Add multi-arch parm

[Joshua-Beha]

Changes

Add a multiArch param to the skopeo copy task. From issue #1280 and PR #1281 tho I messed up squashing :(
/kind feature

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

• [ x] Follows the authoring recommendations
• [ x] Includes docs (if user facing)
• [ x] Includes tests (for new tasks or changed functionality)
  • See the end-to-end testing documentation for guidance and CI details.
• [ x] Meets the Tekton contributor standards (including functionality, content, code)
• [ x] Commit messages follow commit message best practices
• [ x] Has a kind label. You can add one by adding a comment on this PR that
  contains /kind <type>. Valid types are bug, cleanup, design, documentation,
  feature, flake, misc, question, tep
• [ x] Complies with Catalog Organization TEP, see example. Note An issue has been filed to automate this validation

  • [ x] File path follows <kind>/<name>/<version>/name.yaml

  • [ x] Has README.md at <kind>/<name>/<version>/README.md

  • [ x] Has mandatory metadata.labels - app.kubernetes.io/version the same as the <version> of the resource

  • [ x] Has mandatory metadata.annotations tekton.dev/pipelines.minVersion

  • [ x] mandatory spec.description follows the convention

      ```
    
      spec:
        description: >-
          one line summary of the resource
    
          Paragraph(s) to describe the resource.
      ```
    

See the contribution guide for more details.

[tekton-robot]

Hi @Joshua-Beha. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[tekton-robot]

Catlin Output

FILE: task/skopeo-copy/0.4/skopeo-copy.yaml
WARN : Step "skopeo-copy" references "$(params.multiArch)" directly from its script block. For reliability and security, consider putting the param into an environment variable of the Step and accessing that environment variable in your script instead.

Catlin script lint Output

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In skopeo-copy-skopeo-copy line 15:
    read -ra sourceDest <<<"${cmd}"
         ^-^ SC3045 (warning): In POSIX sh, read -a is undefined.
                        ^-^ SC3011 (warning): In POSIX sh, here-strings are undefined.


In skopeo-copy-skopeo-copy line 16:
    skopeo copy --multi-arch="$(params.multiArch)" "${sourceDest[@]}" --src-tls-verify="$(params.srcTLSverify)" --dest-tls-verify="$(params.destTLSverify)"
                                                    ^--------------^ SC3054 (warning): In POSIX sh, array references are undefined.

For more information:
  https://www.shellcheck.net/wiki/SC3011 -- In POSIX sh, here-strings are und...
  https://www.shellcheck.net/wiki/SC3045 -- In POSIX sh, read -a is undefined.
  https://www.shellcheck.net/wiki/SC3054 -- In POSIX sh, array references are...

ERROR: /bin/sh, [-n] failed:
skopeo-copy-skopeo-copy: line 15: syntax error: unexpected redirection

[tekton-robot]

Diff between version 0.3 and 0.4

diff --git a/task/skopeo-copy/0.3/README.md b/task/skopeo-copy/0.4/README.md
index d71fab0..d5ee4c9 100644
--- a/task/skopeo-copy/0.3/README.md
+++ b/task/skopeo-copy/0.4/README.md
@@ -39,7 +39,7 @@ This `task` can be used to copy one or more than one images to-and fro various s
 ## Install the Task
 
 ```
-kubectl apply -f https://api.hub.tekton.dev/v1/resource/tekton/task/skopeo-copy/0.3/raw
+kubectl apply -f https://api.hub.tekton.dev/v1/resource/tekton/task/skopeo-copy/0.4/raw
 ```
 
 ## Parameters
@@ -48,6 +48,7 @@ kubectl apply -f https://api.hub.tekton.dev/v1/resource/tekton/task/skopeo-copy/
 - **destImageURL**: The URL of the image where the image from `source` should be copied to.
 - **srcTLSverify**: Verify the TLS on the src registry endpoint
 - **destTLSverify**: Verify the TLS on the dest registry endpoint
+- **multiArch**: How to handle multi-architecture images (system, all, or index-only)
 
 ## Workspace
 
@@ -58,7 +59,7 @@ kubectl apply -f https://api.hub.tekton.dev/v1/resource/tekton/task/skopeo-copy/
 * `Secret` to provide the credentials of the source and destination registry where the image needs to be copied from and to.
 * `ConfigMap` to provide support for copying multiple images, this contains file `url.txt` which stores images registry URL's.
 
