From defdbaa3abfe38dd1400982d3d475a1051c26c1d Mon Sep 17 00:00:00 2001 From: beppe Date: Mon, 16 Mar 2020 12:31:59 +0100 Subject: [PATCH] cleanup en prep voor multirepo pipeline --- README.md | 3 + Tekton/pipeline/pipeline.yaml | 106 +++--------------- Tekton/resources/create-repo-webhook.yaml | 28 ----- Tekton/resources/create-webhook.yaml | 51 --------- Tekton/resources/experimental-pvc.yaml | 12 -- Tekton/resources/namespace.yaml | 7 -- .../{master-pvc.yaml => workspace.yaml} | 2 +- Tekton/runs/task/create-repo-webhook.yaml | 1 - Tekton/service-accounts/cluster-role.yaml | 1 - Tekton/tasks/create-webhook.yaml | 1 - .../{execute-yaml.yaml => deploy-app.yaml} | 3 +- Tekton/triggers/event-listener.yaml | 5 - Tekton/triggers/trigger-binding.yaml | 9 +- Tekton/triggers/trigger-template.yaml | 17 ++- 14 files changed, 33 insertions(+), 213 deletions(-) delete mode 100644 Tekton/resources/create-repo-webhook.yaml delete mode 100644 Tekton/resources/create-webhook.yaml delete mode 100644 Tekton/resources/experimental-pvc.yaml delete mode 100644 Tekton/resources/namespace.yaml rename Tekton/resources/{master-pvc.yaml => workspace.yaml} (88%) rename Tekton/tasks/{execute-yaml.yaml => deploy-app.yaml} (88%) diff --git a/README.md b/README.md index d814929..ffdb2aa 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,5 @@ # stage-infra infra structure repo that will become a submodule for the frontend, backend, and mirror service repo's + +## tekton +contains the manifests for creating the tekton pipeline. \ No newline at end of file diff --git a/Tekton/pipeline/pipeline.yaml b/Tekton/pipeline/pipeline.yaml index 9190078..1957241 100644 --- a/Tekton/pipeline/pipeline.yaml +++ b/Tekton/pipeline/pipeline.yaml @@ -2,119 +2,49 @@ apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: - name: application-pipeline - #namespace: stage-tekton-pipeline + name: stage-application-pipeline spec: params: + - name: git-repo-name + description: name of the git repo (used to determine the name of the image) - name: git-url - description: url of the github repository to clone + description: url of the git repository to clone - name: branch description: name of the master branch of the repository workspaces: - - name: workspace-master - - name: workspace-experimental + - name: workspace tasks: - - name: clone-master + - name: clone taskRef: name: git-clone workspaces: - name: output - workspace: workspace-master + workspace: workspace params: - name: url value: $(inputs.params.git-url) - name: revision - value: $(inputs.params.master-branch) - - name: build-and-push-a + value: $(inputs.params.branch) + - name: build-and-push taskRef: name: build-and-push runAfter: - - clone-master + - clone workspaces: - name: source - workspace: workspace-master + workspace: workspace params: - name: context - value: "server-a" + value: "src" - name: image-name - value: "server-a" + value: "$(inputs.params.git-repo-name)" - name: version - value: "$(inputs.params.master-branch)" - - name: build-and-push-b-stable + value: "$(inputs.params.branch)" + - name: deploy-app taskRef: - name: build-and-push - runAfter: - - clone-master + name: deploy-app workspaces: - name: source - workspace: workspace-master - params: - - name: context - value: "server-b" - - name: image-name - value: "server-b" - - name: version - value: "$(inputs.params.master-branch)" - - name: build-and-push-d - taskRef: - name: build-and-push + workspace: workspace runAfter: - - clone-master - workspaces: - - name: source - workspace: workspace-master - params: - - name: context - value: "server-d" - - name: image-name - value: "server-d" - - name: version - value: "$(inputs.params.master-branch)" - - name: clone-experimental - taskRef: - name: git-clone - workspaces: - - name: output - workspace: workspace-experimental - params: - - name: url - value: $(inputs.params.git-url) - - name: revision - value: $(inputs.params.experimental-branch) - - name: build-and-push-b-experimental - taskRef: - name: build-and-push - workspaces: - - name: source - workspace: workspace-experimental - runAfter: - - clone-experimental - params: - - name: context - value: "server-b" - - name: image-name - value: "server-b" - - name: version - value: "$(inputs.params.experimental-branch)" - - name: deploy-infra - taskRef: - name: execute-yaml - workspaces: - - name: source - workspace: workspace-master - runAfter: - - build-and-push-b-experimental - - build-and-push-d - - build-and-push-a - - build-and-push-b-stable - params: - - name: yaml-location - value: "infra.yaml" - - name: execute-yaml #@TODO make it so that the delete can be skipped if error - taskRef: - name: execute-yaml - workspaces: - - name: source - workspace: workspace-master - runAfter: - - deploy-infra \ No newline at end of file + - build-and-push \ No newline at end of file diff --git a/Tekton/resources/create-repo-webhook.yaml b/Tekton/resources/create-repo-webhook.yaml deleted file mode 100644 index 7a059a4..0000000 --- a/Tekton/resources/create-repo-webhook.