containers
/
ramalama
mirror of https://github.com/containers/ramalama.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: containers:main
Branches Tags
containers:main
containers:konflux/references/main
containers:konflux-ramalama-vllm
containers:fix-cuda-gpu
containers:konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x
containers:konflux-more-images
containers:pip-install
containers:konflux-integration
containers:test-in-vms
containers:s
containers:konflux-rocm-whisper-server
containers:konflux-rocm-ubi-whisper-server
containers:konflux-rocm-ubi-rag
containers:konflux-rocm-ubi-llama-server
containers:konflux-rocm-rag
containers:konflux-rocm-llama-server
containers:konflux-ramalama-whisper-server
containers:konflux-ramalama-rag
containers:konflux-ramalama-llama-server
containers:konflux-cuda-rag
containers:konflux-cuda-whisper-server
containers:konflux-cuda-llama-server
containers:konflux-tests
containers:gemma3n-alias
containers:fix-text-input
containers:add-vllm
containers:spaces2tabs
containers:dont-always-set-up-this-symlink
containers:add-colors
containers:change-from
containers:sycl
containers:change-install-script
containers:increase-retry-attempt
containers:rm-libexec
containers:update-shortnames
containers:no-warmup
containers:multimodal
containers:ggml-vulkan-by-default
containers:python3-ramalama2ramalama
containers:demo-secure
containers:vulkan
containers:pypi-fixes
containers:reword-description
containers:change-install-url
containers:punctuation-consistency-2
containers:konflux-sa-migration-ramalama
containers:ramalama-proxy
containers:change-to-cli-serve
containers:pass-args-to-ramalama-run-core
containers:add-exit
containers:cli-advancements
containers:client-server-fix-containers
containers:revert-1214-rocm-ubi
containers:install-script-fix
containers:fix-ramalama-rag
containers:certificates
containers:rm-openvino
containers:minor-fix
containers:explain-option-better
containers:open-webui
containers:update-llama
containers:macos-detect
containers:add-copilot
containers:more-scaffoling
containers:iso8601-conversion
containers:ci-fixes
containers:mac-hyper-fix
containers:ngl-999
containers:optimize-rename-variables
containers:progress-bar-2
containers:progress-bar
containers:ngl-default
containers:privi
containers:update-llama-cpp
containers:mac-cpu-fix
containers:remove-unnecessary
containers:shortnames
containers:check-packaging
containers:run_cmd-to-exec_cmd
containers:build
containers:llama-cpp-python-server
containers:v0.11.0
containers:v0.10.1
containers:v0.10.0
containers:v0.9.3
containers:v0.9.2
containers:v0.9.1
containers:v0.9.0
containers:v0.8.5
containers:v0.8.3
containers:v0.8.2
containers:v0.8.1
containers:v0.8.0
containers:v0.7.5
containers:v0.7.4
containers:v0.7.3
containers:v0.7.2
containers:v0.7.1
containers:v0.7.0
containers:v0.6.4
containers:v0.6.3
containers:v0.6.2
containers:v0.6.1
containers:v0.6.0
containers:v0.5.5
containers:v0.5.4
containers:v0.5.3
containers:v0.5.2
containers:v0.5.1
containers:v0.5.0
containers:v0.4.0
containers:v0.3.0
containers:v0.2.0
containers:v0.1.3
containers:v0.1.2
containers:v0.1.1
containers:v0.1.0
containers:v0.0.23
containers:v0.0.22
containers:v0.0.21
containers:v0.0.20
containers:v0.0.19
containers:v0.0.18
containers:v0.0.17
containers:v0.0.16
containers:v0.0.14
..
compare: containers:v0.9.3
Branches Tags
containers:main
containers:konflux/references/main
containers:konflux-ramalama-vllm
containers:fix-cuda-gpu
containers:konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x
containers:konflux-more-images
containers:pip-install
containers:konflux-integration
containers:test-in-vms
containers:s
containers:konflux-rocm-whisper-server
containers:konflux-rocm-ubi-whisper-server
containers:konflux-rocm-ubi-rag
containers:konflux-rocm-ubi-llama-server
containers:konflux-rocm-rag
containers:konflux-rocm-llama-server
containers:konflux-ramalama-whisper-server
containers:konflux-ramalama-rag
containers:konflux-ramalama-llama-server
containers:konflux-cuda-rag
containers:konflux-cuda-whisper-server
containers:konflux-cuda-llama-server
containers:konflux-tests
containers:gemma3n-alias
containers:fix-text-input
containers:add-vllm
containers:spaces2tabs
containers:dont-always-set-up-this-symlink
containers:add-colors
containers:change-from
containers:sycl
containers:change-install-script
containers:increase-retry-attempt
containers:rm-libexec
containers:update-shortnames
containers:no-warmup
containers:multimodal
containers:ggml-vulkan-by-default
containers:python3-ramalama2ramalama
containers:demo-secure
containers:vulkan
containers:pypi-fixes
containers:reword-description
containers:change-install-url
containers:punctuation-consistency-2
containers:konflux-sa-migration-ramalama
containers:ramalama-proxy
containers:change-to-cli-serve
containers:pass-args-to-ramalama-run-core
containers:add-exit
containers:cli-advancements
containers:client-server-fix-containers
containers:revert-1214-rocm-ubi
containers:install-script-fix
containers:fix-ramalama-rag
containers:certificates
containers:rm-openvino
containers:minor-fix
containers:explain-option-better
containers:open-webui
containers:update-llama
containers:macos-detect
containers:add-copilot
containers:more-scaffoling
containers:iso8601-conversion
containers:ci-fixes
containers:mac-hyper-fix
containers:ngl-999
containers:optimize-rename-variables
containers:progress-bar-2
containers:progress-bar
containers:ngl-default
containers:privi
containers:update-llama-cpp
containers:mac-cpu-fix
containers:remove-unnecessary
containers:shortnames
containers:check-packaging
containers:run_cmd-to-exec_cmd
containers:build
containers:llama-cpp-python-server
containers:v0.11.0
containers:v0.10.1
containers:v0.10.0
containers:v0.9.3
containers:v0.9.2
containers:v0.9.1
containers:v0.9.0
containers:v0.8.5
containers:v0.8.3
containers:v0.8.2
containers:v0.8.1
containers:v0.8.0
containers:v0.7.5
containers:v0.7.4
containers:v0.7.3
containers:v0.7.2
containers:v0.7.1
containers:v0.7.0
containers:v0.6.4
containers:v0.6.3
containers:v0.6.2
containers:v0.6.1
containers:v0.6.0
containers:v0.5.5
containers:v0.5.4
containers:v0.5.3
containers:v0.5.2
containers:v0.5.1
containers:v0.5.0
containers:v0.4.0
containers:v0.3.0
containers:v0.2.0
containers:v0.1.3
containers:v0.1.2
containers:v0.1.1
containers:v0.1.0
containers:v0.0.23
containers:v0.0.22
containers:v0.0.21
containers:v0.0.20
containers:v0.0.19
containers:v0.0.18
containers:v0.0.17
containers:v0.0.16
containers:v0.0.14

No commits in common. "main" and "v0.9.3" have entirely different histories.
main ... v0.9.3

208 changed files with 3854 additions and 11695 deletions
Show Stats Expand all files Collapse all files

