Merge branch 'master' of https://github.com/beppevanrolleghem/cicdTest

manifests/full-pipeline.yaml

@@ -164,13 +164,13 @@ spec:
     - name: git-experimental
       type: git
   tasks:
-  - name: destroy-application #@TODO make it so that the delete can be skipped if error
+  # - name: destroy-application #@TODO make it so that the delete can be skipped if error
-    taskRef:
+  #   taskRef:
-      name: destroy-application
+  #     name: destroy-application
-    resources:
+  #   resources:
-      inputs:
+  #     inputs:
-        - name: git-source
+  #       - name: git-source
-          resource: git-master
+  #         resource: git-master
   - name: build-and-push-a
     taskRef:
       name: build-and-push
@@ -235,7 +235,7 @@ spec:
       - build-and-push-b-experimental
       - build-and-push-a
       - build-and-push-b-stable
-      - destroy-application
+      #- destroy-application
     resources:
       inputs:
         - name: git-source

manifests/github-event-listener.yaml

@@ -0,0 +1,136 @@
+---
+apiVersion: tekton.dev/v1alpha1
+kind: TriggerBinding
+metadata:
+  name: github-trigger-binding
+  namespace: tekton-pipeline-istio-project-1
+spec:
+  params:
+  - name: gitrevision
+    value: $(body.pull_request.head.sha)
+  - name: gitrepositoryurl
+    value: $(body.pull_request.head.repo.clone_url)
+  - name: prurl
+    value: $(body.pull_request.html_url)
+  - name: repo
+    value: $(body.pull_request.base.repo.full_name)
+  - name: source
+    value: github
+---
+apiVersion: tekton.dev/v1alpha1
+kind: TriggerTemplate
+metadata:
+  name: github-trigger-template
+  namespace: tekton-pipeline-istio-project-1
+spec:
+  params:
+    - name: gitrevision
+      description: The git revision
+      default: master
+    - name: gitrepositoryurl
+      description: The git repository url
+  resourcetemplates:
+    - apiVersion: tekton.dev/v1alpha1
+      kind: PipelineRun
+      metadata:
+        name: application-pipeline-run
+        namespace: tekton-pipeline-istio-project-1
+      spec:
+        serviceAccountName: service-acc
+        pipelineRef:
+          name: application-pipeline
+        resources:
+          - name: git-master
+            resourceRef:
+              name: git-master
+          - name: git-experimental
+            resourceRef:
+              name: git-experimental
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: tekton-trigger-role
+  namespace: tekton-pipeline-istio-project-1
+rules:
+# Permissions for every EventListener deployment to function
+- apiGroups: ["tekton.dev"]
+  resources: ["eventlisteners", "triggerbindings", "triggertemplates"]
+  verbs: ["get"]
+- apiGroups: [""]
+  resources: ["configmaps", "secrets"] # secrets are only needed for Github/Gitlab interceptors
+  verbs: ["get", "list", "watch"]
+# Permissions to create resources in associated TriggerTemplates
+- apiGroups: ["tekton.dev"]
+  resources: ["pipelineruns", "pipelineresources", "taskruns"]
+  verbs: ["create"]
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: tekton-trigger-role-binding
+  namespace: tekton-pipeline-istio-project-1
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: tekton-trigger-role
+subjects:
+  - kind: ServiceAccount
+    name: service-acc
+    namespace: tekton-pipeline-istio-project-1
+---
+apiVersion: tekton.dev/v1alpha1
+kind: EventListener
+metadata:
+  name: github-event-listener
+  namespace: tekton-pipeline-istio-project-1
+spec:
+  serviceAccountName: service-acc
+  triggers:
+  - binding:
+      name: github-trigger-binding
+    template:
+      name: github-trigger-template
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+  name: expose-event-listener
+  namespace: tekton-pipeline-istio-project-1
+spec:
+  selector:
+    istio: ingressgateway
+  servers:
+    - port:
+        number: 443
+        name: http
+        protocol: HTTP
+      hosts:
+        - "*"
+    - port:
+        number: 80
+        name: http2
+        protocol: HTTP
+      hosts:
+        - "*"
+    - port:
+        number: 8080
+        name: http3
+        protocol: HTTP
+      hosts:
+        - "*"    
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+  name: link-gateway-listener
+  namespace: tekton-pipeline-istio-project-1
+spec:
+  hosts:
+    - "*"
+  gateways:
+    - expose-event-listener
+  http:
+    - route:
+        - destination:
+            host: el-github-event-listener

manifests/github-trigger-setup.yaml

@@ -1,60 +0,0 @@
----
-apiVersion: tekton.dev/v1alpha1
-kind: TriggerBinding
-metadata:
-  name: github-trigger-binding
-  namespace: tekton-pipeline-istio-project-1
-spec:
-  params:
-  - name: gitrevision
-    value: $(body.pull_request.head.sha)
-  - name: gitrepositoryurl
-    value: $(body.pull_request.head.repo.clone_url)
-  - name: prurl
-    value: $(body.pull_request.html_url)
-  - name: repo
-    value: $(body.pull_request.base.repo.full_name)
-  - name: source
-    value: github
----
-apiVersion: tekton.dev/v1alpha1
-kind: TriggerTemplate
-metadata:
-  name: github-trigger-template
-  namespace: tekton-pipeline-istio-project-1
-spec:
-  params:
-    - name: gitrevision
-      description: The git revision
-      default: master
-    - name: gitrepositoryurl
-      description: The git repository url
-  resourcetemplates:
-    - apiVersion: tekton.dev/v1alpha1
-      kind: PipelineRun
-      metadata:
-        name: application-pipeline-run
-        namespace: tekton-pipeline-istio-project-1
-      spec:
-        serviceAccountName: service-acc
-        pipelineRef:
-          name: application-pipeline
-        resources:
-          - name: git-master
-            resourceRef:
-              name: git-master
-          - name: git-experimental
-            resourceRef:
-              name: git-experimental
----
-apiVersion: tekton.dev/v1alpha1
-kind: EventListener
-metadata:
-  name: github-event-listener
-spec:
-  serviceAccountName: service-acc
-  triggers:
-  - binding:
-      name: github-trigger-binding
-    template:
-      name: github-trigger-template

manifests/github-webhook-setup.yaml

@@ -59,9 +59,9 @@ spec:
       set -e
       echo "Create Webhook"
       if [ $(inputs.params.GitHubDomain) = "github.com" ];then
-        curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
+        curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"https://$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
       else
-        curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
+        curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"https://$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
       fi
 ---
 # https://medium.com/@nikhilthomas1/cloud-native-cicd-on-openshift-with-openshift-pipelines-tektoncd-pipelines-part-3-github-1db6dd8e8ca7