mirror of
https://github.com/bvanroll/stage-infra.git
synced 2025-08-28 19:42:43 +00:00
cleanup en prep voor multirepo pipeline
This commit is contained in:
@@ -1,2 +1,5 @@
|
||||
# stage-infra
|
||||
infra structure repo that will become a submodule for the frontend, backend, and mirror service repo's
|
||||
|
||||
## tekton
|
||||
contains the manifests for creating the tekton pipeline.
|
||||
@@ -2,119 +2,49 @@
|
||||
apiVersion: tekton.dev/v1beta1
|
||||
kind: Pipeline
|
||||
metadata:
|
||||
name: application-pipeline
|
||||
#namespace: stage-tekton-pipeline
|
||||
name: stage-application-pipeline
|
||||
spec:
|
||||
params:
|
||||
- name: git-repo-name
|
||||
description: name of the git repo (used to determine the name of the image)
|
||||
- name: git-url
|
||||
description: url of the github repository to clone
|
||||
description: url of the git repository to clone
|
||||
- name: branch
|
||||
description: name of the master branch of the repository
|
||||
workspaces:
|
||||
- name: workspace-master
|
||||
- name: workspace-experimental
|
||||
- name: workspace
|
||||
tasks:
|
||||
- name: clone-master
|
||||
- name: clone
|
||||
taskRef:
|
||||
name: git-clone
|
||||
workspaces:
|
||||
- name: output
|
||||
workspace: workspace-master
|
||||
workspace: workspace
|
||||
params:
|
||||
- name: url
|
||||
value: $(inputs.params.git-url)
|
||||
- name: revision
|
||||
value: $(inputs.params.master-branch)
|
||||
- name: build-and-push-a
|
||||
value: $(inputs.params.branch)
|
||||
- name: build-and-push
|
||||
taskRef:
|
||||
name: build-and-push
|
||||
runAfter:
|
||||
- clone-master
|
||||
- clone
|
||||
workspaces:
|
||||
- name: source
|
||||
workspace: workspace-master
|
||||
workspace: workspace
|
||||
params:
|
||||
- name: context
|
||||
value: "server-a"
|
||||
value: "src"
|
||||
- name: image-name
|
||||
value: "server-a"
|
||||
value: "$(inputs.params.git-repo-name)"
|
||||
- name: version
|
||||
value: "$(inputs.params.master-branch)"
|
||||
- name: build-and-push-b-stable
|
||||
value: "$(inputs.params.branch)"
|
||||
- name: deploy-app
|
||||
taskRef:
|
||||
name: build-and-push
|
||||
runAfter:
|
||||
- clone-master
|
||||
name: deploy-app
|
||||
workspaces:
|
||||
- name: source
|
||||
workspace: workspace-master
|
||||
params:
|
||||
- name: context
|
||||
value: "server-b"
|
||||
- name: image-name
|
||||
value: "server-b"
|
||||
- name: version
|
||||
value: "$(inputs.params.master-branch)"
|
||||
- name: build-and-push-d
|
||||
taskRef:
|
||||
name: build-and-push
|
||||
workspace: workspace
|
||||
runAfter:
|
||||
- clone-master
|
||||
workspaces:
|
||||
- name: source
|
||||
workspace: workspace-master
|
||||
params:
|
||||
- name: context
|
||||
value: "server-d"
|
||||
- name: image-name
|
||||
value: "server-d"
|
||||
- name: version
|
||||
value: "$(inputs.params.master-branch)"
|
||||
- name: clone-experimental
|
||||
taskRef:
|
||||
name: git-clone
|
||||
workspaces:
|
||||
- name: output
|
||||
workspace: workspace-experimental
|
||||
params:
|
||||
- name: url
|
||||
value: $(inputs.params.git-url)
|
||||
- name: revision
|
||||
value: $(inputs.params.experimental-branch)
|
||||
- name: build-and-push-b-experimental
|
||||
taskRef:
|
||||
name: build-and-push
|
||||
workspaces:
|
||||
- name: source
|
||||
workspace: workspace-experimental
|
||||
runAfter:
|
||||
- clone-experimental
|
||||
params:
|
||||
- name: context
|
||||
value: "server-b"
|
||||
- name: image-name
|
||||
value: "server-b"
|
||||
- name: version
|
||||
value: "$(inputs.params.experimental-branch)"
|
||||
- name: deploy-infra
|
||||
taskRef:
|
||||
name: execute-yaml
|
||||
workspaces:
|
||||
- name: source
|
||||
workspace: workspace-master
|
||||
runAfter:
|
||||
- build-and-push-b-experimental
|
||||
- build-and-push-d
|
||||
- build-and-push-a
|
||||
- build-and-push-b-stable
|
||||
params:
|
||||
- name: yaml-location
|
||||
value: "infra.yaml"
|
||||
