diff --git a/konflux-configs/base/project/kustomization.yaml b/konflux-configs/base/project/kustomization.yaml index 4cfb77ce..48b1e587 100644 --- a/konflux-configs/base/project/kustomization.yaml +++ b/konflux-configs/base/project/kustomization.yaml @@ -3,8 +3,10 @@ kind: Kustomization resources: - overlay/ansible + - overlay/rekor-monitor - overlay/rhtas-fbc - overlay/rhtas-operator + - overlay/segment-backup-job - overlay/tas-tools - overlay/tas-components - overlay/tough diff --git a/konflux-configs/base/project/overlay/rekor-monitor/kustomization.yaml b/konflux-configs/base/project/overlay/rekor-monitor/kustomization.yaml new file mode 100644 index 00000000..09dabcc1 --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - project.yaml + - template.yaml + +components: + - ../../base/ec + - ../../base/release-plan + +patches: + - target: + name: rekor-monitor-template + kind: ProjectDevelopmentStreamTemplate + path: patch/rekor-monitor.yaml \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/rekor-monitor/patch/rekor-monitor.yaml b/konflux-configs/base/project/overlay/rekor-monitor/patch/rekor-monitor.yaml new file mode 100644 index 00000000..ec347317 --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/patch/rekor-monitor.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "rekor-monitor{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "rekor-monitor" + source: + git: + url: https://github.com/securesign/rekor-monitor + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.rekor-monitor.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "rekor-monitor{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "rekor-monitor{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/rekor-monitor + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/rekor-monitor/project.yaml b/konflux-configs/base/project/overlay/rekor-monitor/project.yaml new file mode 100644 index 00000000..120b80ea --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/project.yaml @@ -0,0 +1,8 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: Project +metadata: + name: rekor-monitor +spec: + displayName: "Red Hat Trusted Artifact Signer Rekor Monitor" + description: | + Rekor transparency log monitoring \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/rekor-monitor/template.yaml b/konflux-configs/base/project/overlay/rekor-monitor/template.yaml new file mode 100644 index 00000000..502c3bcf --- /dev/null +++ b/konflux-configs/base/project/overlay/rekor-monitor/template.yaml @@ -0,0 +1,33 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStreamTemplate +metadata: + name: rekor-monitor-template + labels: + build.rhtas.com/ec: registry-rhtas + build.rhtas.com/type: component +spec: + project: rekor-monitor + variables: + - name: version + description: A version number for a new development stream + - name: branch + description: Git branch + defaultValue: "main" + - name: nameSuffix + description: A suffix which will be added to K8s resource name + defaultValue: "-{{hyphenize .version}}" + - name: application + description: The application name + defaultValue: "rekor-monitor" + - name: mintmakerDisabled + description: Whether to disable mintmaker annotation on the Component + defaultValue: "false" + resources: + - apiVersion: appstudio.redhat.com/v1alpha1 + kind: Application + metadata: + annotations: + application.thumbnail: "5" + name: "{{.application}}{{.nameSuffix}}" + spec: + displayName: "{{.application}} ({{.version}})" \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/segment-backup-job/kustomization.yaml b/konflux-configs/base/project/overlay/segment-backup-job/kustomization.yaml new file mode 100644 index 00000000..6dad30a1 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - project.yaml + - template.yaml + +components: + - ../../base/ec + - ../../base/release-plan + +patches: + - target: + name: segment-backup-job-template + kind: ProjectDevelopmentStreamTemplate + path: patch/segment-backup-job.yaml \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/segment-backup-job/patch/segment-backup-job.yaml b/konflux-configs/base/project/overlay/segment-backup-job/patch/segment-backup-job.yaml new file mode 100644 index 00000000..5e297044 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/patch/segment-backup-job.yaml @@ -0,0 +1,42 @@ +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: Component + metadata: + annotations: + build.appstudio.openshift.io/pipeline: '{"name":"docker-build-oci-ta","bundle":"latest"}' + git-provider: github + git-provider-url: https://github.com + mintmaker.appstudio.redhat.com/disabled: "{{.mintmakerDisabled}}" + name: "segment-backup-job{{.nameSuffix}}" + spec: + application: "{{.application}}{{.nameSuffix}}" + componentName: "segment-backup-job" + source: + git: + url: https://github.com/securesign/segment-backup-job + revision: "{{.branch}}" + dockerfileUrl: Dockerfile.segment-backup-job.rh +- op: add + path: /spec/resources/- + value: + apiVersion: appstudio.redhat.com/v1alpha1 + kind: ImageRepository + metadata: + name: "segment-backup-job{{.nameSuffix}}" + annotations: + image-controller.appstudio.redhat.com/update-component-image: 'true' + labels: + appstudio.redhat.com/application: "{{.application}}{{.nameSuffix}}" + appstudio.redhat.com/component: "segment-backup-job{{.nameSuffix}}" + spec: + image: + name: rhtas-tenant/segment-backup-job + visibility: public + notifications: + - config: + url: https://bombino.api.redhat.com/v1/sbom/quay/push + event: repo_push + method: webhook + title: SBOM-event-to-Bombino \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/segment-backup-job/project.yaml b/konflux-configs/base/project/overlay/segment-backup-job/project.yaml new file mode 100644 index 00000000..d32de4a3 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/project.yaml @@ -0,0 +1,8 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: Project +metadata: + name: segment-backup-job +spec: + displayName: "Red Hat Trusted Artifact Signer Segment Backup Job" + description: | + Segment backup job for TAS (deprecated in 1.4+) diff --git a/konflux-configs/base/project/overlay/segment-backup-job/template.yaml b/konflux-configs/base/project/overlay/segment-backup-job/template.yaml new file mode 100644 index 00000000..956a2146 --- /dev/null +++ b/konflux-configs/base/project/overlay/segment-backup-job/template.yaml @@ -0,0 +1,33 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStreamTemplate +metadata: + name: segment-backup-job-template + labels: + build.rhtas.com/ec: registry-rhtas + build.rhtas.com/type: component +spec: + project: segment-backup-job + variables: + - name: version + description: A version number for a new development stream + - name: branch + description: Git branch + defaultValue: "main" + - name: nameSuffix + description: A suffix which will be added to K8s resource name + defaultValue: "-{{hyphenize .version}}" + - name: application + description: The application name + defaultValue: "segment-backup-job" + - name: mintmakerDisabled + description: Whether to disable mintmaker annotation on the Component + defaultValue: "false" + resources: + - apiVersion: appstudio.redhat.com/v1alpha1 + kind: Application + metadata: + annotations: + application.thumbnail: "5" + name: "{{.application}}{{.nameSuffix}}" + spec: + displayName: "{{.application}} ({{.version}})" \ No newline at end of file diff --git a/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml b/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml index a1d5c226..9dc0a999 100644 --- a/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml +++ b/konflux-configs/base/project/overlay/tas-tools/kustomization.yaml @@ -29,5 +29,4 @@ patches: - target: name: tas-tools-template kind: ProjectDevelopmentStreamTemplate - path: patch/rekor-cli.yaml - \ No newline at end of file + path: patch/rekor-cli.yaml \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/base/kustomization.yaml b/konflux-configs/base/stream/rhtas/base/kustomization.yaml index 4c66b3cc..6a587886 100644 --- a/konflux-configs/base/stream/rhtas/base/kustomization.yaml +++ b/konflux-configs/base/stream/rhtas/base/kustomization.yaml @@ -4,7 +4,9 @@ kind: Component resources: - ansible-stream.yaml + - rekor-monitor-stream.yaml - rhtas-operator-stream.yaml - - tough-stream.yaml + - segment-backup-job-stream.yaml - tas-tools-stream.yaml - tas-components-stream.yaml + - tough-stream.yaml diff --git a/konflux-configs/base/stream/rhtas/base/rekor-monitor-stream.yaml b/konflux-configs/base/stream/rhtas/base/rekor-monitor-stream.yaml new file mode 100644 index 00000000..ae26c41d --- /dev/null +++ b/konflux-configs/base/stream/rhtas/base/rekor-monitor-stream.yaml @@ -0,0 +1,15 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: rekor-monitor +spec: + project: rekor-monitor + template: + name: rekor-monitor-template + values: + - name: version + value: "main" + - name: branch + value: "main" + - name: nameSuffix + value: "" \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/base/segment-backup-job-stream.yaml b/konflux-configs/base/stream/rhtas/base/segment-backup-job-stream.yaml new file mode 100644 index 00000000..f236a867 --- /dev/null +++ b/konflux-configs/base/stream/rhtas/base/segment-backup-job-stream.yaml @@ -0,0 +1,15 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: segment-backup-job +spec: + project: segment-backup-job + template: + name: segment-backup-job-template + values: + - name: version + value: "main" + - name: branch + value: "main" + - name: nameSuffix + value: "" \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml b/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml index d1db92e8..5a2ac08d 100644 --- a/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml +++ b/konflux-configs/base/stream/rhtas/overlay/main/kustomization.yaml @@ -9,3 +9,5 @@ components: configurations: - kustomizeconfig.yaml +patches: + - path: patch/exclude-segment-backup-job.yaml \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/overlay/main/patch/exclude-segment-backup-job.yaml b/konflux-configs/base/stream/rhtas/overlay/main/patch/exclude-segment-backup-job.yaml new file mode 100644 index 00000000..1255c96c --- /dev/null +++ b/konflux-configs/base/stream/rhtas/overlay/main/patch/exclude-segment-backup-job.yaml @@ -0,0 +1,5 @@ +apiVersion: projctl.konflux.dev/v1beta1 +kind: ProjectDevelopmentStream +metadata: + name: segment-backup-job +$patch: delete \ No newline at end of file diff --git a/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml b/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml index 040165d5..ff42bbf8 100644 --- a/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml +++ b/konflux-configs/base/stream/rhtas/overlay/v1-2/kustomization.yaml @@ -19,3 +19,4 @@ patches: target: kind: ProjectDevelopmentStream - path: patch/exclude-tough.yaml + - path: patch/exclude-rekor-monitor.yaml \ No newline at end of file