├── mongodb ├── .gitignore ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml ├── .openshift │ └── params │ │ ├── configsvr │ │ ├── replset-abc │ │ ├── replset-def │ │ └── mongos ├── requirements.yml └── storageclass.yaml ├── rabbitmq ├── .openshift │ ├── params │ │ ├── build │ │ └── deploy │ └── templates │ │ └── imagestreams │ │ └── images.yml ├── version.json ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml ├── test │ └── unit │ │ ├── _helpers.bash │ │ ├── configmap.bats │ │ ├── rolebinding.bats │ │ └── serviceaccount.bats ├── requirements.yml └── chart │ ├── templates │ ├── rolebinding.yaml │ ├── serviceaccount.yaml │ ├── service.yaml │ ├── tests │ │ └── test-connection.yaml │ ├── build.yaml │ ├── ingress.yaml │ └── NOTES.txt │ ├── .helmignore │ └── Chart.yaml ├── deprecated ├── kafka │ ├── .gitignore │ ├── files │ │ ├── builds │ │ │ └── params │ │ ├── deployments │ │ │ └── params │ │ ├── projects │ │ │ └── projects.yml │ │ └── imagestreams │ │ │ └── images.yml │ ├── inventory │ │ ├── hosts │ │ └── group_vars │ │ │ └── all.yml │ ├── fix-permissions │ ├── requirements.yml │ └── Dockerfile ├── zookeeper │ ├── .gitignore │ ├── files │ │ ├── builds │ │ │ └── params │ │ ├── deployments │ │ │ └── params │ │ ├── projects │ │ │ └── projects.yml │ │ └── imagestreams │ │ │ └── images.yml │ ├── inventory │ │ ├── hosts │ │ └── group_vars │ │ │ └── all.yml │ ├── fix-permissions │ ├── requirements.yml │ ├── zkMetrics.sh │ └── zkOk.sh ├── build-s2i-play │ ├── .gitignore │ ├── .openshift │ │ └── params │ │ │ ├── build │ │ │ └── deployment │ ├── .applier │ │ ├── hosts │ │ └── group_vars │ │ │ └── seed-hosts.yml │ ├── images │ │ └── play-logo.png │ ├── requirements.yml │ └── s2i │ │ ├── assemble │ │ └── run ├── s2i-java │ ├── s2i │ │ ├── usage │ │ ├── s2i-setup │ │ ├── save-artifacts │ │ └── run │ ├── jolokia.properties │ ├── run-env.sh │ ├── settings.xml │ └── debug-options ├── README.md ├── s2i-httpd │ └── Dockerfile ├── quickstart-templates │ └── centos-templates.json └── motepair │ ├── values.yaml │ ├── templates │ ├── imagestream.yaml │ ├── NOTES.txt │ ├── service.yaml │ ├── route.yaml │ ├── buildconfig.yaml │ └── deploymentconfig.yaml │ ├── .helmignore │ ├── README.md │ └── Chart.yaml ├── tool-box ├── version.json ├── requirements.txt ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml ├── requirements.yml └── root │ └── usr │ └── local │ └── bin │ └── run ├── ocp4-logging ├── .openshift │ └── params │ │ ├── cl-resource.params │ │ ├── operatorgroup.params │ │ ├── cl-catalogsourceconfig.params │ │ ├── es-catalogsourceconfig.params │ │ ├── cluster-logging.params │ │ ├── cl-subscription.params │ │ └── es-subscription.params ├── .applier │ ├── hosts │ └── host_vars │ │ └── localhost.yml ├── galaxy-requirements.yml └── requirements.yml ├── jenkins-agents ├── jenkins-agent-python │ ├── requirements.txt │ ├── version.json │ ├── Jenkinsfile.test │ ├── Dockerfile │ └── README.md ├── jenkins-agent-conftest │ ├── requirements.txt │ ├── version.json │ ├── Jenkinsfile.test │ ├── README.md │ └── Dockerfile ├── jenkins-agent │ ├── version.json │ ├── README.md │ └── Jenkinsfile.test ├── jenkins-agent-helm │ ├── version.json │ ├── Jenkinsfile.test │ └── README.md ├── jenkins-agent-hugo │ ├── version.json │ ├── Jenkinsfile.test │ ├── README.md │ └── Dockerfile ├── jenkins-agent-mvn │ ├── version.json │ ├── settings.xml │ ├── Jenkinsfile.test │ ├── Dockerfile │ └── README.md ├── jenkins-agent-npm │ ├── version.json │ ├── package.json │ └── Jenkinsfile.test ├── jenkins-agent-ruby │ ├── version.json │ ├── root │ │ └── opt │ │ │ └── app-root │ │ │ ├── build.sh │ │ │ └── .gemrc │ ├── Jenkinsfile.test │ └── Dockerfile ├── jenkins-agent-rust │ ├── version.json │ ├── Jenkinsfile.test │ ├── Dockerfile │ └── README.md ├── jenkins-agent-ansible │ ├── version.json │ ├── requirements.txt │ ├── Dockerfile │ └── Jenkinsfile.test ├── jenkins-agent-arachni │ ├── version.json │ ├── Jenkinsfile.test │ ├── Dockerfile │ └── README.md ├── jenkins-agent-argocd │ ├── version.json │ ├── Jenkinsfile.test │ ├── README.md │ └── Dockerfile ├── jenkins-agent-cosign │ ├── version.json │ ├── Jenkinsfile.test │ ├── README.md │ └── Dockerfile ├── jenkins-agent-erlang │ ├── version.json │ ├── Jenkinsfile.test │ ├── Dockerfile │ └── README.md ├── jenkins-agent-golang │ ├── version.json │ └── Jenkinsfile.test ├── jenkins-agent-graalvm │ ├── version.json │ └── Jenkinsfile.test ├── jenkins-agent-gradle │ ├── version.json │ ├── Jenkinsfile.test │ ├── README.md │ └── Dockerfile ├── jenkins-agent-image-mgmt │ ├── version.json │ ├── Jenkinsfile.test │ └── Dockerfile ├── jenkins-agent-mongodb │ ├── version.json │ ├── mongodb-org.repo │ ├── Jenkinsfile.test │ ├── Dockerfile │ └── README.md ├── jenkins-agent-zap │ ├── .dockerignore │ ├── .xinitrc │ ├── Jenkinsfile.test │ ├── webswing.config │ └── configuration │ │ ├── passwd.template │ │ └── nexus-settings.xml └── README.md ├── ubi7-gitlab-runner ├── version.json ├── entrypoint ├── Dockerfile └── .openshift │ └── bc-ubi7-gitlab-runner.yml ├── utilities ├── ubi8-bats │ ├── version.json │ ├── test │ │ └── unit.bats │ ├── README.md │ └── buildah.sh ├── ubi8-git │ ├── version.json │ ├── Dockerfile │ ├── README.md │ └── .openshift │ │ └── bc-ubi8-git.yml ├── ubi8-asciidoctor │ ├── version.json │ ├── README.md │ └── .openshift │ │ └── bc-ubi8-asciidoctor.yml ├── ubi8-google-api-python-client │ ├── version.json │ ├── requirements.txt │ ├── Dockerfile │ └── .openshift │ │ └── bc-ubi8-google-api-python-client.yml └── README.md ├── github-runner-ubi8 ├── version.json └── Dockerfile ├── jenkins-masters └── hygieia-plugin │ ├── plugins.txt │ ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml │ ├── requirements.yml │ └── .openshift │ └── projects │ └── projects.yml ├── .applier └── hosts ├── cert-manager-configs ├── .applier │ ├── hosts │ └── host_vars │ │ └── localhost.yml ├── charts │ └── cert-manager-v0.15.0.tgz ├── templates │ ├── CABundle.yaml │ ├── AwsSecret.yaml │ ├── Certificate.yaml │ └── OpenshiftConfigs.yaml ├── Chart.yaml ├── .helmignore └── .openshift │ └── cert-utils-operator.yml ├── gogs ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml └── requirements.yml ├── hygieia ├── .applier │ ├── hosts │ └── group_vars │ │ └── all ├── Dockerfile ├── requirements.yml └── .openshift │ ├── templates │ ├── remote-jenkins-auth-secret.yml │ ├── projects.yml │ ├── build-hygieia-jenkins-collector.yml │ └── build-base-image.yml │ └── policy │ └── rbac.yml ├── gitlab-ce ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml └── requirements.yml ├── hoverfly ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml ├── requirements.yml ├── s2i │ └── run ├── Dockerfile └── README.md ├── ipa-server ├── .applier │ └── hosts ├── requirements.yml └── .openshift │ └── files │ └── 01-worker-sebool.yml ├── sonarqube ├── .applier │ └── hosts ├── requirements.yml ├── Dockerfile ├── run.sh └── sonar.properties ├── zalenium ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml ├── requirements.yml ├── example-tests │ └── protractor │ │ ├── conf.js │ │ └── simple-test.js └── .openshift │ └── templates │ └── projects.yml ├── tower-ocp-custom ├── .applier │ ├── hosts │ └── group_vars │ │ └── seed-hosts.yml └── requirements.yml ├── tekton-task-images ├── helm │ ├── VERSION │ ├── README.md │ └── Dockerfile └── conftest │ ├── VERSION │ ├── README.md │ └── Dockerfile ├── s2i-mvn-gradle ├── s2i │ └── bin │ │ ├── save-artifacts │ │ ├── usage │ │ └── run ├── test │ ├── test-app │ │ └── index.html │ ├── test-app-gradle │ │ ├── src │ │ │ ├── main │ │ │ │ └── java │ │ │ │ │ └── net │ │ │ │ │ └── woodmen │ │ │ │ │ └── S2iApplication.java │ │ │ ├── test │ │ │ │ └── java │ │ │ │ │ └── net │ │ │ │ │ └── woodmen │ │ │ │ │ └── S2iApplicationTests.java │ │ │ └── build.gradle │ │ └── build.gradle │ └── test-app-maven │ │ ├── src │ │ └── main │ │ │ └── java │ │ │ └── hello │ │ │ └── Application.java │ │ └── pom.xml ├── Makefile └── README.md ├── linkcheck-config.json ├── .gitleaks.toml ├── .github ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yaml └── workflows │ ├── jenkins-agent-helm-pr.yaml │ ├── jenkins-agent-hugo-pr.yaml │ ├── jenkins-agent-argocd-pr.yaml │ ├── jenkins-agent-cosign-pr.yaml │ ├── jenkins-agent-erlang-pr.yaml │ ├── jenkins-agent-mongodb-pr.yaml │ ├── jenkins-agent-conftest-pr.yaml │ ├── jenkins-agent-mvn-pr.yaml │ ├── jenkins-agent-npm-pr.yaml │ ├── jenkins-agent-ruby-pr.yaml │ ├── jenkins-agent-rust-pr.yaml │ ├── jenkins-agent-golang-pr.yaml │ ├── jenkins-agent-gradle-pr.yaml │ ├── jenkins-agent-ansible-pr.yaml │ ├── jenkins-agent-graalvm-pr.yaml │ ├── tookbox-pr.yaml │ ├── ubi8-git-pr.yaml │ ├── toolbox-publish.yaml │ ├── ubi8-bats-pr.yaml │ ├── jenkins-agent-publish.yaml │ ├── jenkins-agent-helm-publish.yaml │ └── jenkins-agent-hugo-publish.yaml ├── SECURITY.md ├── .gitignore ├── _test ├── kind │ ├── jenkins-values.yaml │ ├── jenkins-podtemplate.yaml │ ├── kind-config.yaml │ └── jenkins-casc-config-scripts-template.yaml └── bats-support-clone.bash ├── requirements.yml ├── CODEOWNERS ├── .openshift └── templates │ └── jenkins-pipeline-template-no-ocp-triggers.j2 └── renovate.json /mongodb/.gitignore: -------------------------------------------------------------------------------- 1 | roles 2 | -------------------------------------------------------------------------------- /rabbitmq/.openshift/params/build: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rabbitmq/.openshift/params/deploy: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /deprecated/kafka/.gitignore: -------------------------------------------------------------------------------- 1 | roles 2 | -------------------------------------------------------------------------------- /deprecated/kafka/files/builds/params: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /deprecated/kafka/files/deployments/params: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /deprecated/zookeeper/.gitignore: -------------------------------------------------------------------------------- 1 | roles 2 | -------------------------------------------------------------------------------- /deprecated/zookeeper/files/builds/params: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tool-box/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v1.1.1"} -------------------------------------------------------------------------------- /deprecated/build-s2i-play/.gitignore: -------------------------------------------------------------------------------- 1 | roles 2 | -------------------------------------------------------------------------------- /deprecated/zookeeper/files/deployments/params: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tool-box/requirements.txt: -------------------------------------------------------------------------------- 1 | ansible-core==2.18.5 -------------------------------------------------------------------------------- /deprecated/build-s2i-play/.openshift/params/build: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/cl-resource.params: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rabbitmq/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v3.8.22-1"} 2 | -------------------------------------------------------------------------------- /deprecated/build-s2i-play/.openshift/params/deployment: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-python/requirements.txt: -------------------------------------------------------------------------------- 1 | twine -------------------------------------------------------------------------------- /ocp4-logging/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost 3 | -------------------------------------------------------------------------------- /ubi7-gitlab-runner/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v1.0.0"} 2 | -------------------------------------------------------------------------------- /utilities/ubi8-bats/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v1.2.1"} 2 | -------------------------------------------------------------------------------- /utilities/ubi8-git/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v1.0.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-conftest/requirements.txt: -------------------------------------------------------------------------------- 1 | yq==3.4.3 -------------------------------------------------------------------------------- /github-runner-ubi8/version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "v1.0.2" 3 | } -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-masters/hygieia-plugin/plugins.txt: -------------------------------------------------------------------------------- 1 | build-monitor-plugin 2 | -------------------------------------------------------------------------------- /.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /cert-manager-configs/.applier/hosts: -------------------------------------------------------------------------------- 1 | 2 | [seed-hosts] 3 | localhost 4 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-helm/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-hugo/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mvn/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-npm/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ruby/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-rust/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /deprecated/s2i-java/s2i/usage: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | cat $(dirname $0)/usage.txt 3 | -------------------------------------------------------------------------------- /gogs/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /hygieia/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ansible/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-arachni/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.14.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-argocd/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-conftest/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-cosign/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-erlang/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-golang/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-graalvm/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-gradle/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-image-mgmt/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mongodb/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-python/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v4.18.0"} 2 | -------------------------------------------------------------------------------- /mongodb/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /utilities/ubi8-asciidoctor/version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "v3.0.0" 3 | } -------------------------------------------------------------------------------- /utilities/ubi8-google-api-python-client/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v1.1.0"} 2 | -------------------------------------------------------------------------------- /gitlab-ce/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /hoverfly/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /ipa-server/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /rabbitmq/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /sonarqube/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /tool-box/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /zalenium/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /deprecated/kafka/inventory/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Base 2 | 3 | Base of the all agents -------------------------------------------------------------------------------- /ocp4-logging/.applier/host_vars/localhost.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: local 4 | -------------------------------------------------------------------------------- /tower-ocp-custom/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /deprecated/s2i-java/jolokia.properties: -------------------------------------------------------------------------------- 1 | host=* 2 | port=8778 3 | discoveryEnabled=false 4 | -------------------------------------------------------------------------------- /deprecated/zookeeper/inventory/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-zap/.dockerignore: -------------------------------------------------------------------------------- 1 | Demo_Script.md 2 | *.png 3 | README.md 4 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-zap/.xinitrc: -------------------------------------------------------------------------------- 1 | openbox & 2 | xsetroot -solid black 3 | zap.sh 4 | -------------------------------------------------------------------------------- /cert-manager-configs/.applier/host_vars/localhost.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: local 4 | -------------------------------------------------------------------------------- /deprecated/build-s2i-play/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /jenkins-masters/hygieia-plugin/.applier/hosts: -------------------------------------------------------------------------------- 1 | [seed-hosts] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /mongodb/.openshift/params/configsvr: -------------------------------------------------------------------------------- 1 | MONGODB_ADMIN_PASSWORD=admin 2 | MONGODB_KEYFILE_VALUE=123456789 3 | -------------------------------------------------------------------------------- /deprecated/README.md: -------------------------------------------------------------------------------- 1 | # deprecated 2 | 3 | The examples in this directory are deprecated and no longer supported. -------------------------------------------------------------------------------- /tekton-task-images/helm/VERSION: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=helm/helm 2 | HELM_VERSION=v3.17.3 3 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/s2i/bin/save-artifacts: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -ue 3 | . $(dirname $0)/functions 4 | s2i_save_build_artifacts 5 | -------------------------------------------------------------------------------- /deprecated/s2i-httpd/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM rhscl/httpd-24-rhel7:latest 2 | 3 | # Configure User to accommodate S2I 4 | USER 1001 5 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ansible/requirements.txt: -------------------------------------------------------------------------------- 1 | molecule 2 | paramiko 3 | openshift 4 | kubernetes 5 | ansible-core==2.18.5 -------------------------------------------------------------------------------- /deprecated/quickstart-templates/centos-templates.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "List", 3 | "apiVersion": "v1", 4 | "items": [] 5 | } -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/operatorgroup.params: -------------------------------------------------------------------------------- 1 | NAME=openshift-logging-operatorgroup 2 | TARGET_NAMESPACE=openshift-logging 3 | -------------------------------------------------------------------------------- /deprecated/s2i-java/run-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Set the application dir to the S2I deployment dir 4 | JAVA_APP_DIR=/deployments 5 | -------------------------------------------------------------------------------- /tekton-task-images/conftest/VERSION: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=open-policy-agent/conftest 2 | CONFTEST_VERSION=v0.59.0 3 | -------------------------------------------------------------------------------- /utilities/ubi8-google-api-python-client/requirements.txt: -------------------------------------------------------------------------------- 1 | google-api-python-client 2 | google-auth-httplib2 3 | google-auth-oauthlib 4 | oauth2client -------------------------------------------------------------------------------- /hygieia/.applier/group_vars/all: -------------------------------------------------------------------------------- 1 | openshift_default_subdomain: 2 | github_personal_access_token: 3 | jenkins_client_secret: 4 | jenkins_namespace: 5 | -------------------------------------------------------------------------------- /linkcheck-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "ignorePatterns": [ 3 | { 4 | "pattern": ".*.apps.example.com\/.*" 5 | } 6 | ] 7 | } 8 | -------------------------------------------------------------------------------- /deprecated/build-s2i-play/images/play-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redhat-cop/containers-quickstarts/HEAD/deprecated/build-s2i-play/images/play-logo.png -------------------------------------------------------------------------------- /deprecated/motepair/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for motepair. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/cl-catalogsourceconfig.params: -------------------------------------------------------------------------------- 1 | NAME=cluster-logging-operator 2 | OPERATOR_NAMESPACE=openshift-logging 3 | OPERATORS=cluster-logging 4 | -------------------------------------------------------------------------------- /ocp4-logging/galaxy-requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - src: https://github.com/redhat-cop/casl-ansible 4 | scm: git 5 | version: v3.11.4 6 | name: casl-ansible 7 | -------------------------------------------------------------------------------- /ocp4-logging/requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: openshift-applier 4 | scm: git 5 | src: https://github.com/redhat-cop/openshift-applier 6 | version: v2.1.2 7 | -------------------------------------------------------------------------------- /cert-manager-configs/charts/cert-manager-v0.15.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redhat-cop/containers-quickstarts/HEAD/cert-manager-configs/charts/cert-manager-v0.15.0.tgz -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/es-catalogsourceconfig.params: -------------------------------------------------------------------------------- 1 | NAME=elasticsearch-operator 2 | OPERATOR_NAMESPACE=openshift-operators 3 | OPERATORS=elasticsearch-operator 4 | -------------------------------------------------------------------------------- /.gitleaks.toml: -------------------------------------------------------------------------------- 1 | [allowlist] 2 | description = "Global Allowlist" 3 | 4 | # Ignore based on any subset of the file path 5 | paths = [ 6 | # Ignore all example certs 7 | 'deprecated/**' 8 | ] -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/cluster-logging.params: -------------------------------------------------------------------------------- 1 | ELASTICSEARCH_STORAGE_CLASS=gp2 2 | ELASTICSEARCH_REDUNDANCY_POLICY=ZeroRedundancy 3 | ELASTICSEARCH_NODE_COUNT=1 4 | KIBANA_NODE_COUNT=1 5 | -------------------------------------------------------------------------------- /deprecated/motepair/templates/imagestream.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: motepair-server 5 | spec: 6 | lookupPolicy: 7 | local: false 8 | -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/cl-subscription.params: -------------------------------------------------------------------------------- 1 | NAME=cluster-logging 2 | OPERATOR_NAME=cluster-logging 3 | OPERATOR_NAMESPACE=openshift-logging 4 | CATALOG_SOURCE_NAME=cluster-logging-operator 5 | -------------------------------------------------------------------------------- /mongodb/.openshift/params/replset-abc: -------------------------------------------------------------------------------- 1 | MONGODB_ADMIN_PASSWORD=admin 2 | MONGODB_DATABASE=example 3 | MONGODB_KEYFILE_VALUE=123456789 4 | MONGODB_PASSWORD=pass 5 | MONGODB_USER=user 6 | REPLSET_SEED=abc 7 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Hello World! 5 | 6 | 7 |

