beppe/stage-infra
1
0
Fork 0
mirror of https://github.com/bvanroll/stage-infra.git synced 2025-08-29 03:52:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

cleanup en prep voor multirepo pipeline

Browse Source
This commit is contained in:
Beppe Vanrolleghem
2020-03-16 12:31:59 +01:00
parent e05b588517
commit defdbaa3ab
14 changed files with 33 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
Tekton/pipeline/pipeline.yaml
View File

@@ -2,119 +2,49 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: application-pipeline
#namespace: stage-tekton-pipeline
name: stage-application-pipeline
spec:
params:
- name: git-repo-name
description: name of the git repo (used to determine the name of the image)
- name: git-url
description: url of the github repository to clone
description: url of the git repository to clone
- name: branch
description: name of the master branch of the repository
workspaces:
- name: workspace-master
- name: workspace-experimental
- name: workspace
tasks:
- name: clone-master
- name: clone
taskRef:
name: git-clone
workspaces:
- name: output
workspace: workspace-master
workspace: workspace
params:
- name: url
value: $(inputs.params.git-url)
- name: revision
value: $(inputs.params.master-branch)
- name: build-and-push-a
value: $(inputs.params.branch)
- name: build-and-push
taskRef:
name: build-and-push
runAfter:
- clone-master
- clone
workspaces:
- name: source
workspace: workspace-master
workspace: workspace
params:
- name: context
value: "server-a"
value: "src"
- name: image-name
value: "server-a"
value: "$(inputs.params.git-repo-name)"
- name: version
value: "$(inputs.params.master-branch)"
- name: build-and-push-b-stable
value: "$(inputs.params.branch)"
- name: deploy-app
taskRef:
name: build-and-push
runAfter:
- clone-master
name: deploy-app
workspaces:
- name: source
workspace: workspace-master
params:
- name: context
value: "server-b"
- name: image-name
value: "server-b"
- name: version
value: "$(inputs.params.master-branch)"
- name: build-and-push-d
taskRef:
name: build-and-push
workspace: workspace
runAfter:
- clone-master
workspaces:
- name: source
workspace: workspace-master
params:
- name: context
value: "server-d"
- name: image-name
value: "server-d"
- name: version
value: "$(inputs.params.master-branch)"
- name: clone-experimental
taskRef:
name: git-clone
workspaces:
- name: output
workspace: workspace-experimental
params:
- name: url
value: $(inputs.params.git-url)
- name: revision
value: $(inputs.params.experimental-branch)
- name: build-and-push-b-experimental
taskRef:
name: build-and-push
workspaces:
- name: source
workspace: workspace-experimental
runAfter:
- clone-experimental
params:
- name: context
value: "server-b"
- name: image-name
value: "server-b"
- name: version
value: "$(inputs.params.experimental-branch)"
- name: deploy-infra
taskRef:
name: execute-yaml
workspaces:
- name: source
workspace: workspace-master
runAfter:
- build-and-push-b-experimental
- build-and-push-d
- build-and-push-a
- build-and-push-b-stable
params:
- name: yaml-location
value: "infra.yaml"
- name: execute-yaml #@TODO make it so that the delete can be skipped if error
taskRef:
name: execute-yaml
workspaces:
- name: source
workspace: workspace-master
runAfter:
- deploy-infra
- build-and-push

28
Tekton/resources/create-repo-webhook.yaml
View File

@@ -1,28 +0,0 @@
---
# https://medium.com/@nikhilthomas1/cloud-native-cicd-on-openshift-with-openshift-pipelines-tektoncd-pipelines-part-3-github-1db6dd8e8ca7
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: create-repo-webhook
namespace: tekton-pipeline-istio-project-1
spec:
taskRef:
name: create-webhook
inputs:
params:
- name: GitHubOrg
value: "beppevanrolleghem"
- name: GitHubUser
value: "beppevanrolleghem"
- name: GitHubRepo
value: "cicdTest"
- name: GitHubSecretName
value: webhook-secret
- name: GitHubAccessTokenKey
value: token
- name: GitHubSecretStringKey
value: secret
- name: ExternalDomain
value: 35.233.93.220
timeout: 1000s
serviceAccount: tekton-triggers-createwebhook

