From 5d084f495bfa74c8676409ba11c5128cd4e2f071 Mon Sep 17 00:00:00 2001
From: root <root@m1305001.lnxero1.boe>
Date: Tue, 12 Sep 2023 09:16:23 +0200
Subject: [PATCH 1/7] adding fsGroup

---
 kustomize/components/clairpostgres/postgres.deployment.yaml | 2 ++
 kustomize/components/postgres/postgres.deployment.yaml      | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/kustomize/components/clairpostgres/postgres.deployment.yaml b/kustomize/components/clairpostgres/postgres.deployment.yaml
index cb9ade4c8..57f867049 100644
--- a/kustomize/components/clairpostgres/postgres.deployment.yaml
+++ b/kustomize/components/clairpostgres/postgres.deployment.yaml
@@ -20,6 +20,8 @@ spec:
     spec:
       terminationGracePeriodSeconds: 180
       serviceAccountName: clair-postgres
+      securityContext:
+        fsGroup: 2000
       volumes:
         - name: clair-postgres-conf-sample
           configMap:
diff --git a/kustomize/components/postgres/postgres.deployment.yaml b/kustomize/components/postgres/postgres.deployment.yaml
index 6f18ad244..81875d72f 100644
--- a/kustomize/components/postgres/postgres.deployment.yaml
+++ b/kustomize/components/postgres/postgres.deployment.yaml
@@ -20,6 +20,8 @@ spec:
     spec:
       terminationGracePeriodSeconds: 180
       serviceAccountName: quay-database
+      securityContext:
+        fsGroup: 2000
       volumes:
         - name: postgres-conf-sample
           configMap:

From 59e7aaff00248ca9b958c230a09197eb1ba8eddb Mon Sep 17 00:00:00 2001
From: Modassar Rana <modassar.rana@ibm.com>
Date: Tue, 12 Sep 2023 12:56:24 +0530
Subject: [PATCH 2/7] Update build-and-publish.yaml

Testing basic
---
 .github/workflows/build-and-publish.yaml | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
index 1ec726cb0..cc57d7506 100644
--- a/.github/workflows/build-and-publish.yaml
+++ b/.github/workflows/build-and-publish.yaml
@@ -16,18 +16,19 @@ on:
         - redhat-3.8
         - redhat-3.9
         - redhat-3.10
+        - test
   push:
     # NOTE: if you trigger this on your branch, ensure its name follows the redhat-X.Y format!
     branches:
-      - redhat-** # IMPORTANT! this must match the .jobs.set-version.env.BRANCH_PREFIX env (save the **).
+      - test # IMPORTANT! this must match the .jobs.set-version.env.BRANCH_PREFIX env (save the **).
 
 jobs:
   set-version:
-    if: ${{ contains(github.ref, 'redhat-') }}
+    #if: ${{ contains(github.ref, 'redhat-') }}
     name: Set version from branch name
     env:
-      BRANCH_PREFIX: redhat- # IMPORTANT! this must match the .on.push.branches prefix!
-      TAG_SUFFIX: -unstable
+      BRANCH_PREFIX: test # IMPORTANT! this must match the .on.push.branches prefix!
+      #TAG_SUFFIX: -unstable
     outputs:
       tag: ${{ steps.format-tag.outputs.tag }}
     runs-on: 'ubuntu-latest'
@@ -48,14 +49,14 @@ jobs:
         run: echo "::set-output name=tag::${{ steps.version-from-branch.outputs.version }}${{ env.TAG_SUFFIX }}"
 
