3131 - name : source_branch
3232 value : " {{ source_branch }}"
3333 pipelineSpec :
34+ results :
35+ - description : The common vulnerabilities and exposures (CVE) result
36+ name : SCAN_OUTPUT
37+ value : $(tasks.vulnerability-scan.results.SCAN_OUTPUT)
3438 params :
3539 - name : repo_url
3640 - name : revision
@@ -58,31 +62,17 @@ spec:
5862 - name : source
5963 workspace : source
6064
61- # - name: debug-user
62- # taskSpec:
63- # workspaces:
64- # - name: source
65- # workspace: source
66- # steps:
67- # - name: show-user-info
68- # image: busybox
69- # script: |
70- # #!/bin/sh
71- # echo "Current UID:"
72- # id -u
73- # echo "Current GID:"
74- # id -g
75- # echo "Permissions on /workspace/source:"
76- # ls -ld /workspace/source
77- # workspaces:
78- # - name: source
79- # workspace: source
80-
65+ - name : read-cluster-name
66+ taskRef :
67+ name : read-cluster-name
68+ runAfter :
69+ - fix-permissions
70+
8171 - name : which-branch
8272 taskRef :
8373 name : print-branch-task
8474 runAfter :
85- - fix-permissions
75+ - read-cluster-name
8676 params :
8777 - name : source-branch
8878 value : " $(params.source_branch)"
@@ -113,6 +103,9 @@ spec:
113103 - input : " $(params.runOptional)"
114104 operator : in
115105 values : ["true"]
106+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
107+ operator : in
108+ values : ["cluster-platform-eval"]
116109 taskRef :
117110 name : go-lint-task
118111 runAfter :
@@ -126,6 +119,9 @@ spec:
126119 - input : " $(params.runOptional)"
127120 operator : in
128121 values : ["true"]
122+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
123+ operator : in
124+ values : ["cluster-platform-eval"]
129125 taskRef :
130126 name : go-test-task
131127 runAfter :
@@ -139,6 +135,9 @@ spec:
139135 - input : " $(params.runOptional)"
140136 operator : in
141137 values : ["true"]
138+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
139+ operator : in
140+ values : ["cluster-platform-eval"]
142141 taskRef :
143142 name : go-build-task
144143 runAfter :
@@ -158,34 +157,99 @@ spec:
158157 workspaces :
159158 - name : source
160159 workspace : source
161-
162- # - name: promote-to-prod
163- # when:
164- # - input: "$(params.runOptional)"
165- # operator: in
166- # values: ["true"]
167- # - input: "$(params.source_branch)"
168- # operator: in
169- # values: ["main"]
170- # taskRef:
171- # name: promote-to-prod-task
172- # resolver: hub
173- # params:
174- # - name: name
175- # value: skopeo-copy
176- # - name: kind
177- # value: task
178- # - name: catalog
179- # value: tekton
180- # - name: version
181- # value: "0.1"
182- # runAfter:
183- # - extract-version-and-registry
184- # params:
185- # - name: srcImageURL
186- # value: "$(tasks.extract-version-and-registry.results.dev-image-tag-base):$(tasks.extract-version-and-registry.results.dev-version)"
187- # - name: destImageURL
188- # value: "$(tasks.extract-version-and-registry.results.prod-image-tag-base):$(tasks.extract-version-and-registry.results.prod-version)"
160+
161+ - name : openshift-redeploy-h100
162+ when :
163+ - input : " $(params.runOptional)"
164+ operator : in
165+ values : ["true"]
166+ - input : " $(params.source_branch)"
167+ operator : in
168+ values : ["dev", "main"]
169+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
170+ operator : notin
171+ values : ["cluster-platform-eval"]
172+ taskRef :
173+ name : openshift-redeploy-task
174+ params :
175+ - name : source-branch
176+ value : " $(params.source_branch)"
177+ - name : prod-version
178+ value : " $(tasks.extract-version-and-registry.results.prod-version)"
179+ - name : dev-version
180+ value : " $(tasks.extract-version-and-registry.results.dev-version)"
181+ - name : prod_image_tag_base
182+ value : " $(tasks.extract-version-and-registry.results.prod-image-tag-base)"
183+ - name : dev_image_tag_base
184+ value : " $(tasks.extract-version-and-registry.results.dev-image-tag-base)"
185+ runAfter :
186+ - extract-version-and-registry
187+ workspaces :
188+ - name : source
189+ workspace : source
190+
191+ - name : go-test-post-deploy-h100
192+ when :
193+ - input : " $(params.runOptional)"
194+ operator : in
195+ values : ["true"]
196+ - input : " $(params.source_branch)"
197+ operator : in
198+ values : ["dev", "main"]
199+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
200+ operator : notin
201+ values : ["cluster-platform-eval"]
202+ taskRef :
203+ name : go-test-post-deploy-task
204+ params :
205+ - name : source-branch
206+ value : " $(params.source_branch)"
207+ - name : prod-version
208+ value : " $(tasks.extract-version-and-registry.results.prod-version)"
209+ - name : dev-version
210+ value : " $(tasks.extract-version-and-registry.results.dev-version)"
211+ - name : prod_image_tag_base
212+ value : " $(tasks.extract-version-and-registry.results.prod-image-tag-base)"
213+ - name : dev_image_tag_base