15
.codespellrc Normal file
View File

@ -0,0 +1,15 @@
# https://github.com/codespell-project/codespell#using-a-config-file
[codespell]
# Comma-separated list of files to skip.
skip = build,ramalama.egg-info,logos,.git #,bin,vendor,.git,go.sum,changelog.txt,.cirrus.yml,"RELEASE_NOTES.md,*.xz,*.gz,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,*.7,copyimg,*.orig,apidoc.go"
# Comma separated list of words to be ignored. Words must be lowercased.
ignore-words-list = clos,creat,ro,hastable,shouldnot,mountns,passt,assertin
# Custom dictionary file that contains spelling corrections.
# Run with option '--dictionary=-' to include also default dictionary.
dictionary = .codespelldict
# Check file names as well.
check-filenames = true

1
.flake8
View File

@ -2,4 +2,3 @@
max-line-length = 120
# E203,E221,E231 conflict with black formatting
extend-ignore = E203,E221,E231,E702,F824
extend-exclude = .venv,venv

18
.github/workflows/ci-images.yml vendored
View File

@ -18,7 +18,6 @@ on:
jobs:
build:
runs-on: ubuntu-24.04
timeout-minutes: 120
steps:
- name: Checkout
uses: actions/checkout@v4
@ -49,10 +48,7 @@ jobs:
- name: Free Disk Space Linux
shell: bash
run: |
sudo mkdir -m a=rwx -p /mnt/tmp /mnt/runner
sudo mkdir -m o=rwx -p /home/runner/.local
sudo chown runner:runner /mnt/runner /home/runner/.local
sudo mount --bind /mnt/runner /home/runner/.local
sudo docker rmi "$(docker image ls -aq)" >/dev/null 2>&1 || true
sudo rm -rf \
/usr/share/dotnet /usr/local/lib/android /opt/ghc \
/usr/local/share/powershell /usr/share/swift /usr/local/.ghcup \
@ -61,6 +57,16 @@ jobs:
sudo swapoff -a
sudo rm -f /mnt/Swapfile
# /mnt has ~ 65 GB free disk space. / is too small.
- name: Reconfigure Docker data-root
run: |
sudo mkdir -p /mnt/docker /etc/docker
echo '{"data-root": "/mnt/docker"}' > /tmp/daemon.json
sudo mv /tmp/daemon.json /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker.service
df -h
- name: Print disk space after cleanup
shell: bash
run: |
@ -68,4 +74,4 @@ jobs:
- name: Build Images
run: |
./container_build.sh -r -c -s build
./container_build.sh -r -c build

62
.github/workflows/ci.yml vendored
View File

@ -10,7 +10,6 @@ jobs:
lint:
name: Lint Code
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
@ -34,52 +33,12 @@ jobs:
run: |
make lint
build-image:
runs-on: ubuntu-24.04
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
- name: Install the latest version of uv and activate the environment
uses: astral-sh/setup-uv@v6
with:
activate-environment: true
- name: Install dependencies
shell: bash
run: |
df -h
sudo apt-get update
sudo apt-get install -y bash codespell python3-argcomplete pipx podman
make install-requirements
- name: Upgrade to podman 5
run: |
set -e
# /mnt has ~ 65 GB free disk space. / is too small.
sudo mkdir -m a=rwx -p /mnt/tmp /mnt/runner
sudo mkdir -m o=rwx -p /home/runner/.local
sudo chown runner:runner /mnt/runner /home/runner/.local
sudo mount --bind /mnt/runner /home/runner/.local
# Enable universe repository which contains podman
sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu oracular universe"
# Update package lists
sudo apt-get update
sudo apt-get purge firefox
# Install specific podman version
sudo apt-get upgrade
- name: Build a container for CPU inferencing
shell: bash
run: |
./container_build.sh build -s ramalama
unit-test:
name: Unit Tests
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
- name: Install the latest version of uv and activate the environment
uses: astral-sh/setup-uv@v6
with:
@ -110,7 +69,6 @@ jobs:
bats:
runs-on: ubuntu-24.04
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
@ -147,6 +105,9 @@ jobs:
# Install specific podman version
sudo apt-get upgrade
- name: Build a container for CPU inferencing
run: ./container_build.sh build ramalama
- name: run bats
run: |
TEMPDIR=/mnt/tmp
@ -155,7 +116,6 @@ jobs:
bats-nocontainer:
runs-on: ubuntu-24.04
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
@ -195,7 +155,6 @@ jobs:
docker:
runs-on: ubuntu-24.04
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
@ -243,12 +202,11 @@ jobs:
sudo mv /tmp/daemon.json /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker.service
sudo mkdir -m a=rwx -p /mnt/tmp /mnt/runner
sudo mkdir -m o=rwx -p /home/runner/.local
sudo chown runner:runner /mnt/runner /home/runner/.local
sudo mount --bind /mnt/runner /home/runner/.local
df -h
- name: Build a container for CPU inferencing
run: ./container_build.sh build ramalama
- name: bats-docker
run: |
docker info
@ -256,7 +214,6 @@ jobs:
macos:
runs-on: macos-14
timeout-minutes: 60
steps:
- uses: actions/checkout@v4
@ -264,11 +221,6 @@ jobs:
uses: astral-sh/setup-uv@v6
with:
activate-environment: true
- name: install mlx-lm
shell: bash
run: |
uv pip install mlx-lm
- name: install golang
shell: bash

2
.github/workflows/install_ramalama.yml vendored
View File

@ -21,7 +21,7 @@ jobs:
uses: actions/checkout@v4
- name: Set Up Dependencies (Ubuntu)
timeout-minutes: 20
timeout-minutes: 10
if: matrix.os == 'ubuntu-latest'
run: |
sudo apt-get install -y lshw curl

2
.gitignore vendored
View File

@ -19,5 +19,3 @@ __pycache__/
coverage.*
htmlcov/
.idea/
.hypothesis/
uv.lock

2
.packit-copr-rpm.sh
View File

@ -9,7 +9,7 @@ set -exo pipefail
# Extract version from pyproject.toml instead of setup.py
VERSION=$(awk -F'[""]' ' /^\s*version\s*/ {print $(NF-1)}' pyproject.toml )
SPEC_FILE=rpm/ramalama.spec
SPEC_FILE=rpm/python-ramalama.spec
# RPM Spec modifications

12
.packit.yaml
View File

@ -7,11 +7,11 @@ upstream_tag_template: v{version}
packages:
ramalama-fedora:
pkg_tool: fedpkg
downstream_package_name: ramalama
specfile_path: rpm/ramalama.spec
downstream_package_name: python-ramalama
specfile_path: rpm/python-ramalama.spec
ramalama-centos:
downstream_package_name: ramalama
specfile_path: rpm/ramalama.spec
downstream_package_name: python-ramalama
specfile_path: rpm/python-ramalama.spec
srpm_build_deps:
- make
@ -79,7 +79,7 @@ jobs:
dist_git_branches: &fedora_targets
- fedora-all
- epel10
- epel10.0
- epel9
- job: koji_build
trigger: commit
@ -92,4 +92,4 @@ jobs:
dist_git_branches:
- fedora-branched # rawhide updates are created automatically
- epel10
- epel10.0
- epel9

37
.pre-commit-config.yaml
View File

@ -1,37 +0,0 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v5.0.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml
- id: check-json
- id: check-toml
- id: check-added-large-files
- id: check-merge-conflict
- id: check-executables-have-shebangs
- id: check-shebang-scripts-are-executable
- repo: https://github.com/pycqa/flake8
rev: 7.3.0
hooks:
- id: flake8
- repo: https://github.com/codespell-project/codespell
rev: v2.4.1
hooks:
- id: codespell
args: ["-w"]
- repo: https://github.com/psf/black
rev: 25.1.0
hooks:
- id: black
- repo: https://github.com/pycqa/isort
rev: 6.0.1
hooks:
- id: isort
- repo: local
hooks:
- id: run-unit-tests
name: run unit tests
entry: make unit-tests
language: system
pass_filenames: false

48
.tekton/asahi-llama-server/asahi-llama-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-llama-server
pipelines.appstudio.openshift.io/type: build
name: asahi-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/asahi-llama-server/asahi-llama-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-llama-server
pipelines.appstudio.openshift.io/type: build
name: asahi-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/asahi-rag/asahi-rag-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-rag
pipelines.appstudio.openshift.io/type: build
name: asahi-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/asahi-rag/asahi-rag-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-rag
pipelines.appstudio.openshift.io/type: build
name: asahi-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/asahi-whisper-server/asahi-whisper-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: asahi-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/asahi-whisper-server/asahi-whisper-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: asahi-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/asahi/asahi-pull-request.yaml
View File

@ -1,42 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi
pipelines.appstudio.openshift.io/type: build
name: asahi-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/asahi/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/asahi/asahi-push.yaml
View File

@ -1,39 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi
pipelines.appstudio.openshift.io/type: build
name: asahi-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/asahi/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/bats/bats-pull-request.yaml
View File

@ -1,42 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: bats
pipelines.appstudio.openshift.io/type: build
name: bats-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/bats/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/bats/bats-push.yaml
View File

@ -1,39 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: bats
pipelines.appstudio.openshift.io/type: build
name: bats-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/bats/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cann-llama-server/cann-llama-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-llama-server
pipelines.appstudio.openshift.io/type: build
name: cann-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cann-llama-server/cann-llama-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-llama-server
pipelines.appstudio.openshift.io/type: build
name: cann-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cann-rag/cann-rag-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-rag
pipelines.appstudio.openshift.io/type: build
name: cann-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cann-rag/cann-rag-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-rag
pipelines.appstudio.openshift.io/type: build
name: cann-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cann-whisper-server/cann-whisper-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cann-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cann-whisper-server/cann-whisper-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cann-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/cann/cann-pull-request.yaml
View File

@ -1,42 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann
pipelines.appstudio.openshift.io/type: build
name: cann-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cann/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/cann/cann-push.yaml
View File

@ -1,39 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann
pipelines.appstudio.openshift.io/type: build
name: cann-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cann/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cuda-llama-server/cuda-llama-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-llama-server
pipelines.appstudio.openshift.io/type: build
name: cuda-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cuda-llama-server/cuda-llama-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-llama-server
pipelines.appstudio.openshift.io/type: build
name: cuda-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cuda-rag/cuda-rag-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-rag
pipelines.appstudio.openshift.io/type: build
name: cuda-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- GPU=cuda
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cuda-rag/cuda-rag-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-rag
pipelines.appstudio.openshift.io/type: build
name: cuda-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- GPU=cuda
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cuda-whisper-server/cuda-whisper-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cuda-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cuda-whisper-server/cuda-whisper-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cuda-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/cuda/cuda-pull-request.yaml
View File

@ -1,42 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda
pipelines.appstudio.openshift.io/type: build
name: cuda-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cuda/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/cuda/cuda-push.yaml
View File

@ -1,39 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda
pipelines.appstudio.openshift.io/type: build
name: cuda-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cuda/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

66
.tekton/integration/pipelines/bats-integration.yaml
View File

@ -1,66 +0,0 @@
kind: Pipeline
apiVersion: tekton.dev/v1
metadata:
name: bats-integration
spec:
description: |
Test the newly-built ramalama image and layered images on all supported architectures.
params:
- name: SNAPSHOT
description: >-
Information about the components included in the current snapshot under test.
- name: platforms
description: VM platforms on which to run test commands
type: array
default:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: commands
description: Test commands to run
type: array
default:
- make bats
- name: git-url
description: URL of the Git repository containing pipeline and task definitions
default: https://github.com/containers/ramalama.git
- name: git-revision
description: Revision of the Git repository containing pipeline and task definitions
default: main
tasks:
- name: init
params:
- name: SNAPSHOT
value: $(params.SNAPSHOT)
taskRef:
resolver: git
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.git-revision)
- name: pathInRepo
value: .tekton/integration/tasks/init-snapshot.yaml
- name: test
matrix:
params:
- name: PLATFORM
value:
- $(params.platforms)
- name: cmd
value:
- $(params.commands)
params:
- name: image
value: $(tasks.init.results.bats-image)
- name: envs
value:
- RAMALAMA_IMAGE=$(tasks.init.results.ramalama-image)
taskRef:
resolver: git
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.git-revision)
- name: pathInRepo
value: .tekton/integration/tasks/test-vm-cmd.yaml

55
.tekton/integration/tasks/init-snapshot.yaml
View File

@ -1,55 +0,0 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: init-snapshot
spec:
description: Extract information from the SNAPSHOT and make it available as Tekton results
params:
- name: SNAPSHOT
description: >-
Information about the components included in the current snapshot under test.
results:
- name: event-type
description: The type of event that triggered the pipeline
- name: bats-image
description: URI of the bats image included in the snapshot
- name: ramalama-image
description: URI of the ramalama image included in the snapshot
- name: TEST_OUTPUT
description: Test result in json format
steps:
- name: process
image: registry.access.redhat.com/ubi10/ubi:latest
env:
- name: SNAPSHOT
value: $(params.SNAPSHOT)
- name: EVENT_TYPE
valueFrom:
fieldRef:
fieldPath: metadata.labels['pac.test.appstudio.openshift.io/event-type']
- name: RESULTS_EVENT_TYPE_PATH
value: $(results.event-type.path)
- name: RESULTS_BATS_IMAGE_PATH
value: $(results.bats-image.path)
- name: RESULTS_RAMALAMA_IMAGE_PATH
value: $(results.ramalama-image.path)
- name: RESULTS_TEST_OUTPUT_PATH
value: $(results.TEST_OUTPUT.path)
script: |
#!/bin/bash -ex
dnf -y install jq
echo -n "$EVENT_TYPE" | tee "$RESULTS_EVENT_TYPE_PATH"
echo
component_image() {
TAGSEP=":"
if [ "$EVENT_TYPE" == "pull_request" ]; then
TAGSEP+="on-pr-"
fi
jq -j --arg name "$1" --arg tagsep "$TAGSEP" '.components[] | select(.name == $name) | [(.containerImage | split("@")[0]), .source.git.revision] | join($tagsep)' <<< "$SNAPSHOT"
}
component_image bats | tee "$RESULTS_BATS_IMAGE_PATH"
echo
component_image ramalama | tee "$RESULTS_RAMALAMA_IMAGE_PATH"
echo
jq -jnc '{result: "SUCCESS", timestamp: now | todateiso8601, failures: 0, successes: 1, warnings: 0}' | tee "$RESULTS_TEST_OUTPUT_PATH"
echo

118
.tekton/integration/tasks/test-vm-cmd.yaml
View File

@ -1,118 +0,0 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: test-vm-cmd
spec:
description: Run a command in a test VM
params:
- name: PLATFORM
description: The platform of the VM to provision
- name: image
description: The image to use when setting up the test environment
- name: cmd
description: The command to run
- name: envs
description: List of environment variables (NAME=VALUE) to be set in the test environment
type: array
default: []
results:
- name: TEST_OUTPUT
description: Test result in json format
volumes:
- name: workdir
emptyDir: {}
- name: ssh
secret:
secretName: multi-platform-ssh-$(context.taskRun.name)
steps:
- name: run-in-vm
image: registry.access.redhat.com/ubi10/ubi:latest
volumeMounts:
- mountPath: /var/workdir
name: workdir
- mountPath: /ssh
name: ssh
workingDir: /var/workdir
env:
- name: TEST_IMAGE
value: $(params.image)
- name: TEST_CMD
value: $(params.cmd)
- name: RESULTS_TEST_OUTPUT_PATH
value: $(results.TEST_OUTPUT.path)
args:
- $(params.envs[*])
script: |
#!/bin/bash -ex
log() {
echo "[$(date -uIns)]" $*
}
log Install packages
dnf -y install openssh-clients rsync jq
log Prepare connection
if [ -e "/ssh/error" ]; then
log Error provisioning VM
cat /ssh/error
exit 1
fi
export SSH_HOST=$(cat /ssh/host)
mkdir -p ~/.ssh
if [ "$SSH_HOST" == "localhost" ] ; then
IS_LOCALHOST=true
log Localhost detected, running build in cluster
elif [ -s "/ssh/otp" ]; then
log Fetching OTP token
curl --cacert /ssh/otp-ca -d @/ssh/otp $(cat /ssh/otp-server) > ~/.ssh/id_rsa
echo >> ~/.ssh/id_rsa
chmod 0400 ~/.ssh/id_rsa
elif [ -s "/ssh/id_rsa" ]; then
log Copying ssh key
cp /ssh/id_rsa ~/.ssh
chmod 0400 ~/.ssh/id_rsa
else
log No authentication mechanism found
exit 1
fi
mkdir -p scripts
PODMAN_ENV=()
while [ $# -ne 0 ]; do
PODMAN_ENV+=("-e" "$1")
shift
done
cat > scripts/test.sh <<SCRIPTEOF
#!/bin/bash -ex
podman run \
--userns=keep-id \
--security-opt label=disable \
--security-opt unmask=/proc/* \
--device /dev/net/tun \
--device /dev/fuse \
${PODMAN_ENV[*]} \
$TEST_IMAGE $TEST_CMD
SCRIPTEOF
chmod +x scripts/test.sh
if ! [[ $IS_LOCALHOST ]]; then
log VM exec
export BUILD_DIR=$(cat /ssh/user-dir)
export SSH_ARGS="-o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ServerAliveCountMax=10"
# ssh once before rsync to retrieve the host key
ssh $SSH_ARGS "$SSH_HOST" "uname -a"
rsync -ra scripts "$SSH_HOST:$BUILD_DIR"
ssh $SSH_ARGS "$SSH_HOST" "$BUILD_DIR/scripts/test.sh"
log End VM exec
else
log Local exec
scripts/test.sh
log End local exec
fi
jq -jnc '{result: "SUCCESS", timestamp: now | todateiso8601, failures: 0, successes: 1, warnings: 0}' | tee "$RESULTS_TEST_OUTPUT_PATH"
echo

47
.tekton/intel-gpu-llama-server/intel-gpu-llama-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-llama-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/intel-gpu-llama-server/intel-gpu-llama-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-llama-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/intel-gpu-rag/intel-gpu-rag-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-rag
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/intel-gpu-rag/intel-gpu-rag-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-rag
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/intel-gpu-whisper-server/intel-gpu-whisper-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-whisper-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/intel-gpu-whisper-server/intel-gpu-whisper-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-whisper-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/intel-gpu/intel-gpu-pull-request.yaml
View File

@ -1,41 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/intel-gpu/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/intel-gpu/intel-gpu-push.yaml
View File

@ -1,38 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/intel-gpu/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/llama-stack/llama-stack-pull-request.yaml
View File

@ -1,42 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: llama-stack
pipelines.appstudio.openshift.io/type: build
name: llama-stack-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/llama-stack:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/llama-stack/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/llama-stack/llama-stack-push.yaml
View File

@ -1,39 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: llama-stack
pipelines.appstudio.openshift.io/type: build
name: llama-stack-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/llama-stack:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/llama-stack/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/musa-llama-server/musa-llama-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-llama-server
pipelines.appstudio.openshift.io/type: build
name: musa-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/musa-llama-server/musa-llama-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-llama-server
pipelines.appstudio.openshift.io/type: build
name: musa-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/musa-rag/musa-rag-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-rag
pipelines.appstudio.openshift.io/type: build
name: musa-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- GPU=musa
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/musa-rag/musa-rag-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-rag
pipelines.appstudio.openshift.io/type: build
name: musa-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- GPU=musa
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/musa-whisper-server/musa-whisper-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-whisper-server
pipelines.appstudio.openshift.io/type: build
name: musa-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/musa-whisper-server/musa-whisper-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-whisper-server
pipelines.appstudio.openshift.io/type: build
name: musa-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/musa/musa-pull-request.yaml
View File

@ -1,41 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa
pipelines.appstudio.openshift.io/type: build
name: musa-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/musa/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/musa/musa-push.yaml
View File

@ -1,38 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa
pipelines.appstudio.openshift.io/type: build
name: musa-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/musa/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/openvino/openvino-pull-request.yaml
View File

@ -1,41 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: openvino
pipelines.appstudio.openshift.io/type: build
name: openvino-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/openvino:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/openvino/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/openvino/openvino-push.yaml
View File

@ -1,38 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: openvino
pipelines.appstudio.openshift.io/type: build
name: openvino-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/openvino:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/openvino/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

640
.tekton/pipelines/pull-request-pipeline.yaml
View File

@ -1,640 +0,0 @@
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: pull-request-pipeline
labels:
appstudio.openshift.io/application: ramalama
spec:
description: |
Pipeline for building RamaLama images when PRs are submitted.
Based on the [docker-build-multi-platform-oci-ta](https://github.com/konflux-ci/build-definitions/tree/main/pipelines/docker-build-multi-platform-oci-ta) pipeline from [Konflux](https://konflux-ci.dev/).
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "true"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote VMs
name: privileged-nested
type: string
- default:
- linux-c4xlarge/amd64
description: List of platforms to build the container images on. The available set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
- default: ""
description: The parent image of the image being built.
name: parent-image
- default: ""
description: The image to use for running tests.
name: test-image
- default: []
description: List of environment variables (NAME=VALUE) to be set in the test environment.
name: test-envs
type: array
- default:
- echo "No tests defined"
description: List of test commands to run after the image is built.
name: test-commands
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:1d8221c84f91b923d89de50bf16481ea729e3b68ea04a9a7cbe8485ddbb27ee6
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:d35e5d501cb5f5f88369511f76249857cb5ac30250e1dcf086939321964ff6b9
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:092491ac0f6e1009d10c58a1319d1029371bf637cc1293cceba53c6da5314ed1
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- name: wait-for-parent-image
params:
- name: ref
value: $(params.parent-image)
taskRef:
name: wait-for-image
when:
- input: $(params.parent-image)
operator: notin
values:
- ""
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- wait-for-parent-image
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:9e866d4d0489a6ab84ae263db416c9f86d2d6117ef4444f495a0e97388ae3ac0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:3499772af90aad0d3935629be6d37dd9292195fb629e6f43ec839c7f545a0faa
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: wait-for-test-image
params:
- name: ref
value: $(params.test-image)
runAfter:
- build-image-index
taskRef:
name: wait-for-image
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: run-tests
matrix:
params:
- name: cmd
value:
- $(params.test-commands)
params:
- name: image
value: $(params.test-image)@$(tasks.wait-for-test-image.results.digest)
- name: envs
value:
- $(params.test-envs[*])
runAfter:
- wait-for-test-image
taskRef:
name: test-cmd
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: BINARY_IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:b1eb49583b41872b27356fee20d5f0eb6ff7f5cdeacde7ffb39655f031104728
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:3c8b81fa868e27c6266e7660a4bfb4c822846dcf4304606e71e20893b0d3e515
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:417f44117f8d87a4a62fea6589b5746612ac61640b454dbd88f74892380411f2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:f99d2bdb02f13223d494077a2cde31418d09369f33c02134a8e7e5fad2f61eda
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:fe5e5ba3a72632cd505910de2eacd62c9d11ed570c325173188f8d568ac60771
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:7749146f7e4fe530846f1b15c9366178ec9f44776ef1922a60d3e7e2b8c6426b
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:f9ca942208dc2e63b479384ccc56a611cc793397ecc837637b5b9f89c2ecbefe
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:db2b267dc15e4ed17f704ee91b8e9b38068e1a35b1018a328fdca621819d74c6
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:bf7bdde00b7212f730c1356672290af6f38d070da2c8a316987b5c32fd49e0b9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.3@sha256:a2bde66f6b4164620298c7d709b8f08515409404000fa1dc2260d2508b135651
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:517a51e260c0b59654a9d7b842e1ab07d76bce15ca7ce9c8fd2489a19be6463d
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:8c75c4a747e635e5f3e12266a3bb6e5d3132bf54e37eaa53d505f89897dd8eca
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:86c069cac0a669797e8049faa8aa4088e70ff7fcd579d5bdc37626a9e0488a05
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true

640
.tekton/pipelines/push-pipeline.yaml
View File

@ -1,640 +0,0 @@
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: push-pipeline
labels:
appstudio.openshift.io/application: ramalama
spec:
description: |
Pipeline for building RamaLama images on push.
Based on the [docker-build-multi-platform-oci-ta](https://github.com/konflux-ci/build-definitions/tree/main/pipelines/docker-build-multi-platform-oci-ta) pipeline from [Konflux](https://konflux-ci.dev/).
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote VMs
name: privileged-nested
type: string
- default:
- linux-c4xlarge/amd64
description: List of platforms to build the container images on. The available set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
- default: ""
description: The parent image of the image being built.
name: parent-image
- default: ""
description: The image to use for running tests.
name: test-image
- default: []
description: List of environment variables (NAME=VALUE) to be set in the test environment.
name: test-envs
type: array
- default:
- echo "No tests defined"
description: List of test commands to run after the image is built.
name: test-commands
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:1d8221c84f91b923d89de50bf16481ea729e3b68ea04a9a7cbe8485ddbb27ee6
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:d35e5d501cb5f5f88369511f76249857cb5ac30250e1dcf086939321964ff6b9
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:092491ac0f6e1009d10c58a1319d1029371bf637cc1293cceba53c6da5314ed1
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- name: wait-for-parent-image
params:
- name: ref
value: $(params.parent-image)
taskRef:
name: wait-for-image
when:
- input: $(params.parent-image)
operator: notin
values:
- ""
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- wait-for-parent-image
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:9e866d4d0489a6ab84ae263db416c9f86d2d6117ef4444f495a0e97388ae3ac0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:3499772af90aad0d3935629be6d37dd9292195fb629e6f43ec839c7f545a0faa
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: wait-for-test-image
params:
- name: ref
value: $(params.test-image)
runAfter:
- build-image-index
taskRef:
name: wait-for-image
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: run-tests
matrix:
params:
- name: cmd
value:
- $(params.test-commands)
params:
- name: image
value: $(params.test-image)@$(tasks.wait-for-test-image.results.digest)
- name: envs
value:
- $(params.test-envs[*])
runAfter:
- wait-for-test-image
taskRef:
name: test-cmd
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: BINARY_IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:b1eb49583b41872b27356fee20d5f0eb6ff7f5cdeacde7ffb39655f031104728
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:3c8b81fa868e27c6266e7660a4bfb4c822846dcf4304606e71e20893b0d3e515
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:417f44117f8d87a4a62fea6589b5746612ac61640b454dbd88f74892380411f2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:f99d2bdb02f13223d494077a2cde31418d09369f33c02134a8e7e5fad2f61eda
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:fe5e5ba3a72632cd505910de2eacd62c9d11ed570c325173188f8d568ac60771
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:7749146f7e4fe530846f1b15c9366178ec9f44776ef1922a60d3e7e2b8c6426b
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:f9ca942208dc2e63b479384ccc56a611cc793397ecc837637b5b9f89c2ecbefe
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:db2b267dc15e4ed17f704ee91b8e9b38068e1a35b1018a328fdca621819d74c6
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:bf7bdde00b7212f730c1356672290af6f38d070da2c8a316987b5c32fd49e0b9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.3@sha256:a2bde66f6b4164620298c7d709b8f08515409404000fa1dc2260d2508b135651
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:517a51e260c0b59654a9d7b842e1ab07d76bce15ca7ce9c8fd2489a19be6463d
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:8c75c4a747e635e5f3e12266a3bb6e5d3132bf54e37eaa53d505f89897dd8eca
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:86c069cac0a669797e8049faa8aa4088e70ff7fcd579d5bdc37626a9e0488a05
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true

42
.tekton/ramalama-cli/ramalama-cli-pull-request.yaml
View File

@ -1,42 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-cli
pipelines.appstudio.openshift.io/type: build
name: ramalama-cli-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-cli:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama-cli/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/ramalama-cli/ramalama-cli-push.yaml
View File

@ -1,39 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-cli
pipelines.appstudio.openshift.io/type: build
name: ramalama-cli-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-cli:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama-cli/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/ramalama-llama-server/ramalama-llama-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-llama-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/ramalama-llama-server/ramalama-llama-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-llama-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

619
.tekton/ramalama-pull-request.yaml Normal file
View File

@ -0,0 +1,619 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch
== "main"
creationTimestamp: null
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux/x86_64
- linux/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
pipelineSpec:
description: |
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
_Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:002f7c8c1d2f9e09904035da414aba1188ae091df0ea9532cd997be05e73d594
- name: kind
value: task
resolver: bundles
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter
path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote
VMs
name: privileged-nested
type: string
- default:
- linux/x86_64
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:66e90d31e1386bf516fb548cd3e3f0082b5d0234b8b90dbf9e0d4684b70dbe1a
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:0fea1e4bd2fdde46c5b7786629f423a51e357f681c32ceddd744a6e3d48b8327
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:adbd819c6b727ac0c5519475d174dcad64cfa8df6ee50acd58f7fb562c59d4f7
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:cfeeef2f4ab25b121afdf44eecc394ed67f3534a1bd14bef9e7beef2ee654b8e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:fc55208a5967b42e1bec89f0ffed26fc4f18db92df2a4885a7d2b4d5cfd603e0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(params.output-image)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2@sha256:c5e56643c0f5e19409e86c8fd4de4348413b6f10456aa0875498d5c63bf6ef0e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:ecd33669676b3a193ff4c2c6223cb912cc1b0cf5cc36e080eaec7718500272cf
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:68a8fe28527c4469243119a449e2b3a6655f2acac589c069ea6433242da8ed4d
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:8a2d3ce9205df1f59f410529cb38134336e0a4b06ee1187b3229f26c80ecc5ba
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:9a6ec5575f80668552d861e64414e736c85af772c272ca653a6fd1ec841d2627
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:386c8c3395b44f6eb927dbad72382808b0ae42008f183064ca77cb4cad998442
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:7c845b10d257b874f645ea30deeff3c1ce2b38e7b6e331564f32c8684f41b520
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:8b58c4fae00c0dfe3937abfb8a9a61aa3c408cca4278b817db53d518428d944e
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:60a7ee6ec5d00920389f03befd328cdaa159b7122a94ff3c87da287e0f32420f
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:9613b9037e4199495800c2054c13d0479e3335ec94e0f15f031a5bce844003a9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:0c411c27483849a936c0c420a57e477113e9fafc63077647200d6614d9ebb872
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:d0ee13ab3d9564f7ee806a8ceaced934db493a3a40e11ff6db3a912b8bbace95
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:2a5e357cd7f4b5634474de14dfc09aec48acca3995cbb3bb5d532025923322c2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true
taskRunTemplate: {}
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'
status: {}

616
.tekton/ramalama-push.yaml Normal file
View File

@ -0,0 +1,616 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch
== "main"
creationTimestamp: null
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-platforms
value:
- linux/x86_64
- linux/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
pipelineSpec:
description: |
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
_Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:002f7c8c1d2f9e09904035da414aba1188ae091df0ea9532cd997be05e73d594
- name: kind
value: task
resolver: bundles
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter
path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote
VMs
name: privileged-nested
type: string
- default:
- linux/x86_64
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:66e90d31e1386bf516fb548cd3e3f0082b5d0234b8b90dbf9e0d4684b70dbe1a
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:0fea1e4bd2fdde46c5b7786629f423a51e357f681c32ceddd744a6e3d48b8327
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:adbd819c6b727ac0c5519475d174dcad64cfa8df6ee50acd58f7fb562c59d4f7
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:cfeeef2f4ab25b121afdf44eecc394ed67f3534a1bd14bef9e7beef2ee654b8e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:fc55208a5967b42e1bec89f0ffed26fc4f18db92df2a4885a7d2b4d5cfd603e0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(params.output-image)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2@sha256:c5e56643c0f5e19409e86c8fd4de4348413b6f10456aa0875498d5c63bf6ef0e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:ecd33669676b3a193ff4c2c6223cb912cc1b0cf5cc36e080eaec7718500272cf
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:68a8fe28527c4469243119a449e2b3a6655f2acac589c069ea6433242da8ed4d
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:8a2d3ce9205df1f59f410529cb38134336e0a4b06ee1187b3229f26c80ecc5ba
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:9a6ec5575f80668552d861e64414e736c85af772c272ca653a6fd1ec841d2627
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:386c8c3395b44f6eb927dbad72382808b0ae42008f183064ca77cb4cad998442
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:7c845b10d257b874f645ea30deeff3c1ce2b38e7b6e331564f32c8684f41b520
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:8b58c4fae00c0dfe3937abfb8a9a61aa3c408cca4278b817db53d518428d944e
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:60a7ee6ec5d00920389f03befd328cdaa159b7122a94ff3c87da287e0f32420f
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:9613b9037e4199495800c2054c13d0479e3335ec94e0f15f031a5bce844003a9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:0c411c27483849a936c0c420a57e477113e9fafc63077647200d6614d9ebb872
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:d0ee13ab3d9564f7ee806a8ceaced934db493a3a40e11ff6db3a912b8bbace95
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:2a5e357cd7f4b5634474de14dfc09aec48acca3995cbb3bb5d532025923322c2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true
taskRunTemplate: {}
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'
status: {}

48
.tekton/ramalama-rag/ramalama-rag-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-rag
pipelines.appstudio.openshift.io/type: build
name: ramalama-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/ramalama-rag/ramalama-rag-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-rag
pipelines.appstudio.openshift.io/type: build
name: ramalama-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/ramalama-whisper-server/ramalama-whisper-server-pull-request.yaml
View File

@ -1,48 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-whisper-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/ramalama-whisper-server/ramalama-whisper-server-push.yaml
View File

@ -1,45 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-whisper-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

52
.tekton/ramalama/ramalama-pull-request.yaml
View File

@ -1,52 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
- name: test-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:on-pr-{{revision}}
- name: test-envs
value:
- RAMALAMA_IMAGE=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: test-commands
value:
- make validate
- make unit-tests
- make cov-tests
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

49
.tekton/ramalama/ramalama-push.yaml
View File

@ -1,49 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
- name: test-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:{{revision}}
- name: test-envs
value:
- RAMALAMA_IMAGE=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: test-commands
value:
- make validate
- make unit-tests
- make cov-tests
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-llama-server/rocm-llama-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-llama-server/rocm-llama-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-rag/rocm-rag-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- GPU=rocm
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-rag/rocm-rag-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- GPU=rocm
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-ubi-llama-server/rocm-ubi-llama-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-ubi-llama-server/rocm-ubi-llama-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-ubi-rag/rocm-ubi-rag-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- GPU=rocm
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-ubi-rag/rocm-ubi-rag-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- GPU=rocm
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-ubi-whisper-server/rocm-ubi-whisper-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-ubi-whisper-server/rocm-ubi-whisper-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/rocm-ubi/rocm-ubi-pull-request.yaml
View File

@ -1,41 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm-ubi/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/rocm-ubi/rocm-ubi-push.yaml
View File

@ -1,38 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm-ubi/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-whisper-server/rocm-whisper-server-pull-request.yaml
View File

@ -1,47 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-whisper-server/rocm-whisper-server-push.yaml
View File

@ -1,44 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/rocm/rocm-pull-request.yaml
View File

@ -1,41 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm
pipelines.appstudio.openshift.io/type: build
name: rocm-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/rocm/rocm-push.yaml
View File

@ -1,38 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm
pipelines.appstudio.openshift.io/type: build
name: rocm-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

36
.tekton/tasks/test-cmd.yaml
View File

@ -1,36 +0,0 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: test-cmd
spec:
description: Run a command in a test environment.
params:
- name: image
description: The image to use when setting up the test environment.
- name: cmd
description: The command to run.
- name: envs
description: List of environment variables (NAME=VALUE) to be set in the test environment.
type: array
default: []
steps:
- name: run
image: $(params.image)
computeResources:
limits:
memory: 4Gi
requests:
cpu: "1"
memory: 1Gi
securityContext:
capabilities:
add:
- SETFCAP
command:
- /usr/bin/entrypoint.sh
args:
- $(params.envs[*])
- /bin/bash
- -ex
- -c
- $(params.cmd)

