Multiple cleanups working toward run of test-pipeline.

generic-pipelines/dev-contain-pipeline.yaml

@@ -0,0 +1,54 @@
+# A pipeline to build and deploy dev_contain packages.
+# Steps:
+#   Clone the dev_contain repo from gitea and checkout packaging branch.
+#   Call ansible play to build.
+#   Optionally, call play to deploy
+---
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: dev-contain-pipeline
+spec:
+  description: "Build and deploy dev_contain packages."
+  params:
+  - name: branch
+    type: string
+    description: The branch in the repo to call the build script in.
+  - name: deploy
+    type: string
+    description: "'true' if we should deploy the image using ansible."
+  workspaces:
+  - name: shared-data
+    description: Shared data.
+  - name: git-credentials
+    description: tekton git credentials
+  - name: deploy-credentials
+    description: tekton credentials to deployment server
+  tasks:
+  - name: fetch-repo
+    workspaces:
+    - name: output
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: git-credentials
+    params:
+    - name: url
+      value: ssh://git@git.jpace121.net:2222/packaging/dev_contain
+    - name: branch
+      value: $(params.branch)
+    taskRef:
+      name: j7s-git-clone
+  - name: build
+    runAfter: ["fetch-repo"]
+    workspaces:
+    - name: source
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: deploy-credentials
+    params:
+    - name: deploy
+      value: $(params.deploy)
+    - name: ansible-file-path
+      value: .
+    taskRef:
+      name: j7s-ansible-build

generic-pipelines/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- test-pipeline.yaml

generic-pipelines/ostree-package-pipeline.yaml

@@ -0,0 +1,47 @@
+# A pipeline to build and deploy my fork of the debian packaging for ostree.
+---
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: ostree-package-pipeline
+spec:
+  description: "Package fork of ostree."
+  params:
+  - name: deploy
+    type: string
+    description: "'true' if we should deploy the image using ansible."
+  workspaces:
+  - name: shared-data
+    description: Shared data.
+  - name: git-credentials
+    description: tekton git credentials
+  - name: deploy-credentials
+    description: tekton credentials to deployment server
+  tasks:
+  - name: fetch-repo
+    workspaces:
+    - name: output
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: git-credentials
+    params:
+    - name: url
+      value: ssh://git.jpace121.net:2222/packaging/ostree
+    - name: branch
+      value: jamesp/latest
+    taskRef:
+      name: j7s-git-clone
+  - name: build
+    runAfter: ["fetch-repo"]
+    workspaces:
+    - name: source
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: deploy-credentials
+    params:
+    - name: deploy
+      value: $(params.deploy)
+    - name: ansible-file-path
+      value: ./j7s-build-files
+    taskRef:
+      name: j7s-ansible-build

generic-pipelines/simple-ros-pipeline.yaml

@@ -0,0 +1,62 @@
+# A pipeline to build the simple ros test containers.
+---
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: simple-ros-pipeline
+spec:
+  description: Build a image with a simple ros image.
+  workspaces:
+  - name: shared-data
+  - name: git-credentials
+  - name: cosign-credentials
+  tasks:
+  - name: ros-clone
+    workspaces:
+    - name: output
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: git-credentials
+    params:
+    - name: url
+      value: ssh://git.jpace121.net:2222/tests/j7s-simple-ws
+    - name: branch
+      value: master
+    - name: repos-file
+      value: source.repos
+    taskRef:
+      name: j7s-ros-clone
+  - name: image-build
+    runAfter: ["ros-clone"]
+    workspaces:
+    - name: source
+      workspace: shared-data
+    - name: cosign-credentials
+      workspace: cosign-credentials
+    params:
+    - name: registry
+      value: 192.168.1.149:8443
+    - name: name
+      value: simple-ros
+    - name: version
+      value: 0.1
+    - name: containerfile
+      value: ./docker/Dockerfile
+    taskRef:
+      name: j7s-buildah
+  results:
+  - name: image-ARTIFACT_OUTPUTS
+    type: object
+    value:
+       uri: $(tasks.image-build.results.image-ARTIFACT_OUTPUTS.uri)
+       digest: $(tasks.image-build.results.image-ARTIFACT_OUTPUTS.digest)
+  - name: commit-ARTIFACT_INPUTS
+    type: object
+    value:
+       uri: $(tasks.ros-clone.results.workspace-git-commit-ARTIFACT_OUTPUTS.uri)
+       digest: $(tasks.ros-clone.results.workspace-git-commit-ARTIFACT_OUTPUTS.digest)
+  - name: vcs-exact-file-ARTIFACT_INPUTS
+    type: object
+    value:
+       uri: $(tasks.ros-clone.results.vcs-exact-file-ARTIFACT_OUTPUTS.uri)
+       digest: $(tasks.ros-clone.results.vcs-exact-file-ARTIFACT_OUTPUTS.digest)

