diff --git a/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-activate.yaml b/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-activate.yaml index 43ca1f5..7e92011 100644 --- a/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-activate.yaml +++ b/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-activate.yaml @@ -50,14 +50,16 @@ spec: value: /etc/templates - name: WORKSPACE_SSH_DIRECTORY_PATH value: $(workspaces.ssh-directory.path) + - name: NAMESPACE + value: $(context.taskRun.namespace) script: |- #!/usr/bin/env bash . ${TEMPLATE_ROOT}/functions.sh cleanup git_prepare "$(params.deploy-url)" "Auto CD" "autocd@$(params.domain-name)" install_base - create_prj - activate_prj + create_prj "$@" + activate_prj "$@" git_push "Activating $(params.project-name)" cleanup volumeMounts: diff --git a/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-create.yaml b/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-create.yaml index 14dc699..4a2baf2 100644 --- a/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-create.yaml +++ b/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-create.yaml @@ -50,13 +50,15 @@ spec: value: /etc/templates - name: WORKSPACE_SSH_DIRECTORY_PATH value: $(workspaces.ssh-directory.path) + - name: NAMESPACE + value: $(context.taskRun.namespace) script: |- #!/usr/bin/env bash . ${TEMPLATE_ROOT}/functions.sh cleanup git_prepare "$(params.deploy-url)" "Auto CD" "autocd@$(params.domain-name)" install_base - create_prj + create_prj "$@" git_push "Adding $(params.project-name)" cleanup volumeMounts: diff --git a/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-delete.yaml b/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-delete.yaml index 8f223d0..3d47b34 100644 --- a/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-delete.yaml +++ b/share/gitea-tekton-org/tekton.dev_v1_Task_auto-cd-delete.yaml @@ -50,12 +50,14 @@ spec: value: /etc/templates - name: WORKSPACE_SSH_DIRECTORY_PATH value: $(workspaces.ssh-directory.path) + - name: NAMESPACE + value: $(context.taskRun.namespace) script: |- #!/usr/bin/env bash . ${TEMPLATE_ROOT}/functions.sh cleanup git_prepare "$(params.deploy-url)" "Auto CD" "autocd@$(params.domain-name)" - delete_prj + delete_prj "$@" git_push "Removing $(params.project-name)" cleanup volumeMounts: diff --git a/share/gitea-tekton-org/tekton.dev_v1beta1_Task_git-clone.yaml b/share/gitea-tekton-org/tekton.dev_v1beta1_Task_git-clone.yaml index 8ad2156..e544032 100644 --- a/share/gitea-tekton-org/tekton.dev_v1beta1_Task_git-clone.yaml +++ b/share/gitea-tekton-org/tekton.dev_v1beta1_Task_git-clone.yaml @@ -228,7 +228,7 @@ spec: FETCH_CMD="" if [ $PARAM_DEPTH -gt 0 ];then - FETCH_CMD+="--depth $PARAM_DEPTH" + FETCH_CMD="${FETCH_CMD} --depth $PARAM_DEPTH" fi git config --global --add safe.directory "${WORKSPACE_OUTPUT_PATH}" git config --global --add http.sslVerify "${PARAM_SSL_VERIFY}" diff --git a/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml b/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml index 78cde85..36dc52e 100644 --- a/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml +++ b/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml @@ -42,12 +42,13 @@ data: git clone "$url" --branch main --depth 1 . } install_base() { - mkdir -p bases/project bases/install bases/deploy - template base-update.yaml.tmpl bases/project/base-update.yaml - copy base-repo.yaml bases/project/repo.yaml + mkdir -p bases/project bases/install bases/deploy bases/images + template base-update.yaml.tmpl bases/images/update.yaml + copy yamllint.yaml .yamllint.yaml + copy base-repo.yaml bases/images/repo.yaml copy base-cert.yaml bases/project/cert.yaml copy base-ingress.yaml bases/project/ingress.yaml - copy base-policy.yaml bases/project/policy.yaml + copy base-policy.yaml bases/images/policy.yaml copy base-deploy.yaml bases/project/deploy.yaml copy base-secret.yaml bases/project/secret.yaml copy base-config.yaml bases/project/config.yaml @@ -59,8 +60,21 @@ data: template deploy-repo.yaml.tmpl bases/deploy/repo.yaml } create_prj() { + export ORG_NAME=$(echo ${PROJECT_PATH}|sed 's#/.