   build-and-publish:
-    if: ${{ contains(github.ref, 'redhat-') }}
+    #if: ${{ contains(github.ref, 'redhat-') }}
     name: Build and publish operator catalog index
     runs-on: 'ubuntu-latest'
     outputs:
       digest: ${{ steps.set-output.outputs.digest }}
     env:
       REGISTRY: ${{ secrets.REGISTRY || 'quay.io' }}
-      NAMESPACE: ${{ secrets.NAMESPACE || 'projectquay' }}
+      NAMESPACE: ${{ secrets.NAMESPACE || 'morana' }}
       TAG: ${{needs.set-version.outputs.tag}}
     needs: set-version
     steps:
@@ -85,8 +86,8 @@ jobs:
         uses: docker/login-action@v1
         with:
           registry: ${{ secrets.REGISTRY || 'quay.io' }}
-          username: ${{ secrets.QUAY_USER }}
-          password: ${{ secrets.QUAY_TOKEN }}
+          username: ${{ secrets.QUAY_USER || 'morana'}}
+          password: ${{ secrets.QUAY_TOKEN || "Cgkc6cGY0aAgyqDboVQceocJuH5Vw7CSs+FZ/x4KDYGTTMSun/eTYydqZqSLw3kPpq8HOeDseHPOcAMEQmwJLA=="}}
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2

From affdc6da46f4dfede05fd600b7087b61dbdcaed1 Mon Sep 17 00:00:00 2001
From: Modassar Rana <modassar.rana@ibm.com>
Date: Tue, 12 Sep 2023 12:58:49 +0530
Subject: [PATCH 3/7] Update build-and-publish.yaml

---
 .github/workflows/build-and-publish.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
index cc57d7506..b3641fc3b 100644
--- a/.github/workflows/build-and-publish.yaml
+++ b/.github/workflows/build-and-publish.yaml
@@ -87,7 +87,7 @@ jobs:
         with:
           registry: ${{ secrets.REGISTRY || 'quay.io' }}
           username: ${{ secrets.QUAY_USER || 'morana'}}
-          password: ${{ secrets.QUAY_TOKEN || "Cgkc6cGY0aAgyqDboVQceocJuH5Vw7CSs+FZ/x4KDYGTTMSun/eTYydqZqSLw3kPpq8HOeDseHPOcAMEQmwJLA=="}}
+          password: ${{ secrets.QUAY_TOKEN || 'Cgkc6cGY0aAgyqDboVQceocJuH5Vw7CSs+FZ/x4KDYGTTMSun/eTYydqZqSLw3kPpq8HOeDseHPOcAMEQmwJLA=='}}
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2

From 143688bd17ca6ef9441ec80b7f9b69fb419b7e07 Mon Sep 17 00:00:00 2001
From: Modassar Rana <modassar.rana@ibm.com>
Date: Tue, 12 Sep 2023 14:26:32 +0530
Subject: [PATCH 4/7] Update build.sh

---
 hack/build.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hack/build.sh b/hack/build.sh
index de8d773bc..e169ac1a3 100755
--- a/hack/build.sh
+++ b/hack/build.sh
@@ -28,7 +28,7 @@ set -e
 export OPERATOR_NAME='quay-operator-test'
 export REGISTRY=${REGISTRY:-'quay.io'}
 export NAMESPACE=${NAMESPACE:-'projectquay'}
-export TAG=${TAG:-'3.9-unstable'}
+export TAG=${TAG:-'3.10-unstable'}
 export CSV_PATH=${CSV_PATH:-'bundle/manifests/quay-operator.clusterserviceversion.yaml'}
 export ANNOTATIONS_PATH=${ANNOTATIONS_PATH:-'bundle/metadata/annotations.yaml'}
 
@@ -63,10 +63,10 @@ function digest() {
 docker buildx build --push --platform "linux/amd64,linux/ppc64le,linux/s390x"  -t "${REGISTRY}/${NAMESPACE}/quay-operator:${TAG}" .
 digest "${REGISTRY}/${NAMESPACE}/quay-operator:${TAG}" OPERATOR_DIGEST
 