51
Tekton/resources/create-webhook.yaml
View File

@@ -1,51 +0,0 @@
---
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: create-webhook
namespace: tekton-pipeline-istio-project-1
spec:
volumes:
- name: github-secret
secret:
secretName: $(inputs.params.GitHubSecretName)
inputs:
params:
- name: ExternalDomain
description: "The external domain for the EventListener e.g. `$(inputs.params.EventListenerName).<PROXYIP>.nip.io`"
- name: GitHubUser
description: "The GitHub user"
- name: GitHubRepo
description: "The GitHub repo where the webhook will be created"
- name: GitHubOrg
description: "The GitHub organization where the webhook will be created"
- name: GitHubSecretName
description: "The Secret name for GitHub access token. This is always mounted and must exist"
- name: GitHubAccessTokenKey
description: "The GitHub access token key name"
- name: GitHubSecretStringKey
description: "The GitHub secret string key name"
- name: GitHubDomain
description: "The GitHub domain. Override for GitHub Enterprise"
default: "github.com"
- name: WebhookEvents
description: "List of events the webhook will send notifications for"
default: '[\"push\",\"pull_request\"]'
steps:
- name: create-webhook
image: pstauffer/curl:latest
volumeMounts:
- name: github-secret
mountPath: /var/secret
command:
- sh
args:
- -ce
- |
set -e
echo "Create Webhook"
if [ $(inputs.params.GitHubDomain) = "github.com" ];then
curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
else
curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
fi

12
Tekton/resources/experimental-pvc.yaml
View File

@@ -1,12 +0,0 @@
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: workspace-pvc-experimental
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 500Mi

7
Tekton/resources/namespace.yaml
View File

@@ -1,7 +0,0 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: tekton-pipeline-istio-project-1
labels:
istio-injection: enabled #zorgt voor auto sidecar injection

2
Tekton/resources/master-pvc.yaml → Tekton/resources/workspace.yaml
View File

@@ -3,7 +3,7 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: master-pvc
name: workspace
spec:
accessModes:
- ReadWriteOnce

1
Tekton/runs/task/create-repo-webhook.yaml
View File

@@ -4,7 +4,6 @@ apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: create-repo-webhook
#namespace: stage-tekton-pipeline
spec:
taskRef:
name: create-webhook

1
Tekton/service-accounts/cluster-role.yaml
View File

@@ -12,7 +12,6 @@ rules:
- "networking.k8s.io"
- "extensions"
- "tekton.dev"
# deze zullen we ook moeten aanpassen elke pipeline die we maken, maar, deze pipelines zijn nu specifiek per branch, dus dit zou geen probleem leveren.
resources:
- pods
- serviceaccounts

1
Tekton/tasks/create-webhook.yaml
View File

@@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: create-webhook
#namespace: stage-tekton-pipeline
spec:
volumes:
- name: github-secret

3
Tekton/tasks/execute-yaml.yaml → Tekton/tasks/deploy-app.yaml
View File

@@ -3,8 +3,7 @@
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: execute-yaml
#namespace: stage-tekton-pipeline
name: deploy-app
spec:
params:
- name: yaml-location

5
Tekton/triggers/event-listener.yaml
View File

@@ -8,11 +8,6 @@ spec:
serviceAccountName: service-acc
triggers:
- name: github
# interceptors:
# - github:
# eventTypes:
# - pull_request
# - push
bindings:
- name: github-trigger-binding
template:

9
Tekton/triggers/trigger-binding.yaml
View File

@@ -3,16 +3,11 @@ apiVersion: tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: github-trigger-binding
#namespace: stage-tekton-pipeline
spec:
params:
- name: gitrevision
value: $(body.repository.default_branch)
- name: gitrepositoryurl
value: $(body.repository.clone_url)
# - name: prurl
# value: $(body.pull_request.html_url)
# - name: repo
# value: $(body.pull_request.base.repo.full_name)
# - name: source
# value: github
- name: gitreponame
value: $(body.repository.name)

17
Tekton/triggers/trigger-template.yaml
View File

@@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
name: github-trigger-template
#namespace: stage-tekton-pipeline
spec:
params:
- name: gitrevision
@@ -11,25 +10,25 @@ spec:
default: master
- name: gitrepositoryurl
description: The git repository url
- name: gitreponame
description: the name of the git repository
resourcetemplates:
- apiVersion: tekton.dev/v1alpha1
kind: PipelineRun
metadata:
name: application-pipeline-run
#namespace: stage-tekton-pipeline
spec:
serviceAccountName: service-acc
pipelineRef:
name: application-pipeline #gebruik dit om de pipeline aan te passen naar andere versies, zolang ze zich in dezelfde #namespace bevinden kunnen we deze pipeline hergebruiken om deployments op de cluster uit te voeren. service-mesh agnostisch.
name: stage-application-pipeline
workspaces:
- name: workspace-master
- name: workspace
persistentVolumeClaim:
claimName: workspace-pvc-master
- name: workspace-experimental
persistentVolumeClaim:
claimName: workspace-pvc-experimental
claimName: workspace
params:
- name: git-url
value: $(inputs.params.gitrepositoryurl)
- name: branch
value: $(inputs.params.gitrevision)
value: $(inputs.params.gitrevision)
- name: git-repo-name
value: $(inputs.params.gitreponame)