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -# https://medium.com/@nikhilthomas1/cloud-native-cicd-on-openshift-with-openshift-pipelines-tektoncd-pipelines-part-3-github-1db6dd8e8ca7 -apiVersion: tekton.dev/v1alpha1 -kind: TaskRun -metadata: - name: create-repo-webhook - namespace: tekton-pipeline-istio-project-1 -spec: - taskRef: - name: create-webhook - inputs: - params: - - name: GitHubOrg - value: "beppevanrolleghem" - - name: GitHubUser - value: "beppevanrolleghem" - - name: GitHubRepo - value: "cicdTest" - - name: GitHubSecretName - value: webhook-secret - - name: GitHubAccessTokenKey - value: token - - name: GitHubSecretStringKey - value: secret - - name: ExternalDomain - value: 35.233.93.220 - timeout: 1000s - serviceAccount: tekton-triggers-createwebhook \ No newline at end of file diff --git a/Tekton/resources/create-webhook.yaml b/Tekton/resources/create-webhook.yaml deleted file mode 100644 index 157f2d0..0000000 --- a/Tekton/resources/create-webhook.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -apiVersion: tekton.dev/v1alpha1 -kind: Task -metadata: - name: create-webhook - namespace: tekton-pipeline-istio-project-1 -spec: - volumes: - - name: github-secret - secret: - secretName: $(inputs.params.GitHubSecretName) - inputs: - params: - - name: ExternalDomain - description: "The external domain for the EventListener e.g. `$(inputs.params.EventListenerName)..nip.io`" - - name: GitHubUser - description: "The GitHub user" - - name: GitHubRepo - description: "The GitHub repo where the webhook will be created" - - name: GitHubOrg - description: "The GitHub organization where the webhook will be created" - - name: GitHubSecretName - description: "The Secret name for GitHub access token. This is always mounted and must exist" - - name: GitHubAccessTokenKey - description: "The GitHub access token key name" - - name: GitHubSecretStringKey - description: "The GitHub secret string key name" - - name: GitHubDomain - description: "The GitHub domain. Override for GitHub Enterprise" - default: "github.com" - - name: WebhookEvents - description: "List of events the webhook will send notifications for" - default: '[\"push\",\"pull_request\"]' - steps: - - name: create-webhook - image: pstauffer/curl:latest - volumeMounts: - - name: github-secret - mountPath: /var/secret - command: - - sh - args: - - -ce - - | - set -e - echo "Create Webhook" - if [ $(inputs.params.GitHubDomain) = "github.com" ];then - curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks - else - curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks - fi \ No newline at end of file diff --git a/Tekton/resources/experimental-pvc.yaml b/Tekton/resources/experimental-pvc.yaml deleted file mode 100644 index 172588b..0000000 --- a/Tekton/resources/experimental-pvc.yaml +++ /dev/null @@ -1,12 +0,0 @@ - ---- -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: workspace-pvc-experimental -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 500Mi \ No newline at end of file diff --git a/Tekton/resources/namespace.yaml b/Tekton/resources/namespace.yaml deleted file mode 100644 index c61132f..0000000 --- a/Tekton/resources/namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: tekton-pipeline-istio-project-1 - labels: - istio-injection: enabled #zorgt voor auto sidecar injection \ No newline at end of file diff --git a/Tekton/resources/master-pvc.yaml b/Tekton/resources/workspace.yaml similarity index 88% rename from Tekton/resources/master-pvc.yaml rename to Tekton/resources/workspace.yaml index 16c33f5..fe2248e 100644 --- a/Tekton/resources/master-pvc.yaml +++ b/Tekton/resources/workspace.yaml @@ -3,7 +3,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: master-pvc + name: workspace spec: accessModes: - ReadWriteOnce diff --git