beppe/cicdTest
1
0
Fork 0
mirror of https://github.com/bvanroll/cicdTest.git synced 2025-08-29 03:52:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/beppevanrolleghem/cicdTest

Browse Source
This commit is contained in:
Beppe Vanrolleghem
2020-03-09 11:37:43 +01:00
parent 8a082b261c 491a450994
commit f9331524eb
4 changed files with 146 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
manifests/full-pipeline.yaml
View File

@@ -164,13 +164,13 @@ spec:
- name: git-experimental
type: git
tasks:
- name: destroy-application #@TODO make it so that the delete can be skipped if error
taskRef:
name: destroy-application
resources:
inputs:
- name: git-source
resource: git-master
# - name: destroy-application #@TODO make it so that the delete can be skipped if error
# taskRef:
# name: destroy-application
# resources:
# inputs:
# - name: git-source
# resource: git-master
- name: build-and-push-a
taskRef:
name: build-and-push
@@ -235,7 +235,7 @@ spec:
- build-and-push-b-experimental
- build-and-push-a
- build-and-push-b-stable
- destroy-application
#- destroy-application
resources:
inputs:
- name: git-source

136
manifests/github-event-listener.yaml Normal file
View File

@@ -0,0 +1,136 @@
---
apiVersion: tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: github-trigger-binding
namespace: tekton-pipeline-istio-project-1
spec:
params:
- name: gitrevision
value: $(body.pull_request.head.sha)
- name: gitrepositoryurl
value: $(body.pull_request.head.repo.clone_url)
- name: prurl
value: $(body.pull_request.html_url)
- name: repo
value: $(body.pull_request.base.repo.full_name)
- name: source
value: github
---
apiVersion: tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
name: github-trigger-template
namespace: tekton-pipeline-istio-project-1
spec:
params:
- name: gitrevision
description: The git revision
default: master
- name: gitrepositoryurl
description: The git repository url
resourcetemplates:
- apiVersion: tekton.dev/v1alpha1
kind: PipelineRun
metadata:
name: application-pipeline-run
namespace: tekton-pipeline-istio-project-1
spec:
serviceAccountName: service-acc
pipelineRef:
name: application-pipeline
resources:
- name: git-master
resourceRef:
name: git-master
- name: git-experimental
resourceRef:
name: git-experimental
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tekton-trigger-role
namespace: tekton-pipeline-istio-project-1
rules:
# Permissions for every EventListener deployment to function
- apiGroups: ["tekton.dev"]
resources: ["eventlisteners", "triggerbindings", "triggertemplates"]
verbs: ["get"]
- apiGroups: [""]
resources: ["configmaps", "secrets"] # secrets are only needed for Github/Gitlab interceptors
verbs: ["get", "list", "watch"]
# Permissions to create resources in associated TriggerTemplates
- apiGroups: ["tekton.dev"]
resources: ["pipelineruns", "pipelineresources", "taskruns"]
verbs: ["create"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tekton-trigger-role-binding
namespace: tekton-pipeline-istio-project-1
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-trigger-role
subjects:
- kind: ServiceAccount
name: service-acc
namespace: tekton-pipeline-istio-project-1
---
apiVersion: tekton.dev/v1alpha1
kind: EventListener
metadata:
name: github-event-listener
namespace: tekton-pipeline-istio-project-1
spec:
serviceAccountName: service-acc
triggers:
- binding:
name: github-trigger-binding
template:
name: github-trigger-template
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: expose-event-listener
namespace: tekton-pipeline-istio-project-1
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 443
name: http
protocol: HTTP
hosts:
- "*"
- port:
number: 80
name: http2
protocol: HTTP
hosts:
- "*"
- port:
number: 8080
name: http3
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: link-gateway-listener
namespace: tekton-pipeline-istio-project-1
spec:
hosts:
- "*"
gateways:
- expose-event-listener
http:
- route:
- destination:
host: el-github-event-listener

60
manifests/github-trigger-setup.yaml
View File

@@ -1,60 +0,0 @@
---
apiVersion: tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: github-trigger-binding
namespace: tekton-pipeline-istio-project-1
spec:
params:
- name: gitrevision
value: $(body.pull_request.head.sha)
- name: gitrepositoryurl
value: $(body.pull_request.head.repo.clone_url)
- name: prurl
value: $(body.pull_request.html_url)
- name: repo
value: $(body.pull_request.base.repo.full_name)
- name: source
value: github
---
apiVersion: tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
name: github-trigger-template
namespace: tekton-pipeline-istio-project-1
spec:
params:
- name: gitrevision
description: The git revision
default: master
- name: gitrepositoryurl
description: The git repository url
resourcetemplates:
- apiVersion: tekton.dev/v1alpha1
kind: PipelineRun
metadata:
name: application-pipeline-run
namespace: tekton-pipeline-istio-project-1
spec:
serviceAccountName: service-acc
pipelineRef:
name: application-pipeline
resources:
- name: git-master
resourceRef:
name: git-master
- name: git-experimental
resourceRef:
name: git-experimental
---
apiVersion: tekton.dev/v1alpha1
kind: EventListener
metadata:
name: github-event-listener
spec:
serviceAccountName: service-acc
triggers:
- binding:
name: github-trigger-binding
template:
name: github-trigger-template

4
manifests/github-webhook-setup.yaml
View File

@@ -59,9 +59,9 @@ spec:
set -e
echo "Create Webhook"
if [ $(inputs.params.GitHubDomain) = "github.com" ];then
curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"https://$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
else
curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"https://$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
fi
---
# https://medium.com/@nikhilthomas1/cloud-native-cicd-on-openshift-with-openshift-pipelines-tektoncd-pipelines-part-3-github-1db6dd8e8ca7