-digest "${REGISTRY}/${NAMESPACE}/quay:${TAG}" QUAY_DIGEST
-digest "${REGISTRY}/${NAMESPACE}/clair:nightly" CLAIR_DIGEST
-digest "${REGISTRY}/${NAMESPACE}/quay-builder:${TAG}" BUILDER_DIGEST
-digest "${REGISTRY}/${NAMESPACE}/quay-builder-qemu:3.9.0" BUILDER_QEMU_DIGEST
+digest "${REGISTRY}/projectquay/quay:${TAG}" QUAY_DIGEST
+digest "${REGISTRY}/projectquay/clair:nightly" CLAIR_DIGEST
+digest "${REGISTRY}/projectquay/quay-builder:${TAG}" BUILDER_DIGEST
+digest "${REGISTRY}/projectquay/quay-builder-qemu:3.9.0" BUILDER_QEMU_DIGEST
 digest quay.io/sclorg/postgresql-13-c9s:latest POSTGRES_DIGEST
 digest centos/postgresql-10-centos7:latest POSTGRES_OLD_DIGEST
 digest docker.io/library/redis:7.0 REDIS_DIGEST

From 4b5d8215adcdc1eb3896f68b547346b97b93743a Mon Sep 17 00:00:00 2001
From: Modassar Rana <modassar.rana@ibm.com>
Date: Tue, 12 Sep 2023 15:57:50 +0530
Subject: [PATCH 5/7] Update build-and-publish.yaml

---
 .github/workflows/build-and-publish.yaml | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
index b3641fc3b..6315ace32 100644
--- a/.github/workflows/build-and-publish.yaml
+++ b/.github/workflows/build-and-publish.yaml
@@ -16,19 +16,18 @@ on:
         - redhat-3.8
         - redhat-3.9
         - redhat-3.10
-        - test
   push:
     # NOTE: if you trigger this on your branch, ensure its name follows the redhat-X.Y format!
     branches:
-      - test # IMPORTANT! this must match the .jobs.set-version.env.BRANCH_PREFIX env (save the **).
+      - redhat-** # IMPORTANT! this must match the .jobs.set-version.env.BRANCH_PREFIX env (save the **).
 
 jobs:
   set-version:
-    #if: ${{ contains(github.ref, 'redhat-') }}
+    if: ${{ contains(github.ref, 'redhat-') }}
     name: Set version from branch name
     env:
-      BRANCH_PREFIX: test # IMPORTANT! this must match the .on.push.branches prefix!
-      #TAG_SUFFIX: -unstable
+      BRANCH_PREFIX: redhat-  # IMPORTANT! this must match the .on.push.branches prefix!
+      TAG_SUFFIX: -unstable
     outputs:
       tag: ${{ steps.format-tag.outputs.tag }}
     runs-on: 'ubuntu-latest'
@@ -49,14 +48,14 @@ jobs:
         run: echo "::set-output name=tag::${{ steps.version-from-branch.outputs.version }}${{ env.TAG_SUFFIX }}"
 
   build-and-publish:
-    #if: ${{ contains(github.ref, 'redhat-') }}
+    if: ${{ contains(github.ref, 'redhat-') }}
     name: Build and publish operator catalog index
     runs-on: 'ubuntu-latest'
     outputs:
       digest: ${{ steps.set-output.outputs.digest }}
     env:
       REGISTRY: ${{ secrets.REGISTRY || 'quay.io' }}
-      NAMESPACE: ${{ secrets.NAMESPACE || 'morana' }}
+      NAMESPACE: ${{ secrets.NAMESPACE || 'projectquay' }}
       TAG: ${{needs.set-version.outputs.tag}}
     needs: set-version
     steps:
@@ -86,8 +85,8 @@ jobs:
         uses: docker/login-action@v1
         with:
           registry: ${{ secrets.REGISTRY || 'quay.io' }}
-          username: ${{ secrets.QUAY_USER || 'morana'}}
-          password: ${{ secrets.QUAY_TOKEN || 'Cgkc6cGY0aAgyqDboVQceocJuH5Vw7CSs+FZ/x4KDYGTTMSun/eTYydqZqSLw3kPpq8HOeDseHPOcAMEQmwJLA=='}}
+          username: ${{ secrets.QUAY_USER }}
+          password: ${{ secrets.QUAY_TOKEN }}
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2

