diff --git a/config/openshift/base/operator.yaml b/config/openshift/base/operator.yaml index f621c71a9c..af1d38c006 100644 --- a/config/openshift/base/operator.yaml +++ b/config/openshift/base/operator.yaml @@ -90,19 +90,19 @@ spec: - name: IMAGE_HUB_TEKTON_HUB_DB value: registry.redhat.io/rhel9/postgresql-13@sha256:36647bd6d50d2e0e9c99ecf190bd515577c7ce9476e49d927c4d4065011e3441 - name: IMAGE_ADDONS_PARAM_BUILDER_IMAGE - value: registry.redhat.io/rhel9/buildah@sha256:18453ab0a62154283aaf4c45efd7543d1c8ecca1aebae46dedc7ddc0f410b232 + value: registry.redhat.io/rhel9/buildah@sha256:c54ea681142034817a77275ec770167cb17e64020f8c2dbb57c054c39b6c514a - name: IMAGE_ADDONS_PARAM_KN_IMAGE value: registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel8@sha256:0fa6d15d38601f266347cdd098e80bec9893f7e6b06e84efc4a8c50b3ff3c6cc - name: IMAGE_ADDONS_MVN_SETTINGS - value: registry.redhat.io/ubi9/ubi-minimal@sha256:2f06ae0e6d3d9c4f610d32c480338eef474867f435d8d28625f2985e8acde6e8 + value: registry.redhat.io/ubi9/ubi-minimal@sha256:463cae32c6f6f5594b11a5c22de275016bd8545ce58a6373388e8b24f13fc15c - name: IMAGE_ADDONS_SKOPEO_COPY - value: registry.redhat.io/rhel9/skopeo@sha256:a65a413f8a2864389a09dc750690d97afbcdc5c70821e0f85e99e8adba7954e0 + value: registry.redhat.io/rhel9/skopeo@sha256:fc58b8a734a34f1fd1b0b31e7e137a8200c72e233fbe2a67a29b7a665b683ce9 - name: IMAGE_ADDONS_GENERATE value: registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:3696cf724ce7865626ae408d82fd87727c741e4d3eb3475c271ec6d56f0882a4 - name: IMAGE_ADDONS_GEN_ENV_FILE value: registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:3696cf724ce7865626ae408d82fd87727c741e4d3eb3475c271ec6d56f0882a4 - name: IMAGE_ADDONS_PARAM_MAVEN_IMAGE - value: registry.redhat.io/ubi9/openjdk-17@sha256:555c8bcd2596637befd1a6da4aa949c5a2640cf66e09c2dfb932afe37e39095e + value: registry.redhat.io/ubi9/openjdk-17@sha256:052c0ab499cfbb24b20339394778dfe6402a66b42398c8e59c87697b9b3f0a42 - name: IMAGE_ADDONS_OC value: image-registry.openshift-image-registry.svc:5000/openshift/cli:latest - name: openshift-pipelines-operator-cluster-operations # tektoninstallerset reconciler diff --git a/hack/openshift/update-image-sha.sh b/hack/openshift/update-image-sha.sh index eea3d217e0..3e045286e3 100755 --- a/hack/openshift/update-image-sha.sh +++ b/hack/openshift/update-image-sha.sh @@ -1,103 +1,72 @@ #!/usr/bin/env bash set -e -u -o pipefail -declare -r SCRIPT_NAME=$(basename "$0") -declare -r SCRIPT_DIR=$(cd $(dirname "$0") && pwd) -declare -r USERNAME=${REGISTRY_USER} -declare -r PASSWORD=${REGISTRY_PASSWORD} - -log() { - local level=$1; shift - echo -e "$level: $@" -} - - -err() { - log "ERROR" "$@" >&2 -} - -info() { - log "INFO" "$@" -} - -die() { - local code=$1; shift - local msg="$@"; shift - err $msg - exit $code -} - -usage() { - local msg="$1" - cat <<-EOF -Error: $msg - -USAGE: - REGISTRY_USER= REGISTRY_PASSWORD= $SCRIPT_NAME - -Example: - REGISTRY_USER=johnsmith REGISTRY_PASSWORD=pass123 $SCRIPT_NAME -EOF - exit 1 -} - -#declare -r CATALOG_VERSION="release-v0.7" - +# Images to update declare -A IMAGES=( ["buildah"]="registry.redhat.io/rhel9/buildah" - ["kn"]="registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel8" - ["postgresql"]="registry.redhat.io/rhel9/postgresql-13" + ["kn"]="registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel9" + ["postgresql"]="registry.redhat.io/rhel9/postgresql-15" ["skopeo-copy"]="registry.redhat.io/rhel9/skopeo" - ["s2i"]="registry.redhat.io/source-to-image/source-to-image-rhel8" + ["s2i"]="registry.redhat.io/source-to-image/source-to-image-rhel9" ["ubi-minimal"]="registry.redhat.io/ubi9/ubi-minimal" ["java"]="registry.redhat.io/ubi9/openjdk-17" ) -registry_login() { - podman login --username=${USERNAME} --password=${PASSWORD} registry.redhat.io -} +# Find latest version/tag for an image +find_latest_version() { + local image=$1 + # Try to get version from Labels first + local version=$(skopeo inspect docker://${image} 2>/dev/null | jq -r '.Labels.version // empty') -find_latest_versions() { - local image_registry=${1:-""} - local latest_version="" - if ! skopeo inspect docker://${image_registry} 2>/dev/null | jq '.Labels.version' | tr -d '"' - then - podman search --list-tags ${image_registry} | grep -v NAME | tr -s ' ' | cut -d ' ' -f 2 | sort -r | grep -v '\-[a-z0-9\.]