generic-pipelines/test-pipeline.yaml

@@ -0,0 +1,57 @@
+# A pipeline to test the infrastructure around calling pipelines.
+---
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: test-pipeline
+spec:
+  description: "A test pipeline."
+  workspaces:
+  - name: shared-data
+    description: Shared data.
+  - name: git-credentials
+    description: tekton git credentials
+  params:
+  - name: pr-id
+    description: ID number of the current PR.
+  tasks:
+  - name: fetch-repo
+    workspaces:
+    - name: output
+      workspace: shared-data
+    - name: ssh-directory
+      workspace: git-credentials
+    params:
+    - name: url
+      value: ssh://git@git.jpace121.net:2222/tests/job-test.git
+    - name: branch
+      value: master
+    taskRef:
+      name: j7s-git-clone
+  - name: cat-readme
+    runAfter: ["fetch-repo"]
+    workspaces:
+    - name: source
+      workspace: shared-data
+    taskSpec:
+      workspaces:
+      - name: source
+      steps:
+      - image: docker.io/debian:bullseye-slim
+        script: |
+          set -x
+          cat $(workspaces.source.path)/README.md
+          exit 0
+  finally:
+    - name: gitea-status
+      params:
+        - name: git-owner
+          value: tests
+        - name: git-repo-name
+          value: job-test
+        - name: sha
+          value: $(tasks.fetch-repo.results.hash)
+        - name: status
+          value: $(tasks.status)
+      taskRef:
+        name: j7s-gitea-status

generic-tasks/j7s-ansible-build.yaml

@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-ansible-build
-  namespace: j7s-ci
 spec:
   workspaces:
   - name: source
@@ -20,6 +19,8 @@ spec:
       cp -r $(workspaces.ssh-directory.path) ~/.ssh
       chmod 700 ~/.ssh
       chmod -R 400 ~/.ssh/*
+      ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
+      ssh-keyscan -H         packages.jpace121.net >> ~/.ssh/known_hosts
 
       cd $(workspaces.source.path)
       ansible-playbook -vvvv --skip-tags deploy -i $(params.ansible-file-path)/inventory.yaml $(params.ansible-file-path)/build.yaml

generic-tasks/j7s-buildah.yaml

@@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-buildah
-  namespace: j7s-ci
 spec:
   description: Build and push a container image.
   params:
@@ -22,7 +21,7 @@ spec:
   - name: cosign-credentials
   steps:
   - name: build
-    image: harbor.internal.jpace121.net/buildah:latest
+    image: harbor.internal.jpace121.net/k8s/buildah:latest
     workingDir: $(workspaces.source.path)
     script: |
       set -x

generic-tasks/j7s-git-clone-hash.yaml

@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-git-clone-hash
-  namespace: j7s-ci
 spec:
   workspaces:
   - name: output
@@ -10,14 +9,19 @@ spec:
   params:
   - name: url
   - name: hash
+  results:
+  - name: hash
   steps:
-  - image: harbor.internal.jpace121.net/gitssh:latest
+  - image: harbor.internal.jpace121.net/k8s/gitssh:latest
     script: |
       set -x
       cp -r $(workspaces.ssh-directory.path) ~/.ssh
       chmod 700 ~/.ssh
       chmod -R 400 ~/.ssh/*
+      ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
 