a/Tekton/runs/task/create-repo-webhook.yaml b/Tekton/runs/task/create-repo-webhook.yaml index 9e4a10a..fbb83bc 100644 --- a/Tekton/runs/task/create-repo-webhook.yaml +++ b/Tekton/runs/task/create-repo-webhook.yaml @@ -4,7 +4,6 @@ apiVersion: tekton.dev/v1alpha1 kind: TaskRun metadata: name: create-repo-webhook - #namespace: stage-tekton-pipeline spec: taskRef: name: create-webhook diff --git a/Tekton/service-accounts/cluster-role.yaml b/Tekton/service-accounts/cluster-role.yaml index 6a6e1fa..8d712c5 100644 --- a/Tekton/service-accounts/cluster-role.yaml +++ b/Tekton/service-accounts/cluster-role.yaml @@ -12,7 +12,6 @@ rules: - "networking.k8s.io" - "extensions" - "tekton.dev" -# deze zullen we ook moeten aanpassen elke pipeline die we maken, maar, deze pipelines zijn nu specifiek per branch, dus dit zou geen probleem leveren. resources: - pods - serviceaccounts diff --git a/Tekton/tasks/create-webhook.yaml b/Tekton/tasks/create-webhook.yaml index 0a92f18..9fa4f9f 100644 --- a/Tekton/tasks/create-webhook.yaml +++ b/Tekton/tasks/create-webhook.yaml @@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1alpha1 kind: Task metadata: name: create-webhook - #namespace: stage-tekton-pipeline spec: volumes: - name: github-secret diff --git a/Tekton/tasks/execute-yaml.yaml b/Tekton/tasks/deploy-app.yaml similarity index 88% rename from Tekton/tasks/execute-yaml.yaml rename to Tekton/tasks/deploy-app.yaml index 2fd6950..8b9604b 100644 --- a/Tekton/tasks/execute-yaml.yaml +++ b/Tekton/tasks/deploy-app.yaml @@ -3,8 +3,7 @@ apiVersion: tekton.dev/v1alpha1 kind: Task metadata: - name: execute-yaml - #namespace: stage-tekton-pipeline + name: deploy-app spec: params: - name: yaml-location diff --git a/Tekton/triggers/event-listener.yaml b/Tekton/triggers/event-listener.yaml index 14a2e16..1b342e4 100644 --- a/Tekton/triggers/event-listener.yaml +++ b/Tekton/triggers/event-listener.yaml @@ -8,11 +8,6 @@ spec: serviceAccountName: service-acc triggers: - name: github - # interceptors: - # - github: - # eventTypes: - # - pull_request - # - push bindings: - name: github-trigger-binding template: diff --git a/Tekton/triggers/trigger-binding.yaml b/Tekton/triggers/trigger-binding.yaml index c1d7952..62791d9 100644 --- a/Tekton/triggers/trigger-binding.yaml +++ b/Tekton/triggers/trigger-binding.yaml @@ -3,16 +3,11 @@ apiVersion: tekton.dev/v1alpha1 kind: TriggerBinding metadata: name: github-trigger-binding - #namespace: stage-tekton-pipeline spec: params: - name: gitrevision value: $(body.repository.default_branch) - name: gitrepositoryurl value: $(body.repository.clone_url) - # - name: prurl - # value: $(body.pull_request.html_url) - # - name: repo - # value: $(body.pull_request.base.repo.full_name) - # - name: source - # value: github \ No newline at end of file + - name: gitreponame + value: $(body.repository.name) \ No newline at end of file diff --git a/Tekton/triggers/trigger-template.yaml b/Tekton/triggers/trigger-template.yaml index b3f9a58..58ce84b 100644 --- a/Tekton/triggers/trigger-template.yaml +++ b/Tekton/triggers/trigger-template.yaml @@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1alpha1 kind: TriggerTemplate metadata: name: github-trigger-template - #namespace: stage-tekton-pipeline spec: params: - name: gitrevision @@ -11,25 +10,25 @@ spec: default: master - name: gitrepositoryurl description: The git repository url + - name: gitreponame + description: the name of the git repository resourcetemplates: - apiVersion: tekton.dev/v1alpha1 kind: PipelineRun metadata: name: application-pipeline-run - #namespace: stage-tekton-pipeline spec: serviceAccountName: service-acc pipelineRef: - name: application-pipeline #gebruik dit om de pipeline aan te passen naar andere versies, zolang ze zich in dezelfde #namespace bevinden kunnen we deze pipeline hergebruiken om deployments op de cluster uit te voeren. service-mesh agnostisch. + name: stage-application-pipeline workspaces: - - name: workspace-master + - name: workspace persistentVolumeClaim: - claimName: workspace-pvc-master - - name: workspace-experimental - persistentVolumeClaim: - claimName: workspace-pvc-experimental + claimName: workspace params: - name: git-url value: $(inputs.params.gitrepositoryurl) - name: branch - value: $(inputs.params.gitrevision) \ No newline at end of file + value: $(inputs.params.gitrevision) + - name: git-repo-name + value: $(inputs.params.gitreponame) \ No newline at end of file