Tekton pipeline missing optional netrc workspace for dependency fetching #1506
Description
Issue Description
The refactored multiarch-pull-request-pipeline defines an optional netrc workspace that is consumed by the prefetch-dependencies task, but the PipelineRun configurations in the following files do not include this workspace:
.tekton/odh-pipeline-runtime-minimal-cpu-py311-ubi9-pull-request.yaml.tekton/odh-pipeline-runtime-minimal-cpu-py312-ubi9-pull-request.yaml
Impact
If builds ever rely on .netrc credentials, the pipeline run will silently lack them, potentially causing dependency fetch failures.
Suggested Fix
Consider adding the netrc workspace to the PipelineRun configurations:
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'
- name: netrc
secret:
secretName: '{{ netrc_secret }}' # or mark as emptyDir if not neededAlternatively, if dependency fetching never requires netrc credentials, this can be documented or the workspace can be explicitly configured as emptyDir.
Context
This issue was identified during the code review of PR #1501 where the common pipeline was factored out.
References:
- PR: RHOAIENG-30439: tekton: factor out the common
multiarch-pull-request-pipelineinto its own file #1501 - Review comment: RHOAIENG-30439: tekton: factor out the common
multiarch-pull-request-pipelineinto its own file #1501 (comment)
Requested by: @jiridanek
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Status