*##') mkdir -p "projects/${PROJECT_NAME}" template project-kusto.yaml.tmpl "projects/${PROJECT_NAME}/kustomization.yaml" + while [ $# -gt 0 ];do + export STAGE=$1 + mkdir -p "stages/${STAGE}/${PROJECT_NAME}" "stages/${STAGE}/deploy/${PROJECT_NAME}" + template stagep-kusto.yaml.tmpl "stages/deploy/${PROJECT_NAME}/kustomization.yaml" + template stages-kusto.yaml.tmpl "stages/deploy/kustomization.yaml" + template stages-kusto.yaml.tmpl "stages/${STAGE}/kustomization.yaml" + template stage-kusto.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/kustomization.yaml" + template stage-ingress.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/ingress.yaml" + template stage-cert.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/cert.yaml" + template stage-config.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/config.yaml" + shift + done } activate_prj() { touch /tmp/toto @@ -68,6 +82,80 @@ data: delete_prj() { rm -rf "projects/${PROJECT_NAME}" } + staged-kusto.yaml: |- + apiVersion: kustomize.config.k8s.io/v1beta1 + kind: Kustomization + resources: + - policy.yaml + - update.yaml + - ../install + stages-kusto.yaml: |- + apiVersion: kustomize.config.k8s.io/v1beta1 + kind: Kustomization + resources: + stage-kusto.yaml.tmpl: |- + apiVersion: kustomize.config.k8s.io/v1beta1 + kind: Kustomization + resources: + - ../../../projects/${PROJECT_NAME} + commonLabels: + app.kubernetes.io/instance: ${STAGE} + images: + - name: appli + newName: ${ARTIFACTORY_URL}/${ORG_NAME}/${PROJECT_NAME} + newTag: latest # {"$imagepolicy": "${NAMESPACE}:${PROJECT_NAME}-policy:tag"} + patches: + - target: + kind: ConfigMap + name: ${PROJECT_NAME}-config + patch: config.yaml + - target: + kind: Certificate + name: ${PROJECT_NAME}-web + patch: cert.yaml + - target: + kind: Ingress + name: ${PROJECT_NAME}-web + patch: ingress.yaml + stage-ingress.yaml.tmpl: |- + - op: add + path: /spec/rules/O/host + value: ${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME} + - op: add + path: /spec/tls/O + value: + secretName: ${PROJECT_NAME}-cert + hosts: + - "${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME}" + stage-cert.yaml.tmpl: |- + apiVersion: cert-manager.io/v1 + kind: Certificate + metadata: + name: ${PROJECT_NAME}-web + spec: + secretName: ${PROJECT_NAME}-cert + dnsNames: + - ${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME} + stage-config.yaml.tmpl: |- + apiVersion: v1 + kind: ConfigMap + metadata: + name: ${PROJECT_NAME}-config + data: + yamllint.yaml: |- + --- + extends: default + rules: + document-start: + present: true + empty-lines: + max-end: 1 + indentation: + spaces: 2 + indent-sequences: false + line-length: disable + colons: + max-spaces-after: -1 base-kusto.yaml: |- --- apiVersion: kustomize.config.k8s.io/v1beta1 @@ -80,10 +168,6 @@ data: - service.yaml - config.yaml - secret.yaml - - repo.yaml - - policy.yaml - - update.yaml - - ../install base-update.yaml.tmpl: |- --- apiVersion: image.toolkit.fluxcd.io/v1beta1 @@ -217,8 +301,6 @@ data: kind: ConfigMap metadata: name: "config" - labels: - app: holdup labels: k8up.io/backup: "true" data: @@ -284,6 +366,7 @@ data: namePrefix: ${PROJECT_NAME}- commonLabels: + app.kubernetes.io/name: ${ORG_NAME} app.kubernetes.io/component: ${PROJECT_NAME} component: ${PROJECT_NAME} diff --git a/share/organisation/gitea-user.tf b/share/organisation/gitea-user.tf index 84659dd..02a1d6f 100644 --- a/share/organisation/gitea-user.tf +++ b/share/organisation/gitea-user.tf @@ -102,21 +102,21 @@ resource "gitea_org" "orga" { } resource "gitea_repository" "deploy" { - count = local.needDeploy?1:0 + count = local.needKnownHost?1:0 username = gitea_org.orga[0].name name = "deploy" private = true } resource "gitea_team" "cd-team" { - count = local.needDeploy?1:0 + count = local.needKnownHost?1:0 name = "Deployment" organisation = gitea_org.orga[0].name description = "Deployment" permission = "write" members = [gitea_user.user-ci[0].username] include_all_repositories = false - repositories = [gitea_repository.deploy[0].name] + repositories = local.needKnownHost?[gitea_repository.deploy[0].name]:[] } resource "gitea_team" "ci-team" {