@ -215,7 +215,7 @@ func mergeComponentsWithRadixApplication(radixConfig *v1.RadixApplication, radix if !found { return NonExistingComponentName(radixConfig.GetName(), component.Name) } - //Environment variables, SecretRefs are taken from current configuration + // Environment variables, SecretRefs are taken from current configuration newEnvComponent.Secrets = component.Secrets newEnvComponent.Image = component.Image radixDeployment.Spec.Components[idx] = newEnvComponent diff --git a/pkg/apis/pipeline/pipeline.go b/pkg/apis/pipeline/pipeline.go index 6fcd805b1..2157eaad1 100644 --- a/pkg/apis/pipeline/pipeline.go +++ b/pkg/apis/pipeline/pipeline.go @@ -30,6 +30,7 @@ func GetSupportedPipelines() []Definition { }}, {v1.Promote, []StepType{ PreparePipelinesStep, + ApplyConfigStep, RunPipelinesStep, PromoteStep}}, {v1.Deploy, []StepType{