*$' | head -n 1 + # If no version label, get latest tag + if [[ -z "$version" ]]; then + version=$(skopeo list-tags docker://${image} | jq -r '.Tags[]' | sort -r | grep -v '\-[a-z0-9\.]*$' | head -n 1) fi -} -find_sha_from_tag() { - local image_url=${1:-""} - podman run --rm docker.io/mplatform/manifest-tool:v2.0.0 --username=${USERNAME} --password=${PASSWORD} inspect $image_url --raw | jq '.digest' | tr -d '"' + echo "$version" } -update_image_sha() { - local image_prefix=${1:-""} - shift - local image_sha=${1:-""} - shift - echo replacemnet var = ${image_prefix} - sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' config/openshift/base/operator.yaml - sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' operatorhub/openshift/config.yaml - sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' operatorhub/openshift/release-artifacts/bundle/manifests/*.yaml - find cmd/openshift/operator/kodata/tekton-addon/addons/ -type f -name "*.yaml" -exec sed -i -E 's%('${image_prefix}').*%\1@'${image_sha}'%' {} + +# Get manifest list digest for an image:tag (multi-arch) +get_manifest_list_digest() { + local image_url=$1 + skopeo inspect --no-tags docker://${image_url} | jq -r '.Digest' } +# Update image SHA in YAML files +update_yaml_files() { + local image_prefix=$1 + local image_sha=$2 + + echo "Updating: ${image_prefix} -> ${image_sha}" + # Update all YAML files + sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" config/openshift/base/operator.yaml + sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" operatorhub/openshift/config.yaml + sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" operatorhub/openshift/release-artifacts/bundle/manifests/*.yaml + find cmd/openshift/operator/kodata/tekton-addon/addons/ -type f -name "*.yaml" -exec sed -i -E "s%(${image_prefix}).*%\1@${image_sha}%" {} + +} + +# Main main() { - registry_login - for image in ${!IMAGES[@]}; do - latest_version=$(find_latest_versions ${IMAGES[$image]}) - echo latest_version=$latest_version - image_url="${IMAGES[$image]}":"${latest_version}" - echo $image_url - image_sha=$(find_sha_from_tag "${image_url}") - echo image_sha=${image_sha} - update_image_sha "${IMAGES[$image]}" $image_sha + echo "Updating Red Hat images to latest SHAs..." + echo + + for image_name in "${!IMAGES[@]}"; do + image_registry="${IMAGES[$image_name]}" + + echo "Processing: $image_name" + latest_version=$(find_latest_version "$image_registry") + echo " Latest version: $latest_version" + + image_url="${image_registry}:${latest_version}" + image_sha=$(get_manifest_list_digest "$image_url") + echo " SHA: $image_sha" + update_yaml_files "$image_registry" "$image_sha" + echo done - return $? + echo "✓ All images updated successfully" } main "$@" diff --git a/operatorhub/openshift/config.yaml b/operatorhub/openshift/config.yaml index bac8e83ebf..6f574523aa 100644 --- a/operatorhub/openshift/config.yaml +++ b/operatorhub/openshift/config.yaml @@ -145,7 +145,7 @@ image-substitutions: containerName: openshift-pipelines-operator-lifecycle envKeys: - IMAGE_ADDONS_OPC -- image: registry.redhat.io/rhel9/skopeo@sha256:a65a413f8a2864389a09dc750690d97afbcdc5c70821e0f85e99e8adba7954e0 +- image: registry.redhat.io/rhel9/skopeo@sha256:fc58b8a734a34f1fd1b0b31e7e137a8200c72e233fbe2a67a29b7a665b683ce9 replaceLocations: envTargets: - deploymentName: openshift-pipelines-operator @@ -153,7 +153,7 @@ image-substitutions: envKeys: - IMAGE_ADDONS_SKOPEO_COPY - IMAGE_ADDONS_SKOPEO_RESULTS -- image: registry.redhat.io/rhel9/buildah@sha256:18453ab0a62154283aaf4c45efd7543d1c8ecca1aebae46dedc7ddc0f410b232 +- image: registry.redhat.io/rhel9/buildah@sha256:c54ea681142034817a77275ec770167cb17e64020f8c2dbb57c054c39b6c514a replaceLocations: envTargets: - deploymentName: openshift-pipelines-operator @@ -162,7 +162,7 @@ image-substitutions: - IMAGE_ADDONS_PARAM_BUILDER_IMAGE - IMAGE_ADDONS_BUILD - IMAGE_ADDONS_S2I_BUILD -- image: registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:bc10e7d6122ede5cf4f2882c200447683255465a1080e826761e90bfb983506e +- image: registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:718e59d9aacacbaa16be3ae247bdb8582dc4fd9cbe0c5314dfdfc8f22e4f3578 replaceLocations: envTargets: - deploymentName: openshift-pipelines-operator @@ -171,7 +171,7 @@ image-substitutions: - IMAGE_ADDONS_GENERATE - IMAGE_ADDONS_GEN_ENV_FILE - IMAGE_ADDONS_S2I_GENERATE -- image: registry.redhat.io/ubi9/ubi-minimal@sha256:2f06ae0e6d3d9c4f610d32c480338eef474867f435d8d28625f2985e8acde6e8 +- image: registry.redhat.io/ubi9/ubi-minimal@sha256:463cae32c6f6f5594b11a5c22de275016bd8545ce58a6373388e8b24f13fc15c replaceLocations: envTargets: - deploymentName: openshift-pipelines-operator @@ -284,7 +284,7 @@ image-substitutions: containerName: openshift-pipelines-operator-lifecycle envKeys: - IMAGE_RESULTS_RETENTION_POLICY_AGENT -- image: registry.redhat.io/ubi9/openjdk-17@sha256:555c8bcd2596637befd1a6da4aa949c5a2640cf66e09c2dfb932afe37e39095e +- image: registry.redhat.io/ubi9/openjdk-17@sha256:052c0ab499cfbb24b20339394778dfe6402a66b42398c8e59c87697b9b3f0a42 replaceLocations: envTargets: - deploymentName: openshift-pipelines-operator diff --git a/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml b/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml index a7cc859457..4e97d809ca 100644 --- a/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml +++ b/operatorhub/openshift/release-artifacts/bundle/manifests/openshift-pipelines-operator-rh.clusterserviceversion.yaml @@ -1297,19 +1297,19 @@ spec: - name: IMAGE_HUB_TEKTON_HUB_DB value: registry.redhat.io/rhel9/postgresql-13@sha256:36647bd6d50d2e0e9c99ecf190bd515577c7ce9476e49d927c4d4065011e3441 - name: IMAGE_ADDONS_PARAM_BUILDER_IMAGE - value: registry.redhat.io/rhel9/buildah@sha256:18453ab0a62154283aaf4c45efd7543d1c8ecca1aebae46dedc7ddc0f410b232 + value: registry.redhat.io/rhel9/buildah@sha256:c54ea681142034817a77275ec770167cb17e64020f8c2dbb57c054c39b6c514a - name: IMAGE_ADDONS_PARAM_KN_IMAGE value: registry.redhat.io/openshift-serverless-1/kn-client-kn-rhel8@sha256:0fa6d15d38601f266347cdd098e80bec9893f7e6b06e84efc4a8c50b3ff3c6cc - name: IMAGE_ADDONS_MVN_SETTINGS - value: registry.redhat.io/ubi9/ubi-minimal@sha256:2f06ae0e6d3d9c4f610d32c480338eef474867f435d8d28625f2985e8acde6e8 + value: registry.redhat.io/ubi9/ubi-minimal@sha256:463cae32c6f6f5594b11a5c22de275016bd8545ce58a6373388e8b24f13fc15c - name: IMAGE_ADDONS_SKOPEO_COPY - value: registry.redhat.io/rhel9/skopeo@sha256:a65a413f8a2864389a09dc750690d97afbcdc5c70821e0f85e99e8adba7954e0 + value: registry.redhat.io/rhel9/skopeo@sha256:fc58b8a734a34f1fd1b0b31e7e137a8200c72e233fbe2a67a29b7a665b683ce9 - name: IMAGE_ADDONS_GENERATE value: registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:3696cf724ce7865626ae408d82fd87727c741e4d3eb3475c271ec6d56f0882a4 - name: IMAGE_ADDONS_GEN_ENV_FILE value: registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:3696cf724ce7865626ae408d82fd87727c741e4d3eb3475c271ec6d56f0882a4 - name: IMAGE_ADDONS_PARAM_MAVEN_IMAGE - value: registry.redhat.io/ubi9/openjdk-17@sha256:555c8bcd2596637befd1a6da4aa949c5a2640cf66e09c2dfb932afe37e39095e + value: registry.redhat.io/ubi9/openjdk-17@sha256:052c0ab499cfbb24b20339394778dfe6402a66b42398c8e59c87697b9b3f0a42 - name: IMAGE_ADDONS_OC value: image-registry.openshift-image-registry.svc:5000/openshift/cli:latest image: ghcr.io/tektoncd/operator/operator-1d69a75f22dd094880847eac907fb2c1@sha256:f164d2e5e209765e2ffd267e3af9ac904645937beb84a30d19d938b6780baabf