Hello World!

8 | 9 | 10 | -------------------------------------------------------------------------------- /ocp4-logging/.openshift/params/es-subscription.params: -------------------------------------------------------------------------------- 1 | NAME=elasticsearch-operator 2 | OPERATOR_NAME=elasticsearch-operator 3 | OPERATOR_NAMESPACE=openshift-operators 4 | CATALOG_SOURCE_NAME=elasticsearch-operator 5 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | #### What is this PR About? 2 | Describe the contents of the PR 3 | 4 | #### How do we test this? 5 | Provide commands/steps to test this PR. 6 | 7 | cc: @redhat-cop/day-in-the-life 8 | -------------------------------------------------------------------------------- /hygieia/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi8/openjdk-8:1.18-2@sha256:66479c9693c4638daab07cf9b9c403abca7d9d06eafbce1e9d440b60706fa354 2 | 3 | USER root 4 | 5 | RUN microdnf install -y git 6 | 7 | USER 1001 8 | -------------------------------------------------------------------------------- /.github/dependabot.yaml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | # Check for updates to GitHub Actions every weekday 8 | interval: "monthly" 9 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ruby/root/opt/app-root/build.sh: -------------------------------------------------------------------------------- 1 | git clone https://github.com/etsauer/openshift-playbooks.git 2 | cd openshift-playbooks 3 | git checkout copedia 4 | bundle install 5 | gem env 6 | bundle exec jekyll build 7 | -------------------------------------------------------------------------------- /mongodb/.openshift/params/replset-def: -------------------------------------------------------------------------------- 1 | MONGODB_ADMIN_PASSWORD=admin 2 | MONGODB_DATABASE=example 3 | MONGODB_KEYFILE_VALUE=123456789 4 | MONGODB_PASSWORD=pass 5 | MONGODB_REPLSET_REPLICA_NAME=rs1 6 | MONGODB_USER=user 7 | REPLSET_SEED=def 8 | -------------------------------------------------------------------------------- /deprecated/kafka/files/projects/projects.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: List 3 | items: 4 | - kind: ProjectRequest 5 | apiVersion: v1 6 | metadata: 7 | name: kafka 8 | creationTimestamp: null 9 | displayName: Kafka project 10 | -------------------------------------------------------------------------------- /deprecated/s2i-java/s2i/s2i-setup: -------------------------------------------------------------------------------- 1 | # Local vars setup with defaults 2 | S2I_DESTINATION=${S2I_DESTINATION:-/tmp} 3 | S2I_SOURCE_DIR="${S2I_DESTINATION}/src" 4 | S2I_ARTIFACTS_DIR="${S2I_DESTINATION}/artifacts" 5 | DEPLOYMENTS_DIR="/deployments" 6 | -------------------------------------------------------------------------------- /deprecated/motepair/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | 3 | oc get route motepair-server -ocustom-columns=URL:.spec.host 4 | 5 | 2. Connect to motepair using the instructions: https://github.com/motepair/motepair 6 | -------------------------------------------------------------------------------- /deprecated/zookeeper/files/projects/projects.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: List 3 | items: 4 | - kind: ProjectRequest 5 | apiVersion: v1 6 | metadata: 7 | name: zookeeper 8 | creationTimestamp: null 9 | displayName: Zookeeper project 10 | -------------------------------------------------------------------------------- /rabbitmq/test/unit/_helpers.bash: -------------------------------------------------------------------------------- 1 | name_prefix() { 2 | printf "rabbitmq" 3 | } 4 | 5 | chart_dir() { 6 | echo ${BATS_TEST_DIRNAME}/../../chart 7 | } 8 | 9 | app_version() { 10 | echo $(cat $(chart_dir)/Chart.yaml | yq r - 'appVersion') 11 | } 12 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mongodb/mongodb-org.repo: -------------------------------------------------------------------------------- 1 | [mongodb-org-5.0] 2 | name=MongoDB Repository 3 | baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/ 4 | gpgcheck=1 5 | enabled=1 6 | gpgkey=https://www.mongodb.org/static/pgp/server-5.0.asc 7 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ruby/root/opt/app-root/.gemrc: -------------------------------------------------------------------------------- 1 | --- 2 | install: --no-document 3 | update: --no-document 4 | :benchmark: false 5 | :update_sources: true 6 | :bulk_threshold: 1000 7 | :backtrace: true 8 | :sources: 9 | - https://rubygems.org/ 10 | -------------------------------------------------------------------------------- /deprecated/kafka/fix-permissions: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Fix permissions on the given directory to allow group read/write of 3 | # regular files and execute of directories. 4 | find $1 -exec chgrp 0 {} \; 5 | find $1 -exec chmod g+rw {} \; 6 | find $1 -type d -exec chmod g+x {} + -------------------------------------------------------------------------------- /deprecated/zookeeper/fix-permissions: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Fix permissions on the given directory to allow group read/write of 3 | # regular files and execute of directories. 4 | find $1 -exec chgrp 0 {} \; 5 | find $1 -exec chmod g+rw {} \; 6 | find $1 -type d -exec chmod g+x {} + -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | ## Supported Versions 4 | 5 | Only the latest version is supported. 6 | 7 | ## Reporting a Vulnerability 8 | 9 | For any issues or concerns, please contact: [@container-cop-core](https://github.com/orgs/redhat-cop/teams/container-cop-core) -------------------------------------------------------------------------------- /deprecated/s2i-java/s2i/save-artifacts: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | . `dirname "$0"`/s2i-setup 4 | 5 | # Tar up maven repository for reuse in an incremental build 6 | if [ -d "${S2I_ARTIFACTS_DIR}/m2" ]; then 7 | cd ${S2I_ARTIFACTS_DIR} 8 | tar cf - m2 9 | cd - 10 | fi 11 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /.project 2 | .DS_Store 3 | .idea 4 | **/galaxy/ 5 | roles 6 | *.swp 7 | __pycache__ 8 | .odo 9 | .vscode 10 | .gradle 11 | target/ 12 | 13 | # Rego 14 | policy/ 15 | 16 | # BATS 17 | _test/test_helper/ 18 | 19 | jenkins-agents/jenkins-agent-npm/node_modules 20 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-npm/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "jenkins-agent-npm", 3 | "version": "1.0.0", 4 | "description": "Provides a docker image of the nodejs v12 runtime with npm for use as a Jenkins agent.", 5 | "devDependencies": { 6 | "sonar-scanner": "3.1.0" 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /utilities/ubi8-git/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi8/ubi:8.10-1764070939@sha256:a444712276a635c9312d83a4ff7c6ee7f2ce08eeb5bd9ca291b5fdba257a5e63 2 | 3 | LABEL maintainer="Red Hat Services" 4 | 5 | RUN dnf update -y && \ 6 | dnf install -y --nodocs git && \ 7 | dnf clean all 8 | -------------------------------------------------------------------------------- /_test/kind/jenkins-values.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/jenkinsci/job-dsl-plugin 2 | controller: 3 | additionalPlugins: 4 | - job-dsl:1.93 5 | ingress: 6 | enabled: true 7 | persistence: 8 | enabled: false 9 | rbac: 10 | readSecrets: true 11 | serviceAccount: 12 | create: true 13 | -------------------------------------------------------------------------------- /cert-manager-configs/templates/CABundle.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.cluster.caBundle }} 2 | --- 3 | kind: ConfigMap 4 | apiVersion: v1 5 | metadata: 6 | name: letsencrypt-ca 7 | namespace: openshift-config 8 | data: 9 | ca-bundle.crt: {{ .Values.cluster.caBundle | toYaml | indent 2 }} 10 | {{- end }} 11 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/Makefile: -------------------------------------------------------------------------------- 1 | 2 | IMAGE_NAME = s2i-java 3 | 4 | build: 5 | docker build -t $(IMAGE_NAME) . 6 | 7 | .PHONY: test 8 | test: 9 | docker build -t $(IMAGE_NAME)-test . 10 | IMAGE_NAME=$(IMAGE_NAME)-test BUILDER=maven test/run 11 | IMAGE_NAME=$(IMAGE_NAME)-test BUILDER=gradle test/run 12 | -------------------------------------------------------------------------------- /requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v3.0.4 9 | -------------------------------------------------------------------------------- /gitlab-ce/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'casl-ansible' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /gogs/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /ipa-server/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'casl-ansible' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v3.0.4 9 | -------------------------------------------------------------------------------- /rabbitmq/test/unit/configmap.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load _helpers 4 | 5 | @test "configmap: three config files defined" { 6 | cd $(chart_dir) 7 | local config_files=$(helm template -s templates/configmap.yaml . | yq r - --collect --length 'data.*') 8 | [ "${config_files}" == "3" ] 9 | } 10 | -------------------------------------------------------------------------------- /hoverfly/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /hygieia/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.0.4 9 | -------------------------------------------------------------------------------- /mongodb/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /rabbitmq/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.2 9 | -------------------------------------------------------------------------------- /sonarqube/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /tool-box/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v3.0.4 9 | -------------------------------------------------------------------------------- /zalenium/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /zalenium/example-tests/protractor/conf.js: -------------------------------------------------------------------------------- 1 | exports.config = { 2 | seleniumAddress: 'http://zalenium-zalenium.apps.example.com/wd/hub', 3 | specs: ['simple-test.js'], 4 | allScriptsTimeout: 11000, 5 | multiCapabilities: [{ 6 | browserName: 'firefox' 7 | }, { 8 | browserName: 'chrome' 9 | }] 10 | }; 11 | -------------------------------------------------------------------------------- /deprecated/kafka/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v1.0.0 9 | -------------------------------------------------------------------------------- /deprecated/zookeeper/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v1.0.0 9 | -------------------------------------------------------------------------------- /deprecated/build-s2i-play/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /jenkins-masters/hygieia-plugin/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of CASL provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.1 9 | -------------------------------------------------------------------------------- /deprecated/motepair/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: motepair-server 5 | spec: 6 | clusterIP: "" 7 | ports: 8 | - port: 3000 9 | protocol: TCP 10 | targetPort: 3000 11 | selector: 12 | app: motepair-server 13 | sessionAffinity: None 14 | type: ClusterIP 15 | status: {} 16 | -------------------------------------------------------------------------------- /tower-ocp-custom/requirements.yml: -------------------------------------------------------------------------------- 1 | # This is the Ansible Galaxy requirements file to pull in the correct roles 2 | # to support the operation of Ansible Tower provisioning/runs. 3 | 4 | # From 'openshift-applier' 5 | - name: openshift-applier 6 | scm: git 7 | src: https://github.com/redhat-cop/openshift-applier 8 | version: v2.1.2 9 | 10 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-zap/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-zap' 4 | } 5 | 6 | stages { 7 | stage ('Run Test') { 8 | steps { 9 | sh """ 10 | /zap/zap-baseline.py -h 11 | """ 12 | } 13 | } 14 | 15 | } 16 | 17 | } 18 | -------------------------------------------------------------------------------- /jenkins-masters/hygieia-plugin/.openshift/projects/projects.yml: -------------------------------------------------------------------------------- 1 | apiVersion: template.openshift.io/v1 2 | kind: Template 3 | objects: 4 | - apiVersion: project.openshift.io/v1 5 | kind: ProjectRequest 6 | metadata: 7 | name: ${NAMESPACE} 8 | creationTimestamp: null 9 | displayName: ${DISPLAY_NAME} 10 | parameters: 11 | - name: NAMESPACE 12 | - name: DISPLAY_NAME 13 | -------------------------------------------------------------------------------- /rabbitmq/chart/templates/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: view 5 | labels: 6 | {{- include "chart.labels" . | nindent 4 }} 7 | roleRef: 8 | kind: ClusterRole 9 | apiGroup: rbac.authorization.k8s.io 10 | name: view 11 | subjects: 12 | - kind: ServiceAccount 13 | name: {{ include "chart.serviceAccountName" . }} 14 | -------------------------------------------------------------------------------- /tekton-task-images/helm/README.md: -------------------------------------------------------------------------------- 1 | # helm image 2 | 3 | [helm](https://helm.sh/) is the k8s equivalent of yum or apt which allows us to describe the application structure through helm-charts and managing it with its commands. You can use `helm` image to run helm cli commands inside your Tekton pipelines. 4 | 5 | Update [VERSION](VERSION) file in order to change `helm cli` version installed inside container. -------------------------------------------------------------------------------- /mongodb/.openshift/params/mongos: -------------------------------------------------------------------------------- 1 | CONFIG_REPLSET_NAME=cs0 2 | CONFIG_REPLSET_SERVER=mongodbconfigsvr-0.mongodb-configsvr-internal:27017 3 | MONGODB_ADMIN_PASSWORD=admin 4 | MONGODB_KEYFILE_VALUE=123456789 5 | REPLSET_NAMES=rs0,rs1 6 | REPLSET_SERVERS=mongodbreplsetabc-0.mongodb-replset-internal-abc.mongodb.svc.cluster.local:27017,mongodbreplsetdef-0.mongodb-replset-internal-def.mongodb.svc.cluster.local:27017 7 | -------------------------------------------------------------------------------- /rabbitmq/chart/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "chart.serviceAccountName" . }} 6 | labels: 7 | {{- include "chart.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/s2i/bin/usage: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | cat < s2i-openjdk-gradle 9 | 10 | You can then run the resulting image via: 11 | docker run 12 | EOF 13 | -------------------------------------------------------------------------------- /cert-manager-configs/templates/AwsSecret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.issuer.dns.enabled }} 2 | {{- if eq .Values.issuer.provider "route53" }} 3 | --- 4 | apiVersion: v1 5 | kind: Secret 6 | metadata: 7 | name: "aws-secret-access-key-secret" 8 | namespace: {{ .Values.namespace }} 9 | type: Opaque 10 | data: 11 | aws-secret-access-key: {{ .Values.aws.secretAccessKey | b64enc | quote }} 12 | {{- end }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /cert-manager-configs/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: cert-manager-configs 3 | version: v0.1.0 4 | appVersion: v0.1.0 5 | description: A Helm chart for installing customizations to the cert-manager deployment 6 | home: https://github.com/rht-labs/helm-charts 7 | icon: https://raw.githubusercontent.com/jetstack/cert-manager/master/logo/logo.png 8 | maintainers: 9 | - name: paulbarfuss 10 | email: pbarfuss@redhat.com 11 | -------------------------------------------------------------------------------- /mongodb/storageclass.yaml: -------------------------------------------------------------------------------- 1 | kind: StorageClass 2 | apiVersion: storage.k8s.io/v1beta1 3 | metadata: 4 | name: us-east-storage 5 | annotations: 6 | storageclass.kubernetes.io/is-default-class: "true" 7 | kubernetes.io/description: Storage provisioner for east datacenter EBS 8 | provisioner: kubernetes.io/aws-ebs 9 | parameters: 10 | type: gp2 11 | zone: us-east-1a 12 | iopsPerGB: "10" 13 | encrypted: "false" 14 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # https://github.com/orgs/redhat-cop/teams/day-in-the-life-mergers 2 | * @redhat-cop/day-in-the-life-mergers 3 | 4 | # Used by the EMEA Labs 5 | jenkins-agents/* @ckavili @eformat @springdo 6 | tekton-task-images/* @ckavili @eformat @springdo 7 | ipa-server/* @ckavili @eformat 8 | 9 | # Used by the GPTE Team 10 | build-s2i-python-kopf/* @jkupferer 11 | 12 | # Used by the CER Team 13 | utilities/* @buuhsmead @itewk @branic -------------------------------------------------------------------------------- /_test/kind/jenkins-podtemplate.yaml: -------------------------------------------------------------------------------- 1 | agent: 2 | podTemplates: 3 | jenkins-agent: | 4 | - name: ${JENKINS_AGENT} 5 | label: ${JENKINS_AGENT} 6 | serviceAccount: jenkins 7 | yamlMergeStrategy: override 8 | containers: 9 | - name: jnlp 10 | args: "^${computer.jnlpmac} ^${computer.name}" 11 | image: ${JENKINS_AGENT}:latest 12 | workingDir: /tmp 13 | -------------------------------------------------------------------------------- /hygieia/.openshift/templates/remote-jenkins-auth-secret.yml: -------------------------------------------------------------------------------- 1 | apiVersion: template.openshift.io/v1 2 | kind: Template 3 | metadata: 4 | creationTimestamp: null 5 | name: remote-jenkins-client-secret 6 | objects: 7 | - apiVersion: v1 8 | kind: Secret 9 | metadata: 10 | name: remote-jenkins-client-secret 11 | type: Opaque 12 | data: 13 | token: ${JENKINS_CLIENT_SECRET} 14 | parameters: 15 | - name: JENKINS_CLIENT_SECRET 16 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app-gradle/src/main/java/net/woodmen/S2iApplication.java: -------------------------------------------------------------------------------- 1 | package net.woodmen; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class S2iApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(S2iApplication.class, args); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /deprecated/motepair/templates/route.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: route.openshift.io/v1 2 | kind: Route 3 | metadata: 4 | name: motepair-server 5 | spec: 6 | host: "" 7 | port: 8 | targetPort: 3000 9 | subdomain: "" 10 | tls: 11 | insecureEdgeTerminationPolicy: Redirect 12 | termination: edge 13 | to: 14 | kind: Service 15 | name: motepair-server 16 | weight: 100 17 | wildcardPolicy: None 18 | status: 19 | ingress: [] 20 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mvn/settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | maven-public 5 | http://nexus:8081/repository/maven-public/ 6 | * 7 | 8 | 9 | 10 | 11 | nexus 12 | admin 13 | admin123 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /rabbitmq/chart/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "chart.fullname" . }} 5 | labels: 6 | {{- include "chart.labels" . | nindent 4 }} 7 | spec: 8 | clusterIP: None 9 | ports: 10 | {{- .Values.service.ports | toYaml | nindent 4 }} 11 | selector: 12 | {{- include "chart.selectorLabels" . | nindent 4 }} 13 | sessionAffinity: None 14 | type: {{ .Values.service.type }} 15 | -------------------------------------------------------------------------------- /hygieia/.openshift/templates/projects.