       git clone $(params.url) $(workspaces.output.path)
       cd $(workspaces.output.path)
-      git checkout $(params.hash)
+      git checkout $(params.hash)
+
+      git rev-parse HEAD > $(results.hash.path)

generic-tasks/j7s-git-clone.yaml

@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-git-clone
-  namespace: j7s-ci
 spec:
   workspaces:
   - name: output
@@ -10,12 +9,18 @@ spec:
   params:
   - name: url
   - name: branch
+  results:
+  - name: hash
   steps:
-  - image: harbor.internal.jpace121.net/gitssh:latest
+  - image: harbor.internal.jpace121.net/k8s/gitssh:latest
     script: |
       set -x
       cp -r $(workspaces.ssh-directory.path) ~/.ssh
       chmod 700 ~/.ssh
       chmod -R 400 ~/.ssh/*
+      ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
 
-      git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)
+      git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)
+
+      cd $(workspaces.output.path)
+      git rev-parse HEAD > $(results.hash.path)

generic-tasks/j7s-gitea-status.yaml

@@ -0,0 +1,41 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: j7s-gitea-status
+spec:
+  params:
+  - name: git-owner
+  - name: git-repo-name
+  - name: sha
+  - name: context
+  - name: status
+  - name: description
+    default: ""
+  - name: targetUrl
+    default: ""
+  - name: base-url
+    default: "https://git.jpace121.net/"
+  - name: token-secret-name
+    default: gitea-token
+  steps:
+  - image: harbor.internal.jpace121.net/k8s/j7s-gitea-status:latest
+    env:
+      - name: GIT_URL
+        value: $(params.base-url)
+      - name: GIT_TOKEN
+        valueFrom:
+          secretKeyRef:
+            name: $(params.token-secret-name)
+            key: token
+      - name: GIT_OWNER
+        value: $(params.git-owner)
+      - name: GIT_REPO
+        value: $(params.git-repo-name)
+    script: |
+      set -x
+      cd /
+      ./j7s-gitea-status -sha $(params.sha) \
+                         -context $(params.context) \
+                         -statusFlag $(params.status) \
+                         -description $(params.description) \
+                         -targetUrl $(params.targetUrl)

generic-tasks/j7s-ros-clone.yaml

@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-ros-clone
-  namespace: j7s-ci
 spec:
   workspaces:
   - name: output
@@ -12,12 +11,13 @@ spec:
   - name: branch
   - name: repos-file
   steps:
-  - image: harbor.internal.jpace121.net/vcs:latest
+  - image: harbor.internal.jpace121.net/k8s/vcs:latest
     script: |
       set -x
       cp -r $(workspaces.ssh-directory.path) ~/.ssh
       chmod 700 ~/.ssh
       chmod -R 400 ~/.ssh/*
+      ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
 
       git clone --single-branch --branch $(params.branch) $(params.url) $(workspaces.output.path)
       cd $(workspaces.output.path)

generic-tasks/kustomization.yaml

@@ -5,4 +5,5 @@ resources:
 - j7s-buildah.yaml
 - j7s-git-clone-hash.yaml
 - j7s-git-clone.yaml
-- j7s-ros-clone.yaml
+- j7s-ros-clone.yaml
+- j7s-gitea-status.yaml

j7s-os/j7s-os-buildah.yaml

@@ -3,7 +3,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-os-buildah
-  namespace: j7s-ci
 spec:
   description: Build the deployment container image for j7s-os.
   params:

j7s-os/j7s-os-image-build.yaml

@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-os-image-build
-  namespace: j7s-ci
 spec:
   workspaces:
   - name: source

j7s-os/j7s-os-k8s-deploy.yaml

@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: j7s-os-k8s-deploy
-  namespace: j7s-ci
 spec:
   params:
     - name: image
@@ -20,6 +19,7 @@ spec:
         cp -r $(workspaces.ssh-directory.path) ~/.ssh
         chmod 700 ~/.ssh
         chmod -R 400 ~/.ssh/*
+        ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
         git config --global user.name tekton
         git config --global user.email tekton@internal.jpace121.net