diff --git a/konflux-configs/base/project/kustomization.yaml b/konflux-configs/base/project/kustomization.yaml index 707f0ac1..48b1e587 100644 --- a/konflux-configs/base/project/kustomization.yaml +++ b/konflux-configs/base/project/kustomization.yaml @@ -3,7 +3,10 @@ kind: Kustomization resources: - overlay/ansible + - overlay/rekor-monitor - overlay/rhtas-fbc - overlay/rhtas-operator + - overlay/segment-backup-job - overlay/tas-tools + - overlay/tas-components - overlay/tough diff --git a/konflux-configs/base/project/overlay/rekor-monitor/kustomization.yaml b/konflux-configs/base/project/overlay/rekor-monitor/kustomization.yaml new file mode 100644 index 00000000..09dabcc1 --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - project.yaml + - template.yaml + +components: + - ../../base/ec + - ../../base/release-plan + +patches: + - target: + name: rekor-monitor-template + kind: ProjectDevelopmentStreamTemplate + path: patch/rekor-monitor.yaml \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/rekor-monitor/patch/rekor-monitor.yaml b/konflux-configs/base/project/overlay/rekor-monitor/patch/rekor-monitor.yaml new file mode 100644 index 00000000..ec347317 --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/patch/rekor-monitor.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "rekor-monitor{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "rekor-monitor" + source: + git: + url: https://github.com/securesign/rekor-monitor + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.rekor-monitor.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "rekor-monitor{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "rekor-monitor{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/rekor-monitor + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/rekor-monitor/project.yaml b/konflux-configs/base/project/overlay/rekor-monitor/project.yaml new file mode 100644 index 00000000..120b80ea --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/project.yaml @@ -0,0 +1,8 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: Project +metadata: + name: rekor-monitor +spec: + displayName: "Red Hat Trusted Artifact Signer Rekor Monitor" + description: | + Rekor transparency log monitoring \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/rekor-monitor/template.yaml b/konflux-configs/base/project/overlay/rekor-monitor/template.yaml new file mode 100644 index 00000000..502c3bcf --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/template.yaml @@ -0,0 +1,33 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStreamTemplate +metadata: + name: rekor-monitor-template + labels: + build.rhtas.com/ec: registry-rhtas + build.rhtas.com/type: component +spec: + project: rekor-monitor + variables: + - name: version + description: A version number for a new development stream + - name: branch + description: Git branch + defaultValue: "main" + - name: nameSuffix + description: A suffix which will be added to K8s resource name + defaultValue: "-{{hyphenize .version}}" + - name: application + description: The application name + defaultValue: "rekor-monitor" + - name: mintmakerDisabled + description: Whether to disable mintmaker annotation on the Component + defaultValue: "false" + resources: + - apiVersion: appstudio.redhat.com/v1alpha1 + kind: Application + metadata: + annotations: + application.thumbnail: "5" + name: "{{.application}}{{.nameSuffix}}" + spec: + displayName: "{{.application}} ({{.version}})" \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/segment-backup-job/kustomization.yaml b/konflux-configs/base/project/overlay/segment-backup-job/kustomization.yaml new file mode 100644 index 00000000..6dad30a1 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - project.yaml + - template.yaml + +components: + - ../../base/ec + - ../../base/release-plan + +patches: + - target: + name: segment-backup-job-template + kind: ProjectDevelopmentStreamTemplate + path: patch/segment-backup-job.yaml \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/segment-backup-job/patch/segment-backup-job.yaml b/konflux-configs/base/project/overlay/segment-backup-job/patch/segment-backup-job.yaml new file mode 100644 index 00000000..5e297044 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/patch/segment-backup-job.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "segment-backup-job{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "segment-backup-job" + source: + git: + url: https://github.com/securesign/segment-backup-job + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.segment-backup-job.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "segment-backup-job{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "segment-backup-job{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/segment-backup-job + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/segment-backup-job/project.yaml b/konflux-configs/base/project/overlay/segment-backup-job/project.yaml new file mode 100644 index 00000000..d32de4a3 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/project.yaml @@ -0,0 +1,8 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: Project +metadata: + name: segment-backup-job +spec: + displayName: "Red Hat Trusted Artifact Signer Segment Backup Job" + description: | + Segment backup job for TAS (deprecated in 1.4+) diff --git a/konflux-configs/base/project/overlay/segment-backup-job/template.yaml b/konflux-configs/base/project/overlay/segment-backup-job/template.yaml new file mode 100644 index 00000000..956a2146 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/template.yaml @@ -0,0 +1,33 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStreamTemplate +metadata: + name: segment-backup-job-template + labels: + build.rhtas.com/ec: registry-rhtas + build.rhtas.com/type: component +spec: + project: segment-backup-job + variables: + - name: version + description: A version number for a new development stream + - name: branch + description: Git branch + defaultValue: "main" + - name: nameSuffix + description: A suffix which will be added to K8s resource name + defaultValue: "-{{hyphenize .version}}" + - name: application + description: The application name + defaultValue: "segment-backup-job" + - name: mintmakerDisabled + description: Whether to disable mintmaker annotation on the Component + defaultValue: "false" + resources: + - apiVersion: appstudio.redhat.com/v1alpha1 + kind: Application + metadata: + annotations: + application.thumbnail: "5" + name: "{{.application}}{{.nameSuffix}}" + spec: + displayName: "{{.application}} ({{.version}})" \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/kustomization.yaml b/konflux-configs/base/project/overlay/tas-components/kustomization.yaml new file mode 100644 index 00000000..77391611 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/kustomization.yaml @@ -0,0 +1,52 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - project.yaml + - template.yaml + +components: + - ../../base/ec + - ../../base/release-plan + +patches: + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/trillian-database.