214+ value : " $(tasks.extract-version-and-registry.results.dev-image-tag-base)"
215+ runAfter :
216+ - openshift-redeploy-h100
217+ workspaces :
218+ - name : source
219+ workspace : source
220+
221+ - name : benchmark-h100
222+ when :
223+ - input : " $(params.source_branch)"
224+ operator : in
225+ values : ["dev"]
226+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
227+ operator : notin
228+ values : ["cluster-platform-eval"]
229+ continueOn :
230+ errors : true
231+ params :
232+ - name : openshift_host
233+ value : " https://api.fmaas-vllm-d.fmaas.res.ibm.com:6443"
234+ - name : openshift_namespace
235+ value : " hc4ai-operator-dev"
236+ taskRef :
237+ name : benchmark-task
238+ runAfter :
239+ - go-test-post-deploy-h100
240+
241+ - name : pipeline-complete-dev-h100
242+ when :
243+ - input : " $(params.source_branch)"
244+ operator : in
245+ values : ["dev"]
246+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
247+ operator : notin
248+ values : ["cluster-platform-eval"]
249+ runAfter :
250+ - benchmark-h100
251+ taskRef :
252+ name : noop-task
189253
190254 - name : promote-to-prod
191255 when :
@@ -195,6 +259,9 @@ spec:
195259 - input : " $(params.source_branch)"
196260 operator : in
197261 values : ["main"]
262+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
263+ operator : in
264+ values : ["cluster-platform-eval"]
198265 taskRef :
199266 name : promote-to-prod-task
200267 params :
@@ -220,6 +287,9 @@ spec:
220287 - input : " $(params.source_branch)"
221288 operator : in
222289 values : ["dev"]
290+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
291+ operator : in
292+ values : ["cluster-platform-eval"]
223293 params :
224294 - name : dev-version
225295 value : " $(tasks.extract-version-and-registry.results.dev-version)"
@@ -236,28 +306,57 @@ spec:
236306 workspace : source
237307 - name : registry
238308 workspace : registry-secret
239-
240- - name : sync-after-promote-or-build
309+
310+ - name : vulnerability-scan
311+ when :
312+ - input : " $(params.runOptional)"
313+ operator : in
314+ values : ["true"]
315+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
316+ operator : in
317+ values : ["cluster-platform-eval"]
241318 runAfter :
242- - promote-to-prod
243319 - buildah-build
244320 taskRef :
245- name : noop-task
321+ name : trivy-scan
322+ params :
323+ - name : IMAGE_URL
324+ value : " $(tasks.buildah-build.results.image-url)"
325+ - name : SEVERITY
326+ value : " CRITICAL,HIGH,MEDIUM,LOW"
327+ - name : ARGS
328+ value : " --exit-code 0"
329+ workspaces :
330+ - name : registry-secret
331+ workspace : registry-secret
332+ - name : output
333+ workspace : output
246334
247- - name : update-submodule
335+ - name : sync-after-promote-or-build
248336 when :
249- - input : " $(params.source_branch )"
337+ - input : " $(tasks.read-cluster-name.results.cluster-name )"
250338 operator : in
251- values : ["main"]
252- taskRef :
253- name : update-submodule-task
339+ values : ["cluster-platform-eval"]
254340 runAfter :
255341 - promote-to-prod
256- workspaces :
257- - name : source
258- workspace : source
259- - name : git-auth
260- workspace : git-auth
342+ - vulnerability-scan
343+ taskRef :
344+ name : noop-task
345+
346+ # - name: update-submodule
347+ # when:
348+ # - input: "$(params.source_branch)"
349+ # operator: in
350+ # values: ["main"]
351+ # taskRef:
352+ # name: update-submodule-task
353+ # runAfter:
354+ # - promote-to-prod
355+ # workspaces:
356+ # - name: source
357+ # workspace: source
358+ # - name: git-auth
359+ # workspace: git-auth
261360
262361 - name : tag-version
263362 when :
@@ -267,6 +366,9 @@ spec:
267366 - input : " $(params.source_branch)"
268367 operator : in
269368 values : ["main", "dev"]
369+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
370+ operator : in
371+ values : ["cluster-platform-eval"]
270372 taskRef :
271373 name : tag-version-task
272374 params :
@@ -343,6 +445,9 @@ spec:
343445 - input : " $(params.source_branch)"
344446 operator : in
345447 values : ["dev"]
448+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
449+ operator : in
450+ values : ["cluster-platform-eval"]
346451 continueOn :
347452 errors : true
348453 params :
@@ -360,6 +465,9 @@ spec:
360465 - input : " $(params.source_branch)"
361466 operator : in
362467 values : ["main"]
468+ - input : " $(tasks.read-cluster-name.results.cluster-name)"
469+ operator : in
470+ values : ["cluster-platform-eval"]
363471 params :
364472 - name : source-branch
365473 value : " $(params.source_branch)"
@@ -404,6 +512,14 @@ spec:
404512 resources :
405513 requests :
406514 storage : 1Gi
515+ - name : output
516+ volumeClaimTemplate :
517+ spec :
518+ accessModes :
519+ - ReadWriteOnce
520+ resources :
521+ requests :
522+ storage : 1Gi
407523 - name : basic-auth
408524 secret :
409525 secretName : " {{ git_auth_secret }}"
0 commit comments