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | labels: 5 | template: project-template 6 | metadata: 7 | name: project-template 8 | objects: 9 | - apiVersion: project.openshift.io/v1 10 | kind: ProjectRequest 11 | metadata: 12 | name: ${NAMESPACE} 13 | creationTimestamp: null 14 | displayName: ${DISPLAY_NAME} 15 | parameters: 16 | - name: NAMESPACE 17 | - name: DISPLAY_NAME 18 | -------------------------------------------------------------------------------- /zalenium/.openshift/templates/projects.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | labels: 5 | template: project-template 6 | metadata: 7 | name: project-template 8 | objects: 9 | - apiVersion: project.openshift.io/v1 10 | kind: ProjectRequest 11 | metadata: 12 | name: ${NAMESPACE} 13 | creationTimestamp: null 14 | displayName: ${DISPLAY_NAME} 15 | parameters: 16 | - name: NAMESPACE 17 | - name: DISPLAY_NAME 18 | -------------------------------------------------------------------------------- /_test/kind/kind-config.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | kubeadmConfigPatches: 6 | - | 7 | kind: InitConfiguration 8 | nodeRegistration: 9 | kubeletExtraArgs: 10 | node-labels: "ingress-ready=true" 11 | extraPortMappings: 12 | - containerPort: 80 13 | hostPort: 80 14 | protocol: TCP 15 | - containerPort: 443 16 | hostPort: 443 17 | protocol: TCP 18 | -------------------------------------------------------------------------------- /cert-manager-configs/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | ci/ 23 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/s2i/bin/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | # 3 | # S2I run script for the 's2i-java' image. 4 | # The run script executes the server that runs your application. 5 | # 6 | # For more information see the documentation: 7 | # https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md 8 | # 9 | 10 | cd /opt/openshift && \ 11 | exec java \ 12 | -Djava.security.egd=file:/dev/./urandom \ 13 | -jar /opt/openshift/app.jar \ 14 | $APP_OPTIONS -------------------------------------------------------------------------------- /rabbitmq/chart/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /deprecated/motepair/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app-gradle/src/test/java/net/woodmen/S2iApplicationTests.java: -------------------------------------------------------------------------------- 1 | package net.woodmen; 2 | 3 | import org.junit.Test; 4 | import org.junit.runner.RunWith; 5 | import org.springframework.boot.test.context.SpringBootTest; 6 | import org.springframework.test.context.junit4.SpringRunner; 7 | 8 | @RunWith(SpringRunner.class) 9 | @SpringBootTest 10 | public class S2iApplicationTests { 11 | 12 | @Test 13 | public void contextLoads() { 14 | } 15 | 16 | } 17 | -------------------------------------------------------------------------------- /rabbitmq/chart/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "chart.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "chart.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "chart.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /deprecated/s2i-java/settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /utilities/ubi8-git/README.md: -------------------------------------------------------------------------------- 1 | # ubi8-git 2 | 3 | A utility image that is the UBI8 image + git. 4 | 5 | ## Purpose 6 | 7 | Useful for environments where these libraries/tools are needed such as: 8 | * local development 9 | * CI tools that do not require specific CI tooling configuraiton, such as GiLab Jobs. 10 | 11 | ## Published 12 | 13 | [https://quay.io/repository/redhat-cop/ubi8-git](https://quay.io/repository/redhat-cop/ubi8-git) via [GitHub Workflows](../../.github/workflows/ubi8-git-publish.yaml). 14 | -------------------------------------------------------------------------------- /utilities/ubi8-bats/test/unit.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "bats: version" { 4 | run bats --version 5 | [ "${status}" -eq 0 ] 6 | } 7 | 8 | @test "helm: version" { 9 | run helm version 10 | [ "${status}" -eq 0 ] 11 | } 12 | 13 | @test "jq: version" { 14 | run jq --version 15 | [ "${status}" -eq 0 ] 16 | } 17 | 18 | @test "oc: version" { 19 | run oc version --client 20 | [ "${status}" -eq 0 ] 21 | } 22 | 23 | @test "yq: version" { 24 | run yq --version 25 | [ "${status}" -eq 0 ] 26 | } 27 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-rust/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-rust' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | rustc -V 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /_test/bats-support-clone.bash: -------------------------------------------------------------------------------- 1 | if [[ ! -d "_test/test_helper/bats-support" ]]; then 2 | # Download bats-support dynamically so it doesnt need to be added into source 3 | git clone https://github.com/ztombol/bats-support _test/test_helper/bats-support --depth 1 4 | fi 5 | 6 | if [[ ! -d "_test/test_helper/redhatcop-bats-library" ]]; then 7 | # Download redhat-cop/bats-library dynamically so it doesnt need to be added into source 8 | git clone https://github.com/redhat-cop/bats-library _test/test_helper/redhatcop-bats-library --depth 1 9 | fi -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-hugo/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-hugo' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | hugo version 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | java --version 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-argocd/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-argocd' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | argocd help 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-cosign/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-cosign' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | cosign version 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mongodb/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-mongodb' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | mongo --version 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /deprecated/s2i-java/debug-options: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Check for debug options and echo them if enabled. Meant to be included by 4 | # a run script. 5 | 6 | debug_options() { 7 | if [ "x${JAVA_ENABLE_DEBUG}" != "x" -o "x${JAVA_DEBUG_ENABLE}" != "x" -o "x${JAVA_DEBUG}" != "x" ]; then 8 | local debug_port=${JAVA_DEBUG_PORT:-5005} 9 | echo "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=${debug_port}" 10 | fi 11 | } 12 | 13 | ## Echo options, trimming trailing and multiple spaces 14 | echo "$(debug_options)" | awk '$1=$1' 15 | -------------------------------------------------------------------------------- /utilities/README.md: -------------------------------------------------------------------------------- 1 | # Utilities by Red Hat's Communities of Practice 2 | 3 | ## What's here? 4 | 5 | This directory contains utility images with specific tolling in them. Useful for spinning up those tools on a development machine or using as workers in CI pipelines that do not require any specific CI tooling installed to function as a runtime environment, such as GitLab jobs. 6 | 7 | ## Published Images 8 | 9 | The images are also [published to Quay](https://quay.io/organization/redhat-cop) through the use of [Github Workflows](../.github/workflows). 10 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ruby/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-ruby' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | ruby -v 17 | gem install rdoc 18 | """ 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /deprecated/motepair/README.md: -------------------------------------------------------------------------------- 1 | # MOTEPAIR 2 | 3 | ## Overview 4 | 5 | [MOTEPAIR](https://github.com/motepair) is a server application and a plugin for the [Atom Editor](https://atom.io/) which 6 | allows for an organization to host/manage their own remote pair programming solution. 7 | 8 | ## Installation 9 | 10 | ``` 11 | git clone https://github.com/redhat-cop/containers-quickstarts.git 12 | cd containers-quickstarts/motepair 13 | helm install motepair ./ 14 | ``` 15 | 16 | ## Using MOTEPAIR with Atom 17 | 18 | [Instructions](https://github.com/motepair/motepair) -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-erlang/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-erlang' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | erl -version 17 | rebar3 version 18 | """ 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-python/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-python' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | python -V 17 | java -version 18 | """ 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /tekton-task-images/conftest/README.md: -------------------------------------------------------------------------------- 1 | # conftest image 2 | 3 | [conftest](https://github.com/open-policy-agent/conftest) is a utility to help you write tests against structured configuration data. You can use `conftest` image to run your [OPA](https://www.openpolicyagent.org/docs/latest/) policies for Kubernetes configuration inside your Tekton pipelines. 4 | 5 | _Conftest isn't specific to Kubernetes. You can also test any configuration files in a variety of different formats._ 6 | 7 | Update [VERSION](VERSION) file in order to change `conftest` version installed inside container. -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-arachni/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-arachni' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | /arachni/bin/arachni --version 17 | """ 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-gradle/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-gradle' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | java -version 17 | gradle --version 18 | """ 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mongodb/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 2 | 3 | LABEL name="redhat-cop/jenkins-agent-mongodb" \ 4 | io.k8s.display-name="Jenkins Agent mongodb" \ 5 | io.k8s.description="The jenkins agent mongodb." \ 6 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-mongodb" 7 | 8 | USER root 9 | 10 | COPY mongodb-org.repo /etc/yum.repos.d/ 11 | RUN dnf install --nodocs -y mongodb-org-tools mongodb-org-shell && \ 12 | dnf clean all 13 | 14 | USER 1001 15 | 16 | RUN mongo --version -------------------------------------------------------------------------------- /_test/kind/jenkins-casc-config-scripts-template.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | JCasC: 3 | configScripts: 4 | seed-jobs: | 5 | jobs: 6 | - script: > 7 | folder('containers-quickstarts') 8 | - script: > 9 | pipelineJob('containers-quickstarts/${JENKINS_AGENT}') { 10 | definition { 11 | cps { 12 | script(''' 13 | ${JENKINSFILE} 14 | '''.stripIndent()) 15 | sandbox() 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /cert-manager-configs/templates/Certificate.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.certificates }} 2 | {{- range $certificate := .Values.certificates }} 3 | --- 4 | apiVersion: cert-manager.io/v1alpha2 5 | kind: Certificate 6 | metadata: 7 | name: {{ $certificate.name }} 8 | namespace: {{ $certificate.namespace }} 9 | spec: 10 | secretName: {{ $certificate.name }} 11 | issuerRef: 12 | name: {{ $certificate.issuerRef }} 13 | kind: {{ $certificate.issuerKind }} 14 | {{- with $dnsName := .dnsNames }} 15 | dnsNames: {{ toYaml $dnsName | nindent 4 }} 16 | {{- end }} 17 | {{- end }} 18 | {{- end }} 19 | 20 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-npm/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-npm' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | npm -v 17 | node -v 18 | 19 | npm install express 20 | """ 21 | } 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /rabbitmq/test/unit/rolebinding.bats: -------------------------------------------------------------------------------- 1 | 2 | #!/usr/bin/env bats 3 | 4 | load _helpers 5 | 6 | @test "rolebinding: default serviceaccount" { 7 | cd $(chart_dir) 8 | local service_account=$(helm template "$(name_prefix)" -s templates/rolebinding.yaml \ 9 | . | yq r - 'subjects[0].name') 10 | [ "${service_account}" == "$(name_prefix)" ] 11 | } 12 | 13 | @test "rolebinding: custom serviceaccount" { 14 | cd $(chart_dir) 15 | local service_account=$(helm template -s templates/rolebinding.yaml \ 16 | --set 'serviceAccount.name=custom' \ 17 | . | yq r - 'subjects[0].name') 18 | [ "${service_account}" == "custom" ] 19 | } 20 | -------------------------------------------------------------------------------- /utilities/ubi8-google-api-python-client/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi8/ubi:8.10-1764070939@sha256:a444712276a635c9312d83a4ff7c6ee7f2ce08eeb5bd9ca291b5fdba257a5e63 2 | 3 | LABEL maintainer="Red Hat Services" 4 | 5 | COPY requirements.txt /requirements.txt 6 | RUN dnf update -y && \ 7 | dnf install -y git python3.11 python3.11-pip python3.11-setuptools python3.11-numpy python3.11-scipy python3.11-six && \ 8 | dnf clean all && \ 9 | pip3.11 install --no-cache-dir -r /requirements.txt 10 | 11 | # Copy in custom helper scripts 12 | COPY ./root / 13 | RUN chmod u+x /usr/local/bin/upload-file-to-google-drive 14 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-rust/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 2 | 3 | SHELL ["/bin/bash", "-o", "pipefail", "-c"] 4 | 5 | LABEL name="redhat-cop/jenkins-agent-rust" \ 6 | io.k8s.display-name="Jenkins Agent rust" \ 7 | io.k8s.description="The jenkins agent rust." \ 8 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-rust" 9 | 10 | ENV PATH="$PATH:$HOME/.cargo/bin" 11 | 12 | USER root 13 | 14 | RUN dnf install --nodocs -y gcc && \ 15 | dnf clean all && \ 16 | curl https://sh.rustup.rs -sSf | sh -s -- -y 17 | 18 | USER 1001 19 | 20 | RUN rustc -V -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-image-mgmt/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-image-mgmt' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | skopeo --version 17 | skopeo inspect docker://quay.io/openshift/origin-jenkins-agent-base 18 | """ 19 | } 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /tool-box/root/usr/local/bin/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # inspired by https://github.com/openshift/jenkins/blob/master/2/contrib/jenkins/jenkins-common.sh 4 | USER_ID=$(id -u) 5 | GROUP_ID=$(id -g) 6 | 7 | # Check if user already exists 8 | ADD_USER=$(grep $USER_ID /etc/passwd | wc -l) 9 | 10 | if [ $ADD_USER -eq 0 ];then 11 | echo "User $USER_ID does not exists. Adding the user to /etc/passwd..." 12 | if [ x"$USER_ID" != x"0" -a x"$USER_ID" != x"997" ]; then 13 | echo "tool-box:x:${USER_ID}:${GROUP_ID}:Tool Box User:${HOME}:/sbin/nologin" >> /etc/passwd 14 | fi 15 | else 16 | echo "User $USER_ID already exists" 17 | fi 18 | 19 | exec "$@" 20 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-golang/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-golang' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | go version 17 | sonar-scanner -v 18 | 19 | go install github.com/plexsystems/konstraint@latest 20 | """ 21 | } 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mvn/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-mvn' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | mvn --version 17 | 18 | mvn dependency:get -DgroupId=org.apache.maven -DartifactId=maven-core -Dversion=2.2.1 -Dpackaging=jar 19 | """ 20 | } 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /hoverfly/s2i/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | USER_ID=$(id -u) 5 | GROUP_ID=$(id -g) 6 | 7 | # Check if user already exists 8 | ADD_USER=$(grep $USER_ID /etc/passwd | wc -l) 9 | 10 | if [ $ADD_USER -eq 0 ];then 11 | echo "User $USER_ID does not exists. Adding the user to /etc/passwd..." 12 | if [ x"$USER_ID" != x"0" -a x"$USER_ID" != x"997" ]; then 13 | echo "tool-box:x:${USER_ID}:${GROUP_ID}:Tool Box User:${HOME}:/sbin/nologin" >> /etc/passwd 14 | fi 15 | else 16 | echo "User $USER_ID already exists" 17 | fi 18 | 19 | 20 | if [ -v RUN_AS_WEBSERVER ]; then 21 | hoverctl start webserver 22 | else 23 | hoverctl start 24 | fi 25 | 26 | hoverctl logs --follow -------------------------------------------------------------------------------- /deprecated/build-s2i-play/s2i/assemble: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | LOCAL_SOURCE_DIR=${HOME} 4 | 5 | echo "Starting S2I Play Build ....." 6 | 7 | # Generate Secret 8 | if [ -z "${DISABLE_GENERATE_SECRET}" ]; then 9 | 10 | echo "Generating New Application Secret..." 11 | activator playUpdateSecret 12 | fi 13 | 14 | # Build 15 | activator universal:packageZipTarball 16 | 17 | PLAY_ARCHIVE=$(ls -1 ${LOCAL_SOURCE_DIR}/target/universal/*.tgz) 18 | 19 | echo "Copying Archive to Deployments Folder" 20 | cp ${PLAY_ARCHIVE} /deployments 21 | 22 | # Remove Extra Files 23 | rm -rf ${LOCAL_SOURCE_DIR}/target ${HOME}/.ivy2 ${LOCAL_SOURCE_DIR}/.m2 24 | 25 | echo "S2I Assemble Complete" 26 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mvn/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 2 | 3 | LABEL name="redhat-cop/jenkins-agent-mvn" \ 4 | io.k8s.display-name="Jenkins Agent mvn" \ 5 | io.k8s.description="The jenkins agent mvn." \ 6 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-mvn" 7 | 8 | # renovate: datasource=repology depName=ubi_8/maven 9 | ARG MAVEN_VERSION=3.8.5 10 | 11 | USER root 12 | 13 | COPY settings.xml $HOME/.m2/settings.xml 14 | RUN dnf module enable -y maven:${MAVEN_VERSION%.*} && \ 15 | dnf install --nodocs -y maven && \ 16 | dnf clean all 17 | 18 | USER 1001 19 | 20 | RUN mvn --version -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ansible/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 2 | 3 | LABEL name="redhat-cop/jenkins-agent-ansible" \ 4 | io.k8s.display-name="Jenkins Agent Ansible" \ 5 | io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image." \ 6 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-ansible" 7 | 8 | USER root 9 | 10 | COPY requirements.txt /requirements.txt 11 | RUN dnf -y install --nodocs python3.11 python3.11-pip && \ 12 | dnf clean all && \ 13 | pip3.11 install --no-cache-dir -r /requirements.txt 14 | 15 | USER 1001 16 | 17 | RUN ansible --version -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-conftest/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-conftest' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | conftest --version 17 | bats --version 18 | yq --version 19 | 20 | conftest pull github.com/redhat-cop/rego-policies.git//policy 21 | """ 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /deprecated/motepair/templates/buildconfig.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: build.openshift.io/v1 2 | kind: BuildConfig 3 | metadata: 4 | labels: 5 | app: motepair-server 6 | name: motepair-server 7 | spec: 8 | failedBuildsHistoryLimit: 5 9 | nodeSelector: {} 10 | output: 11 | to: 12 | kind: ImageStreamTag 13 | name: motepair-server:latest 14 | postCommit: {} 15 | resources: {} 16 | runPolicy: Serial 17 | source: 18 | git: 19 | uri: https://github.com/motepair/motepair-server.git 20 | type: Git 21 | strategy: 22 | dockerStrategy: {} 23 | type: Docker 24 | successfulBuildsHistoryLimit: 5 25 | triggers: 26 | - type: ConfigChange 27 | status: 28 | lastVersion: 0 29 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ansible/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-ansible' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | ansible --version 17 | molecule --version 18 | java -version 19 | 20 | ansible-galaxy collection install community.general 21 | """ 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /ipa-server/.openshift/files/01-worker-sebool.yml: -------------------------------------------------------------------------------- 1 | apiVersion: machineconfiguration.openshift.io/v1 2 | kind: MachineConfig 3 | metadata: 4 | labels: 5 | machineconfiguration.openshift.io/role: worker 6 | name: 01-sebool 7 | spec: 8 | config: 9 | ignition: 10 | version: 3.1.0 11 | systemd: 12 | units: 13 | - contents: | 14 | [Unit] 15 | Description=Enable container_manage_cgroup on worker nodes 16 | Before=kubelet.service 17 | 18 | [Service] 19 | ExecStart=/usr/sbin/setsebool container_manage_cgroup 1 20 | 21 | [Install] 22 | WantedBy=multi-user.target 23 | enabled: true 24 | name: sebool.service 25 | 26 | -------------------------------------------------------------------------------- /utilities/ubi8-asciidoctor/README.md: -------------------------------------------------------------------------------- 1 | # ubi8-asciidoctor 2 | 3 | A utility image for the UBI8 image + asciidoctor. 4 | 5 | Contains the primary used asciidoctor-pdf for generating reports. 6 | 7 | It's base is from but now ubi based. 8 | 9 | ## Purpose 10 | 11 | Useful for environments where these libraries/tools are needed such as: 12 | 13 | * local development 14 | * CI tools that do not require specific CI tooling configuration, such as GiLab Jobs. 15 | 16 | ## Published 17 | 18 | [https://quay.io/repository/redhat-cop/ubi8-asciidoctor](https://quay.io/repository/redhat-cop/ubi8-asciidoctor) via [GitHub Workflows](../../.github/workflows/ubi8-asciidoctor-publish.yaml). 19 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-hugo/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Hugo Agent 2 | 3 | This agent extends the base jenkins agent image and adds the hugo binary. We can use this agent image in a Jenkins pipeline to compile hugo static sites. 