From 9a65b878e1452a8fec2eb83b0bce24cb4feb2a9a Mon Sep 17 00:00:00 2001
From: Modassar Rana <modassar.rana@ibm.com>
Date: Tue, 12 Sep 2023 15:58:58 +0530
Subject: [PATCH 6/7] Update build.sh

---
 hack/build.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hack/build.sh b/hack/build.sh
index e169ac1a3..de8d773bc 100755
--- a/hack/build.sh
+++ b/hack/build.sh
@@ -28,7 +28,7 @@ set -e
 export OPERATOR_NAME='quay-operator-test'
 export REGISTRY=${REGISTRY:-'quay.io'}
 export NAMESPACE=${NAMESPACE:-'projectquay'}
-export TAG=${TAG:-'3.10-unstable'}
+export TAG=${TAG:-'3.9-unstable'}
 export CSV_PATH=${CSV_PATH:-'bundle/manifests/quay-operator.clusterserviceversion.yaml'}
 export ANNOTATIONS_PATH=${ANNOTATIONS_PATH:-'bundle/metadata/annotations.yaml'}
 
@@ -63,10 +63,10 @@ function digest() {
 docker buildx build --push --platform "linux/amd64,linux/ppc64le,linux/s390x"  -t "${REGISTRY}/${NAMESPACE}/quay-operator:${TAG}" .
 digest "${REGISTRY}/${NAMESPACE}/quay-operator:${TAG}" OPERATOR_DIGEST
 
-digest "${REGISTRY}/projectquay/quay:${TAG}" QUAY_DIGEST
-digest "${REGISTRY}/projectquay/clair:nightly" CLAIR_DIGEST
-digest "${REGISTRY}/projectquay/quay-builder:${TAG}" BUILDER_DIGEST
-digest "${REGISTRY}/projectquay/quay-builder-qemu:3.9.0" BUILDER_QEMU_DIGEST
+digest "${REGISTRY}/${NAMESPACE}/quay:${TAG}" QUAY_DIGEST
+digest "${REGISTRY}/${NAMESPACE}/clair:nightly" CLAIR_DIGEST
+digest "${REGISTRY}/${NAMESPACE}/quay-builder:${TAG}" BUILDER_DIGEST
+digest "${REGISTRY}/${NAMESPACE}/quay-builder-qemu:3.9.0" BUILDER_QEMU_DIGEST
 digest quay.io/sclorg/postgresql-13-c9s:latest POSTGRES_DIGEST
 digest centos/postgresql-10-centos7:latest POSTGRES_OLD_DIGEST
 digest docker.io/library/redis:7.0 REDIS_DIGEST

From 9048363b4e9a8e458ee67c81373c6e4199e38eca Mon Sep 17 00:00:00 2001
From: Modassar Rana <modassar.rana@ibm.com>
Date: Tue, 12 Sep 2023 16:00:02 +0530
Subject: [PATCH 7/7] Update build-and-publish.yaml

---
 .github/workflows/build-and-publish.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml
index 6315ace32..1ec726cb0 100644
--- a/.github/workflows/build-and-publish.yaml
+++ b/.github/workflows/build-and-publish.yaml
@@ -26,7 +26,7 @@ jobs:
     if: ${{ contains(github.ref, 'redhat-') }}
     name: Set version from branch name
     env:
-      BRANCH_PREFIX: redhat-  # IMPORTANT! this must match the .on.push.branches prefix!
+      BRANCH_PREFIX: redhat- # IMPORTANT! this must match the .on.push.branches prefix!
       TAG_SUFFIX: -unstable
     outputs:
       tag: ${{ steps.format-tag.outputs.tag }}