K3S-HOME/platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FEAT(tekton): add OCI manifest list support for Image Updater

Browse Source 
- Update buildah task to create OCI manifest list format
- Push images with both :latest and specific tags
- Update all pipelines to use new IMAGE/TAG parameters
- Enable ArgoCD Image Updater digest detection
This commit is contained in:
Mayne0213
2026-01-11 00:31:50 +09:00
parent 4ac6b297e5
commit 39fecb3c5b
4 changed files with 38 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tekton/ci-cd/manifests/pipelines/fastapi-pipeline.yaml
View File

@@ -47,7 +47,9 @@ spec:
- clone - clone
params: params:
- name: IMAGE - name: IMAGE
value: zot0213.kro.kr/$(params.app-name):$(params.git-revision) value: zot0213.kro.kr/$(params.app-name)
- name: TAG
value: $(params.git-revision)
- name: DOCKERFILE - name: DOCKERFILE
value: ./Dockerfile value: ./Dockerfile
- name: CONTEXT - name: CONTEXT

4
tekton/ci-cd/manifests/pipelines/nextjs-pipeline.yaml
View File

@@ -51,7 +51,9 @@ spec:
- clone - clone
params: params:
- name: IMAGE - name: IMAGE
value: zot0213.kro.kr/$(params.app-name):$(params.git-revision) value: zot0213.kro.kr/$(params.app-name)
- name: TAG
value: $(params.git-revision)
- name: DOCKERFILE - name: DOCKERFILE
value: ./Dockerfile value: ./Dockerfile
- name: CONTEXT - name: CONTEXT

4
tekton/ci-cd/manifests/pipelines/python-pipeline.yaml
View File

@@ -47,7 +47,9 @@ spec:
- clone - clone
params: params:
- name: IMAGE - name: IMAGE
value: zot0213.kro.kr/$(params.app-name):$(params.git-revision) value: zot0213.kro.kr/$(params.app-name)
- name: TAG
value: $(params.git-revision)
- name: DOCKERFILE - name: DOCKERFILE
value: ./Dockerfile value: ./Dockerfile
- name: CONTEXT - name: CONTEXT

39
tekton/ci-cd/manifests/tasks/buildah-build-push.yaml
View File

@@ -4,11 +4,15 @@ metadata:
name: buildah-build-push name: buildah-build-push
namespace: tekton-pipelines namespace: tekton-pipelines
spec: spec:
description: Build container image with Buildah and push to registry description: Build container image with Buildah and push as OCI manifest list
params: params:
- name: IMAGE - name: IMAGE
description: Full image reference (registry/repo:tag) description: Image reference without tag (registry/repo)
type: string type: string
- name: TAG
description: Image tag (e.g., commit SHA or branch)
type: string
default: latest
- name: DOCKERFILE - name: DOCKERFILE
description: Path to Dockerfile description: Path to Dockerfile
type: string type: string
@@ -31,7 +35,7 @@ spec:
- name: IMAGE_DIGEST - name: IMAGE_DIGEST
description: Digest of built image description: Digest of built image
- name: IMAGE_URL - name: IMAGE_URL
description: Full URL of pushed image description: Full URL of pushed image with digest
steps: steps:
- name: build-and-push - name: build-and-push
image: quay.io/buildah/stable:v1.33 image: quay.io/buildah/stable:v1.33
@@ -45,7 +49,9 @@ spec:
#!/usr/bin/env bash #!/usr/bin/env bash
set -ex set -ex
REGISTRY=$(echo "$(params.IMAGE)" | cut -d'/' -f1) IMAGE="$(params.IMAGE)"
TAG="$(params.TAG)"
REGISTRY=$(echo "$IMAGE" | cut -d'/' -f1)
DOCKER_CONFIG="$(workspaces.dockerconfig.path)/.dockerconfigjson" DOCKER_CONFIG="$(workspaces.dockerconfig.path)/.dockerconfigjson"
# Login to registry # Login to registry
@@ -61,11 +67,24 @@ spec:
[ -n "$line" ] && BUILD_ARGS_FLAGS="$BUILD_ARGS_FLAGS --build-arg $line" [ -n "$line" ] && BUILD_ARGS_FLAGS="$BUILD_ARGS_FLAGS --build-arg $line"
done <<< "$BUILD_ARGS" done <<< "$BUILD_ARGS"
# Build and push # Build OCI image
buildah bud --platform linux/arm64 --format docker \ buildah bud --platform linux/arm64 --format oci \
-f $(params.DOCKERFILE) -t $(params.IMAGE) $BUILD_ARGS_FLAGS $(params.CONTEXT) -f $(params.DOCKERFILE) -t localhost/build:local $BUILD_ARGS_FLAGS $(params.CONTEXT)
buildah push --digestfile /tmp/image-digest $(params.IMAGE)
# Create and push manifest list with :latest tag
buildah manifest create ${IMAGE}:latest
buildah manifest add ${IMAGE}:latest localhost/build:local
buildah manifest push --all --digestfile /tmp/image-digest \
${IMAGE}:latest docker://${IMAGE}:latest
# Also push with specific tag if not 'latest'
if [ "$TAG" != "latest" ]; then
buildah manifest create ${IMAGE}:${TAG}
buildah manifest add ${IMAGE}:${TAG} localhost/build:local
buildah manifest push --all ${IMAGE}:${TAG} docker://${IMAGE}:${TAG}
fi
# Output results # Output results
cat /tmp/image-digest | tee $(results.IMAGE_DIGEST.path) DIGEST=$(cat /tmp/image-digest)
echo -n "$(params.IMAGE)" | tee $(results.IMAGE_URL.path) echo -n "$DIGEST" | tee $(results.IMAGE_DIGEST.path)
echo -n "${IMAGE}:latest@${DIGEST}" | tee $(results.IMAGE_URL.path)