cd
/
j7s-ci
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: cd:7d24fd9c5ea4214d4e1419fb4acf8965c0572485
Branches Tags
cd:master
...
compare: cd:ad8dd1cdda12b7a27e0e7560d8c12a068f7ccbb5
Branches Tags
cd:master

4 Commits
7d24fd9c5e ... ad8dd1cdda

Author SHA1 Message Date
James Pace ad8dd1cdda Multiple cleanups working toward run of test-pipeline. 2023-04-11 19:40:08 -04:00
James Pace 6c28be4490 Initial import of generic pipelines. 2023-04-08 14:50:13 -04:00
James Pace f85a423dd0 Grab host keys in the tasks not from the secret like before. 2023-04-02 10:51:25 -04:00
James Pace 358cb40f8c Remove namespaces, will take care on flux side. 2023-04-02 10:39:20 -04:00
15 changed files with 288 additions and 15 deletions
Show Stats Expand all files Collapse all files

54
generic-pipelines/dev-contain-pipeline.yaml Normal file
View File

@ -0,0 +1,54 @@
# A pipeline to build and deploy dev_contain packages.
# Steps:
# Clone the dev_contain repo from gitea and checkout packaging branch.
# Call ansible play to build.
# Optionally, call play to deploy
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: dev-contain-pipeline
spec:
description: "Build and deploy dev_contain packages."
params:
- name: branch
type: string
description: The branch in the repo to call the build script in.
- name: deploy
type: string
description: "'true' if we should deploy the image using ansible."
workspaces:
- name: shared-data
description: Shared data.
- name: git-credentials
description: tekton git credentials
- name: deploy-credentials
description: tekton credentials to deployment server
tasks:
- name: fetch-repo
workspaces:
- name: output
workspace: shared-data
- name: ssh-directory
workspace: git-credentials
params:
- name: url
value: ssh://git@git.jpace121.net:2222/packaging/dev_contain
- name: branch
value: $(params.branch)
taskRef:
name: j7s-git-clone
- name: build
runAfter: ["fetch-repo"]
workspaces:
- name: source
workspace: shared-data
- name: ssh-directory
workspace: deploy-credentials
params:
- name: deploy
value: $(params.deploy)
- name: ansible-file-path
value: .
taskRef:
name: j7s-ansible-build

4
generic-pipelines/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- test-pipeline.yaml

47
generic-pipelines/ostree-package-pipeline.yaml Normal file
View File

@ -0,0 +1,47 @@
# A pipeline to build and deploy my fork of the debian packaging for ostree.
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: ostree-package-pipeline
spec:
description: "Package fork of ostree."
params:
- name: deploy
type: string
description: "'true' if we should deploy the image using ansible."
workspaces:
- name: shared-data
description: Shared data.
- name: git-credentials
description: tekton git credentials
- name: deploy-credentials
description: tekton credentials to deployment server
tasks:
- name: fetch-repo
workspaces:
- name: output
workspace: shared-data
- name: ssh-directory
workspace: git-credentials
params:
- name: url
value: ssh://git.jpace121.net:2222/packaging/ostree
- name: branch
value: jamesp/latest
taskRef:
name: j7s-git-clone
- name: build
runAfter: ["fetch-repo"]
workspaces:
- name: source
workspace: shared-data
- name: ssh-directory
workspace: deploy-credentials
params:
- name: deploy
value: $(params.deploy)
- name: ansible-file-path
value: ./j7s-build-files
taskRef:
name: j7s-ansible-build

