272 lines
8.8 KiB
HCL
272 lines
8.8 KiB
HCL
locals {
|
|
push-labels = merge(local.common-labels, {
|
|
"type" = "branch-push"
|
|
})
|
|
tag-labels = merge(local.common-labels, {
|
|
"type" = "tag-push"
|
|
})
|
|
}
|
|
|
|
resource "kubectl_manifest" "auto-ci-detector" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: tekton.dev/v1
|
|
kind: Task
|
|
metadata:
|
|
name: auto-ci-detector
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.push-labels)}
|
|
spec:
|
|
results:
|
|
- name: stages-prepare
|
|
description: list of prepare actions
|
|
type: array
|
|
- name: stages-lint
|
|
description: list of lint actions
|
|
type: array
|
|
- name: stages-test
|
|
description: list of test actions
|
|
type: array
|
|
- name: stages-publish
|
|
description: list of publish actions
|
|
type: array
|
|
- name: file-shell
|
|
description: list of shell files if any
|
|
type: array
|
|
- name: file-python
|
|
description: list of python files if any
|
|
type: array
|
|
- name: file-docker
|
|
description: list of Dockerfiles if any
|
|
type: array
|
|
- name: images-name
|
|
description: list of Dockerfiles image-name
|
|
type: array
|
|
params:
|
|
- name: toolbox-image
|
|
default: sebt3/basic-toolbox-image:1.29.4
|
|
description: The name of the toolbox image
|
|
type: string
|
|
- name: artifactory-url
|
|
default: docker.io
|
|
description: The url of the current artifactory
|
|
type: string
|
|
- name: project-name
|
|
description: The name of the current project
|
|
type: string
|
|
- name: project-path
|
|
description: The path of the current project
|
|
type: string
|
|
- name: image-version
|
|
type: string
|
|
steps:
|
|
- name: detect-stages
|
|
image: $(params.toolbox-image)
|
|
workingDir: $(workspaces.source.path)
|
|
script: ${jsonencode(file("${path.module}/auto-ci-detector.py"))}
|
|
workspaces:
|
|
- name: source
|
|
mountPath: /data
|
|
EOF
|
|
}
|
|
|
|
resource "kubectl_manifest" "ci-trigger-push" {
|
|
count = var.autoCI?1:0
|
|
yaml_body = <<-EOF
|
|
apiVersion: triggers.tekton.dev/v1beta1
|
|
kind: Trigger
|
|
metadata:
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-auto-push"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.push-labels)}
|
|
spec:
|
|
bindings:
|
|
- name: artifactory-url
|
|
value: "$(extensions.artifactory-url)"
|
|
- name: project-name
|
|
value: "$(extensions.project-name)"
|
|
- name: project-path
|
|
value: "$(extensions.project-path)"
|
|
- name: git-repository-url
|
|
value: "$(extensions.git-repository-url)"
|
|
- name: git-revision
|
|
value: "$(extensions.git-revision)"
|
|
- name: git-default-branch
|
|
value: "$(extensions.git-default-branch)"
|
|
- name: generate-name
|
|
value: "$(extensions.generate-name)"
|
|
template:
|
|
spec:
|
|
params:
|
|
- name: artifactory-url
|
|
description: The url of the current artifactory
|
|
- name: project-name
|
|
description: The git repository name
|
|
- name: project-path
|
|
description: The path of the current project
|
|
- name: git-repository-url
|
|
description: The git repository url
|
|
- name: git-revision
|
|
description: The git revision
|
|
default: main
|
|
- name: git-default-branch
|
|
description: The git revision
|
|
default: main
|
|
- name: branch-name
|
|
description: The git branch
|
|
default: main
|
|
- name: generate-name
|
|
resourcetemplates:
|
|
- apiVersion: tekton.dev/v1beta1
|
|
kind: PipelineRun
|
|
metadata:
|
|
generateName: $(tt.params.generate-name)-
|
|
annotations:
|
|
"mayfly.cloud.namecheap.com/expire": "336h" # 2 weeks
|
|
spec:
|
|
pipelineRef:
|
|
name: "auto-ci-push"
|
|
params:
|
|
- name: artifactory-url
|
|
