diff --git a/deploy/templates/tekton/pipeline.yaml b/deploy/templates/tekton/pipeline.yaml index 3f58d18..0e36c96 100644 --- a/deploy/templates/tekton/pipeline.yaml +++ b/deploy/templates/tekton/pipeline.yaml @@ -30,7 +30,7 @@ spec: default: 127.0.0.1:5000/agentrun - name: tools-image type: string - default: oven/bun:1.2.15-alpine + default: 127.0.0.1:5000/hwlab/hwlab-ci-node-tools:node22-alpine-bun-v1 workspaces: - name: source - name: git-ssh @@ -67,7 +67,6 @@ spec: script: | #!/bin/sh set -eu - apk add --no-cache git curl rm -rf /workspace/source/repo mkdir -p /workspace/source/repo git init /workspace/source/repo @@ -100,6 +99,7 @@ spec: - name: gitops-branch - name: revision - name: registry-prefix + - name: tools-image results: - name: env-identity - name: build-count @@ -109,21 +109,20 @@ spec: - name: source steps: - name: plan - image: oven/bun:1.2.15-alpine + image: $(params.tools-image) env: - name: GIT_TERMINAL_PROMPT value: "0" script: | #!/bin/sh set -eu - apk add --no-cache git nodejs cd /workspace/source/repo node <<'NODE' > /workspace/source/env-identity const { createHash } = require("node:crypto"); const { readFileSync } = require("node:fs"); const inputs = [ - ["baseImage", "oven/bun:1.2.15-alpine"], - ["systemPackages", "ca-certificates git kubectl nodejs openssh-client"], + ["toolsImage", "127.0.0.1:5000/hwlab/hwlab-ci-node-tools:node22-alpine-bun-v1"], + ["systemPackages", "ca-certificates curl git kubectl nodejs openssh-client"], ["containerfile", readFileSync("deploy/container/Containerfile", "utf8")], ["bootScript", readFileSync("deploy/runtime/boot/agentrun-boot.sh", "utf8")], ["bootMgr", readFileSync("deploy/runtime/boot/agentrun-mgr.sh", "utf8")], @@ -190,7 +189,7 @@ spec: gitopsBranch, sourceCommitId: revision, envIdentity, - toolchainInputs: ["oven/bun:1.2.15-alpine", "deploy/container/Containerfile", "deploy/runtime/boot/*.sh", "package.json", "bun.lock", "tsconfig.json", "apk:ca-certificates git kubectl nodejs openssh-client"], + toolchainInputs: ["127.0.0.1:5000/hwlab/hwlab-ci-node-tools:node22-alpine-bun-v1", "deploy/container/Containerfile", "deploy/runtime/boot/*.sh", "package.json", "bun.lock", "tsconfig.json", "tools:ca-certificates curl git kubectl nodejs openssh-client"], buildServices: reused ? [] : ["agentrun-mgr"], reusedServices: reused ? ["agentrun-mgr"] : [], unsafeReuseServices: [], @@ -213,6 +212,8 @@ spec: value: $(params.revision) - name: registry-prefix value: $(params.registry-prefix) + - name: tools-image + value: $(params.tools-image) - name: image-publish runAfter: [plan-artifacts] workspaces: @@ -222,6 +223,7 @@ spec: params: - name: revision - name: registry-prefix + - name: tools-image results: - name: image - name: digest @@ -272,7 +274,7 @@ spec: - name: buildkit-bin mountPath: /workspace/buildkit-bin - name: build-or-reuse - image: oven/bun:1.2.15-alpine + image: $(params.tools-image) env: - name: HTTP_PROXY value: http://127.0.0.1:10808 @@ -283,7 +285,6 @@ spec: script: | #!/bin/sh set -eu - apk add --no-cache curl nodejs cd /workspace/source/repo env_identity="$(cat /workspace/source/env-identity)" if node -e 'const p=require("/workspace/source/ci-plan.json"); process.exit((p.buildServices||[]).length===0 ? 0 : 1)'; then @@ -343,6 +344,8 @@ spec: value: $(params.revision) - name: registry-prefix value: $(params.registry-prefix) + - name: tools-image + value: $(params.tools-image) - name: gitops-promote runAfter: [image-publish] workspaces: @@ -359,11 +362,12 @@ spec: - name: repository-digest - name: env-identity - name: image-status + - name: tools-image workspaces: - name: source steps: - name: promote - image: oven/bun:1.2.15-alpine + image: $(params.tools-image) env: - name: GIT_TERMINAL_PROMPT value: "0" @@ -384,7 +388,6 @@ spec: script: | #!/bin/sh set -eu - apk add --no-cache git openssh-client nodejs cd /workspace/source/repo node <<'NODE' > /workspace/source/artifact-catalog.v01.json const { readFileSync } = require("node:fs");