From f5a49365314fb4e42afe8a567d6c94021074ec21 Mon Sep 17 00:00:00 2001 From: Chanseok Oh Date: Wed, 22 Jul 2020 14:39:32 -0400 Subject: [PATCH] Make Jib tasks future-proof with home changes - Set HOME env to /workspace - Use $HOME for "home" wherever possible - Gradle: mount empty dir at ~/.gradle to make it globally writable - Maven: script to `script:` to use "$HOME" variable --- task/jib-gradle/0.1/README.md | 6 +++--- task/jib-gradle/0.1/jib-gradle.yaml | 24 ++++++++++++++++-------- task/jib-maven/0.1/README.md | 6 +++--- task/jib-maven/0.1/jib-maven.yaml | 24 ++++++++++++++---------- 4 files changed, 36 insertions(+), 24 deletions(-) diff --git a/task/jib-gradle/0.1/README.md b/task/jib-gradle/0.1/README.md index 29544ecf5b..1b946e90f0 100644 --- a/task/jib-gradle/0.1/README.md +++ b/task/jib-gradle/0.1/README.md @@ -31,8 +31,8 @@ kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/ This TaskRun runs the Task to fetch a Git repo, and build and push a container image using Jib (Gradle) -``` -apiVersion: tekton.dev/v1alpha1 +```yaml +apiVersion: tekton.dev/v1beta1 kind: PipelineResource metadata: name: example-image @@ -43,7 +43,7 @@ spec: value: gcr.io/tekton-task-project/my-image ``` -``` +```yaml apiVersion: tekton.dev/v1beta1 kind: TaskRun metadata: diff --git a/task/jib-gradle/0.1/jib-gradle.yaml b/task/jib-gradle/0.1/jib-gradle.yaml index bb9bf34a02..964f54b55d 100644 --- a/task/jib-gradle/0.1/jib-gradle.yaml +++ b/task/jib-gradle/0.1/jib-gradle.yaml @@ -47,28 +47,36 @@ spec: project.apply plugin: com.google.cloud.tools.jib.gradle.JibPlugin } } - }" > /tekton/home/init-script.gradle + }" > $HOME/init-script.gradle # Runs the Gradle Jib build. gradle jib \ --stacktrace --console=plain \ - --init-script=/tekton/home/init-script.gradle \ - -Duser.home=/tekton/home \ - -Dgradle.user.home=/tekton/home/.gradle \ + --init-script=$HOME/init-script.gradle \ + --gradle-user-home=$HOME/.gradle \ + -Dgradle.user.home=$HOME/.gradle \ + -Duser.home=$HOME \ -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \ -Djib.to.image=$(resources.outputs.image.url) workingDir: $(workspaces.source.path)/$(params.DIRECTORY) + env: + - name: HOME + value: /workspace volumeMounts: + # empty volume required to make the Gradle home globally writable + - name: empty-dir-volume + mountPath: /workspace/.gradle + subPath: gradle-user-home - name: $(params.CACHE) - mountPath: /tekton/home/.gradle/caches + mountPath: /workspace/.gradle/caches subPath: gradle-caches - name: $(params.CACHE) - mountPath: /tekton/home/.gradle/wrapper + mountPath: /workspace/.gradle/wrapper subPath: gradle-wrapper - name: $(params.CACHE) - mountPath: /tekton/home/.m2 + mountPath: /workspace/.m2 subPath: m2-cache - name: $(params.CACHE) - mountPath: /tekton/home/.cache + mountPath: /workspace/.cache subPath: jib-cache securityContext: runAsUser: 0 diff --git a/task/jib-maven/0.1/README.md b/task/jib-maven/0.1/README.md index 82cc35df7c..812bef8c9a 100644 --- a/task/jib-maven/0.1/README.md +++ b/task/jib-maven/0.1/README.md @@ -31,8 +31,8 @@ kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/ This TaskRun runs the Task to fetch a Git repo, and build and push a container image using Jib (Maven) -``` -apiVersion: tekton.dev/v1alpha1 +```yaml +apiVersion: tekton.dev/v1beta1 kind: PipelineResource metadata: name: example-image @@ -43,7 +43,7 @@ spec: value: gcr.io/tekton-task-project/my-image ``` -``` +```yaml apiVersion: tekton.dev/v1beta1 kind: TaskRun metadata: diff --git a/task/jib-maven/0.1/jib-maven.yaml b/task/jib-maven/0.1/jib-maven.yaml index 902dba1281..9fbd0a0e28 100644 --- a/task/jib-maven/0.1/jib-maven.yaml +++ b/task/jib-maven/0.1/jib-maven.yaml @@ -33,21 +33,25 @@ spec: steps: - name: build-and-push image: gcr.io/cloud-builders/mvn - command: - - mvn - - -B - - compile - - com.google.cloud.tools:jib-maven-plugin:build - - -Duser.home=/tekton/home - - -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) - - -Djib.to.image=$(resources.outputs.image.url) + # Make sh evaluate $HOME. + script: | + #!/bin/sh + mvn -B \ + -Duser.home=$HOME \ + -Djib.allowInsecureRegistries=$(params.INSECUREREGISTRY) \ + -Djib.to.image=$(resources.outputs.image.url) \ + compile \ + com.google.cloud.tools:jib-maven-plugin:build workingDir: $(workspaces.source.path)/$(params.DIRECTORY) + env: + - name: HOME + value: /workspace volumeMounts: - name: $(params.CACHE) - mountPath: /tekton/home/.m2 + mountPath: /workspace/.m2 subPath: m2-cache - name: $(params.CACHE) - mountPath: /tekton/home/.cache + mountPath: /workspace/.cache subPath: jib-cache volumes: