Build an os image on k8s.

images/Dockerfile_j7s-image-build

@@ -0,0 +1,9 @@
+FROM quay.io/centos/centos:stream9
+RUN dnf install -y 'dnf-command(copr)' && \
+    dnf copr enable -y @osbuild/osbuild && \
+    dnf install -y osbuild osbuild-tools osbuild-ostree make sudo
+RUN useradd -m -G wheel -s /bin/bash -u 1000 j7s && \
+    bash -c 'echo "%wheel  ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers.d/container' && \
+    chmod 0440 /etc/sudoers.d/container
+USER j7s
+ENTRYPOINT ["bash"]

pipelines/j7s-os-pipeline.yaml

@@ -0,0 +1,46 @@
+# A pipeline to build j7s-os images.
+# Steps:
+#   Clone the j7s-os repo from gitea.
+#   Call make <> in the repo.
+#   Build and push a new deployment container.
+#   Deply the deployment container as a service.
+---
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: j7s-os-pipeline
+spec:
+  description: Build and deploy j7s-os images.
+  params:
+  - name: image-name
+    type: string
+    description: The name of the os image to build.
+  workspaces:
+  - name: shared-data
+    description: Shared data.
+  - name: git-credentials
+    description: My ssh credentials
+  tasks:
+  - name: fetch-repo
+    workspaces:
+    - name: output
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: git-credentials
+    params:
+    - name: url
+      value: ssh://git@git.jpace121.net:2222/jimmy/j7s-os.git
+    - name: branch
+      value: main
+    taskRef:
+      name: j7s-git-clone
+  - name: call-make
+    runAfter: ["fetch-repo"]
+    workspaces:
+    - name: source
+      workspace: shared-data
+    params:
+    - name: image-name
+      value: $(params.image-name)
+    taskRef:
+      name: j7s-os-image-build

runs/j7s-os-test.yaml

@@ -0,0 +1,22 @@
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  name: j7s-os-test
+spec:
+  pipelineRef:
+    name: j7s-os-pipeline
+  workspaces:
+  - name: shared-data
+    volumeClaimTemplate:
+      spec:
+        accessModes:
+        - ReadWriteOnce
+        resources:
+          requests:
+            storage: 3Gi
+  - name: git-credentials
+    secret:
+      secretName: git-credentials
+  params:
+  - name: image-name
+    value: cs9-qemu-minimal-ostree.x86_64.repo

tasks/j7s-git-clone.yaml

@@ -0,0 +1,20 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: j7s-git-clone
+spec:
+  workspaces:
+  - name: output
+  - name: ssh-directory
+  params:
+  - name: url
+  - name: branch
+  steps:
+  - image: 192.168.1.128:8443/gitssh:latest
+    script: |
+      set -x
+      cp -r $(workspaces.ssh-directory.path) ~/.ssh
+      chmod 700 ~/.ssh
+      chmod -R 400 ~/.ssh/*
+
+      git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)

tasks/j7s-os-image-build.yaml

@@ -0,0 +1,18 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: j7s-os-image-build
+spec:
+  workspaces:
+  - name: source
+  params:
+  - name: image-name
+  steps:
+  - image: 192.168.1.128:8443/j7s-image-build:latest
+    securityContext:
+      privileged: true
+    script: |
+      set -x
+      sudo chown -R j7s:j7s $(workspaces.source.path)
+      cd $(workspaces.source.path)
+      make $(params.image-name)