62
generic-pipelines/simple-ros-pipeline.yaml Normal file
View File

@ -0,0 +1,62 @@
# A pipeline to build the simple ros test containers.
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: simple-ros-pipeline
spec:
description: Build a image with a simple ros image.
workspaces:
- name: shared-data
- name: git-credentials
- name: cosign-credentials
tasks:
- name: ros-clone
workspaces:
- name: output
workspace: shared-data
- name: ssh-directory
workspace: git-credentials
params:
- name: url
value: ssh://git.jpace121.net:2222/tests/j7s-simple-ws
- name: branch
value: master
- name: repos-file
value: source.repos
taskRef:
name: j7s-ros-clone
- name: image-build
runAfter: ["ros-clone"]
workspaces:
- name: source
workspace: shared-data
- name: cosign-credentials
workspace: cosign-credentials
params:
- name: registry
value: 192.168.1.149:8443
- name: name
value: simple-ros
- name: version
value: 0.1
- name: containerfile
value: ./docker/Dockerfile
taskRef:
name: j7s-buildah
results:
- name: image-ARTIFACT_OUTPUTS
type: object
value:
uri: $(tasks.image-build.results.image-ARTIFACT_OUTPUTS.uri)
digest: $(tasks.image-build.results.image-ARTIFACT_OUTPUTS.digest)
- name: commit-ARTIFACT_INPUTS
type: object
value:
uri: $(tasks.ros-clone.results.workspace-git-commit-ARTIFACT_OUTPUTS.uri)
digest: $(tasks.ros-clone.results.workspace-git-commit-ARTIFACT_OUTPUTS.digest)
- name: vcs-exact-file-ARTIFACT_INPUTS
type: object
value:
uri: $(tasks.ros-clone.results.vcs-exact-file-ARTIFACT_OUTPUTS.uri)
digest: $(tasks.ros-clone.results.vcs-exact-file-ARTIFACT_OUTPUTS.digest)

57
generic-pipelines/test-pipeline.yaml Normal file
View File

@ -0,0 +1,57 @@
# A pipeline to test the infrastructure around calling pipelines.
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: test-pipeline
spec:
description: "A test pipeline."
workspaces:
- name: shared-data
description: Shared data.
- name: git-credentials
description: tekton git credentials
params:
- name: pr-id
description: ID number of the current PR.
tasks:
- name: fetch-repo
workspaces:
- name: output
workspace: shared-data
- name: ssh-directory
workspace: git-credentials
params:
- name: url
value: ssh://git@git.jpace121.net:2222/tests/job-test.git
- name: branch
value: master
taskRef:
name: j7s-git-clone
- name: cat-readme
runAfter: ["fetch-repo"]
workspaces:
- name: source
workspace: shared-data
taskSpec:
workspaces:
- name: source
steps:
- image: docker.io/debian:bullseye-slim
script: |
set -x
cat $(workspaces.source.path)/README.md
exit 0
finally:
- name: gitea-status
params:
- name: git-owner
value: tests
- name: git-repo-name
value: job-test
- name: sha
value: $(tasks.fetch-repo.results.hash)
- name: status
value: $(tasks.status)
taskRef:
name: j7s-gitea-status

3
generic-tasks/j7s-ansible-build.yaml
View File

@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-ansible-build
namespace: j7s-ci
spec:
workspaces:
- name: source
@ -20,6 +19,8 @@ spec:
cp -r $(workspaces.ssh-directory.path) ~/.ssh
chmod 700 ~/.ssh
chmod -R 400 ~/.ssh/*
ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
ssh-keyscan -H packages.jpace121.net >> ~/.ssh/known_hosts
cd $(workspaces.source.path)
ansible-playbook -vvvv --skip-tags deploy -i $(params.ansible-file-path)/inventory.yaml $(params.ansible-file-path)/build.yaml

3
generic-tasks/j7s-buildah.yaml
View File

@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-buildah
namespace: j7s-ci
spec:
description: Build and push a container image.
params:
@ -22,7 +21,7 @@ spec:
- name: cosign-credentials
steps:
- name: build
image: harbor.internal.jpace121.net/buildah:latest
image: harbor.internal.jpace121.net/k8s/buildah:latest
workingDir: $(workspaces.source.path)
script: |
set -x