4 | 5 | ## Build in OpenShift 6 | ```bash 7 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 8 | -p NAME=jenkins-agent-hugo \ 9 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-hugo \ 10 | -p DOCKERFILE_PATH=Dockerfile \ 11 | | oc create -n openshift -f - 12 | ``` 13 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 14 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app-maven/src/main/java/hello/Application.java: -------------------------------------------------------------------------------- 1 | package hello; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.boot.bind.RelaxedPropertyResolver; 6 | import org.springframework.web.bind.annotation.RequestMapping; 7 | import org.springframework.web.bind.annotation.RestController; 8 | 9 | @SpringBootApplication 10 | @RestController 11 | public class Application { 12 | 13 | @RequestMapping("/") 14 | public String home() { 15 | return "Hello Docker World"; 16 | } 17 | 18 | 19 | public static void main(String[] args) { 20 | SpringApplication.run(Application.class, args); 21 | } 22 | 23 | } 24 | -------------------------------------------------------------------------------- /deprecated/build-s2i-play/s2i/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | PLAY_ARCHIVE=$(ls -1 /deployments/*.tgz) 4 | 5 | tar -vxzf ${PLAY_ARCHIVE} --strip 1 -C /deployments 6 | 7 | PLAY_EXEC=$(find /deployments/bin/ -type f ! -name "*.*") 8 | 9 | if [ -f /deployments/conf/application.conf ]; then 10 | echo '# https://playframework.com/documentation/2.6.x/AllowedHostsFilter#enabling-the-allowed-hosts-filter' >> /deployments/conf/application.conf 11 | echo 'play.filters.hosts.allowed = ["."]' >> /deployments/conf/application.conf 12 | fi 13 | 14 | if [ ! -z "${APPLICATION_SECRET}" ]; then 15 | APPLICATION_SECRET_PARAM="-Dplay.crypto.secret=${APPLICATION_SECRET}" 16 | fi 17 | 18 | eval ${PLAY_EXEC} ${APPLICATION_SECRET_PARAM} -Dhttp.port=8080 ${JAVA_OPTS_EXT} 19 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-zap/webswing.config: -------------------------------------------------------------------------------- 1 | { 2 | "applications" : [ { 3 | "name" : "ZAP", 4 | "icon" : "icon.png", 5 | "mainClass" : "org.zaproxy.zap.ZAP", 6 | "classPathEntries" : [ "zap-*.jar", "lib/*.jar", "lang/" ], 7 | "vmArgs" : "", 8 | "args" : "-host 0.0.0.0 -port 8090", 9 | "homeDir" : "/zap/", 10 | "maxClients" : 1, 11 | "antiAliasText" : true, 12 | "swingSessionTimeout" : 300, 13 | "authorization" : false, 14 | "isolatedFs" : false, 15 | "debug" : true, 16 | "authentication" : false, 17 | "directdraw" : false, 18 | "allowDelete" : false, 19 | "allowDownload" : false, 20 | "allowUpload" : false, 21 | "allowJsLink" : true 22 | } ], 23 | "applets" : [] 24 | } 25 | -------------------------------------------------------------------------------- /deprecated/kafka/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM rhel:7.4 2 | 3 | ENV JAVA_HOME=/usr/lib/jvm/jre-1.8.0-openjdk \ 4 | KAFKA_VERSION=1.0.0 \ 5 | SCALA_VERSION=2.11 \ 6 | KAFKA_HOME=/opt/kafka 7 | 8 | COPY fix-permissions /usr/local/bin 9 | 10 | RUN INSTALL_PKGS="gettext tar zip unzip hostname java-1.8.0-openjdk" && \ 11 | yum install -y $INSTALL_PKGS && \ 12 | rpm -V $INSTALL_PKGS && \ 13 | yum clean all && \ 14 | mkdir -p $KAFKA_HOME && \ 15 | curl -fsSL https://archive.apache.org/dist/kafka/${KAFKA_VERSION}/kafka_${SCALA_VERSION}-${KAFKA_VERSION}.tgz | tar xzf - --strip 1 -C $KAFKA_HOME/ && \ 16 | mkdir -p $KAFKA_HOME/logs && \ 17 | /usr/local/bin/fix-permissions $KAFKA_HOME 18 | 19 | WORKDIR "/opt/kafka" 20 | 21 | EXPOSE 9092 22 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-cosign/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Cosign Agent 2 | 3 | This agent extends the base jenkins agent image and adds the cosign binary. We can use this agent image in a Jenkins pipeline to sign images we build through the pipeline. 4 | 5 | ## Build in OpenShift 6 | ```bash 7 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 8 | -p NAME=jenkins-agent-cosign \ 9 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-cosign \ 10 | -p DOCKERFILE_PATH=Dockerfile \ 11 | | oc create -n openshift -f - 12 | ``` 13 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-python/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 2 | 3 | LABEL name="redhat-cop/jenkins-agent-python" \ 4 | io.k8s.display-name="Jenkins Agent python" \ 5 | io.k8s.description="The jenkins agent python." \ 6 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-python" 7 | 8 | USER root 9 | 10 | COPY requirements.txt /requirements.txt 11 | RUN dnf -y install --nodocs python3.11 python3.11-devel python3.11-pip nss_wrapper httpd httpd-devel mod_ssl mod_ldap mod_session atlas-devel gcc-gfortran libffi-devel libtool-ltdl enchant && \ 12 | dnf clean all && \ 13 | pip3.11 install --no-cache-dir -r /requirements.txt 14 | 15 | USER 1001 16 | 17 | RUN python -V -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-graalvm/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-graalvm' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | java -version 17 | mvn --version 18 | native-image --version 19 | oc version --client 20 | helm version 21 | jq --version 22 | yq --version 23 | """ 24 | } 25 | } 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /deprecated/zookeeper/zkMetrics.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2016 The Kubernetes Authors. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | 17 | ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181} 18 | echo mntr | nc localhost $ZK_CLIENT_PORT >& 1 -------------------------------------------------------------------------------- /hoverfly/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi8/ubi 2 | 3 | ENV HOVERFLY_DOWNLOAD_URI https://github.com/SpectoLabs/hoverfly/releases/download/v1.2.0/hoverfly_bundle_linux_amd64.zip 4 | ENV HOME /home/hoverfly 5 | 6 | RUN PACKAGE_LIST="less unzip" && \ 7 | yum install -y $PACKAGE_LIST && \ 8 | rpm -V $PACKAGE_LIST && \ 9 | yum clean all -y && \ 10 | curl -o /tmp/hoverfly.zip -L $HOVERFLY_DOWNLOAD_URI && \ 11 | unzip /tmp/hoverfly.zip -d /tmp/hoverfly && \ 12 | mv /tmp/hoverfly/hover* /usr/bin && \ 13 | rm -r /tmp/hoverfly /tmp/hoverfly.zip && \ 14 | mkdir -m 775 $HOME && \ 15 | chmod 775 /etc/passwd 16 | 17 | WORKDIR $HOME 18 | 19 | ADD ./s2i /usr/libexec/s2i 20 | 21 | USER 1001 22 | 23 | EXPOSE 8500 8888 24 | 25 | CMD ["/usr/libexec/s2i/run"] 26 | -------------------------------------------------------------------------------- /zalenium/example-tests/protractor/simple-test.js: -------------------------------------------------------------------------------- 1 | describe('angularjs homepage todo list', function() { 2 | it('should add a todo', function() { 3 | browser.get('https://angularjs.org'); 4 | 5 | element(by.model('todoList.todoText')).sendKeys('write first protractor test'); 6 | element(by.css('[value="add"]')).click(); 7 | 8 | var todoList = element.all(by.repeater('todo in todoList.todos')); 9 | expect(todoList.count()).toEqual(3); 10 | expect(todoList.get(2).getText()).toEqual('write first protractor test'); 11 | 12 | // You wrote your first test, cross it off the list 13 | todoList.get(2).element(by.css('input')).click(); 14 | var completedAmount = element.all(by.css('.done-true')); 15 | expect(completedAmount.count()).toEqual(2); 16 | }); 17 | }); 18 | 19 | -------------------------------------------------------------------------------- /tekton-task-images/conftest/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | SHELL ["/bin/bash", "-c"] 5 | 6 | COPY VERSION /tmp/version 7 | RUN source /tmp/version && \ 8 | curl -L "https://github.com/open-policy-agent/conftest/releases/download/${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION//v}_Linux_x86_64.tar.gz" -o /tmp/conftest.tar.gz && \ 9 | tar -xzf /tmp/conftest.tar.gz && \ 10 | mv conftest /usr/local/bin/conftest && \ 11 | conftest --version 12 | 13 | # Runnable 14 | FROM registry.access.redhat.com/ubi9/ubi-micro:9.5-1746002938@sha256:839f16991579b023d4452eadd0efa925e438f8b73063afe4f75bdc6cf7a09b12 15 | 16 | COPY --from=builder /usr/local/bin/conftest /usr/local/bin/conftest -------------------------------------------------------------------------------- /hygieia/.openshift/policy/rbac.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | objects: 5 | - apiVersion: rbac.authorization.k8s.io/v1 6 | groupNames: null 7 | kind: RoleBinding 8 | metadata: 9 | creationTimestamp: null 10 | name: admin 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: admin 15 | subjects: 16 | - kind: User 17 | name: esauer 18 | - kind: User 19 | name: cpitman 20 | - kind: User 21 | name: rspazzol 22 | - kind: User 23 | name: tquinn 24 | - kind: User 25 | name: tgeorge 26 | - kind: User 27 | name: pcarney 28 | - kind: User 29 | name: dwasinge 30 | userNames: 31 | - esauer 32 | - cpitman 33 | - rspazzol 34 | - tquinn 35 | - tgeorge 36 | - pcarney 37 | - dwasinge 38 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-zap/configuration/passwd.template: -------------------------------------------------------------------------------- 1 | root:x:0:0:root:/root:/bin/bash 2 | bin:x:1:1:bin:/bin:/sbin/nologin 3 | daemon:x:2:2:daemon:/sbin:/sbin/nologin 4 | adm:x:3:4:adm:/var/adm:/sbin/nologin 5 | lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin 6 | sync:x:5:0:sync:/sbin:/bin/sync 7 | shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown 8 | halt:x:7:0:halt:/sbin:/sbin/halt 9 | mail:x:8:12:mail:/var/spool/mail:/sbin/nologin 10 | operator:x:11:0:operator:/root:/sbin/nologin 11 | games:x:12:100:games:/usr/games:/sbin/nologin 12 | ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin 13 | nobody:x:99:99:Nobody:/:/sbin/nologin 14 | dbus:x:81:81:System message bus:/:/sbin/nologin 15 | polkitd:x:999:999:User for polkitd:/:/sbin/nologin 16 | jenkins:x:${USER_ID}:${GROUP_ID}:Jenkins Continuous Integration Server:${JENKINS_HOME}:/bin/false 17 | -------------------------------------------------------------------------------- /cert-manager-configs/.openshift/cert-utils-operator.yml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Template 3 | apiVersion: template.openshift.io/v1 4 | metadata: 5 | annotations: 6 | description: Cert Manager Deployment to support Acme Certificates 7 | name: cert-utils-operator-template 8 | labels: 9 | template: cert-utils-operator-template 10 | objects: 11 | - kind: OperatorGroup 12 | apiVersion: operators.coreos.com/v1 13 | metadata: 14 | name: cert-utils 15 | spec: 16 | targetNamespaces: [] 17 | - kind: Subscription 18 | apiVersion: operators.coreos.com/v1alpha1 19 | metadata: 20 | name: cert-utils-operator 21 | spec: 22 | channel: alpha 23 | installPlanApproval: Automatic 24 | name: cert-utils-operator 25 | source: community-operators 26 | sourceNamespace: openshift-marketplace 27 | -------------------------------------------------------------------------------- /rabbitmq/.openshift/templates/imagestreams/images.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: List 3 | items: 4 | - apiVersion: image.openshift.io/v1 5 | kind: ImageStream 6 | metadata: 7 | name: ubi-minimal 8 | spec: 9 | dockerImageRepository: registry.access.redhat.com/ubi8/ubi-minimal 10 | lookupPolicy: 11 | local: false 12 | tags: 13 | - annotations: null 14 | from: 15 | kind: DockerImage 16 | name: registry.access.redhat.com/ubi8/ubi-minimal:8.3 17 | importPolicy: {} 18 | name: "8.3" 19 | referencePolicy: 20 | type: Source 21 | - annotations: null 22 | from: 23 | kind: DockerImage 24 | name: registry.access.redhat.com/ubi8/ubi-minimal:latest 25 | importPolicy: {} 26 | name: latest 27 | referencePolicy: 28 | type: Source 29 | -------------------------------------------------------------------------------- /sonarqube/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/sonarqube:latest 2 | 3 | USER root 4 | 5 | RUN apk update && apk add curl 6 | ARG sonar_plugins="java pmd ldap" 7 | ADD sonar.properties /opt/sonarqube/conf/sonar.properties 8 | ADD run.sh /opt/sonarqube/bin/run.sh 9 | CMD /opt/sonarqube/bin/run.sh 10 | RUN cp -a /opt/sonarqube/data /opt/sonarqube/data-init && \ 11 | cp -a /opt/sonarqube/extensions /opt/sonarqube/extensions-init && \ 12 | chown root:root /opt/sonarqube && chmod -R gu+rwX /opt/sonarqube 13 | ADD plugins.sh /opt/sonarqube/bin/plugins.sh 14 | ADD https://github.com/rht-labs/sonar-auth-openshift/releases/latest/download/sonar-auth-openshift-plugin.jar /opt/sonarqube/extensions-init/plugins/ 15 | RUN /opt/sonarqube/bin/plugins.sh $sonar_plugins 16 | RUN chown root:root /opt/sonarqube -R; \ 17 | chmod 6775 /opt/sonarqube -R 18 | USER 1001 19 | -------------------------------------------------------------------------------- /deprecated/zookeeper/inventory/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | openshift_cluster_content: 3 | - object: projectrequest 4 | content: 5 | - name: zookeeper-spaces 6 | file: "{{ inventory_dir }}/../files/projects/projects.yml" 7 | file_action: create 8 | - object: imagestream 9 | content: 10 | - name: rhel7 11 | file: "{{ inventory_dir }}/../files/imagestreams/images.yml" 12 | namespace: zookeeper 13 | - object: builds 14 | content: 15 | - name: zookeeper 16 | namespace: zookeeper 17 | template: "{{ inventory_dir }}/../files/builds/template.yml" 18 | params: "{{ inventory_dir }}/../files/builds/params" 19 | - object: deployments 20 | content: 21 | - name: zookeeper 22 | namespace: zookeeper 23 | template: "{{ inventory_dir }}/../files/deployments/template.yml" 24 | params: "{{ inventory_dir }}/../files/deployments/params" -------------------------------------------------------------------------------- /gogs/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | namespace: gogs 3 | app_name: gogs 4 | 5 | app_params: 6 | APPLICATION_NAME: "{{ app_name }}" 7 | GOGS_VOLUME_CAPACITY: 10Gi 8 | DB_VOLUME_CAPACITY: 5Gi 9 | NAMESPACE: "{{ namespace }}" 10 | 11 | openshift_cluster_content: 12 | - object: Environment Setup 13 | content: 14 | - name: Create Projects 15 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.12/project-requests/create-project.yml" 16 | action: create 17 | params_from_vars: 18 | NAMESPACE: "{{ namespace }}" 19 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 20 | tags: 21 | - project 22 | - object: deployments 23 | content: 24 | - name: gogs 25 | template: "{{ inventory_dir }}/../.openshift/templates/gogs-persistent-template.yaml" 26 | params_from_vars: "{{ app_params }}" 27 | namespace: "{{ namespace }}" 28 | -------------------------------------------------------------------------------- /utilities/ubi8-bats/README.md: -------------------------------------------------------------------------------- 1 | # ubi8-bats 2 | 3 | A utility image for the UBI8 image + Bats. 4 | 5 | Contains the primary used bats for running test scenarios 6 | 7 | It's base is from https://github.com/bats-core/bats-core but now ubi based. 8 | 9 | The image also includes the following applications: 10 | * Helm 11 | * jq 12 | * OpenShift client 13 | * yq 14 | 15 | ## Purpose 16 | 17 | Useful for environments where these libraries/tools are needed such as: 18 | * local development 19 | * CI tools that do not require specific CI tooling configuraiton, such as GitLab Jobs. 20 | 21 | ## Limitations 22 | 23 | The image does not support running parallel tests using the `-j, --jobs` option. 24 | 25 | ## Published 26 | 27 | [https://quay.io/repository/redhat-cop/ubi8-bats](https://quay.io/repository/redhat-cop/ubi8-bats) via [GitHub Workflows](../../.github/workflows/ubi8-bats-publish.yaml). 28 | -------------------------------------------------------------------------------- /cert-manager-configs/templates/OpenshiftConfigs.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.cluster.apiServer.enabled }} 2 | {{- if .Values.cluster.ingressController.enabled }} 3 | --- 4 | kind: APIServer 5 | apiVersion: config.openshift.io/v1 6 | metadata: 7 | name: cluster 8 | spec: 9 | servingCerts: 10 | namedCertificates: 11 | - names: 12 | - {{ .Values.cluster.apiServer.name }} 13 | servingCertificate: 14 | name: {{ .Values.cluster.apiServer.tlsSecret }} 15 | 16 | --- 17 | apiVersion: operator.openshift.io/v1 18 | kind: IngressController 19 | metadata: 20 | name: default 21 | namespace: openshift-ingress-operator 22 | spec: 23 | defaultCertificate: 24 | name: ingress-letsencrypt-cert 25 | 26 | --- 27 | apiVersion: config.openshift.io/v1 28 | kind: Proxy 29 | metadata: 30 | name: cluster 31 | spec: 32 | trustedCA: 33 | name: letsencrypt-ca 34 | {{- end }} 35 | {{- end }} 36 | -------------------------------------------------------------------------------- /deprecated/s2i-java/s2i/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Command line arguments given to this script 4 | args="$*" 5 | 6 | # Global S2I variable setup 7 | source `dirname "$0"`/s2i-setup 8 | 9 | # Always include jolokia-opts, which can be empty if switched off via env 10 | JAVA_OPTIONS="${JAVA_OPTIONS:+${JAVA_OPTIONS} }$(/opt/jolokia/jolokia-opts)" 11 | 12 | # Temporary options variable until the harmonization hawt-app PR #5 has been applied (hopefully) 13 | JVM_ARGS="${JVM_ARGS:+${JVM_ARGS} }${JAVA_OPTIONS}" 14 | export JAVA_OPTIONS JVM_ARGS 15 | 16 | if [ -f "${DEPLOYMENTS_DIR}/bin/run.sh" ]; then 17 | echo "Starting the application using the bundled ${DEPLOYMENTS_DIR}/bin/run.sh ..." 18 | exec ${DEPLOYMENTS_DIR}/bin/run.sh $args ${JAVA_ARGS} 19 | else 20 | echo "Starting the Java application using /opt/run-java/run-java.sh ..." 21 | exec /opt/run-java/run-java.sh $args ${JAVA_ARGS} 22 | fi 23 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-ruby/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 2 | 3 | LABEL name="redhat-cop/jenkins-agent-ruby" \ 4 | io.k8s.display-name="Jenkins Agent Ruby" \ 5 | io.k8s.description="The jenkins agent ruby." \ 6 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-ruby" 7 | 8 | # renovate: datasource=repology depName=ubi_8/ruby 9 | ARG RUBY_VERSION=3.1.2 10 | 11 | USER root 12 | 13 | RUN dnf -y module enable ruby:${RUBY_VERSION%.*} && \ 14 | dnf install --nodocs -y ruby ruby-devel rubygem-rake rubygem-bundler libyaml-devel autoconf automake gcc make redhat-rpm-config && \ 15 | dnf clean all -y 16 | 17 | # Copy extra files to the image. 18 | COPY ./root/ / 19 | RUN chown -R 1001:0 /opt/app-root && \ 20 | chmod -R ug+rwx /opt/app-root 21 | 22 | USER 1001 23 | 24 | WORKDIR /opt/app-root 25 | 26 | RUN ruby -v -------------------------------------------------------------------------------- /sonarqube/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -x 4 | set -e 5 | 6 | ## If the mounted data volume is empty, populate it from the default data 7 | cp -a /opt/sonarqube/data-init/* /opt/sonarqube/data/ 8 | 9 | ## Link the plugins directory from the mounted volume 10 | rm -rf /opt/sonarqube/extensions/plugins 11 | ln -s /opt/sonarqube/data/plugins /opt/sonarqube/extensions/plugins 12 | 13 | mkdir -p /opt/sonarqube/data/plugins 14 | for I in $(ls /opt/sonarqube/extensions-init/plugins/*.jar); 15 | do 16 | TARGET_PATH=$(echo ${I} | sed 's@extensions-init/plugins@data/plugins@g') 17 | if ! [[ -e ${TARGET_PATH} ]]; then 18 | cp ${I} ${TARGET_PATH} 19 | fi 20 | done 21 | 22 | if [ "${1:0:1}" != '-' ]; then 23 | exec "$@" 24 | fi 25 | 26 | java -jar lib/sonar-application-$SONAR_VERSION.jar \ 27 | -Dsonar.web.javaAdditionalOpts="${SONARQUBE_WEB_JVM_OPTS} -Djava.security.egd=file:/dev/./urandom" \ 28 | "$@" -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-conftest/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Conftest Agent 🦇 2 | 3 | This agent extends the base jenkins agent image and adds the following binaries to be able to execute [Open Policy Agent](https://openpolicyagent.org) conftests in a pipeline: 4 | - [conftest](https://conftest.dev/) 5 | - [yq](https://pypi.org/project/yq/) 6 | - [bats](https://github.com/bats-core/bats-core) 7 | 8 | ## Build in OpenShift 9 | ```bash 10 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 11 | -p NAME=jenkins-agent-conftest \ 12 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-conftest \ 13 | -p DOCKERFILE_PATH=Dockerfile \ 14 | | oc create -n openshift -f - 15 | ``` 16 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 17 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app-gradle/build.gradle: -------------------------------------------------------------------------------- 1 | buildscript { 2 | ext { 3 | springBootVersion = '1.5.1.RELEASE' 4 | } 5 | repositories { 6 | mavenCentral() 7 | } 8 | dependencies { 9 | classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}") 10 | } 11 | } 12 | 13 | apply plugin: 'java' 14 | apply plugin: 'eclipse' 15 | apply plugin: 'org.springframework.boot' 16 | 17 | 18 | jar { 19 | baseName = 's2i' 20 | version = '0.0.1-SNAPSHOT' 21 | } 22 | 23 | sourceCompatibility = 1.8 24 | 25 | repositories { 26 | mavenCentral() 27 | } 28 | 29 | 30 | dependencies { 31 | compile('org.springframework.boot:spring-boot-starter-actuator') 32 | compile('org.springframework.boot:spring-boot-starter-thymeleaf') 33 | compile('org.springframework.boot:spring-boot-starter-web') 34 | testCompile('org.springframework.boot:spring-boot-starter-test') 35 | } 36 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-cosign/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | # renovate: datasource=github-releases depName=sigstore/cosign 5 | ARG COSIGN_VERSION=v2.5.0 6 | RUN curl -L "https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/cosign-linux-amd64" -o /usr/local/bin/cosign && \ 7 | chmod +x /usr/local/bin/cosign && \ 8 | cosign version 9 | 10 | # Runnable 11 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 12 | 13 | LABEL name="redhat-cop/jenkins-agent-cosign" \ 14 | io.k8s.display-name="Jenkins Agent Cosign" \ 15 | io.k8s.description="The jenkins agent cosign." \ 16 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-cosign" 17 | 18 | COPY --from=builder /usr/local/bin/cosign /usr/local/bin/cosign 19 | 20 | RUN cosign version -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app-gradle/src/build.gradle: -------------------------------------------------------------------------------- 1 | buildscript { 2 | ext { 3 | springBootVersion = '1.5.1.RELEASE' 4 | } 5 | repositories { 6 | mavenCentral() 7 | } 8 | dependencies { 9 | classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}") 10 | } 11 | } 12 | 13 | apply plugin: 'java' 14 | apply plugin: 'eclipse' 15 | apply plugin: 'org.springframework.boot' 16 | 17 | 18 | jar { 19 | baseName = 's2i' 20 | version = '0.0.1-SNAPSHOT' 21 | } 22 | 23 | sourceCompatibility = 1.8 24 | 25 | repositories { 26 | mavenCentral() 27 | } 28 | 29 | 30 | dependencies { 31 | compile('org.springframework.boot:spring-boot-starter-actuator') 32 | compile('org.springframework.boot:spring-boot-starter-thymeleaf') 33 | compile('org.springframework.boot:spring-boot-starter-web') 34 | testCompile('org.springframework.boot:spring-boot-starter-test') 35 | } 36 | -------------------------------------------------------------------------------- /zalenium/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | namespace: zalenium 3 | app_name: zalenium 4 | 5 | app_params: 6 | ZALENIUM_MEMORY_LIMIT: "2Gi" 7 | ZALENIUM_CPU_LIMIT: "1000m" 8 | VIDEOS_STORAGE_SIZE: "10G" 9 | AGENT_CPU_REQUEST: "100m" 10 | AGENT_CPU_LIMIT: "1000m" 11 | AGENT_MEMORY_REQUEST: "1Gi" 12 | AGENT_MEMORY_LIMIT: "2Gi" 13 | 14 | 15 | openshift_cluster_content: 16 | - object: Environment Setup 17 | content: 18 | - name: Create Projects 19 | template: "{{ inventory_dir }}/../.openshift/templates/projects.yml" 20 | action: create 21 | params_from_vars: 22 | NAMESPACE: "{{ namespace }}" 23 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 24 | tags: 25 | - project 26 | - object: deployments 27 | content: 28 | - name: Zalenium 29 | template: "{{ inventory_dir }}/../.openshift/templates/zalenium-deployment.yml" 30 | params_from_vars: "{{ app_params }}" 31 | namespace: "{{ namespace }}" 32 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-argocd/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins ArgoCD Agent 2 | 3 | This agent extends the base jenkins agent image and adds the argocd binary. We can use this agent image in a Jenkins pipeline to perform gitops actions and scaffold argocd projects. 