chore: create jupyter-lab deployment

.dockerignore

@@ -0,0 +1,200 @@
+###### Place new entries directly below this line! ######
+
+# Ignore anything in the ./.tmp directory
+.tmp/
+
+# Ignore user-generated fiass databases
+vdb/
+
+# Explicitly ignore .vscode/. Shared settings should go in morpheus.code-workspace
+# and user settings will go in .vscode/
+.vscode/
+
+# Ignore .sqlite cache files
+*.sqlite
+
+
+##### Do not alter the items below this line! #####
+########## They are managed by a script! ##########
+
+# Created by https://www.gitignore.io/api/vim,c++,cmake,python,synology
+
+### C++ ###
+# Prerequisites
+*.d
+
+# Compiled Object files
+*.slo
+*.lo
+*.o
+*.obj
+
+# Precompiled Headers
+*.gch
+*.pch
+
+# Compiled Dynamic libraries
+*.so
+*.dylib
+*.dll
+
+# Fortran module files
+*.mod
+*.smod
+
+# Compiled Static libraries
+*.lai
+*.la
+*.a
+*.lib
+
+# Executables
+*.exe
+*.out
+*.app
+
+### CMake ###
+CMakeCache.txt
+CMakeFiles
+CMakeScripts
+Testing
+cmake_install.cmake
+install_manifest.txt
+compile_commands.json
+CTestTestfile.cmake
+
+### Python ###
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# pyenv
+.python-version
+
+# celery beat schedule file
+celerybeat-schedule
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Env files
+*.env
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+
+### Synology ###
+# Thumbnails
+@eaDir
+# Recycle bin
+\#recycle
+
+### Vim ###
+# Swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-rt-v][a-z]
+[._]ss[a-gi-z]
+[._]sw[a-p]
+
+# Session
+Session.vim
+
+# Temporary
+.netrwhist
+*~
+# Auto-generated tag files
+tags
+# Persistent undo
+[._]*.un~
+
+
+# End of https://www.gitignore.io/api/vim,c++,cmake,python,synology

.gitignore

@@ -155,6 +155,9 @@ ENV/
 env.bak/
 venv.bak/
 
+# Env files
+*.env
+
 # Spyder project settings
 .spyderproject
 .spyproject

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "agent-morpheus-models"]
+	path = agent-morpheus-models
+	url = ../agent-morpheus-models
+        branch= main

.pytest.ini

@@ -0,0 +1,3 @@
+# pytest.ini
+[pytest]
+asyncio_default_fixture_loop_scope = function

.tekton/on-pull-request.yaml

@@ -0,0 +1,116 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  name: vulnerability-analysis-on-pr
+  annotations:
+    # The event we are targeting as seen from the webhook payload
+    # this can be an array too, i.e: [pull_request, push]
+    pipelinesascode.tekton.dev/on-event: "[pull_request]"
+
+    # The branch or tag we are targeting (ie: main, refs/tags/*)
+    pipelinesascode.tekton.dev/on-target-branch: "[main, rh-main]"
+
+    # Fetch the git-clone task from hub, we are able to reference later on it
+    # with taskRef and it will automatically be embedded into our pipeline.
+    pipelinesascode.tekton.dev/task: "git-clone"
+
+    # How many runs we want to keep.
+    pipelinesascode.tekton.dev/max-keep-runs: "5"
+spec:
+  params:
+    # The variable with brackets are special to Pipelines as Code
+    # They will automatically be expanded with the events from Github.
+    - name: repo_url
+      value: "{{ repo_url }}"
+    - name: revision
+      value: "{{ revision }}"
+    - name: image-expires-after
+      value: 5d
+    - name: output-image
+      value: quay.io/ecosystem-appeng/agent-morpheus-rh:on-pr-{{revision}}
+    - name: path-context
+      value: .
+    - name: dockerfile
+      value: ./Dockerfile
+  pipelineSpec:
+    params:
+      - name: repo_url
+      - name: revision
+      - name: output-image
+        description: Fully Qualified Output Image
+        type: string
+      - name: path-context
+        default: .
+        description: Path to the source code of an application's component from where to build image.
+        type: string
+      - name: dockerfile
+        default: Dockerfile
+        description: Path to the Dockerfile inside the context specified by parameter path-context
+        type: string
+      - name: image-expires-after
+        default: ""
+        description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
+    workspaces:
+      - name: source
+      - name: basic-auth
+    tasks:
+      - name: fetch-repository
+        taskRef:
+          name: git-clone
+        workspaces:
+          - name: output
+            workspace: source
+          - name: basic-auth
+            workspace: basic-auth
+        params:
+          - name: url
+            value: $(params.repo_url)
+          - name: revision
+            value: $(params.revision)
+      - name: buildah
+        runAfter:
+          - fetch-repository
+        params:
+          - name: IMAGE
+            value: $(params.output-image)
+          - name: DOCKERFILE
+            value: $(params.dockerfile)
+          - name: CONTEXT
+            value: $(params.path-context)
+          - name: BUILDER_IMAGE
+            value: >-
+              registry.redhat.io/rhel8/buildah@sha256:aac6629389db17e99894c5bee0da01d4c8065d11d8c6f6e1602f9484290baa70
+          - name: STORAGE_DRIVER
+            value: vfs
+          - name: FORMAT
+            value: docker
+          - name: BUILD_EXTRA_ARGS
+            value: >-
+              --target base
+              --label=quay.expires-after=$(params.image-expires-after)
+        taskRef:
+          kind: ClusterTask
+          name: buildah
+        workspaces:
+          - name: source
+            workspace: source
+          - name: dockerconfig
+            workspace: dockerconfig-ws
+  workspaces:
+  - name: source
+    volumeClaimTemplate:
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 1Gi
+  # This workspace will inject secret to help the git-clone task to be able to
+  # checkout the private repositories
+  - name: basic-auth
+    secret:
+      secretName: "{{ git_auth_secret }}"
+  - name: dockerconfig-ws
+    secret:
+      secretName: ecosystem-appeng-morpheus-quay