talexander/personal_tekton_catalog
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: talexander:main
Branches Tags
talexander:main
talexander:preserve_cache_v2
talexander:preserve_cache
...
pull from: talexander:preserve_cache_v2
Branches Tags
talexander:preserve_cache_v2
talexander:preserve_cache
talexander:main

5 Commits
main ... preserve_c

Author SHA1 Message Date
Tom Alexander
caf789e7af
Put a regular user step first. 2025-02-23 13:18:10 -05:00
Tom Alexander
23916baa61
Put back in chown. 2025-02-23 13:15:24 -05:00
Tom Alexander
8cf07d7693
Switch to real mount path. 2025-02-23 13:11:15 -05:00
Tom Alexander
bfa6d169e3
Add the buildkit-cache workspace at a dummy mount point. 2025-02-23 13:06:38 -05:00
Tom Alexander
e2ee912556
Change mount for buildkitd. 2025-02-23 13:05:37 -05:00
1 changed files with 30 additions and 2 deletions
Show Stats Expand all files Collapse all files

32
task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
View File

@ -22,6 +22,11 @@ spec:
description: Includes credentials for the docker image registry.
optional: true
mountPath: /home/user/.docker
- name: buildkit-cache
description: For preserving buildkit type=cache mounts between builds.
optional: true
# mountPath: /home/user/.local/share/foo
mountPath: /home/user/.local/share/buildkit
params:
- name: OUTPUT
type: string
@ -64,6 +69,29 @@ spec:
- name: metadata-out
emptyDir: {}
steps:
- name: run-as-user
image: $(params.BUILDER_IMAGE)
workingDir: "$(workspaces.source.path)"
script: |
#!/usr/bin/env sh
set -euo pipefail
echo "yo"
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
- name: setup-cache-ownership
image: $(params.BUILDER_IMAGE)
workingDir: "$(workspaces.source.path)"
script: |
#!/usr/bin/env sh
set -euo pipefail
chown 1000:1000 /home/user/.local/share/buildkit
chmod 0777 /home/user/.local/share/buildkit
securityContext:
# runAsNonRoot: false
runAsUser: 0
runAsGroup: 0
- name: write-config
image: $(params.BUILDER_IMAGE)
workingDir: "$(workspaces.source.path)"
@ -88,7 +116,7 @@ spec:
chmod +x /home/user/.config/buildkit/entrypoint.sh
volumeMounts:
- name: buildkitd
mountPath: /home/user/.local/share/buildkit
mountPath: /home/user/.local/share/buildkittwo
- name: buildkitd-toml
mountPath: /home/user/.config/buildkit
securityContext:
@ -113,7 +141,7 @@ spec:
- $(params.EXTRA_ARGS)
volumeMounts:
- name: buildkitd
mountPath: /home/user/.local/share/buildkit
mountPath: /home/user/.local/share/buildkittwo
- name: buildkitd-toml
mountPath: /home/user/.config/buildkit
readOnly: true