4 | 5 | Agent also includes `yq` for [yaml manipulation](https://github.com/mikefarah/yq). Ex use 6 | ```bash 7 | cat << EOF | yq w - 'my_app.version' newest 8 | --- 9 | my_app: 10 | version: latest 11 | EOF 12 | ``` 13 | 14 | ## Build in OpenShift 15 | ```bash 16 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 17 | -p NAME=jenkins-agent-argocd \ 18 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-argocd \ 19 | -p DOCKERFILE_PATH=Dockerfile \ 20 | | oc create -n openshift -f - 21 | ``` 22 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 23 | -------------------------------------------------------------------------------- /jenkins-agents/README.md: -------------------------------------------------------------------------------- 1 | # order of updates 2 | 3 | ## 1st level 4 | - [jenkins-agent](jenkins-agent) 5 | 6 | ## 2nd level 7 | - [jenkins-agent-ansible](jenkins-agent-ansible) 8 | - [jenkins-agent-argocd](jenkins-agent-argocd) 9 | - [jenkins-agent-cosign](jenkins-agent-cosign) 10 | - [jenkins-agent-erlang](jenkins-agent-erlang) 11 | - [jenkins-agent-golang](jenkins-agent-golang) 12 | - [jenkins-agent-gradle](jenkins-agent-gradle) 13 | - [jenkins-agent-hugo](jenkins-agent-hugo) 14 | - [jenkins-agent-image-mgmt](jenkins-agent-image-mgmt) 15 | - [jenkins-agent-mongodb](jenkins-agent-mongodb) 16 | - [jenkins-agent-mvn](jenkins-agent-mvn) 17 | - [jenkins-agent-npm](jenkins-agent-npm) 18 | - [jenkins-agent-python](jenkins-agent-python) 19 | - [jenkins-agent-ruby](jenkins-agent-ruby) 20 | - [jenkins-agent-rust](jenkins-agent-rust) 21 | 22 | ## 3rd level 23 | - [jenkins-agent-conftest](jenkins-agent-conftest) 24 | - [jenkins-agent-graalvm](jenkins-agent-graalvm) 25 | - [jenkins-agent-helm](jenkins-agent-helm) -------------------------------------------------------------------------------- /rabbitmq/chart/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: RabbitMQ 3 | description: A Helm chart for RabbitMQ 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | version: 0.1.2 18 | 19 | # This is the version number of the application being deployed. This version number should be 20 | # incremented each time you make changes to the application. 21 | appVersion: v3.8.13 22 | -------------------------------------------------------------------------------- /deprecated/motepair/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: motepair 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | version: 0.1.0 18 | 19 | # This is the version number of the application being deployed. This version number should be 20 | # incremented each time you make changes to the application. 21 | appVersion: 1.16.0 22 | -------------------------------------------------------------------------------- /deprecated/build-s2i-play/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | namespace: play-demo 3 | 4 | openshift_cluster_content: 5 | - object: Environment Setup 6 | content: 7 | - name: Create Projects 8 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.12/project-requests/create-project.yml" 9 | action: create 10 | params_from_vars: 11 | NAMESPACE: "{{ namespace }}" 12 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 13 | tags: 14 | - project 15 | - object: builds 16 | content: 17 | - name: build play 18 | template: "{{ inventory_dir }}/../.openshift/templates/build.yml" 19 | params: "{{ inventory_dir }}/../.openshift/params/build" 20 | namespace: "{{ namespace }}" 21 | - object: deployments 22 | content: 23 | - name: deploy MongoDB config servers 24 | template: "{{ inventory_dir }}/../.openshift/templates/deployment.yml" 25 | params: "{{ inventory_dir }}/../.openshift/params/deployment" 26 | namespace: "{{ namespace }}" 27 | -------------------------------------------------------------------------------- /rabbitmq/chart/templates/build.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.build.enabled }} 2 | --- 3 | apiVersion: image.openshift.io/v1 4 | kind: ImageStream 5 | metadata: 6 | labels: 7 | {{- include "chart.labels" . | nindent 4 }} 8 | name: {{ include "chart.fullname" . }} 9 | spec: 10 | lookupPolicy: 11 | local: true 12 | --- 13 | apiVersion: build.openshift.io/v1 14 | kind: BuildConfig 15 | metadata: 16 | labels: 17 | {{- include "chart.labels" . | nindent 4 }} 18 | name: {{ include "chart.fullname" . }} 19 | spec: 20 | output: 21 | to: 22 | kind: ImageStreamTag 23 | name: rabbitmq:{{ .Chart.AppVersion }} 24 | source: 25 | contextDir: {{ .Values.build.contextDir }} 26 | git: 27 | ref: {{ .Values.build.repositoryRef }} 28 | uri: {{ .Values.build.repositoryUrl }} 29 | type: Git 30 | strategy: 31 | dockerStrategy: 32 | forcePull: true 33 | type: Docker 34 | triggers: 35 | - imageChange: {} 36 | type: ImageChange 37 | - type: ConfigChange 38 | {{- end }} 39 | -------------------------------------------------------------------------------- /tool-box/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | namespace: tool-box 2 | app_name: toolbox 3 | 4 | openshift_cluster_content: 5 | - object: Environment Setup 6 | content: 7 | - name: Create Projects 8 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.12/project-requests/create-project.yml" 9 | action: create 10 | params_from_vars: 11 | NAMESPACE: "{{ namespace }}" 12 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 13 | tags: 14 | - project 15 | - object: Builds 16 | content: 17 | - name: tool-box 18 | template: "https://raw.githubusercontent.com/redhat-cop/containers-quickstarts/v1.4/build-docker-generic/.openshift/templates/docker-build-template.yml" 19 | params_from_vars: 20 | NAME: "{{ app_name }}" 21 | SOURCE_REPOSITORY_URL: https://github.com/redhat-cop/containers-quickstarts.git 22 | SOURCE_REPOSITORY_REF: v1.1 23 | SOURCE_CONTEXT_DIR: tool-box 24 | namespace: "{{ namespace }}" 25 | tags: 26 | - tool-box 27 | -------------------------------------------------------------------------------- /deprecated/kafka/files/imagestreams/images.yml: -------------------------------------------------------------------------------- 1 | apiVersion: vi 2 | kind: List 3 | items: 4 | - apiVersion: v1 5 | kind: ImageStream 6 | metadata: 7 | name: rhel 8 | spec: 9 | dockerImageRepository: registry.access.redhat.com/rhel7/rhel 10 | lookupPolicy: 11 | local: false 12 | tags: 13 | - annotations: null 14 | from: 15 | kind: DockerImage 16 | name: registry.access.redhat.com/rhel7/rhel:7.3 17 | importPolicy: {} 18 | name: "7.3" 19 | referencePolicy: 20 | type: Source 21 | - annotations: null 22 | from: 23 | kind: DockerImage 24 | name: registry.access.redhat.com/rhel7/rhel:7.4 25 | importPolicy: {} 26 | name: "7.4" 27 | referencePolicy: 28 | type: Source 29 | - annotations: null 30 | from: 31 | kind: DockerImage 32 | name: registry.access.redhat.com/rhel7/rhel:latest 33 | importPolicy: {} 34 | name: latest 35 | referencePolicy: 36 | type: Source 37 | -------------------------------------------------------------------------------- /deprecated/zookeeper/files/imagestreams/images.yml: -------------------------------------------------------------------------------- 1 | apiVersion: vi 2 | kind: List 3 | items: 4 | - apiVersion: v1 5 | kind: ImageStream 6 | metadata: 7 | name: rhel 8 | spec: 9 | dockerImageRepository: registry.access.redhat.com/rhel7/rhel 10 | lookupPolicy: 11 | local: false 12 | tags: 13 | - annotations: null 14 | from: 15 | kind: DockerImage 16 | name: registry.access.redhat.com/rhel7/rhel:7.3 17 | importPolicy: {} 18 | name: "7.3" 19 | referencePolicy: 20 | type: Source 21 | - annotations: null 22 | from: 23 | kind: DockerImage 24 | name: registry.access.redhat.com/rhel7/rhel:7.4 25 | importPolicy: {} 26 | name: "7.4" 27 | referencePolicy: 28 | type: Source 29 | - annotations: null 30 | from: 31 | kind: DockerImage 32 | name: registry.access.redhat.com/rhel7/rhel:latest 33 | importPolicy: {} 34 | name: latest 35 | referencePolicy: 36 | type: Source 37 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-helm/Jenkinsfile.test: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'jenkins-agent-helm' 4 | } 5 | 6 | stages { 7 | stage ('Run Clone Test') { 8 | steps { 9 | sh "git clone https://github.com/redhat-cop/containers-quickstarts.git" 10 | } 11 | } 12 | 13 | stage ('Run Test') { 14 | steps { 15 | sh """ 16 | helm version 17 | ct version 18 | ls -l \$HOME/.ct 19 | git version 20 | python --version 21 | oc version 22 | kubectl version 23 | conftest --version 24 | yq --version 25 | kube-linter version 26 | java -version 27 | 28 | helm repo add jenkinsci https://charts.jenkins.io --force-update 29 | helm repo update 30 | """ 31 | } 32 | } 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-hugo/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | SHELL ["/bin/bash", "-c"] 5 | 6 | USER root 7 | 8 | # renovate: datasource=github-releases depName=gohugoio/hugo 9 | ARG HUGO_VERSION=v0.147.2 10 | RUN curl -L "https://github.com/gohugoio/hugo/releases/download/${HUGO_VERSION}/hugo_extended_${HUGO_VERSION//v}_Linux-64bit.tar.gz" -o /tmp/hugo.tar.gz && \ 11 | tar -xzf /tmp/hugo.tar.gz && \ 12 | mv hugo /usr/local/bin/hugo && \ 13 | hugo version 14 | 15 | USER 1001 16 | 17 | # Runnable 18 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 19 | 20 | LABEL name="redhat-cop/jenkins-agent-hugo" \ 21 | io.k8s.display-name="Jenkins Agent hugo" \ 22 | io.k8s.description="The jenkins agent hugo." \ 23 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-hugo" 24 | 25 | COPY --from=builder /usr/local/bin/hugo /usr/local/bin/hugo 26 | RUN hugo version -------------------------------------------------------------------------------- /deprecated/zookeeper/zkOk.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Copyright 2016 The Kubernetes Authors. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # zkOk.sh uses the ruok ZooKeeper four letter work to determine if the instance 17 | # is health. The $? variable will be set to 0 if server responds that it is 18 | # healthy, or 1 if the server fails to respond. 19 | 20 | ZK_CLIENT_PORT=${ZK_CLIENT_PORT:-2181} 21 | OK=$(echo ruok | nc 127.0.0.1 $ZK_CLIENT_PORT) 22 | if [ "$OK" == "imok" ]; then 23 | exit 0 24 | else 25 | exit 1 26 | fi -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-gradle/README.md: -------------------------------------------------------------------------------- 1 | # jenkins-agent-gradle 2 | Provides a docker image of the gradle runtime for use as a Jenkins agent. 3 | 4 | ## Build 5 | `docker build -t jenkins-agent-gradle .` 6 | 7 | ## Build in OpenShift 8 | ```bash 9 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 10 | -p NAME=jenkins-agent-gradle \ 11 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-gradle \ 12 | | oc create -f - 13 | ``` 14 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 15 | 16 | ## Run 17 | For local running and experimentation run `docker run -i -t --rm jenkins-agent-gradle /bin/bash` and have a play once inside the container. 18 | 19 | ## Jenkins Running 20 | Add a new Kubernetes Container template called `jenkins-agent-gradle` and specify this as the node when running builds. Set the version of Java you want to use and away you go! 21 | ```bash 22 | export JAVA_HOME=/path/to/java/version 23 | gradle clean build 24 | ``` 25 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/README.md: -------------------------------------------------------------------------------- 1 | ### OpenShift S2I Builder for Java 2 | 3 | This Source-to-Image Builder based on RHEL 7, let's you create projects targetting Java OpenJDK 8 and built with: 4 | 5 | ##### Maven or Gradle 6 | 7 | NOTE: If a project has a `pom.xml` and a `build.gradle`, maven will take precedence 8 | 9 | This s2i builder image can be used with `SpringBoot`, `Vert.X`, `Wildfly Swarm`, `DropWizard` and many other microservices frameworks. 10 | 11 | 12 | ##### BUILD ENV Options 13 | * *APP_SUFFIX*: Jar file suffix to use to locate the generated artifact to use `(e.g. xxxxx${APP_SUFFIX}.jar)` 14 | * *BUILDER_ARGS*: Allows you to specify options to pass to `maven` or `gradle` 15 | 16 | 17 | ##### RUN ENV Options 18 | * *APP_OPTIONS*: Options to pass to `*java -jar app.jar ${APP_OPTIONS}*` 19 | 20 | 21 | ##### Defaults 22 | If you do not specify any `BUILDER_ARGS`, by default the s2i image will use the following: 23 | 24 | #### Maven Args 25 | `-Popenshift -DskipTests -Dcom.redhat.xpaas.repo.redhatga package` 26 | 27 | #### Gradle Args 28 | `build -x test` 29 | 30 | #### To test the image locally 31 | `$ make test` 32 | -------------------------------------------------------------------------------- /tower-ocp-custom/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | tower_ocp_namespace: 'tower-ocp' 4 | 5 | openshift_templates_raw: "https://raw.githubusercontent.com/redhat-cop/openshift-templates" 6 | openshift_templates_raw_version_tag: "v1.4.15" 7 | 8 | tower_ocp_namespace_params: 9 | NAMESPACE: '{{ tower_ocp_namespace }}' 10 | NAMESPACE_DISPLAY_NAME: 'Tower Namespace' 11 | NAMESPACE_DESCRIPTION: 'Ansible Tower and associated resources are deployed to this namespace' 12 | 13 | openshift_cluster_content: 14 | - object: projectrequest 15 | content: 16 | - name: 'tower-projects' 17 | template: '{{ openshift_templates_raw }}/{{ openshift_templates_raw_version_tag }}/project-requests/create-project.yml' 18 | params_from_vars: '{{ tower_ocp_namespace_params }}' 19 | action: create 20 | tags: 21 | - namespaces 22 | - tower-ocp 23 | - object: tower-ocp 24 | content: 25 | - name: 'tower-ocp' 26 | namespace: '{{ tower_ocp_namespace }}' 27 | template: '{{ inventory_dir }}/../.openshift/templates/tower-ocp-custom-image.yml' 28 | tags: 29 | - tower-ocp 30 | -------------------------------------------------------------------------------- /tekton-task-images/helm/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | # renovate: datasource=github-releases depName=mikefarah/yq 5 | ARG YQ_VERSION=v4.50.1 6 | RUN curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" -o /usr/local/bin/yq && \ 7 | chmod +x /usr/local/bin/yq && \ 8 | yq --version 9 | 10 | COPY VERSION /tmp/version 11 | RUN source /tmp/version && \ 12 | curl -L "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz" -o /tmp/helm.tar.gz && \ 13 | tar -xzf /tmp/helm.tar.gz && \ 14 | mv linux-amd64/helm /usr/local/bin/helm && \ 15 | helm version 16 | 17 | # Runnable 18 | FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5-1745855087@sha256:e1c4703364c5cb58f5462575dc90345bcd934ddc45e6c32f9c162f2b5617681c 19 | 20 | USER root 21 | 22 | RUN microdnf update -y && \ 23 | microdnf install -y --nodocs openssl git findutils && \ 24 | microdnf clean all 25 | 26 | USER 1001 27 | 28 | COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq 29 | COPY --from=builder /usr/local/bin/helm /usr/local/bin/helm -------------------------------------------------------------------------------- /rabbitmq/chart/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "chart.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1beta1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "chart.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | backend: 37 | serviceName: {{ $fullName }} 38 | servicePort: {{ $svcPort }} 39 | {{- end }} 40 | {{- end }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-gradle/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | RUN dnf install -y unzip && \ 5 | dnf clean all 6 | 7 | # renovate: datasource=github-releases depName=gradle/gradle 8 | ARG GRADLE_VERSION=8.14 9 | RUN curl -L "https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip" -o /tmp/gradle-bin.zip && \ 10 | unzip -q /tmp/gradle-bin.zip -d /opt/gradle-bin && \ 11 | mv /opt/gradle-bin/gradle-${GRADLE_VERSION} /opt/gradle 12 | 13 | # Runnable 14 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 15 | 16 | LABEL name="redhat-cop/jenkins-agent-gradle" \ 17 | io.k8s.display-name="Jenkins Agent gradle" \ 18 | io.k8s.description="The jenkins agent gradle." \ 19 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-gradle" 20 | 21 | USER root 22 | 23 | COPY --from=builder /opt/gradle /opt/gradle 24 | RUN chown -R 1001:0 /opt/gradle && \ 25 | chmod -R g+rw /opt/gradle 26 | 27 | ENV GRADLE_HOME=/opt/gradle 28 | ENV PATH="${PATH}:${GRADLE_HOME}/bin" 29 | 30 | USER 1001 31 | 32 | RUN gradle --version -g ~/.gradle 33 | -------------------------------------------------------------------------------- /deprecated/kafka/inventory/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | openshift_cluster_content: 3 | - object: projectrequest 4 | content: 5 | - name: kafka-spaces 6 | file: "{{ inventory_dir }}/../files/projects/projects.yml" 7 | file_action: create 8 | - object: imagestream 9 | content: 10 | - name: rhel7 11 | file: "{{ inventory_dir }}/../files/imagestreams/images.yml" 12 | namespace: kafka 13 | - object: builds 14 | content: 15 | - name: zookeeper 16 | namespace: kafka 17 | template: "{{ inventory_dir }}/../../zookeeper/files/builds/template.yml" 18 | params: "{{ inventory_dir }}/../../zookeeper/files/builds/params" 19 | - name: kafka 20 | namespace: kafka 21 | template: "{{ inventory_dir }}/../files/builds/template.yml" 22 | params: "{{ inventory_dir }}/../files/builds/params" 23 | - object: deployments 24 | content: 25 | - name: zookeeper 26 | namespace: kafka 27 | template: "{{ inventory_dir }}/../../zookeeper/files/deployments/template.yml" 28 | params: "{{ inventory_dir }}/../../zookeeper/files/deployments/params" 29 | - name: kafka 30 | namespace: kafka 31 | template: "{{ inventory_dir }}/../files/deployments/template.yml" 32 | params: "{{ inventory_dir }}/../files/deployments/params" 33 | -------------------------------------------------------------------------------- /github-runner-ubi8/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi8/ubi:latest 2 | 3 | ARG GITHUB_RUNNER_VERSION="2.276.0" 4 | 5 | LABEL summary="Supports running a GitHub self-hosted runner." \ 6 | description="Self-hosted GitHub runner" \ 7 | io.k8s.display-name="GitHub Runner" \ 8 | io.openshift.expose-services="" \ 9 | io.openshift.tags="rhel8,cicd" 10 | 11 | RUN dnf update -y && \ 12 | dnf install -y git hostname && \ 13 | export JQ_VERSION=1.6 && \ 14 | curl -s -Lo /tmp/jq-linux64 https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \ 15 | chmod +x /tmp/jq-linux64 && \ 16 | ln -s /tmp/jq-linux64 /usr/local/bin/jq && \ 17 | jq --version && \ 18 | useradd -m github -u 1001 19 | 20 | WORKDIR /home/github 21 | 22 | RUN curl -Ls https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz | tar xzvC /home/github \ 23 | && /home/github/bin/installdependencies.sh && \ 24 | dnf clean all 25 | 26 | COPY entrypoint.sh ./entrypoint.sh 27 | RUN chmod u+x ./entrypoint.sh && \ 28 | chmod -R g=u /home/github && \ 29 | chown -R 1001:0 /home/github 30 | 31 | ENTRYPOINT ["/home/github/entrypoint.sh"] 32 | 33 | USER 1001 34 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mvn/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Maven Agent 2 | 3 | This agent extends [the Jenkins Maven Agent shipped with OpenShift](https://access.redhat.com/containers/?tab=overview#/registry.access.redhat.com/openshift3/jenkins-agent-maven-rhel7) to provide a settings.xml that proxies all dependencies through a nexus server deployed to the same namespace. This type of setup makes sense in a Lab setting, such as [Open Innovation Labs CI/CD](https://github.com/rht-labs/labs-ci-cd) environment. For most customer engagements, you'll to update this proxy/password to use an central, enterprise artifact repo which is unlikely to be deployed in the same namespace. Or simply use the OpenShift supplied base image directly and provide artifact repository info in the application build. 