value: $(tt.params.artifactory-url)
|
|
- name: project-name
|
|
value: $(tt.params.project-name)
|
|
- name: project-path
|
|
value: $(tt.params.project-path)
|
|
- name: git-url
|
|
value: $(tt.params.git-repository-url)
|
|
- name: git-revision
|
|
value: $(tt.params.git-revision)
|
|
- name: git-default-branch
|
|
value: $(tt.params.git-default-branch)
|
|
- name: branch-name
|
|
value: $(tt.params.branch-name)
|
|
workspaces:
|
|
- name: source
|
|
persistentVolumeClaim:
|
|
claimName: source
|
|
subPath: $(tt.params.git-revision)
|
|
- name: dockerconfig
|
|
secret:
|
|
secretName: gitea-docker
|
|
items:
|
|
- key: ".dockerconfigjson"
|
|
path: "config.json"
|
|
- name: sslcertdir
|
|
secret:
|
|
secretName: gitea
|
|
items:
|
|
- key: "ca.crt"
|
|
path: "ca.crt"
|
|
- name: ssh
|
|
secret:
|
|
secretName: ssh-credentials
|
|
items:
|
|
- key: "known_hosts"
|
|
path: "known_hosts"
|
|
- key: "ssh-privatekey"
|
|
path: "id_rsa"
|
|
- key: "ssh-publickey"
|
|
path: "id_rsa.pub"
|
|
EOF
|
|
}
|
|
resource "kubectl_manifest" "ci-trigger-tag" {
|
|
count = var.autoCI?1:0
|
|
yaml_body = <<-EOF
|
|
apiVersion: triggers.tekton.dev/v1beta1
|
|
kind: Trigger
|
|
metadata:
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-auto-tag"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.tag-labels)}
|
|
spec:
|
|
bindings:
|
|
- name: artifactory-url
|
|
value: "$(extensions.artifactory-url)"
|
|
- name: project-name
|
|
value: "$(extensions.project-name)"
|
|
- name: project-path
|
|
value: "$(extensions.project-path)"
|
|
- name: git-repository-url
|
|
value: "$(extensions.git-repository-url)"
|
|
- name: git-revision
|
|
value: "$(extensions.git-revision)"
|
|
- name: tag-name
|
|
value: $(extensions.tag-name)
|
|
- name: generate-name
|
|
value: "$(extensions.generate-name)"
|
|
template:
|
|
spec:
|
|
params:
|
|
- name: artifactory-url
|
|
description: The url of the current artifactory
|
|
- name: project-name
|
|
description: The git repository name
|
|
- name: project-path
|
|
description: The path of the current project
|
|
- name: git-repository-url
|
|
description: The git repository url
|
|
- name: git-revision
|
|
description: The git revision
|
|
default: main
|
|
- name: tag-name
|
|
description: The git tag
|
|
- name: generate-name
|
|
resourcetemplates:
|
|
- apiVersion: tekton.dev/v1beta1
|
|
kind: PipelineRun
|
|
metadata:
|
|
generateName: $(tt.params.generate-name)-
|
|
annotations:
|
|
"mayfly.cloud.namecheap.com/expire": "1440h" # 2 months
|
|
spec:
|
|
pipelineRef:
|
|
name: "auto-ci-tag"
|
|
params:
|
|
- name: artifactory-url
|
|
value: $(tt.params.artifactory-url)
|
|
- name: project-name
|
|
value: $(tt.params.project-name)
|
|
- name: project-path
|
|
value: $(tt.params.project-path)
|
|
- name: git-url
|
|
value: $(tt.params.git-repository-url)
|
|
- name: git-revision
|
|
value: $(tt.params.git-revision)
|
|
- name: git-default-branch
|
|
value: $(tt.params.git-default-branch)
|
|
- name: branch-name
|
|
value: $(tt.params.branch-name)
|
|
workspaces:
|
|
- name: source
|
|
persistentVolumeClaim:
|
|
claimName: source
|
|
subPath: $(tt.params.git-revision)
|
|
- name: dockerconfig
|
|
secret:
|
|
secretName: gitea-docker
|
|
items:
|
|
- key: ".dockerconfigjson"
|
|
path: "config.json"
|
|
- name: sslcertdir
|
|
secret:
|
|
secretName: gitea
|
|
items:
|
|
- key: "ca.crt"
|
|
path: "ca.crt"
|
|
- name: ssh
|
|
secret:
|
|
secretName: ssh-credentials
|
|
items:
|
|
- key: "known_hosts"
|
|
path: "known_hosts"
|
|
- key: "ssh-privatekey"
|
|
path: "id_rsa"
|
|
- key: "ssh-publickey"
|
|
path: "id_rsa.pub"
|
|
EOF
|
|
}
|
|
|
|
|