32
.tekton/tasks/wait-for-image.yaml
View File

@ -1,32 +0,0 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: wait-for-image
spec:
description: Wait for an image to become available.
params:
- name: ref
description: Location of image to wait for.
results:
- name: digest
description: The digest that the image ref resolves to.
steps:
- name: check-and-wait
image: registry.redhat.io/rhel10/skopeo:latest
env:
- name: REF
value: $(params.ref)
- name: RESULTS_DIGEST_PATH
value: $(results.digest.path)
script: |
#!/bin/bash -e
echo "Fetching digest of $REF"
while true; do
DIGEST="$(skopeo inspect -n -f {{.Digest}} "docker://$REF" || :)"
if [ "${#DIGEST}" -gt 0 ]; then
echo -n "$DIGEST" | tee "$RESULTS_DIGEST_PATH"
exit
fi
echo "$(date -uIseconds): digest unavailable, waiting..."
sleep 60
done

42
Makefile
View File

@ -8,10 +8,8 @@ PYTHON ?= $(shell command -v python3 python|head -n1)
DESTDIR ?= /
PATH := $(PATH):$(HOME)/.local/bin
IMAGE ?= ramalama
PROJECT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
PYTHON_SCRIPTS := $(shell grep -lEr "^\#\!\s*/usr/bin/(env +)?python(3)?(\s|$$)" --exclude-dir={.venv,venv} $(PROJECT_DIR) || true)
PYTHON_FILES := $(shell find . -path "./.venv" -prune -o -name "*.py" -print) $(shell find . -name ".venv" -prune -o -type f -perm +111 -exec grep -l "^\#!/usr/bin/env python3" {} \; 2>/dev/null || true)
PYTEST_COMMON_CMD ?= PYTHONPATH=. pytest test/unit/ -vv
BATS_IMAGE ?= localhost/bats:latest
default: help
@ -62,9 +60,9 @@ install-completions: completions
install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/fish/vendor_completions.d
install ${SELINUXOPT} -m 644 completions/fish/vendor_completions.d/ramalama.fish \
$(DESTDIR)${SHAREDIR}/fish/vendor_completions.d/ramalama.fish
install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/zsh/site-functions
install ${SELINUXOPT} -m 644 completions/zsh/site-functions/_ramalama \
$(DESTDIR)${SHAREDIR}/zsh/site-functions/_ramalama
install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/zsh/site
install ${SELINUXOPT} -m 644 completions/zsh/vendor-completions/_ramalama \
$(DESTDIR)${SHAREDIR}/zsh/vendor-completions/_ramalama
.PHONY: install-shortnames
install-shortnames:
@ -80,8 +78,8 @@ completions:
mkdir -p completions/fish/vendor_completions.d
register-python-argcomplete --shell fish ramalama > completions/fish/vendor_completions.d/ramalama.fish
mkdir -p completions/zsh/site-functions
-register-python-argcomplete --shell zsh ramalama > completions/zsh/site-functions/_ramalama
mkdir -p completions/zsh/vendor-completions
-register-python-argcomplete --shell zsh ramalama > completions/zsh/vendor-completions/_ramalama
.PHONY: install
install: docs completions
@ -115,22 +113,22 @@ ifneq (,$(wildcard /usr/bin/python3))
endif
! grep -ri --exclude-dir ".venv" --exclude-dir "*/.venv" "#\!/usr/bin/python3" .
flake8 $(PROJECT_DIR) $(PYTHON_SCRIPTS)
flake8 $(PYTHON_FILES)
shellcheck *.sh */*.sh */*/*.sh
.PHONY: check-format
check-format:
black --check --diff $(PROJECT_DIR) $(PYTHON_SCRIPTS)
isort --check --diff $(PROJECT_DIR) $(PYTHON_SCRIPTS)
black --check --diff $(PYTHON_FILES)
isort --check --diff $(PYTHON_FILES)
.PHONY: format
format:
black $(PROJECT_DIR) $(PYTHON_SCRIPTS)
isort $(PROJECT_DIR) $(PYTHON_SCRIPTS)
black $(PYTHON_FILES)
isort $(PYTHON_FILES)
.PHONY: codespell
codespell:
codespell -w $(PROJECT_DIR) $(PYTHON_SCRIPTS)
codespell --dictionary=- --ignore-words-list "cann" -w --skip="*/venv*"
.PHONY: test-run
test-run:
@ -163,22 +161,6 @@ bats-nocontainer:
bats-docker:
_RAMALAMA_TEST_OPTS=--engine=docker RAMALAMA=$(CURDIR)/bin/ramalama bats -T test/system/
.PHONY: bats-image
bats-image:
podman inspect $(BATS_IMAGE) &> /dev/null || \
podman build -t $(BATS_IMAGE) -f container-images/bats/Containerfile .
bats-in-container: extra-opts = --security-opt unmask=/proc/* --device /dev/net/tun --device /dev/fuse
%-in-container: bats-image
podman run -it --rm \
--userns=keep-id:size=200000 \
--security-opt label=disable \
--security-opt=mask=/sys/bus/pci/drivers/i915 \
$(extra-opts) \
-v $(CURDIR):/src \
$(BATS_IMAGE) make $*
.PHONY: ci
ci:
test/ci.sh