4 | 5 | ## Build in OpenShift 6 | ```bash 7 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 8 | -p NAME=jenkins-agent-mvn \ 9 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-mvn \ 10 | -p DOCKERFILE_PATH=Dockerfile \ 11 | | oc create -f - 12 | ``` 13 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 14 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-erlang/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | # renovate: datasource=github-releases depName=erlang/rebar3 5 | ARG REBAR3_VERSION=3.24.0 6 | RUN curl -L "https://github.com/erlang/rebar3/releases/download/${REBAR3_VERSION}/rebar3" -o /usr/local/bin/rebar3 && \ 7 | chmod +x /usr/local/bin/rebar3 8 | 9 | # Runnable 10 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 11 | 12 | SHELL ["/bin/bash", "-c"] 13 | 14 | LABEL name="redhat-cop/jenkins-agent-erlang" \ 15 | io.k8s.display-name="Jenkins Agent erlang" \ 16 | io.k8s.description="The jenkins agent erlang." \ 17 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-erlang" 18 | 19 | # renovate: datasource=github-releases depName=rabbitmq/erlang-rpm 20 | ARG ERLANG_VERSION=v27.3.4 21 | 22 | USER root 23 | 24 | COPY --from=builder /usr/local/bin/rebar3 /usr/local/bin/rebar3 25 | RUN dnf install -y "https://github.com/rabbitmq/erlang-rpm/releases/download/${ERLANG_VERSION}/erlang-${ERLANG_VERSION//v}-1.el8.x86_64.rpm" && \ 26 | dnf clean all 27 | 28 | USER 1001 29 | 30 | RUN erl -version && \ 31 | rebar3 version -------------------------------------------------------------------------------- /.openshift/templates/jenkins-pipeline-template-no-ocp-triggers.j2: -------------------------------------------------------------------------------- 1 | {%- if test_pipelines is defined %} 2 | {%- for agent, params in test_pipelines.deploy.items() %} 3 | --- 4 | apiVersion: build.openshift.io/v1 5 | kind: BuildConfig 6 | metadata: 7 | labels: 8 | build: {{ params.NAME | d('jenkins-agent-' + agent) }} 9 | name: {{ params.NAME ~ '-pipeline' | d('jenkins-agent-' + agent + '-pipeline') }} 10 | type: pipeline 11 | annotations: 12 | deprecated: "https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html#ocp-4-3-deprecated-features" 13 | name: {{ params.NAME ~ '-pipeline' | d('jenkins-agent-' + agent + '-pipeline') }} 14 | spec: 15 | runPolicy: {{ params.RUN_POLICY | d('Serial') }} 16 | source: 17 | contextDir: {{ params.PIPELINE_CONTEXT_DIR }} 18 | git: 19 | ref: {{ params.PIPELINE_SOURCE_REPOSITORY_REF | d('master') }} 20 | uri: {{ params.PIPELINE_SOURCE_REPOSITORY_URL }} 21 | type: Git 22 | strategy: 23 | jenkinsPipelineStrategy: 24 | env: 25 | - name: GIT_COMMITTER_EMAIL 26 | value: cop@redhat.com 27 | - name: GIT_COMMITTER_NAME 28 | value: Redhat CoP 29 | jenkinsfilePath: {{ params.PIPELINE_FILENAME | d('Jenkinsfile') }} 30 | type: JenkinsPipeline 31 | {% endfor %} 32 | {%- endif %} 33 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-arachni/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder 3 | 4 | SHELL ["/bin/bash", "-c"] 5 | 6 | # renovate: datasource=github-releases depName=Arachni/arachni 7 | ARG ARACHNI_VERSION=v1.5.1 8 | ARG WEB_VERSION=0.5.12 9 | 10 | RUN curl -L "https://github.com/Arachni/arachni/releases/download/${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}-linux-x86_64.tar.gz" -o /tmp/arachni.tar.gz && \ 11 | tar --no-same-owner -xzf /tmp/arachni.tar.gz && \ 12 | mv "/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}" /arachni && \ 13 | chown -R root:root /arachni && \ 14 | chmod -R 775 /arachni 15 | 16 | # Runnable 17 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 18 | 19 | LABEL name="redhat-cop/jenkins-agent-arachni" \ 20 | io.k8s.display-name="Jenkins Agent Arachni" \ 21 | io.k8s.description="The jenkins agent arachni." \ 22 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-arachni" 23 | 24 | COPY --from=builder /arachni /arachni 25 | COPY reporters /arachni/system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters 26 | 27 | WORKDIR /arachni 28 | 29 | USER 1001 30 | 31 | RUN /arachni/bin/arachni --version -------------------------------------------------------------------------------- /rabbitmq/test/unit/serviceaccount.bats: -------------------------------------------------------------------------------- 1 | 2 | #!/usr/bin/env bats 3 | 4 | load _helpers 5 | 6 | @test "serviceaccount: enabled by default" { 7 | cd $(chart_dir) 8 | local service_account=$(helm template -s templates/serviceaccount.yaml \ 9 | . | yq r - --length) 10 | [ ${service_account} -gt 0 ] 11 | } 12 | 13 | @test "serviceaccount: default annotations" { 14 | cd $(chart_dir) 15 | local annotations=$(helm template -s templates/serviceaccount.yaml \ 16 | . | yq r - 'metadata.annotations') 17 | [ -z "${annotations}" ] 18 | } 19 | 20 | @test "serviceaccount: custom annotations" { 21 | cd $(chart_dir) 22 | local annotations=$(helm template -s templates/serviceaccount.yaml \ 23 | --set 'serviceAccount.annotations.custom=true' \ 24 | . | yq r - 'metadata.annotations.custom') 25 | [ "${annotations}" == "true" ] 26 | } 27 | 28 | @test "serviceaccount: default name" { 29 | cd $(chart_dir) 30 | local name=$(helm template "$(prefix_name)" -s templates/serviceaccount.yaml \ 31 | . | yq r - 'metadata.name') 32 | [ "${name}" == "$(prefix_name)" ] 33 | } 34 | 35 | @test "serviceaccount: custom name" { 36 | cd $(chart_dir) 37 | local name=$(helm template "custom" -s templates/serviceaccount.yaml \ 38 | --set 'serviceAccount.name=custom' \ 39 | . | yq r - 'metadata.name') 40 | [ "${name}" == "custom" ] 41 | } 42 | -------------------------------------------------------------------------------- /ubi7-gitlab-runner/entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | unregister() { 4 | echo "Stopping and unregistering the GitLab runner." 5 | gitlab-runner stop 6 | gitlab-runner unregister --all-runners 7 | } 8 | 9 | update_ca() { 10 | echo "Updating CA certificates..." 11 | cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" 12 | update-ca-certificates --fresh >/dev/null 13 | } 14 | 15 | # Ensure that assigned uid has entry in /etc/passwd 16 | if [ `id -u` -ge 10000 ]; then 17 | cat /etc/passwd | sed -e "s/^gitlab-runner:/builder:/" > /tmp/passwd 18 | echo "gitlab-runner:x:`id -u`:`id -g`:,,,:/home/gitlab-runner:/bin/bash" >> /tmp/passwd 19 | cat /tmp/passwd > /etc/passwd 20 | rm /tmp/passwd 21 | fi 22 | 23 | # gitlab-runner data directory 24 | DATA_DIR="/etc/gitlab-runner" 25 | CONFIG_FILE=${CONFIG_FILE:-$DATA_DIR/config.toml} 26 | # custom certificate authority path 27 | CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt} 28 | LOCAL_CA_PATH="/usr/local/share/ca-certificates/ca.crt" 29 | 30 | 31 | if [ -f "${CA_CERTIFICATES_PATH}" ]; then 32 | # update the ca if the custom ca is different than the current 33 | cmp -s "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" || update_ca 34 | fi 35 | 36 | trap unregister SIGTERM 37 | 38 | # launch gitlab-runner passing all arguments 39 | exec gitlab-runner "$@" 40 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-erlang/README.md: -------------------------------------------------------------------------------- 1 | # jenkins-agent-erlang 2 | Provides a docker image of the erlang runtime for use as a Jenkins agent. 3 | 4 | ## Build local 5 | `docker build -t jenkins-agent-erlang .` 6 | 7 | ## Run local 8 | For local running and experimentation run `docker run -i -t jenkins-agent-erlang /bin/bash` and have a play once inside the container. 9 | 10 | ## Build in OpenShift 11 | ```bash 12 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 13 | -p NAME=jenkins-agent-erlang \ 14 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-erlang \ 15 | | oc create -f - 16 | ``` 17 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 18 | 19 | ## Jenkins 20 | Add a new Kubernetes Container template called `jenkins-agent-erlang` (if you've build and pushed the container image locally) and specify this as the node when running builds. If you're using the template attached; the `role: jenkins-agent` is attached and Jenkins should automatically discover the agent for you. Further instructions can be found [here](https://docs.openshift.com/container-platform/3.7/using_images/other_images/jenkins.html#using-the-jenkins-kubernetes-plug-in-to-run-jobs). 21 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-rust/README.md: -------------------------------------------------------------------------------- 1 | # jenkins-agent-rust 2 | Provides a docker image of the rust runtime for use as a Jenkins agent. 3 | 4 | ## Build local 5 | `docker build -t jenkins-agent-rust .` 6 | 7 | ## Run local 8 | For local running and experimentation run `docker run -i -t jenkins-agent-rust /bin/bash` and have a play once inside the container. 9 | 10 | ## Build in OpenShift 11 | ```bash 12 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 13 | -p NAME=jenkins-agent-rust \ 14 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-rust \ 15 | | oc create -f - 16 | ``` 17 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 18 | 19 | ## Jenkins 20 | Add a new Kubernetes Container template called `jenkins-agent-rust` (if you've build and pushed the container image locally) and specify this as the node when running builds. If you're using the template attached; the `role: jenkins-agent` is attached and Jenkins should automatically discover the agent for you. Further instructions can be found [here](https://docs.openshift.com/container-platform/4.3/openshift_images/using_images/images-other-jenkins.html#images-other-jenkins-config-kubernetes_images-other-jenkins). 21 | -------------------------------------------------------------------------------- /sonarqube/sonar.properties: -------------------------------------------------------------------------------- 1 | sonar.log.console=true 2 | sonar.jdbc.username=${env:JDBC_USERNAME} 3 | sonar.jdbc.password=${env:JDBC_PASSWORD} 4 | sonar.jdbc.url=${env:JDBC_URL} 5 | sonar.forceAuthentication=${env:FORCE_AUTHENTICATION} 6 | sonar.authenticator.createUsers=${env:SONAR_AUTOCREATE_USERS} 7 | sonar.log.level=${env:SONAR_LOG_LEVEL} 8 | sonar.search.javaAdditionalOpts=${env:SONAR_SEARCH_JAVA_ADDITIONAL_OPTS} 9 | http.proxyHost=${env:PROXY_HOST} 10 | http.proxyPort=${env:PROXY_PORT} 11 | http.proxyUser=${env:PROXY_USER} 12 | http.proxyPassword=${env:PROXY_PASSWORD} 13 | sonar.security.realm=${env:LDAP_REALM} 14 | ldap.url=${env:LDAP_URL} 15 | ldap.bindDn=${env:LDAP_BINDDN} 16 | ldap.bindPassword=${env:LDAP_BINDPASSWD} 17 | ldap.contextFactoryClass=${env:LDAP_CONTEXTFACTORY} 18 | ldap.StartTLS=${env:LDAP_STARTTLS} 19 | ldap.authentication=${env:LDAP_AUTHENTICATION} 20 | ldap.user.baseDn=${env:LDAP_USER_BASEDN} 21 | ldap.user.request=${env:LDAP_USER_REQUEST} 22 | ldap.user.realNameAttribute=${env:LDAP_USER_REAL_NAME_ATTR} 23 | ldap.user.emailAttribute=${env:LDAP_USER_EMAIL_ATTR} 24 | ldap.group.baseDn=${env:LDAP_GROUP_BASEDN} 25 | ldap.group.request=${env:LDAP_GROUP_REQUEST} 26 | ldap.group.idAttribute=${env:LDAP_GROUP_ID_ATTR} 27 | kubernetes.service=https://${env:KUBERNETES_SERVICE_HOST}:${env:KUBERNETES_SERVICE_PORT}/ 28 | sonar.auth.openshift.isEnabled=true 29 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-image-mgmt/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/go-toolset:9.5-1745328278@sha256:8a634d63713a073d7a1e086a322e57b148eef9620834fc8266df63d9294dff1b AS builder 3 | 4 | SHELL ["/bin/bash", "-c"] 5 | 6 | USER root 7 | 8 | # renovate: datasource=github-releases depName=containers/skopeo 9 | ARG SKOPEO_VERSION=v1.18.0 10 | RUN curl -L "https://github.com/containers/skopeo/archive/${SKOPEO_VERSION}.tar.gz" -o /tmp/skopeo.tar.gz && \ 11 | tar -xzf /tmp/skopeo.tar.gz && \ 12 | mv skopeo-${SKOPEO_VERSION//v} /skopeo && \ 13 | pushd /skopeo && \ 14 | make BUILDTAGS=containers_image_openpgp DISABLE_DOCS=1 CGO_ENABLED=0 GO_DYN_FLAGS= 15 | 16 | USER 1001 17 | 18 | # Runnable 19 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 20 | 21 | LABEL name="redhat-cop/jenkins-agent-image-mgmt" \ 22 | io.k8s.display-name="Jenkins Agent Image Management" \ 23 | io.k8s.description="Image management tools on top of the jenkins agent base image" \ 24 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-image-mgmt" 25 | 26 | USER root 27 | 28 | RUN mkdir -p /etc/containers 29 | COPY --from=builder /skopeo/default-policy.json /etc/containers/policy.json 30 | COPY --from=builder /skopeo/bin/skopeo /usr/local/bin/skopeo 31 | 32 | USER 1001 33 | 34 | RUN skopeo --version 35 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-argocd/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | SHELL ["/bin/bash", "-c"] 5 | 6 | # renovate: datasource=github-releases depName=argoproj/argo-cd 7 | ARG ARGOCD_VERSION=v2.14.21 8 | # renovate: datasource=github-releases depName=mikefarah/yq 9 | ARG YQ_VERSION=v4.50.1 10 | 11 | RUN curl -L "https://github.com/argoproj/argo-cd/releases/download/${ARGOCD_VERSION}/argocd-linux-amd64" -o /usr/local/bin/argocd && \ 12 | chmod +x /usr/local/bin/argocd && \ 13 | argocd version --client 14 | 15 | RUN curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" -o /usr/local/bin/yq && \ 16 | chmod +x /usr/local/bin/yq && \ 17 | yq --version 18 | 19 | # Runnable 20 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.18 21 | 22 | LABEL name="redhat-cop/jenkins-agent-argocd" \ 23 | io.k8s.display-name="Jenkins Agent ArgoCD" \ 24 | io.k8s.description="The jenkins agent argocd." \ 25 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-argocd" 26 | 27 | COPY --from=builder /usr/local/bin/argocd /usr/local/bin/argocd 28 | COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq 29 | 30 | RUN argocd version --client && \ 31 | yq --version -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-zap/configuration/nexus-settings.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | nexus 6 | * 7 | http://nexus.ci.svc.cluster.local:8081/content/groups/public/ 8 | 9 | 10 | 11 | 12 | nexus 13 | 14 | 15 | 16 | 17 | central 18 | http://central 19 | true 20 | true 21 | 22 | 23 | 24 | 25 | central 26 | http://central 27 | true 28 | true 29 | 30 | 31 | 32 | 33 | 34 | 35 | nexus 36 | 37 | 38 | -------------------------------------------------------------------------------- /hoverfly/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | namespace: hoverfly 2 | app_name: hoverfly 3 | 4 | build: 5 | NAME: "{{ app_name }}" 6 | SOURCE_REPOSITORY_URL: https://github.com/redhat-cop/containers-quickstarts.git 7 | SOURCE_REPOSITORY_REF: master 8 | SOURCE_CONTEXT_DIR: hoverfly 9 | deploy: 10 | NAMESPACE: "{{ namespace }}" 11 | MEMORY_LIMIT: 2Gi 12 | HOVERFLY_IMAGE_STREAM_TAG: "{{ app_name }}:latest" 13 | 14 | openshift_cluster_content: 15 | - object: Environment Setup 16 | content: 17 | - name: Create Projects 18 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.16/project-requests/create-project.yml" 19 | action: create 20 | params_from_vars: 21 | NAMESPACE: "{{ namespace }}" 22 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 23 | tags: 24 | - project 25 | - object: Builds 26 | content: 27 | - name: hoverfly 28 | template: "{{ inventory_dir }}/../../build-docker-generic/.openshift/templates/docker-build-template.yml" 29 | params_from_vars: "{{ build }}" 30 | namespace: "{{ namespace }}" 31 | tags: 32 | - build 33 | - object: Deployments 34 | content: 35 | - name: hoverfly 36 | template: "{{ inventory_dir }}/../.openshift/templates/hoverfly-deployment-template.yml" 37 | params_from_vars: "{{ deploy }}" 38 | namespace: "{{ namespace }}" 39 | tags: 40 | - deploy 41 | -------------------------------------------------------------------------------- /hoverfly/README.md: -------------------------------------------------------------------------------- 1 | # 🦟 Hoverfly 2 | 3 | A simple container to run [hoverfly](https://hoverfly.readthedocs.io/en/latest/pages/reference/api/api.html). 4 | 5 | ## Usage 6 | 7 | ### Running in OpenShift 8 | 9 | [OpenShift Applier](https://github.com/redhat-cop/openshift-applier) 10 | 11 | Run the following to pull in applier: 12 | 13 | ``` 14 | ansible-galaxy install -r requirements.yml -p galaxy -f 15 | ``` 16 | 17 | Now, deploy to your openshift cluster: 18 | 19 | ``` 20 | oc login 21 | ansible-playbook -i .applier/ galaxy/openshift-applier/playbooks/openshift-cluster-seed.yml 22 | ``` 23 | 24 | ### Uploading Simulation Files in OpenShift 25 | 26 | `$ curl -X PUT /api/v2/simulation --upload-file ` 27 | 28 | See [the docs](https://docs.hoverfly.io/en/latest/pages/reference/api/api.html) for detail 29 | 30 | 31 | ### Running and Uploading in Docker 32 | 33 | Running in standalone docker is not an objective for this container. Look at [this issue](https://github.com/SpectoLabs/hoverfly/issues/675) in hoverfly or just [run the binary locally](https://docs.hoverfly.io/en/latest/pages/introduction/downloadinstallation.html) without a container. It's a Go binary, so it's easy. 34 | 35 | ### Runtime Environment Variables 36 | 37 | - `RUN_AS_WEBSERVER`: if set to any value, the hoverfly will start as a webserver. defaults to running as a proxy 38 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-helm/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Helm Agent 2 | 3 | This agent extends the base jenkins agent image and adds the helm binary. We can use this agent image in a Jenkins pipeline to perform helm operations in projects. 4 | 5 | ## Build in OpenShift 6 | ```bash 7 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 8 | -p NAME=jenkins-agent-helm \ 9 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-helm \ 10 | -p DOCKERFILE_PATH=Dockerfile \ 11 | | oc create -n openshift -f - 12 | ``` 13 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 14 | 15 | ## Note about ct 16 | `ct` (aka `Chart Testing`) is a tool for testing Helm charts in a monorepo. More information about this tool can be found at the project's [GitHub page](https://github.com/helm/chart-testing). 17 | 18 | When using `ct`, you may encounter the following error in a multibranch pipeline job: 19 | ``` 20 | Error linting charts: Error identifying charts to process: Error running process: exit status 128 21 | ``` 22 | 23 | Follow [this GitHub issue](https://github.com/helm/chart-testing/issues/186#issuecomment-615995590) if you run into this error. This is caused by shallow cloning, which should be disabled to fix this error. 24 | -------------------------------------------------------------------------------- /ubi7-gitlab-runner/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi7 2 | 3 | LABEL maintainer="Red Hat Services" 4 | 5 | ENV HOME /home/gitlab-runner 6 | WORKDIR /home/gitlab-runner 7 | 8 | ARG DUMB_INIT_VERSION=1.0.2 9 | 10 | # add user 11 | RUN adduser --create-home --user-group gitlab-runner \ 12 | && chgrp -Rf root $HOME \ 13 | && chmod -Rf g+w $HOME \ 14 | && chmod g+w /etc/passwd 15 | 16 | RUN update-ca-trust 17 | 18 | # Update image 19 | RUN yum update -y && rm -rf /var/cache/yum 20 | 21 | # Add GitLab’s official repository 22 | RUN curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh | bash 23 | 24 | # Install packages 25 | RUN yum install -y \ 26 | gitlab-runner \ 27 | wget \ 28 | && yum clean all 29 | 30 | # install dumb-init 31 | RUN wget -nv https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VERSION}/dumb-init_${DUMB_INIT_VERSION}_amd64 -O /usr/bin/dumb-init && \ 32 | chmod +x /usr/bin/dumb-init && \ 33 | dumb-init --version 34 | 35 | # install entrypoint 36 | COPY entrypoint / 37 | RUN chmod +x /entrypoint \ 38 | && chown gitlab-runner /entrypoint 39 | 40 | USER gitlab-runner 41 | 42 | STOPSIGNAL SIGQUIT 43 | VOLUME ["/etc/gitlab-runner", "/home/gitlab-runner"] 44 | ENTRYPOINT ["/usr/bin/dumb-init", "/entrypoint"] 45 | CMD ["run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner"] 46 | -------------------------------------------------------------------------------- /mongodb/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | namespace: mongodb 3 | 4 | openshift_cluster_content: 5 | - object: Environment Setup 6 | content: 7 | - name: Create Projects 8 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.12/project-requests/create-project.yml" 9 | action: create 10 | params_from_vars: 11 | NAMESPACE: "{{ namespace }}" 12 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 13 | tags: 14 | - project 15 | - object: deployments 16 | content: 17 | - name: deploy MongoDB config servers 18 | template: "{{ inventory_dir }}/../.openshift/templates/configsvr.yml" 19 | params: "{{ inventory_dir }}/../.openshift/params/configsvr" 20 | namespace: "{{ namespace }}" 21 | - name: deploy MongoDB replicaset abc 22 | template: "{{ inventory_dir }}/../.openshift/templates/replset.yml" 23 | params: "{{ inventory_dir }}/../.openshift/params/replset-abc" 24 | namespace: "{{ namespace }}" 25 | - name: deploy MongoDB replicaset def 26 | template: "{{ inventory_dir }}/../.openshift/templates/replset.yml" 27 | params: "{{ inventory_dir }}/../.openshift/params/replset-def" 28 | namespace: "{{ namespace }}" 29 | - name: deploy MongoDB shard router 30 | template: "{{ inventory_dir }}/../.openshift/templates/mongos.yml" 31 | params: "{{ inventory_dir }}/../.openshift/params/mongos" 32 | namespace: "{{ namespace }}" 33 | -------------------------------------------------------------------------------- /utilities/ubi8-git/.openshift/bc-ubi8-git.