10
generic-tasks/j7s-git-clone-hash.yaml
View File

@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-git-clone-hash
namespace: j7s-ci
spec:
workspaces:
- name: output
@ -10,14 +9,19 @@ spec:
params:
- name: url
- name: hash
results:
- name: hash
steps:
- image: harbor.internal.jpace121.net/gitssh:latest
- image: harbor.internal.jpace121.net/k8s/gitssh:latest
script: |
set -x
cp -r $(workspaces.ssh-directory.path) ~/.ssh
chmod 700 ~/.ssh
chmod -R 400 ~/.ssh/*
ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
git clone $(params.url) $(workspaces.output.path)
cd $(workspaces.output.path)
git checkout $(params.hash)
git checkout $(params.hash)
git rev-parse HEAD > $(results.hash.path)

11
generic-tasks/j7s-git-clone.yaml
View File

@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-git-clone
namespace: j7s-ci
spec:
workspaces:
- name: output
@ -10,12 +9,18 @@ spec:
params:
- name: url
- name: branch
results:
- name: hash
steps:
- image: harbor.internal.jpace121.net/gitssh:latest
- image: harbor.internal.jpace121.net/k8s/gitssh:latest
script: |
set -x
cp -r $(workspaces.ssh-directory.path) ~/.ssh
chmod 700 ~/.ssh
chmod -R 400 ~/.ssh/*
ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)
git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)
cd $(workspaces.output.path)
git rev-parse HEAD > $(results.hash.path)

41
generic-tasks/j7s-gitea-status.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-gitea-status
spec:
params:
- name: git-owner
- name: git-repo-name
- name: sha
- name: context
- name: status
- name: description
default: ""
- name: targetUrl
default: ""
- name: base-url
default: "https://git.jpace121.net/"
- name: token-secret-name
default: gitea-token
steps:
- image: harbor.internal.jpace121.net/k8s/j7s-gitea-status:latest
env:
- name: GIT_URL
value: $(params.base-url)
- name: GIT_TOKEN
valueFrom:
secretKeyRef:
name: $(params.token-secret-name)
key: token
- name: GIT_OWNER
value: $(params.git-owner)
- name: GIT_REPO
value: $(params.git-repo-name)
script: |
set -x
cd /
./j7s-gitea-status -sha $(params.sha) \
-context $(params.context) \
-statusFlag $(params.status) \
-description $(params.description) \
-targetUrl $(params.targetUrl)

4
generic-tasks/j7s-ros-clone.yaml
View File

@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-ros-clone
namespace: j7s-ci
spec:
workspaces:
- name: output
@ -12,12 +11,13 @@ spec:
- name: branch
- name: repos-file
steps:
- image: harbor.internal.jpace121.net/vcs:latest
- image: harbor.internal.jpace121.net/k8s/vcs:latest
script: |
set -x
cp -r $(workspaces.ssh-directory.path) ~/.ssh
chmod 700 ~/.ssh
chmod -R 400 ~/.ssh/*
ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)
cd $(workspaces.output.path)

3
generic-tasks/kustomization.yaml
View File

@ -5,4 +5,5 @@ resources:
- j7s-buildah.yaml
- j7s-git-clone-hash.yaml
- j7s-git-clone.yaml
- j7s-ros-clone.yaml
- j7s-ros-clone.yaml
- j7s-gitea-status.yaml

1
j7s-os/j7s-os-buildah.yaml
View File

@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-os-buildah
namespace: j7s-ci
spec:
description: Build the deployment container image for j7s-os.
params:

1
j7s-os/j7s-os-image-build.yaml
View File

@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-os-image-build
namespace: j7s-ci
spec:
workspaces:
- name: source

2
j7s-os/j7s-os-k8s-deploy.yaml
View File

@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: j7s-os-k8s-deploy
namespace: j7s-ci
spec:
params:
- name: image
@ -20,6 +19,7 @@ spec:
cp -r $(workspaces.ssh-directory.path) ~/.ssh
chmod 700 ~/.ssh
chmod -R 400 ~/.ssh/*
ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
git config --global user.name tekton
git config --global user.email tekton@internal.jpace121.net