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/backfill-redis.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/certificate-transparency-go.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/fulcio-server.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/rekor-search.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/rekor-server.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/timestamp-authority.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/trillian-logserver.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/trillian-logsigner.yaml + - target: + name: tas-components-template + kind: ProjectDevelopmentStreamTemplate + path: patch/redis.yaml \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/backfill-redis.yaml b/konflux-configs/base/project/overlay/tas-components/patch/backfill-redis.yaml new file mode 100644 index 00000000..a653e309 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/backfill-redis.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "backfill-redis{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "backfill-redis" + source: + git: + url: https://github.com/securesign/rekor + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.backfill-redis.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "backfill-redis{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "backfill-redis{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/backfill-redis + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/certificate-transparency-go.yaml b/konflux-configs/base/project/overlay/tas-components/patch/certificate-transparency-go.yaml new file mode 100644 index 00000000..10afdebe --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/certificate-transparency-go.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "certificate-transparency-go{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "certificate-transparency-go" + source: + git: + url: https://github.com/securesign/certificate-transparency-go + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "certificate-transparency-go{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "certificate-transparency-go{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/certificate-transparency-go + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/fulcio-server.yaml b/konflux-configs/base/project/overlay/tas-components/patch/fulcio-server.yaml new file mode 100644 index 00000000..51bb925c --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/fulcio-server.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "fulcio-server{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "fulcio-server" + source: + git: + url: https://github.com/securesign/fulcio + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.fulcio-server.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "fulcio-server{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "fulcio-server{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/fulcio-server + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/redis.yaml b/konflux-configs/base/project/overlay/tas-components/patch/redis.yaml new file mode 100644 index 00000000..873ec552 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/redis.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "redis{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "redis" + source: + git: + url: https://github.com/securesign/trillian + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.redis.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "redis{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "redis{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/redis + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/rekor-search.yaml b/konflux-configs/base/project/overlay/tas-components/patch/rekor-search.yaml new file mode 100644 index 00000000..d6b5e34f --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/rekor-search.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "rekor-search{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "rekor-search" + source: + git: + url: https://github.com/securesign/rekor-search-ui + revision: "{{.branch}}" + dockerfileUrl: Dockerfile +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "rekor-search{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "rekor-search{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/rekor-search + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/rekor-server.yaml b/konflux-configs/base/project/overlay/tas-components/patch/rekor-server.yaml new file mode 100644 index 00000000..cde7cfa0 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/rekor-server.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "rekor-server{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "rekor-server" + source: + git: + url: https://github.com/securesign/rekor + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.rekor-server.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "rekor-server{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "rekor-server{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/rekor-server + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/timestamp-authority.yaml b/konflux-configs/base/project/overlay/tas-components/patch/timestamp-authority.yaml new file mode 100644 index 00000000..8c316f2d --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/timestamp-authority.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "timestamp-authority{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "timestamp-authority" + source: + git: + url: https://github.com/securesign/timestamp-authority.git + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.tsa.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "timestamp-authority{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "timestamp-authority{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/timestamp-authority + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/trillian-database.yaml b/konflux-configs/base/project/overlay/tas-components/patch/trillian-database.yaml new file mode 100644 index 00000000..802caa86 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/trillian-database.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "database{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "database" + source: + git: + url: https://github.com/securesign/trillian + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.database.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "database{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "database{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/database + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/trillian-logserver.yaml b/konflux-configs/base/project/overlay/tas-components/patch/trillian-logserver.yaml new file mode 100644 index 00000000..acebca80 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/trillian-logserver.