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | labels: 5 | template: ubi8-git 6 | metadata: 7 | annotations: 8 | description: Git utility image 9 | tags: git, ubi8 10 | name: ubi8-git 11 | objects: 12 | - apiVersion: build.openshift.io/v1 13 | kind: BuildConfig 14 | metadata: 15 | name: "ubi8-git" 16 | spec: 17 | output: 18 | to: 19 | kind: "ImageStreamTag" 20 | name: "ubi8-git:latest" 21 | source: 22 | contextDir: "${CONTEXT_DIR}" 23 | git: 24 | uri: "${SOURCE_REPOSITORY_URL}" 25 | ref: "${SOURCE_REPOSITORY_REF}" 26 | strategy: 27 | dockerStrategy: 28 | dockerfilePath: Dockerfile 29 | resources: 30 | requests: 31 | cpu: 1 32 | memory: "512Mi" 33 | limits: 34 | cpu: 2 35 | memory: "1Gi" 36 | - apiVersion: image.openshift.io/v1 37 | kind: ImageStream 38 | metadata: 39 | name: ubi8-git 40 | spec: 41 | lookupPolicy: 42 | local: true 43 | parameters: 44 | - description: Path within Git repository to build; empty for root of repository 45 | name: CONTEXT_DIR 46 | value: gitlab-runners/ubi8-git 47 | - description: Git branch/tag reference 48 | name: SOURCE_REPOSITORY_REF 49 | value: master 50 | - description: Git source URL for application 51 | name: SOURCE_REPOSITORY_URL 52 | required: true 53 | value: https://github.com/redhat-cop/containers-quickstarts 54 | -------------------------------------------------------------------------------- /gitlab-ce/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | namespace: gitlab 3 | app_name: gitlab 4 | base_openshift_url: myocpcluster.com 5 | 6 | app_params: 7 | LDAP_BIND_DN: "uid: john.doe,ou: People,dc: example,dc: com" 8 | LDAP_USER_FILTER: "(memberof: CN: YourGroup,OU: Users,DC: YourDomain,DC: com)" 9 | LDAP_PASSWORD: secretpassword 10 | APPLICATION_HOSTNAME: "{{ app_name }}.apps.{{ base_openshift_url }}" 11 | LDAP_LABEL: "My Company LDAP" 12 | LDAP_HOST: myldaphost 13 | LDAP_PORT: 636 14 | LDAP_BASE: "ou: People,dc: example,dc: com" 15 | ETC_VOL_SIZE: 100Mi 16 | GITLAB_DATA_VOL_SIZE: 5Gi 17 | POSTGRESQL_VOL_SIZE: 5Gi 18 | GITLAB_ROOT_PASSWORD: secretpassword 19 | NAMESPACE: "{{ namespace }}" 20 | SSL_CERTIFICATE: "" 21 | SSL_KEY: "" 22 | 23 | 24 | openshift_cluster_content: 25 | - object: Environment Setup 26 | content: 27 | - name: Create Projects 28 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.12/project-requests/create-project.yml" 29 | action: create 30 | params_from_vars: 31 | NAMESPACE: "{{ namespace }}" 32 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 33 | tags: 34 | - project 35 | 36 | - object: deployments 37 | content: 38 | - name: gitlab 39 | template: "{{ inventory_dir }}/../.openshift/templates/gitlab-ssl.yml" 40 | params_from_vars: "{{ app_params }}" 41 | namespace: "{{ namespace }}" 42 | -------------------------------------------------------------------------------- /s2i-mvn-gradle/test/test-app-maven/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework 7 | gs-spring-boot-docker 8 | 0.1.0 9 | 10 | 11 | org.springframework.boot 12 | spring-boot-starter-parent 13 | 1.2.5.RELEASE 14 | 15 | 16 | 17 | 1.8 18 | 19 | 20 | 21 | 22 | org.springframework.boot 23 | spring-boot-starter-web 24 | 25 | 26 | org.springframework.boot 27 | spring-boot-starter-test 28 | test 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | org.springframework.boot 37 | spring-boot-maven-plugin 38 | 39 | 40 | 41 | 42 | 43 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-python/README.md: -------------------------------------------------------------------------------- 1 | # jenkins-agent-python 2 | Provides a docker image of the python runtime for use as a Jenkins agent. 3 | 4 | ## Build local 5 | `docker build -t jenkins-agent-python .` 6 | 7 | ## Run local 8 | For local running and experimentation run `docker run -i -t jenkins-agent-python /bin/bash` and have a play once inside the container. 9 | 10 | ## Build in OpenShift 11 | ```bash 12 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 13 | -p NAME=jenkins-agent-python \ 14 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-python \ 15 | -p DOCKERFILE_PATH=Dockerfile \ 16 | | oc create -f - 17 | ``` 18 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 19 | 20 | ## Jenkins 21 | Add a new Kubernetes Container template called `jenkins-agent-python` (if you've build and pushed the container image locally) and specify this as the node when running builds. If you're using the template attached; the `role: jenkins-agent` is attached and Jenkins should automatically discover the agent for you. Further instructions can be found [here](https://docs.openshift.com/container-platform/3.7/using_images/other_images/jenkins.html#using-the-jenkins-kubernetes-plug-in-to-run-jobs). Python installation commands are slightly modified from the SCL versions, which can be found [here](https://github.com/sclorg/s2i-python-container/tree/master/3.6). 22 | -------------------------------------------------------------------------------- /rabbitmq/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | namespace: rabbitmq 3 | repository_ref: master 4 | repository_url: https://github.com/redhat-cop/containers-quickstarts 5 | 6 | build: 7 | SOURCE_REPOSITORY_REF: "{{ repository_ref }}" 8 | SOURCE_REPOSITORY_URL: "{{ repository_url }}" 9 | 10 | openshift_cluster_content: 11 | - object: Environment Setup 12 | content: 13 | - name: Create Projects 14 | template: "https://raw.githubusercontent.com/redhat-cop/openshift-templates/v1.4.12/project-requests/create-project.yml" 15 | action: create 16 | params_from_vars: 17 | NAMESPACE: "{{ namespace }}" 18 | NAMESPACE_DISPLAY_NAME: "{{ namespace }}" 19 | tags: 20 | - project 21 | - object: imagestream 22 | content: 23 | - name: ubi7 24 | file: "{{ inventory_dir }}/../.openshift/templates/imagestreams/images.yml" 25 | namespace: "{{ namespace }}" 26 | - object: builds 27 | content: 28 | - name: rabbitmq 29 | namespace: "{{ namespace }}" 30 | template: "{{ inventory_dir }}/../.openshift/templates/builds/template.yml" 31 | params_from_vars: "{{ build }}" 32 | - object: configmap 33 | content: 34 | - name: rabbitmq_conf 35 | namespace: "{{ namespace }}" 36 | file: "{{ inventory_dir }}/../.openshift/templates/configmaps/config.yml" 37 | - object: deployments 38 | content: 39 | - name: rabbitmq 40 | namespace: "{{ namespace }}" 41 | template: "{{ inventory_dir }}/../.openshift/templates/deployments/template.yml" 42 | params: "{{ inventory_dir }}/../.openshift/params/deploy" 43 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-helm-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-helm-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-helm/** 7 | - .github/workflows/jenkins-agent-helm-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-helm 16 | image_name: jenkins-agent-helm 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-hugo-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-hugo-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-hugo/** 7 | - .github/workflows/jenkins-agent-hugo-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-hugo 16 | image_name: jenkins-agent-hugo 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-argocd-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-argocd-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-argocd/** 7 | - .github/workflows/jenkins-agent-argocd-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-argocd 16 | image_name: jenkins-agent-argocd 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-cosign-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-cosign-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-cosign/** 7 | - .github/workflows/jenkins-agent-cosign-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-cosign 16 | image_name: jenkins-agent-cosign 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-erlang-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-erlang-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-erlang/** 7 | - .github/workflows/jenkins-agent-erlang-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-erlang 16 | image_name: jenkins-agent-erlang 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-mongodb-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-mongodb-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-mongodb/** 7 | - .github/workflows/jenkins-agent-mongodb-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-mongodb 16 | image_name: jenkins-agent-mongodb 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-conftest-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-conftest-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-conftest/** 7 | - .github/workflows/jenkins-agent-conftest-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-conftest 16 | image_name: jenkins-agent-conftest 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | 25 | - name: Log into ghcr.io 26 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 27 | with: 28 | username: ${{ github.repository_owner }} 29 | password: ${{ secrets.GITHUB_TOKEN }} 30 | registry: ghcr.io 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: "latest" 41 | 42 | - name: Test image 43 | run: | 44 | echo "Testing ${{ env.image_name }}" 45 | ./_test/kind/setup.sh ${{ env.image_name }} 46 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-mvn-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-mvn-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-mvn/** 7 | - .github/workflows/jenkins-agent-mvn-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-mvn 16 | image_name: jenkins-agent-mvn 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-npm-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-npm-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-npm/** 7 | - .github/workflows/jenkins-agent-npm-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-npm 16 | image_name: jenkins-agent-npm 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-arachni/README.md: -------------------------------------------------------------------------------- 1 | # jenkins-agent-arachni 2 | Provides a docker image of the arachni security tool with an additional reporter for generating xunit reports. These can be parsed into test results for failing builds using JUnit parser in Bamboo and Jenkins. 3 | 4 | ## Build 5 | `docker build -t jenkins-agent-arachni .` 6 | 7 | ## Build in OpenShift 8 | ```bash 9 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 10 | -p NAME=jenkins-agent-arachni \ 11 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-arachni \ 12 | | oc create -f - 13 | ``` 14 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 15 | 16 | ## Run 17 | For local running and experimentation run `docker run -i -t --rm jenkins-agent-arachni /bin/bash` and have a play once inside the container. `/arachni` is where the product is and `/arachni/bin/arachni` for the binary 18 | 19 | ## Jenkins running 20 | Creates a HTML web report and `report.xml` once website has been scanned which can be consumed by Jenkins. Add a new Kubernetes Container template called `jenkins-agent-arachni` and specify this as the node when running builds 21 | 22 | ```bash 23 | /arachni/bin/arachni ${URL_TO_TEST} --report-save-path=arachni-report.afr 24 | /arachni/bin/arachni_reporter arachni-report.afr --reporter=xunit:outfile=report.xml --reporter=html:outfile=web-report.zip 25 | unzip web-report.zip -d arachni-web-report 26 | ``` 27 | -------------------------------------------------------------------------------- /ubi7-gitlab-runner/.openshift/bc-ubi7-gitlab-runner.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | labels: 5 | template: ubi7-gitlab-runner 6 | metadata: 7 | annotations: 8 | description: GitLab Runner built on UBI7 designed to run on OpenShift. 9 | tags: git, ubi7 10 | name: ubi7-gitlab-runner 11 | objects: 12 | - apiVersion: build.openshift.io/v1 13 | kind: BuildConfig 14 | metadata: 15 | name: "ubi7-gitlab-runner" 16 | spec: 17 | output: 18 | to: 19 | kind: "ImageStreamTag" 20 | name: "ubi7-gitlab-runner:latest" 21 | source: 22 | contextDir: "${CONTEXT_DIR}" 23 | git: 24 | uri: "${SOURCE_REPOSITORY_URL}" 25 | ref: "${SOURCE_REPOSITORY_REF}" 26 | strategy: 27 | dockerStrategy: 28 | dockerfilePath: Dockerfile 29 | resources: 30 | requests: 31 | cpu: 1 32 | memory: "512Mi" 33 | limits: 34 | cpu: 2 35 | memory: "1Gi" 36 | - apiVersion: image.openshift.io/v1 37 | kind: ImageStream 38 | metadata: 39 | name: ubi7-gitlab-runner 40 | spec: 41 | lookupPolicy: 42 | local: true 43 | parameters: 44 | - description: Path within Git repository to build; empty for root of repository 45 | name: CONTEXT_DIR 46 | value: ubi7-gitlab-runner 47 | - description: Git branch/tag reference 48 | name: SOURCE_REPOSITORY_REF 49 | value: master 50 | - description: Git source URL for application 51 | name: SOURCE_REPOSITORY_URL 52 | required: true 53 | value: https://github.com/redhat-cop/containers-quickstarts 54 | -------------------------------------------------------------------------------- /renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json", 3 | "extends": [ 4 | "config:best-practices", 5 | "customManagers:dockerfileVersions", 6 | "schedule:earlyMondays" 7 | ], 8 | "ignorePaths": [ 9 | "**/build-docker-generic/**", 10 | "**/build-s2i-executable/**", 11 | "**/build-s2i-gows/**", 12 | "**/build-s2i-jekyll/**", 13 | "**/build-s2i-liberty/**", 14 | "**/build-s2i-python-kopf/**", 15 | "**/cert-manager-configs/**", 16 | "**/deprecated/**", 17 | "**/github-runner-ubi8/**", 18 | "**/gitlab-ce/**", 19 | "**/gogs/**", 20 | "**/hoverfly/**", 21 | "**/hygieia/**", 22 | "**/jenkins-agents/jenkins-agent-arachni/**", 23 | "**/jenkins-agents/jenkins-agent-zap/**", 24 | "**/jenkins-masters/**", 25 | "**/mongodb/**", 26 | "**/ocp4-logging/**", 27 | "**/rabbitmq/**", 28 | "**/s2i-mvn-gradle/**", 29 | "**/sonarqube/**", 30 | "**/tower-ocp-custom/**", 31 | "**/ubi7-gitlab-runner/**", 32 | "**/zalenium/**" 33 | ], 34 | "customManagers": [ 35 | { 36 | "customType": "regex", 37 | "managerFilePatterns": [ 38 | "/^.+\\/VERSION$/", 39 | "/_test/kind/setup.sh/" 40 | ], 41 | "matchStrings": [ 42 | "# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (?:lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[^\\s]+?))?(?: extractVersion=(?[^\\s]+?))?\\s+[A-Za-z0-9_]+?_VERSION=(?.+?)?\\s" 43 | ] 44 | } 45 | ] 46 | } 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-ruby-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-ruby-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-ruby/** 7 | - .github/workflows/jenkins-agent-ruby-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-ruby 16 | image_name: jenkins-agent-ruby 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-rust-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-rust-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-rust/** 7 | - .github/workflows/jenkins-agent-rust-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-rust 16 | image_name: jenkins-agent-rust 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-golang-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-golang-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-golang/** 7 | - .github/workflows/jenkins-agent-golang-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-golang 16 | image_name: jenkins-agent-golang 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-gradle-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-gradle-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-gradle/** 7 | - .github/workflows/jenkins-agent-gradle-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-gradle 16 | image_name: jenkins-agent-gradle 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-ansible-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-ansible-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-ansible/** 7 | - .github/workflows/jenkins-agent-ansible-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-ansible 16 | image_name: jenkins-agent-ansible 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-graalvm-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: jenkins-agent-graalvm-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - jenkins-agents/jenkins-agent-graalvm/** 7 | - .github/workflows/jenkins-agent-graalvm-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: jenkins-agents/jenkins-agent-graalvm 16 | image_name: jenkins-agent-graalvm 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 22 | with: 23 | dockerfile: ${{ env.context }}/Dockerfile 24 | ignore: DL3041 25 | 26 | - name: Log into ghcr.io 27 | uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1 28 | with: 29 | username: ${{ github.repository_owner }} 30 | password: ${{ secrets.GITHUB_TOKEN }} 31 | registry: ghcr.io 32 | 33 | - name: Build image 34 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 35 | with: 36 | context: ${{ env.context }} 37 | dockerfiles: | 38 | ./${{ env.context }}/Dockerfile 39 | image: ${{ env.image_name }} 40 | oci: true 41 | tags: "latest" 42 | 43 | - name: Test image 44 | run: | 45 | echo "Testing ${{ env.image_name }}" 46 | ./_test/kind/setup.sh ${{ env.image_name }} 47 | -------------------------------------------------------------------------------- /.github/workflows/tookbox-pr.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: toolbox-pr 3 | on: 4 | pull_request: 5 | paths: 6 | - tool-box/** 7 | - .github/workflows/toolbox-pr.yaml 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build: 14 | env: 15 | context: tool-box 16 | image_name: toolbox 17 | runs-on: ubuntu-latest 18 | steps: 19 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 20 | 21 | - name: Check and verify version.json 22 | id: check_version 23 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 24 | with: 25 | IMAGE_CONTEXT_DIR: ${{ env.context }} 26 | 27 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 28 | with: 29 | dockerfile: ${{ env.context }}/Dockerfile 30 | ignore: DL3041,SC2174 31 | 32 | - name: Build image 33 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 34 | with: 35 | context: ${{ env.context }} 36 | dockerfiles: | 37 | ./${{ env.context }}/Dockerfile 38 | image: ${{ env.image_name }} 39 | oci: true 40 | tags: ${{ steps.check_version.outputs.VERSION }} 41 | 42 | - name: Test image contains helm 43 | run: | 44 | echo "Running: podman run ${image_name}:${{ steps.check_version.outputs.VERSION }} helm version" 45 | podman run ${image_name}:${{ steps.check_version.outputs.VERSION }} helm version 46 | -------------------------------------------------------------------------------- /.github/workflows/ubi8-git-pr.yaml: -------------------------------------------------------------------------------- 1 | name: ubi8-git-pr 2 | on: 3 | pull_request: 4 | paths: 5 | - utilities/ubi8-git/** 6 | - .github/workflows/ubi8-git-pr.yaml 7 | 8 | # Declare default permissions as read only. 9 | permissions: read-all 10 | 11 | jobs: 12 | build: 13 | env: 14 | context: utilities/ubi8-git 15 | image_name: ubi8-git 16 | runs-on: ubuntu-latest 17 | steps: 18 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 19 | 20 | - name: Check and verify version.json 21 | id: check_version 22 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 23 | with: 24 | IMAGE_CONTEXT_DIR: ${{ env.context }} 25 | 26 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 27 | with: 28 | dockerfile: ${{ env.context }}/Dockerfile 29 | ignore: DL3041 30 | 31 | - name: Build image 32 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 33 | with: 34 | context: ${{ env.context }} 35 | dockerfiles: | 36 | ./${{ env.context }}/Dockerfile 37 | image: ${{ env.image_name }} 38 | oci: true 39 | tags: ${{ steps.check_version.outputs.IMAGE_TAGS }} 40 | 41 | - name: Test image 42 | run: | 43 | echo "Running: podman run ${image_name}:${{ steps.check_version.outputs.VERSION }} git --version" 44 | podman run ${image_name}:${{ steps.check_version.outputs.VERSION }} git --version 45 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-mongodb/README.md: -------------------------------------------------------------------------------- 1 | # jenkins-agent-mongodb 2 | Provides a docker image of the mongodb cli for use as a Jenkins agent. This can be used to admin MongoDB collections, import seed data etc as part of Jenkins build / pipeline 3 | 4 | ## Build 5 | `docker build -t jenkins-agent-mongodb .` 6 | 7 | ## Run 8 | For local running and experimentation run `docker run -i -t jenkins-agent-mongodb /bin/bash` and have a play once inside the container. 9 | 10 | ## Build in OpenShift 11 | ```bash 12 | oc process -f ../../.openshift/templates/jenkins-agent-generic-template.yml \ 13 | -p NAME=jenkins-agent-mongodb \ 14 | -p SOURCE_CONTEXT_DIR=jenkins-agents/jenkins-agent-mongodb \ 15 | | oc create -f - 16 | ``` 17 | For all params see the list in the `../../.openshift/templates/jenkins-agent-generic-template.yml` or run `oc process --parameters -f ../../.openshift/templates/jenkins-agent-generic-template.yml`. 18 | 19 | ## Jenkins Running 20 | Add a new Kubernetes Container template called `jenkins-agent-mongodb` and specify this as the node when running builds. Eg below for adding a new collection to a mongodb in OCP. NOTE: you may have to [connect the networks](https://docs.openshift.com/container-platform/3.11/admin_guide/managing_networking.html#joining-project-networks) if deploying to a namespace outside where the Agent container is running. 