-  [This](../0.3/samples/quay-secret.yaml) example can help to use secrets for providing credentials of image registries.
+  [This](../0.4/samples/quay-secret.yaml) example can help to use secrets for providing credentials of image registries.
 
 ## Platforms
 
@@ -84,9 +85,9 @@ In case there is only one source and destination image that needs to be copied t
 This will result in the image getting copied from the source registry to the destination registry.
 
 
-[This](../0.3/samples/serviceaccount.yaml) will guide the user to use service account for authorization to image registries.
+[This](../0.4/samples/serviceaccount.yaml) will guide the user to use service account for authorization to image registries.
 
-See [here](../0.3/samples/run.yaml) for example of `TaskRun`.
+See [here](../0.4/samples/run.yaml) for example of `TaskRun`.
 ### Note
 
 - `Source credentials` are only required, if the source image registry needs authentication to pull the image, whereas `Destination credentials` are always required.
diff --git a/task/skopeo-copy/0.3/skopeo-copy.yaml b/task/skopeo-copy/0.4/skopeo-copy.yaml
index 2df0693..7a0e542 100644
--- a/task/skopeo-copy/0.3/skopeo-copy.yaml
+++ b/task/skopeo-copy/0.4/skopeo-copy.yaml
@@ -3,7 +3,7 @@ kind: Task
 metadata:
   name: skopeo-copy
   labels:
-    app.kubernetes.io/version: "0.3"
+    app.kubernetes.io/version: "0.4"
   annotations:
     tekton.dev/pipelines.minVersion: "0.12.1"
     tekton.dev/categories: CLI
@@ -39,6 +39,10 @@ spec:
       description: Verify the TLS on the dest registry endpoint
       type: string
       default: "true"
+    - name: multiArch
+      description: How to handle multi-architecture images (system, all, or index-only)
+      type: string
+      default: "system"
   steps:
     - name: skopeo-copy
       env:
@@ -60,15 +64,24 @@ spec:
                   $url"
             done
             read -ra sourceDest <<<"${cmd}"
-            skopeo copy "${sourceDest[@]}" --src-tls-verify="$(params.srcTLSverify)" --dest-tls-verify="$(params.destTLSverify)"
+            skopeo copy --multi-arch="$(params.multiArch)" "${sourceDest[@]}" --src-tls-verify="$(params.srcTLSverify)" --dest-tls-verify="$(params.destTLSverify)"
             echo "$cmd"
           done < "$filename"
         }
+        # Check that the multiArch parm is one of the supported methods
+        #
+        case "$(params.multiArch)" in all|system|index-only)
+            ;;
+          *)
+            echo "Unrecognized multiArch choice: $(params.multiArch)"
+            exit 1;;
+        esac
         #
         # If single image is to be copied then, it can be passed through
         # params in the taskrun.
+        #
         if [ "$(params.srcImageURL)" != "" ] && [ "$(params.destImageURL)" != "" ] ; then
-          skopeo copy "$(params.srcImageURL)" "$(params.destImageURL)" --src-tls-verify="$(params.srcTLSverify)" --dest-tls-verify="$(params.destTLSverify)"
+          skopeo copy --multi-arch="$(params.multiArch)" "$(params.srcImageURL)" "$(params.destImageURL)" --src-tls-verify="$(params.srcTLSverify)" --dest-tls-verify="$(params.destTLSverify)"
         else
           # If file is provided as a configmap in the workspace then multiple images can be copied.
           #
diff --git a/task/skopeo-copy/0.3/tests/run.yaml b/task/skopeo-copy/0.4/tests/run.yaml
index 2d7fc02..0cafdb7 100644
--- a/task/skopeo-copy/0.3/tests/run.yaml
+++ b/task/skopeo-copy/0.4/tests/run.yaml
@@ -10,6 +10,8 @@ spec:
       value: docker://localhost:5000/kube:latest
     - name: destTLSverify
       value: "false"
+    - name: multiArch
+      value: "system"
   taskRef:
     name: skopeo-copy
   workspaces:

[vinamra28]

/ok-to-test

[tekton-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: vinamra28

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [vinamra28]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[vinamra28]

/lgtm