- name: execute-yaml #@TODO make it so that the delete can be skipped if error
|
||||
taskRef:
|
||||
name: execute-yaml
|
||||
workspaces:
|
||||
- name: source
|
||||
workspace: workspace-master
|
||||
runAfter:
|
||||
- deploy-infra
|
||||
- build-and-push
|
||||
@@ -1,28 +0,0 @@
|
||||
---
|
||||
# https://medium.com/@nikhilthomas1/cloud-native-cicd-on-openshift-with-openshift-pipelines-tektoncd-pipelines-part-3-github-1db6dd8e8ca7
|
||||
apiVersion: tekton.dev/v1alpha1
|
||||
kind: TaskRun
|
||||
metadata:
|
||||
name: create-repo-webhook
|
||||
namespace: tekton-pipeline-istio-project-1
|
||||
spec:
|
||||
taskRef:
|
||||
name: create-webhook
|
||||
inputs:
|
||||
params:
|
||||
- name: GitHubOrg
|
||||
value: "beppevanrolleghem"
|
||||
- name: GitHubUser
|
||||
value: "beppevanrolleghem"
|
||||
- name: GitHubRepo
|
||||
value: "cicdTest"
|
||||
- name: GitHubSecretName
|
||||
value: webhook-secret
|
||||
- name: GitHubAccessTokenKey
|
||||
value: token
|
||||
- name: GitHubSecretStringKey
|
||||
value: secret
|
||||
- name: ExternalDomain
|
||||
value: 35.233.93.220
|
||||
timeout: 1000s
|
||||
serviceAccount: tekton-triggers-createwebhook
|
||||
@@ -1,51 +0,0 @@
|
||||
---
|
||||
apiVersion: tekton.dev/v1alpha1
|
||||
kind: Task
|
||||
metadata:
|
||||
name: create-webhook
|
||||
namespace: tekton-pipeline-istio-project-1
|
||||
spec:
|
||||
volumes:
|
||||
- name: github-secret
|
||||
secret:
|
||||
secretName: $(inputs.params.GitHubSecretName)
|
||||
inputs:
|
||||
params:
|
||||
- name: ExternalDomain
|
||||
description: "The external domain for the EventListener e.g. `$(inputs.params.EventListenerName).<PROXYIP>.nip.io`"
|
||||
- name: GitHubUser
|
||||
description: "The GitHub user"
|
||||
- name: GitHubRepo
|
||||
description: "The GitHub repo where the webhook will be created"
|
||||
- name: GitHubOrg
|
||||
description: "The GitHub organization where the webhook will be created"
|
||||
- name: GitHubSecretName
|
||||
description: "The Secret name for GitHub access token. This is always mounted and must exist"
|
||||
- name: GitHubAccessTokenKey
|
||||
description: "The GitHub access token key name"
|
||||
- name: GitHubSecretStringKey
|
||||
description: "The GitHub secret string key name"
|
||||
- name: GitHubDomain
|
||||
description: "The GitHub domain. Override for GitHub Enterprise"
|
||||
default: "github.com"
|
||||
- name: WebhookEvents
|
||||
description: "List of events the webhook will send notifications for"
|
||||
default: '[\"push\",\"pull_request\"]'
|
||||
steps:
|
||||
- name: create-webhook
|
||||
image: pstauffer/curl:latest
|
||||
volumeMounts:
|
||||
- name: github-secret
|
||||
mountPath: /var/secret
|
||||
command:
|
||||
- sh
|
||||
args:
|
||||
- -ce
|
||||
- |
|
||||
set -e
|
||||
echo "Create Webhook"
|
||||
if [ $(inputs.params.GitHubDomain) = "github.com" ];then
|
||||
curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
|
||||
else
|
||||
curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
|
||||
fi
|
||||
@@ -1,12 +0,0 @@
|
||||
|
||||
---
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: workspace-pvc-experimental
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 500Mi
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: tekton-pipeline-istio-project-1
|
||||
labels:
|
||||
istio-injection: enabled #zorgt voor auto sidecar injection
|
||||
@@ -3,7 +3,7 @@
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: master-pvc
|
||||
name: workspace
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
@@ -4,7 +4,6 @@ apiVersion: tekton.dev/v1alpha1
|
||||
kind: TaskRun
|
||||
metadata:
|
||||
name: create-repo-webhook
|
||||
#namespace: stage-tekton-pipeline
|
||||
spec:
|
||||
taskRef:
|
||||
name: create-webhook
|
||||
|
||||
@@ -12,7 +12,6 @@ rules:
|
||||
- "networking.k8s.io"
|
||||
- "extensions"
|
||||
- "tekton.dev"
|
||||
# deze zullen we ook moeten aanpassen elke pipeline die we maken, maar, deze pipelines zijn nu specifiek per branch, dus dit zou geen probleem leveren.