21 | ``` 22 | mongoimport --db ${PROJECT_NAMESPACE} --collection ${COLLECTION_NAME} --drop --file ${COLLECTION_NAME}.json --jsonArray --username=${MONGODB_USERNAME} --password=${MONGODB_PASSWORD} --host=mongodb.${PROJECT_NAMESPACE}.svc.cluster.local:27017 23 | ``` 24 | -------------------------------------------------------------------------------- /utilities/ubi8-bats/buildah.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | 5 | BATS_VERSION=1.2.1 6 | HELM_VERSION=3.5.2 7 | JQ_VERSION=1.6 8 | OC_VERSION=4.7 9 | YQ_VERSION=3.4.1 10 | 11 | container=$(buildah from registry.access.redhat.com/ubi8/ubi-minimal) 12 | buildah config --label io.k8s.description="OCP Bats" --label io.k8s.display-name="OCP Bats" $container 13 | buildah run $container -- bash -c 'microdnf install -y gzip tar ncurses && microdnf clean all' 14 | buildah run $container -- bash -c "curl -L https://github.com/bats-core/bats-core/archive/v${BATS_VERSION}.tar.gz | tar -C /tmp -xzf - && /tmp/bats-core-${BATS_VERSION}/install.sh /opt/bats && rm -rf /tmp/bats-core-${BATS_VERSION} && ln -s /opt/bats/bin/bats /usr/local/bin/bats" 15 | buildah run $container -- bash -c "curl -Lo /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && chmod +x /usr/local/bin/jq" 16 | buildah run $container -- bash -c "curl -L https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz | tar --strip-components=1 -C /usr/local/bin -xzf - linux-amd64/helm" 17 | buildah run $container -- bash -c "curl -Lo /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 && chmod +x /usr/local/bin/yq" 18 | buildah run $container -- bash -c "curl -L http://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable-${OC_VERSION}/openshift-client-linux.tar.gz | tar -C /usr/local/bin -xzf -" 19 | buildah run $container -- mkdir -p /code 20 | buildah config --user 1001:0 --workingdir /code --entrypoint '["bats"]' $container 21 | 22 | buildah commit $container ubi8-bats:v${BATS_VERSION} 23 | -------------------------------------------------------------------------------- /deprecated/motepair/templates/deploymentconfig.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps.openshift.io/v1 2 | kind: DeploymentConfig 3 | metadata: 4 | labels: 5 | app: motepair-server 6 | name: motepair-server 7 | spec: 8 | replicas: 1 9 | revisionHistoryLimit: 10 10 | selector: 11 | app: motepair-server 12 | strategy: 13 | activeDeadlineSeconds: 21600 14 | resources: {} 15 | rollingParams: 16 | intervalSeconds: 1 17 | maxSurge: 25% 18 | maxUnavailable: 25% 19 | timeoutSeconds: 600 20 | updatePeriodSeconds: 1 21 | type: Rolling 22 | template: 23 | metadata: 24 | creationTimestamp: null 25 | labels: 26 | app: motepair-server 27 | spec: 28 | containers: 29 | - image: "image-registry.openshift-image-registry.svc:5000/{{ .Release.Namespace }}/motepair-server:latest" 30 | imagePullPolicy: Always 31 | name: motepair-server 32 | ports: 33 | - containerPort: 3000 34 | protocol: TCP 35 | resources: {} 36 | terminationMessagePath: /dev/termination-log 37 | terminationMessagePolicy: File 38 | dnsPolicy: ClusterFirst 39 | restartPolicy: Always 40 | schedulerName: default-scheduler 41 | securityContext: {} 42 | terminationGracePeriodSeconds: 30 43 | test: false 44 | triggers: 45 | - type: ConfigChange 46 | - type: ImageChange 47 | imageChangeParams: 48 | automatic: true 49 | containerNames: 50 | - motepair-server 51 | from: 52 | kind: ImageStreamTag 53 | namespace: "{{ .Release.Namespace }}" 54 | name: 'motepair-server:latest' 55 | -------------------------------------------------------------------------------- /.github/workflows/toolbox-publish.yaml: -------------------------------------------------------------------------------- 1 | name: toolbox-publish 2 | on: 3 | push: 4 | paths: 5 | - tool-box/** 6 | - .github/workflows/toolbox-publish.yaml 7 | 8 | # Declare default permissions as read only. 9 | permissions: read-all 10 | 11 | jobs: 12 | build: 13 | env: 14 | context: tool-box 15 | image_name: tool-box 16 | runs-on: ubuntu-latest 17 | permissions: 18 | packages: write 19 | steps: 20 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 21 | 22 | - name: Get image tags 23 | id: image_tags 24 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 25 | with: 26 | IMAGE_CONTEXT_DIR: ${{ env.context }} 27 | 28 | - name: Build image 29 | id: build_image 30 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 31 | with: 32 | context: ${{ env.context }} 33 | dockerfiles: | 34 | ./${{ env.context }}/Dockerfile 35 | image: ${{ env.image_name }} 36 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 37 | 38 | - name: Push to ghcr.io 39 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 40 | if: ${{ !contains(github.ref, 'renovate') }} 41 | with: 42 | image: ${{ steps.build_image.outputs.image }} 43 | registry: ghcr.io/${{ github.repository }} 44 | username: ${{ github.repository_owner }} 45 | password: ${{ secrets.GITHUB_TOKEN }} 46 | tags: ${{ steps.build_image.outputs.tags }} 47 | -------------------------------------------------------------------------------- /rabbitmq/chart/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "chart.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "chart.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "chart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "chart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /utilities/ubi8-google-api-python-client/.openshift/bc-ubi8-google-api-python-client.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | labels: 5 | template: ubi8-google-api-python-client 6 | metadata: 7 | annotations: 8 | description: google-api-python-client utility image 9 | tags: git, ubi8 10 | name: ubi8-google-api-python-client 11 | objects: 12 | - apiVersion: build.openshift.io/v1 13 | kind: BuildConfig 14 | metadata: 15 | name: "ubi8-google-api-python-client" 16 | spec: 17 | output: 18 | to: 19 | kind: "ImageStreamTag" 20 | name: "ubi8-google-api-python-client:latest" 21 | source: 22 | contextDir: "${CONTEXT_DIR}" 23 | git: 24 | uri: "${SOURCE_REPOSITORY_URL}" 25 | ref: "${SOURCE_REPOSITORY_REF}" 26 | strategy: 27 | dockerStrategy: 28 | dockerfilePath: Dockerfile 29 | resources: 30 | requests: 31 | cpu: 1 32 | memory: "512Mi" 33 | limits: 34 | cpu: 2 35 | memory: "1Gi" 36 | - apiVersion: image.openshift.io/v1 37 | kind: ImageStream 38 | metadata: 39 | name: ubi8-google-api-python-client 40 | spec: 41 | lookupPolicy: 42 | local: true 43 | parameters: 44 | - description: Path within Git repository to build; empty for root of repository 45 | name: CONTEXT_DIR 46 | value: gitlab-runners/ubi8-google-api-python-client 47 | - description: Git branch/tag reference 48 | name: SOURCE_REPOSITORY_REF 49 | value: master 50 | - description: Git source URL for application 51 | name: SOURCE_REPOSITORY_URL 52 | required: true 53 | value: https://github.com/redhat-cop/containers-quickstarts 54 | -------------------------------------------------------------------------------- /utilities/ubi8-asciidoctor/.openshift/bc-ubi8-asciidoctor.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | labels: 5 | template: ubi8-asciidoctor 6 | metadata: 7 | labels: 8 | app.kubernetes.io/name: ubi8-asciidoctor 9 | app.kubernetes.io/version: "1.2.0" 10 | annotations: 11 | description: asciidoctor utility image 12 | tags: asciidoctor, ubi8 13 | name: ubi8-asciidoctor 14 | objects: 15 | - apiVersion: build.openshift.io/v1 16 | kind: BuildConfig 17 | metadata: 18 | name: "ubi8-asciidoctor" 19 | spec: 20 | output: 21 | to: 22 | kind: "ImageStreamTag" 23 | name: "ubi8-asciidoctor:latest" 24 | source: 25 | contextDir: "${CONTEXT_DIR}" 26 | git: 27 | uri: "${SOURCE_REPOSITORY_URL}" 28 | ref: "${SOURCE_REPOSITORY_REF}" 29 | strategy: 30 | dockerStrategy: 31 | dockerfilePath: Dockerfile 32 | resources: 33 | requests: 34 | cpu: 1 35 | memory: "512Mi" 36 | limits: 37 | cpu: 2 38 | memory: "1Gi" 39 | - apiVersion: image.openshift.io/v1 40 | kind: ImageStream 41 | metadata: 42 | name: ubi8-asciidoctor 43 | spec: 44 | lookupPolicy: 45 | local: true 46 | parameters: 47 | - description: Path within Git repository to build; empty for root of repository 48 | name: CONTEXT_DIR 49 | value: gitlab-runners/ubi8-asciidoctor 50 | - description: Git branch/tag reference 51 | name: SOURCE_REPOSITORY_REF 52 | value: master 53 | - description: Git source URL for application 54 | name: SOURCE_REPOSITORY_URL 55 | required: true 56 | value: https://github.com/redhat-cop/containers-quickstarts 57 | 58 | -------------------------------------------------------------------------------- /jenkins-masters/hygieia-plugin/.applier/group_vars/seed-hosts.yml: -------------------------------------------------------------------------------- 1 | namespace: jenkins-hygieia 2 | hygieia_url: 3 | hygieia_token: 4 | source_code_url: https://github.com/redhat-cop/containers-quickstarts.git 5 | source_code_ref: master 6 | jenkins_memory_limit: 1024Mi 7 | 8 | openshift_cluster_content: 9 | - object: Environment Setup 10 | content: 11 | - name: Create Projects 12 | template: "{{ inventory_dir }}/../.openshift/projects/projects.yml" 13 | action: create 14 | params_from_vars: 15 | NAMESPACE: "{{ namespace }}" 16 | tags: 17 | - project 18 | - object: Builds 19 | content: 20 | - name: Hygieia Jenkins Plugin 21 | template: "{{ inventory_dir }}/../.openshift/templates/hygieia-plugin.yml" 22 | namespace: "{{ namespace }}" 23 | tags: 24 | - build 25 | - build-hygieia-plugin 26 | - name: Jenkins Master Image 27 | template: "{{ inventory_dir }}/../.openshift/templates/jenkins-s2i.yml" 28 | params_from_vars: 29 | SOURCE_CODE_URL: "{{ source_code_url }}" 30 | SOURCE_CODE_REF: "{{ source_code_ref }}" 31 | namespace: "{{ namespace }}" 32 | tags: 33 | - build 34 | - build-jenkins 35 | - object: Deployments 36 | content: 37 | - name: Demo Jenkins Master 38 | template: "{{ inventory_dir }}/../.openshift/templates/jenkins-ephemeral.yml" 39 | namespace: "{{ namespace }}" 40 | params_from_vars: 41 | JENKINS_IMAGE_STREAM_TAG: jenkins2-s2i:latest 42 | NAMESPACE: "{{ namespace }}" 43 | HYGIEIA_API_URL: "{{ hygieia_url }}" 44 | HYGIEIEA_API_TOKEN: "{{ hygieia_token }}" 45 | MEMORY_LIMIT: "{{ jenkins_memory_limit }}" 46 | tags: 47 | - deploy 48 | -------------------------------------------------------------------------------- /jenkins-agents/jenkins-agent-conftest/Dockerfile: -------------------------------------------------------------------------------- 1 | # Builder 2 | FROM registry.access.redhat.com/ubi9/ubi:9.5-1745854298@sha256:f4ebd46d3ba96feb016d798009e1cc2404c3a4ebdac8b2479a2ac053e59f41b4 AS builder 3 | 4 | SHELL ["/bin/bash", "-c"] 5 | 6 | # renovate: datasource=github-releases depName=open-policy-agent/conftest 7 | ARG CONFTEST_VERSION=v0.59.0 8 | RUN curl -L "https://github.com/open-policy-agent/conftest/releases/download/${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION//v}_Linux_x86_64.tar.gz" -o /tmp/conftest.tar.gz && \ 9 | tar -xzf /tmp/conftest.tar.gz && \ 10 | mv conftest /usr/local/bin/conftest && \ 11 | conftest --version 12 | 13 | # Runnable 14 | FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent-python:v4.18 15 | 16 | LABEL name="redhat-cop/jenkins-agent-conftest" \ 17 | io.k8s.display-name="Jenkins Agent Conftest" \ 18 | io.k8s.description="The jenkins agent conftest." \ 19 | com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-conftest" 20 | 21 | SHELL ["/bin/bash", "-c"] 22 | 23 | # renovate: datasource=github-releases depName=bats-core/bats-core 24 | ARG BATS_VERSION=v1.11.1 25 | 26 | USER root 27 | 28 | COPY --from=builder /usr/local/bin/conftest /usr/local/bin/conftest 29 | 30 | COPY requirements.txt /requirements.txt 31 | RUN pip3.11 install --no-cache-dir -r /requirements.txt && \ 32 | curl -L "https://github.com/bats-core/bats-core/archive/${BATS_VERSION}.tar.gz" -o /tmp/bats.tar.gz && \ 33 | tar -C /tmp -xzf /tmp/bats.tar.gz && \ 34 | "/tmp/bats-core-${BATS_VERSION//v}/install.sh" /usr/local 35 | 36 | USER 1001 37 | 38 | RUN yq --version && \ 39 | bats --version && \ 40 | conftest --version -------------------------------------------------------------------------------- /.github/workflows/ubi8-bats-pr.yaml: -------------------------------------------------------------------------------- 1 | name: ubi8-bats-pr 2 | on: 3 | pull_request: 4 | paths: 5 | - utilities/ubi8-bats/** 6 | - .github/workflows/ubi8-bats-pr.yaml 7 | 8 | # Declare default permissions as read only. 9 | permissions: read-all 10 | 11 | jobs: 12 | build: 13 | env: 14 | context: utilities/ubi8-bats 15 | image_name: ubi8-bats 16 | runs-on: ubuntu-latest 17 | steps: 18 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 19 | 20 | - name: Check and verify version.json 21 | id: check_version 22 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 23 | with: 24 | IMAGE_CONTEXT_DIR: ${{ env.context }} 25 | 26 | - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 27 | with: 28 | dockerfile: ${{ env.context }}/Dockerfile 29 | ignore: DL3041 30 | 31 | - name: Build image 32 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 33 | with: 34 | context: ${{ env.context }} 35 | dockerfiles: | 36 | ./${{ env.context }}/Dockerfile 37 | image: ${{ env.image_name }} 38 | oci: true 39 | tags: ${{ steps.check_version.outputs.IMAGE_TAGS }} 40 | 41 | - name: Test image 42 | run: | 43 | echo "Running: podman run -t -v $PWD:/code:z ${image_name}:${{ steps.check_version.outputs.VERSION }} /code/utilities/ubi8-bats/test" 44 | podman run -t -v $PWD:/code:z ${image_name}:${{ steps.check_version.outputs.VERSION }} /code/utilities/ubi8-bats/test 45 | -------------------------------------------------------------------------------- /hygieia/.openshift/templates/build-hygieia-jenkins-collector.yml: -------------------------------------------------------------------------------- 1 | apiVersion: template.openshift.io/v1 2 | kind: Template 3 | metadata: 4 | creationTimestamp: null 5 | name: hygieia-jenkins-build-collector 6 | objects: 7 | - apiVersion: image.openshift.io/v1 8 | kind: ImageStream 9 | metadata: 10 | labels: 11 | app: hygieia-jenkins-build-collector 12 | name: hygieia-jenkins-build-collector 13 | - apiVersion: build.openshift.io/v1 14 | kind: BuildConfig 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: hygieia-jenkins-build-collector 19 | name: hygieia-jenkins-build-collector 20 | spec: 21 | runPolicy: Serial 22 | triggers: 23 | - type: GitHub 24 | github: 25 | secret: secret101 26 | - type: Generic 27 | generic: 28 | secret: secret101 29 | - type: ImageChange 30 | source: 31 | git: 32 | uri: https://github.com/tomgeorge/Hygieia 33 | ref: jenkins-oauth-support 34 | type: Git 35 | strategy: 36 | sourceStrategy: 37 | env: 38 | - name: ARTIFACT_DIR 39 | value: collectors/build/jenkins/target 40 | - name: ARTIFACT_COPY_ARGS 41 | value: -r jenkins-build-collector-3.0.1.jar 42 | - name: MAVEN_ARGS 43 | value: -e -P release -DskipTests -Dfabric8.skip=true package 44 | - name: MAVEN_ARGS_APPEND 45 | value: -pl collectors/build/jenkins -am 46 | from: 47 | kind: ImageStreamTag 48 | name: java:8 49 | namespace: openshift 50 | type: Source 51 | output: 52 | to: 53 | kind: ImageStreamTag 54 | name: hygieia-jenkins-build-collector:latest 55 | -------------------------------------------------------------------------------- /hygieia/.openshift/templates/build-base-image.yml: -------------------------------------------------------------------------------- 1 | apiVersion: template.openshift.io/v1 2 | kind: Template 3 | metadata: 4 | creationTimestamp: null 5 | name: base-image-build 6 | objects: 7 | - apiVersion: build.openshift.io/v1 8 | kind: BuildConfig 9 | metadata: 10 | annotations: 11 | creationTimestamp: null 12 | labels: 13 | build: openjdk8-custom 14 | name: openjdk8-custom 15 | spec: 16 | failedBuildsHistoryLimit: 5 17 | nodeSelector: null 18 | output: 19 | to: 20 | kind: ImageStreamTag 21 | name: openjdk8-custom:latest 22 | postCommit: {} 23 | resources: {} 24 | runPolicy: Serial 25 | source: 26 | binary: {} 27 | type: Binary 28 | strategy: 29 | dockerStrategy: 30 | from: 31 | kind: ImageStreamTag 32 | name: java:8 33 | namespace: openshift 34 | type: Docker 35 | successfulBuildsHistoryLimit: 5 36 | triggers: 37 | - github: 38 | secret: La4HMT7Q_PjcWPQ2O8m- 39 | type: GitHub 40 | - generic: 41 | secret: KMPxPoEfhHqmWAn2ULK3 42 | type: Generic 43 | - apiVersion: image.openshift.io/v1 44 | kind: ImageStream 45 | metadata: 46 | annotations: 47 | creationTimestamp: null 48 | generation: 1 49 | labels: 50 | build: openjdk8-custom 51 | name: openjdk8-custom 52 | spec: 53 | lookupPolicy: 54 | local: false 55 | tags: 56 | - annotations: null 57 | from: 58 | kind: DockerImage 59 | name: docker-registry.default.svc:5000/hygieia/openjdk8-custom:latest 60 | generation: null 61 | importPolicy: {} 62 | name: latest 63 | referencePolicy: 64 | type: "" 65 | -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-publish.yaml: -------------------------------------------------------------------------------- 1 | name: jenkins-agent-publish 2 | on: 3 | push: 4 | paths: 5 | - jenkins-agents/jenkins-agent/version.json 6 | - .github/workflows/jenkins-agent-publish.yaml 7 | 8 | # Declare default permissions as read only. 9 | permissions: read-all 10 | 11 | jobs: 12 | build: 13 | env: 14 | context: jenkins-agents/jenkins-agent 15 | image_name: jenkins-agent 16 | runs-on: ubuntu-latest 17 | permissions: 18 | packages: write 19 | steps: 20 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 21 | 22 | - name: Get image tags 23 | id: image_tags 24 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 25 | with: 26 | IMAGE_CONTEXT_DIR: ${{ env.context }} 27 | 28 | - name: Build image 29 | id: build_image 30 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 31 | with: 32 | context: ${{ env.context }} 33 | dockerfiles: | 34 | ./${{ env.context }}/Dockerfile 35 | image: ${{ env.image_name }} 36 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 37 | 38 | - name: Push to ghcr.io 39 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 40 | if: ${{ !contains(github.ref, 'renovate') }} 41 | with: 42 | image: ${{ steps.build_image.outputs.image }} 43 | registry: ghcr.io/${{ github.repository }} 44 | username: ${{ github.repository_owner }} 45 | password: ${{ secrets.GITHUB_TOKEN }} 46 | tags: ${{ steps.build_image.outputs.tags }} -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-helm-publish.yaml: -------------------------------------------------------------------------------- 1 | name: jenkins-agent-helm-publish 2 | on: 3 | push: 4 | paths: 5 | - jenkins-agents/jenkins-agent-helm/version.json 6 | - .github/workflows/jenkins-agent-helm-publish.yaml 7 | 8 | # Declare default permissions as read only. 9 | permissions: read-all 10 | 11 | jobs: 12 | build: 13 | env: 14 | context: jenkins-agents/jenkins-agent-helm 15 | image_name: jenkins-agent-helm 16 | runs-on: ubuntu-latest 17 | permissions: 18 | packages: write 19 | steps: 20 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 21 | 22 | - name: Get image tags 23 | id: image_tags 24 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 25 | with: 26 | IMAGE_CONTEXT_DIR: ${{ env.context }} 27 | 28 | - name: Build image 29 | id: build_image 30 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 31 | with: 32 | context: ${{ env.context }} 33 | dockerfiles: | 34 | ./${{ env.context }}/Dockerfile 35 | image: ${{ env.image_name }} 36 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 37 | 38 | - name: Push to ghcr.io 39 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 40 | if: ${{ !contains(github.ref, 'renovate') }} 41 | with: 42 | image: ${{ steps.build_image.outputs.image }} 43 | registry: ghcr.io/${{ github.repository }} 44 | username: ${{ github.repository_owner }} 45 | password: ${{ secrets.GITHUB_TOKEN }} 46 | tags: ${{ steps.build_image.outputs.tags }} -------------------------------------------------------------------------------- /.github/workflows/jenkins-agent-hugo-publish.yaml: -------------------------------------------------------------------------------- 1 | name: jenkins-agent-hugo-publish 2 | on: 3 | push: 4 | paths: 5 | - jenkins-agents/jenkins-agent-hugo/version.json 6 | - .github/workflows/jenkins-agent-hugo-publish.yaml 7 | 8 | # Declare default permissions as read only. 9 | permissions: read-all 10 | 11 | jobs: 12 | build: 13 | env: 14 | context: jenkins-agents/jenkins-agent-hugo 15 | image_name: jenkins-agent-hugo 16 | runs-on: ubuntu-latest 17 | permissions: 18 | packages: write 19 | steps: 20 | - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 21 | 22 | - name: Get image tags 23 | id: image_tags 24 | uses: redhat-cop/github-actions/get-image-version@cc45c69b6655161f278271cd0c68ddcc1444a3f8 # v4.6 25 | with: 26 | IMAGE_CONTEXT_DIR: ${{ env.context }} 27 | 28 | - name: Build image 29 | id: build_image 30 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 31 | with: 32 | context: ${{ env.context }} 33 | dockerfiles: | 34 | ./${{ env.context }}/Dockerfile 35 | image: ${{ env.image_name }} 36 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 37 | 38 | - name: Push to ghcr.io 39 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 40 | if: ${{ !contains(github.ref, 'renovate') }} 41 | with: 42 | image: ${{ steps.build_image.outputs.image }} 43 | registry: ghcr.io/${{ github.repository }} 44 | username: ${{ github.repository_owner }} 45 | password: ${{ secrets.GITHUB_TOKEN }} 46 | tags: ${{ steps.build_image.outputs.tags }} --------------------------------------------------------------------------------