-
Notifications
You must be signed in to change notification settings - Fork 42
Expand file tree
/
Copy pathTaskfile.yml
More file actions
64 lines (55 loc) · 2.62 KB
/
Copy pathTaskfile.yml
File metadata and controls
64 lines (55 loc) · 2.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# Copyright AGNTCY Contributors (https://github.com/agntcy)
# SPDX-License-Identifier: Apache-2.0
version: "3"
tasks:
default:
cmd: echo "Run the main Taskfile instead of this one."
helm:gen:add-repo:
desc: Add Helm repos to the local Helm repository
run: once
cmds:
- "{{ .HELM_BIN }} repo add project-zot http://zotregistry.dev/helm-charts"
- "{{ .HELM_BIN }} repo add bitnami https://charts.bitnami.com/bitnami"
status:
- "{{ .HELM_BIN }} repo list | grep -q 'project-zot.*http://zotregistry.dev/helm-charts'"
- "{{ .HELM_BIN }} repo list | grep -q 'bitnami.*https://charts.bitnami.com/bitnami'"
helm:dep:build:
desc: Build Helm dependencies for all charts and subcharts
deps:
- deps:helm
cmds:
- task: helm:gen:add-repo
- "{{ .HELM_BIN }} dependency build {{ .ROOT_DIR }}/install/charts/dir/apiserver"
- "{{ .HELM_BIN }} dependency build {{ .ROOT_DIR }}/install/charts/dir"
helm:gen:
desc: Update Helm dependencies for chart and subcharts
deps:
- deps:helm
env:
SOURCE_DATE_EPOCH: "0" # NOTE: Not implemented yet: https://github.com/helm/helm/pull/31845
vars:
HELM_ALL_CHART_PATHS:
sh: find . -name Chart.yaml -exec dirname {} \; | sort -r
cmds:
- task: helm:gen:add-repo
# NOTE: Remove the byte null workaround when SOURCE_DATE_EPOCH implemeted
# Reproducible chart packaging requires two layers of normalization:
# 1. File timestamps: git does not preserve mtime, so every checkout gets
# different values. We touch all chart source files to a fixed date before
# packaging so tar entry headers are identical across machines.
# 2. Gzip envelope: the MTIME and OS header bytes vary per build; we patch
# them to fixed values after packaging.
# Normalize chart source file timestamps for reproducible tar entries.
# TZ=UTC ensures the same Unix timestamp regardless of local timezone.
- for: { var: HELM_ALL_CHART_PATHS }
cmd: "find {{ .ITEM }} -exec env TZ=UTC touch -t 200001010000.00 {} +"
# Update dependencies
- for: { var: HELM_ALL_CHART_PATHS }
cmd: "cd {{ .ITEM }} && {{ .HELM_BIN }} dependency update"
# Zero out gzip header MTIME (bytes 4-7) and set OS (byte 9) to 0xff
# so tgz hashes are identical regardless of build time or platform.
- |
find . -path '*/charts/*.tgz' -type f | while read -r tgz; do
printf '\x00\x00\x00\x00' | dd of="$tgz" bs=1 seek=4 count=4 conv=notrunc 2>/dev/null
printf '\xff' | dd of="$tgz" bs=1 seek=9 count=1 conv=notrunc 2>/dev/null
done