locals { push-labels = merge(local.common-labels, { "type" = "branch-push" }) tag-labels = merge(local.common-labels, { "type" = "tag-push" }) } resource "kubectl_manifest" "auto-ci-detector" { yaml_body = <<-EOF apiVersion: tekton.dev/v1 kind: Task metadata: name: auto-ci-detector namespace: "${var.namespace}" labels: ${jsonencode(local.push-labels)} spec: results: - name: stages-prepare description: list of prepare actions type: array - name: stages-lint description: list of lint actions type: array - name: stages-test description: list of test actions type: array - name: stages-publish description: list of publish actions type: array - name: file-shell description: list of shell files if any type: array - name: file-python description: list of python files if any type: array - name: file-docker description: list of Dockerfiles if any type: array - name: images-name description: list of Dockerfiles image-name type: array params: - name: toolbox-image default: sebt3/basic-toolbox-image:1.30.0 description: The name of the toolbox image type: string - name: artifactory-url default: docker.io description: The url of the current artifactory type: string - name: project-name description: The name of the current project type: string - name: project-path description: The path of the current project type: string - name: image-version type: string steps: - name: detect-stages image: $(params.toolbox-image) workingDir: $(workspaces.source.path) script: ${jsonencode(file("${path.module}/auto-ci-detector.py"))} workspaces: - name: source mountPath: /data EOF } resource "kubectl_manifest" "ci-trigger-push" { count = var.autoCI?1:0 yaml_body = <<-EOF apiVersion: triggers.tekton.dev/v1beta1 kind: Trigger metadata: metadata: name: "${var.instance}-${var.component}-auto-push" namespace: "${var.namespace}" labels: ${jsonencode(local.push-labels)} spec: bindings: - name: artifactory-url value: "$(extensions.artifactory-url)" - name: project-name value: "$(extensions.project-name)" - name: project-path value: "$(extensions.project-path)" - name: git-repository-url value: "$(extensions.git-repository-url)" - name: git-revision value: "$(extensions.git-revision)" - name: git-default-branch value: "$(extensions.git-default-branch)" - name: generate-name value: "$(extensions.project-name.replace('_','-').replace('/','-'))-push-$(extensions.branch-name.replace('_','-').replace('/','-'))" template: spec: params: - name: artifactory-url description: The url of the current artifactory - name: project-name description: The git repository name - name: project-path description: The path of the current project - name: git-repository-url description: The git repository url - name: git-revision description: The git revision default: main - name: git-default-branch description: The git revision default: main - name: branch-name description: The git branch default: main - name: branch-name description: The git branch default: main - name: generate-name resourcetemplates: - apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: $(tt.params.generate-name)- annotations: "mayfly.cloud.namecheap.com/expire": "336h" # 2 weeks spec: pipelineRef: name: "auto-ci-push" params: - name: artifactory-url value: $(tt.params.artifactory-url) - name: project-name value: $(tt.params.project-name) - name: project-path value: $(tt.params.project-path) - name: git-url value: $(tt.params.git-repository-url) - name: git-revision value: $(tt.params.git-revision) - name: git-default-branch value: $(tt.params.git-default-branch) - name: branch-name value: $(tt.params.branch-name) workspaces: - name: source persistentVolumeClaim: claimName: source subPath: $(tt.params.git-revision) - name: dockerconfig secret: secretName: gitea-docker items: - key: ".dockerconfigjson" path: "config.json" - name: sslcertdir secret: secretName: gitea items: - key: "ca.crt" path: "ca.crt" - name: ssh secret: secretName: ssh-credentials items: - key: "known_hosts" path: "known_hosts" - key: "ssh-privatekey" path: "id_rsa" - key: "ssh-publickey" path: "id_rsa.pub" EOF } resource "kubectl_manifest" "ci-trigger-tag" { count = var.autoCI?1:0 yaml_body = <<-EOF apiVersion: triggers.tekton.dev/v1beta1 kind: Trigger metadata: metadata: name: "${var.instance}-${var.component}-auto-tag" namespace: "${var.namespace}" labels: ${jsonencode(local.tag-labels)} spec: bindings: - name: artifactory-url value: "$(extensions.artifactory-url)" - name: project-name value: "$(extensions.project-name)" - name: project-path value: "$(extensions.project-path)" - name: git-repository-url value: "$(extensions.git-repository-url)" - name: git-revision value: "$(extensions.git-revision)" - name: tag-name value: $(extensions.tag-name) - name: generate-name value: "$(extensions.project-name.replace('_','-').replace('/','-'))-tag-$(extensions.tag-name.replace('_','-').replace('/','-'))" template: spec: params: - name: artifactory-url description: The url of the current artifactory - name: project-name description: The git repository name - name: project-path description: The path of the current project - name: git-repository-url description: The git repository url - name: git-revision description: The git revision default: main - name: tag-name description: The git tag - name: generate-name resourcetemplates: - apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: $(tt.params.generate-name)- annotations: "mayfly.cloud.namecheap.com/expire": "1440h" # 2 months spec: pipelineRef: name: "auto-ci-tag" params: - name: artifactory-url value: $(tt.params.artifactory-url) - name: project-name value: $(tt.params.project-name) - name: project-path value: $(tt.params.project-path) - name: git-url value: $(tt.params.git-repository-url) - name: git-revision value: $(tt.params.git-revision) - name: git-default-branch value: $(tt.params.git-default-branch) - name: branch-name value: $(tt.params.branch-name) workspaces: - name: source persistentVolumeClaim: claimName: source subPath: $(tt.params.git-revision) - name: dockerconfig secret: secretName: gitea-docker items: - key: ".dockerconfigjson" path: "config.json" - name: sslcertdir secret: secretName: gitea items: - key: "ca.crt" path: "ca.crt" - name: ssh secret: secretName: ssh-credentials items: - key: "known_hosts" path: "known_hosts" - key: "ssh-privatekey" path: "id_rsa" - key: "ssh-publickey" path: "id_rsa.pub" EOF }