|
||||
resources:
|
||||
- pods
|
||||
- serviceaccounts
|
||||
|
||||
@@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1alpha1
|
||||
kind: Task
|
||||
metadata:
|
||||
name: create-webhook
|
||||
#namespace: stage-tekton-pipeline
|
||||
spec:
|
||||
volumes:
|
||||
- name: github-secret
|
||||
|
||||
@@ -3,8 +3,7 @@
|
||||
apiVersion: tekton.dev/v1alpha1
|
||||
kind: Task
|
||||
metadata:
|
||||
name: execute-yaml
|
||||
#namespace: stage-tekton-pipeline
|
||||
name: deploy-app
|
||||
spec:
|
||||
params:
|
||||
- name: yaml-location
|
||||
@@ -8,11 +8,6 @@ spec:
|
||||
serviceAccountName: service-acc
|
||||
triggers:
|
||||
- name: github
|
||||
# interceptors:
|
||||
# - github:
|
||||
# eventTypes:
|
||||
# - pull_request
|
||||
# - push
|
||||
bindings:
|
||||
- name: github-trigger-binding
|
||||
template:
|
||||
|
||||
@@ -3,16 +3,11 @@ apiVersion: tekton.dev/v1alpha1
|
||||
kind: TriggerBinding
|
||||
metadata:
|
||||
name: github-trigger-binding
|
||||
#namespace: stage-tekton-pipeline
|
||||
spec:
|
||||
params:
|
||||
- name: gitrevision
|
||||
value: $(body.repository.default_branch)
|
||||
- name: gitrepositoryurl
|
||||
value: $(body.repository.clone_url)
|
||||
# - name: prurl
|
||||
# value: $(body.pull_request.html_url)
|
||||
# - name: repo
|
||||
# value: $(body.pull_request.base.repo.full_name)
|
||||
# - name: source
|
||||
# value: github
|
||||
- name: gitreponame
|
||||
value: $(body.repository.name)
|
||||
@@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1alpha1
|
||||
kind: TriggerTemplate
|
||||
metadata:
|
||||
name: github-trigger-template
|
||||
#namespace: stage-tekton-pipeline
|
||||
spec:
|
||||
params:
|
||||
- name: gitrevision
|
||||
@@ -11,25 +10,25 @@ spec:
|
||||
default: master
|
||||
- name: gitrepositoryurl
|
||||
description: The git repository url
|
||||
- name: gitreponame
|
||||
description: the name of the git repository
|
||||
resourcetemplates:
|
||||
- apiVersion: tekton.dev/v1alpha1
|
||||
kind: PipelineRun
|
||||
metadata:
|
||||
name: application-pipeline-run
|
||||
#namespace: stage-tekton-pipeline
|
||||
spec:
|
||||
serviceAccountName: service-acc
|
||||
pipelineRef:
|
||||
name: application-pipeline #gebruik dit om de pipeline aan te passen naar andere versies, zolang ze zich in dezelfde #namespace bevinden kunnen we deze pipeline hergebruiken om deployments op de cluster uit te voeren. service-mesh agnostisch.
|
||||
name: stage-application-pipeline
|
||||
workspaces:
|
||||
- name: workspace-master
|
||||
- name: workspace
|
||||
persistentVolumeClaim:
|
||||
claimName: workspace-pvc-master
|
||||
- name: workspace-experimental
|
||||
persistentVolumeClaim:
|
||||
claimName: workspace-pvc-experimental
|
||||
claimName: workspace
|
||||
params:
|
||||
- name: git-url
|
||||
value: $(inputs.params.gitrepositoryurl)
|
||||
- name: branch
|
||||
value: $(inputs.params.gitrevision)
|
||||
value: $(inputs.params.gitrevision)
|
||||
- name: git-repo-name
|
||||
value: $(inputs.params.gitreponame)
|
||||
Reference in New Issue
Block a user