64
README.md
View File

@ -2,12 +2,14 @@
<img src="https://github.com/user-attachments/assets/1a338ecf-dc84-4495-8c70-16882955da47" width=50%>
</p>
[RamaLama](https://ramalama.ai) strives to make working with AI simple, straightforward, and familiar by using OCI containers.
[RamaLama](https://ramalama.ai) is an open-source tool that simplifies the local use and serving of AI models for inference from any source through the familiar approach of containers.
<br>
<br>
## Description
RamaLama is an open-source tool that simplifies the local use and serving of AI models for inference from any source through the familiar approach of containers. It allows engineers to use container-centric development patterns and benefits to extend to AI use cases.
RamaLama strives to make working with AI simple, straightforward, and familiar by using OCI containers.
RamaLama is an open-source tool that simplifies the local use and serving of AI models for inference from any source through the familiar approach of containers. Using a container engine like Podman, engineers can use container-centric development patterns and benefits to extend to AI use cases.
RamaLama eliminates the need to configure the host system by instead pulling a container image specific to the GPUs discovered on the host system, and allowing you to work with various models and platforms.
@ -21,25 +23,6 @@ RamaLama eliminates the need to configure the host system by instead pulling a c
- Interact with models via REST API or as a chatbot.
<br>
## Install
### Install on Fedora
RamaLama is available in [Fedora](https://fedoraproject.org/) and later. To install it, run:
```
sudo dnf install python3-ramalama
```
### Install via PyPI
RamaLama is available via PyPI at [https://pypi.org/project/ramalama](https://pypi.org/project/ramalama)
```
pip install ramalama
```
### Install script (Linux and macOS)
Install RamaLama by running:
```
curl -fsSL https://ramalama.ai/install.sh | bash
```
## Accelerated images
| Accelerator | Image |
@ -74,7 +57,7 @@ RamaLama then pulls AI Models from model registries, starting a chatbot or REST
| :--------------------------------- | :-------------------------: |
| CPU | &check; |
| Apple Silicon GPU (Linux / Asahi) | &check; |
| Apple Silicon GPU (macOS) | &check; llama.cpp or MLX |
| Apple Silicon GPU (macOS) | &check; |
| Apple Silicon GPU (podman-machine) | &check; |
| Nvidia GPU (cuda) | &check; See note below |
| AMD GPU (rocm, vulkan) | &check; |
@ -104,20 +87,28 @@ See the [Intel hardware table](https://dgpu-docs.intel.com/devices/hardware-tabl
### Moore Threads GPUs
On systems with Moore Threads GPUs, see [ramalama-musa](docs/ramalama-musa.7.md) documentation for the correct host system configuration.
### MLX Runtime (macOS only)
The MLX runtime provides optimized inference for Apple Silicon Macs. MLX requires:
- macOS operating system
- Apple Silicon hardware (M1, M2, M3, or later)
- Usage with `--nocontainer` option (containers are not supported)
- The `mlx-lm` Python package installed on the host system
## Install
### Install on Fedora
RamaLama is available in [Fedora 40](https://fedoraproject.org/) and later. To install it, run:
```
sudo dnf install python3-ramalama
```
To install and run Phi-4 on MLX, use either `uv` or `pip`:
```bash
uv pip install mlx-lm
# or pip:
pip install mlx-lm
### Install via PyPi
RamaLama is available via PyPi at [https://pypi.org/project/ramalama](https://pypi.org/project/ramalama)
```
pip install ramalama
```
ramalama --runtime=mlx serve hf://mlx-community/Unsloth-Phi-4-4bit
### Install via Homebrew
```
brew install ramalama
```
### Install script (Linux and macOS)
Install RamaLama by running:
```
curl -fsSL https://ramalama.ai/install.sh | bash
```
#### Default Container Engine
@ -222,7 +213,7 @@ $ cat /usr/share/ramalama/shortnames.conf
<br>
```
$ ramalama bench granite3-moe
$ ramalama bench granite-moe3
```
</details>
@ -829,7 +820,7 @@ $ cat /usr/share/ramalama/shortnames.conf
Perplexity measures how well the model can predict the next token with lower values being better
```
$ ramalama perplexity granite3-moe
$ ramalama perplexity granite-moe3
```
</details>
@ -1134,7 +1125,6 @@ This project wouldn't be possible without the help of other projects like:
- [llama.cpp](https://github.com/ggml-org/llama.cpp)
- [whisper.cpp](https://github.com/ggml-org/whisper.cpp)
- [vllm](https://github.com/vllm-project/vllm)
- [mlx-lm](https://github.com/ml-explore/mlx-examples)
- [podman](https://github.com/containers/podman)
- [huggingface](https://github.com/huggingface)

0
completions/zsh/site-functions/_ramalama → completions/zsh/vendor-completions/_ramalama
View File

30
container-images/bats/Containerfile
View File

@ -1,30 +0,0 @@
FROM quay.io/fedora/fedora:42
ENV HOME=/tmp \
XDG_RUNTIME_DIR=/tmp
WORKDIR /src
ENTRYPOINT ["/usr/bin/entrypoint.sh"]
RUN dnf -y install make bats jq iproute podman openssl httpd-tools diffutils \
python3-huggingface-hub \
$([ $(uname -m) == "x86_64" ] && echo ollama) \
# for validate and unit-tests
black codespell shellcheck \
python3-flake8 python3-isort python3-pip python3-pytest \
perl-Clone perl-FindBin \
# for building llama-bench
git-core cmake gcc-c++ curl-devel && \
dnf -y clean all
RUN rpm --restore shadow-utils
RUN git clone --depth=1 https://github.com/ggml-org/llama.cpp && \
pushd llama.cpp && \
cmake -B build -DGGML_NATIVE=OFF -DGGML_RPC=ON -DGGML_CCACHE=OFF -DGGML_CMAKE_BUILD_TYPE=Release -DLLAMA_CURL=ON -DCMAKE_INSTALL_PREFIX=/usr && \
cmake --build build --config Release --parallel $(nproc) && \
cmake --install build && \
popd && rm -rf llama.cpp
COPY container-images/bats/entrypoint.sh /usr/bin
COPY container-images/bats/containers.conf /etc/containers
COPY . /src
RUN chmod -R a+rw /src
RUN chmod a+rw /etc/subuid /etc/subgid

8
container-images/bats/containers.conf
View File

@ -1,8 +0,0 @@
[containers]
utsns="host"
cgroups="disabled"
log_driver="k8s-file"
[engine]
events_logger="file"
infra_image="quay.io/libpod/k8s-pause:3.5"

20
container-images/bats/entrypoint.sh
View File

@ -1,20 +0,0 @@
#!/bin/bash
echo "$(id -un):10000:2000" > /etc/subuid
echo "$(id -un):10000:2000" > /etc/subgid
while [ $# -gt 0 ]; do
if [[ "$1" =~ = ]]; then
# shellcheck disable=SC2163
export "$1"
shift
else
break
fi
done
if [ $# -gt 0 ]; then
exec "$@"
else
exec /bin/bash
fi

7
container-images/common/Containerfile.entrypoint
View File

@ -1,7 +0,0 @@
ARG PARENT
FROM $PARENT
ARG ENTRYPOINT
ENV ENTRYPOINT="$ENTRYPOINT"
ENTRYPOINT exec $ENTRYPOINT

8
container-images/common/Containerfile.rag
View File

@ -1,8 +0,0 @@
ARG PARENT
FROM $PARENT
ARG GPU
USER root
RUN /usr/bin/build_rag.sh "$GPU"
ENTRYPOINT []

10
container-images/llama-stack/Containerfile
View File

@ -1,21 +1,19 @@
FROM quay.io/fedora/fedora:42
ARG RAMALAMA_STACK_VERSION=0.2.5
# hack that should be removed when the following bug is addressed
# https://github.com/containers/ramalama-stack/issues/53
RUN curl --create-dirs --output ~/.llama/providers.d/remote/inference/ramalama.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v${RAMALAMA_STACK_VERSION}/src/ramalama_stack/providers.d/remote/inference/ramalama.yaml && \
curl --create-dirs --output /etc/ramalama/ramalama-run.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v${RAMALAMA_STACK_VERSION}/src/ramalama_stack/ramalama-run.yaml
RUN curl --create-dirs --output ~/.llama/providers.d/remote/inference/ramalama.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v0.2.2/src/ramalama_stack/providers.d/remote/inference/ramalama.yaml && \
curl --create-dirs --output /etc/ramalama/ramalama-run.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v0.2.2/src/ramalama_stack/ramalama-run.yaml
RUN dnf -y update && \
dnf -y install uv cmake gcc gcc-c++ python3-devel pkg-config sentencepiece-devel && \
dnf -y clean all
RUN uv venv && \
uv pip install ramalama-stack==${RAMALAMA_STACK_VERSION}
uv pip install ramalama-stack==0.2.2
COPY --chmod=755 container-images/llama-stack/entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT [ "/usr/bin/entrypoint.sh" ]
CMD [ "llama", "stack", "run", "--image-type", "venv", "/etc/ramalama/ramalama-run.yaml" ]
CMD llama stack run --image-type venv /etc/ramalama/ramalama-run.yaml

1
container-images/musa/Containerfile
View File

@ -13,6 +13,7 @@ FROM docker.io/mthreads/musa:${VERSION}-mudnn-runtime-ubuntu${UBUNTU_VERSION}
# Copy the entire installation directory from the builder
COPY --from=builder /tmp/install /usr
# pip install . --prefix=/tmp/install will install the wheel in /tmp/install/local/...
RUN mv /usr/local/libexec/ramalama /usr/libexec/ramalama/
RUN apt-get update && apt-get install -y python-is-python3 && apt-get clean && \
rm -rf /var/lib/apt/lists/*

Some files were not shown because too many files have changed in this diff Show More