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "logserver{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "logserver" + source: + git: + url: https://github.com/securesign/trillian + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.logserver.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "logserver{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "logserver{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/logserver + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/patch/trillian-logsigner.yaml b/konflux-configs/base/project/overlay/tas-components/patch/trillian-logsigner.yaml new file mode 100644 index 00000000..75bc5b74 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/patch/trillian-logsigner.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "logsigner{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "logsigner" + source: + git: + url: https://github.com/securesign/trillian + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.logsigner.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "logsigner{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "logsigner{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/logsigner + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-components/project.yaml b/konflux-configs/base/project/overlay/tas-components/project.yaml new file mode 100644 index 00000000..65164f78 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/project.yaml @@ -0,0 +1,8 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: Project +metadata: + name: tas-components +spec: + displayName: "tas-components" + description: | + Dependencies of the TAS Operator diff --git a/konflux-configs/base/project/overlay/tas-components/template.yaml b/konflux-configs/base/project/overlay/tas-components/template.yaml new file mode 100644 index 00000000..364e5d37 --- /dev/null +++ b/konflux-configs/base/project/overlay/tas-components/template.yaml @@ -0,0 +1,33 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStreamTemplate +metadata: + name: tas-components-template + labels: + build.rhtas.com/ec: registry-rhtas + build.rhtas.com/type: component +spec: + project: tas-components + variables: + - name: version + description: A version number for a new development stream + - name: branch + description: Git branch + defaultValue: "main" + - name: nameSuffix + description: A suffix which will be added to K8s resource name + defaultValue: "-{{hyphenize .version}}" + - name: application + description: The application name + defaultValue: "tas-components" + - name: mintmakerDisabled + description: Whether to disable mintmaker annotation on the Component + defaultValue: "false" + resources: + - apiVersion: appstudio.redhat.com/v1alpha1 + kind: Application + metadata: + annotations: + application.thumbnail: "5" + name: "{{.application}}{{.nameSuffix}}" + spec: + displayName: "{{.application}} ({{.version}})" \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml b/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml index a1d5c226..9dc0a999 100644 --- a/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml +++ b/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml @@ -29,5 +29,4 @@ patches: - target: name: tas-tools-template kind: ProjectDevelopmentStreamTemplate - path: patch/rekor-cli.yaml - \ No newline at end of file + path: patch/rekor-cli.yaml \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/base/kustomization.yaml b/konflux-configs/base/stream/rhtas/base/kustomization.yaml index d8dde01f..6a587886 100644 --- a/konflux-configs/base/stream/rhtas/base/kustomization.yaml +++ b/konflux-configs/base/stream/rhtas/base/kustomization.yaml @@ -4,6 +4,9 @@ kind: Component resources: - ansible-stream.yaml + - rekor-monitor-stream.yaml - rhtas-operator-stream.yaml - - tough-stream.yaml + - segment-backup-job-stream.yaml - tas-tools-stream.yaml + - tas-components-stream.yaml + - tough-stream.yaml diff --git a/konflux-configs/base/stream/rhtas/base/rekor-monitor-stream.yaml b/konflux-configs/base/stream/rhtas/base/rekor-monitor-stream.yaml new file mode 100644 index 00000000..ae26c41d --- /dev/null +++ b/konflux-configs/base/stream/rhtas/base/rekor-monitor-stream.yaml @@ -0,0 +1,15 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: rekor-monitor +spec: + project: rekor-monitor + template: + name: rekor-monitor-template + values: + - name: version + value: "main" + - name: branch + value: "main" + - name: nameSuffix + value: "" \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/base/segment-backup-job-stream.yaml b/konflux-configs/base/stream/rhtas/base/segment-backup-job-stream.yaml new file mode 100644 index 00000000..f236a867 --- /dev/null +++ b/konflux-configs/base/stream/rhtas/base/segment-backup-job-stream.yaml @@ -0,0 +1,15 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: segment-backup-job +spec: + project: segment-backup-job + template: + name: segment-backup-job-template + values: + - name: version + value: "main" + - name: branch + value: "main" + - name: nameSuffix + value: "" \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/base/tas-components-stream.yaml b/konflux-configs/base/stream/rhtas/base/tas-components-stream.yaml new file mode 100644 index 00000000..cff952c1 --- /dev/null +++ b/konflux-configs/base/stream/rhtas/base/tas-components-stream.yaml @@ -0,0 +1,15 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: tas-components +spec: + project: tas-components + template: + name: tas-components-template + values: + - name: version + value: "main" + - name: branch + value: "main" + - name: nameSuffix + value: "" diff --git a/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml b/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml index d1db92e8..5a2ac08d 100644 --- a/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml +++ b/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml @@ -9,3 +9,5 @@ components: configurations: - kustomizeconfig.yaml +patches: + - path: patch/exclude-segment-backup-job.yaml \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/overlay/main/patch/exclude-segment-backup-job.yaml b/konflux-configs/base/stream/rhtas/overlay/main/patch/exclude-segment-backup-job.yaml new file mode 100644 index 00000000..1255c96c --- /dev/null +++ b/konflux-configs/base/stream/rhtas/overlay/main/patch/exclude-segment-backup-job.yaml @@ -0,0 +1,5 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: segment-backup-job +$patch: delete \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml b/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml index 040165d5..ff42bbf8 100644 --- a/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml +++ b/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml @@ -19,3 +19,4 @@ patches: target: kind: ProjectDevelopmentStream - path: patch/exclude-tough.yaml + - path: patch/exclude-rekor-monitor.yaml \ No newline at end of file