fix

2024-04-21 13:45:02 +02:00
parent 8578a2705d
commit 2a132e4323
11 changed files with 1066 additions and 6 deletions
--- a/share/gitea-tekton-org/auto-ci.tf
+++ b/share/gitea-tekton-org/auto-ci.tf
@@ -0,0 +1,178 @@
+locals {
+  push-labels = merge(local.common-labels, {
+    "type" = "branch-push"
+  })
+  tag-labels = merge(local.common-labels, {
+    "type" = "tag-new"
+  })
+}
+
+resource "kubectl_manifest" "ci-trigger-push" {
+  count = var.autoCI?1:0
+  yaml_body  = <<-EOF
+    apiVersion: triggers.tekton.dev/v1beta1
+    kind: Trigger
+    metadata:
+    metadata:
+      name: "${var.instance}-${var.component}-auto-push"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.push-labels)}
+    spec:
+      bindings:
+        - name: artifactory-url
+          value: "$(extensions.artifactory-url)"
+        - name: project-name
+          value: "$(extensions.project-name)"
+        - name: project-path
+          value: "$(extensions.project-path)"
+        - name: git-repository-url
+          value: "$(extensions.git-repository-url)"
+        - name: git-revision
+          value: "$(extensions.git-revision)"
+        - name: git-default-branch
+          value: "$(extensions.git-default-branch)"
+        - name: branch-name
+          value: $(extensions.branch-name)
+      template:
+        spec:
+          params:
+          - name: artifactory-url
+            description: The url of the current artifactory
+          - name: project-name
+            description: The git repository name
+          - name: project-path
+            description: The path of the current project
+          - name: git-repository-url
+            description: The git repository url
+          - name: git-revision
+            description: The git revision
+            default: main
+          - name: git-default-branch
+            description: The git revision
+            default: main
+          - name: branch-name
+            description: The git branch
+            default: main
+          resourcetemplates:
+          - apiVersion: tekton.dev/v1beta1
+            kind: PipelineRun
+            metadata:
+              generateName: $(tt.params.gitrepositoryname)-push-$(tt.params.gitbranch)-
+              annotations:
+                "mayfly.cloud.namecheap.com/expire": "336h" # 2 weeks
+            spec:
+              pipelineRef:
+                name: "auto-ci-push"
+              params:
+              - name: artifactory-url
+                value: $(tt.params.artifactory-url)
+              - name: project-name
+                value: $(tt.params.project-name)
+              - name: project-path
+                value: $(tt.params.project-path)
+              - name: git-url
+                value: $(tt.params.git-repository-url)
+              - name: git-revision
+                value: $(tt.params.git-revision)
+              - name: git-default-branch
+                value: $(tt.params.git-default-branch)
+              - name: branch-name
+                value: $(tt.params.branch-name)
+              workspaces:
+              - name: source
+                volumeClaimTemplate:
+                  metadata:
+                    annotations:
+                      "mayfly.cloud.namecheap.com/expire": "2h"
+                  spec:
+                    accessModes:
+                      - ReadWriteOnce
+                    resources:
+                      requests:
+                        storage: 1Gi
+              - name: ssh
+                secret:
+                  secretName: ssh-credentials
+                  items:
+                  - key: "known_hosts"
+                    path: "known_hosts"
+                  - key: "ssh-privatekey"
+                    path: "id_rsa"
+                  - key: "ssh-publickey"
+                    path: "id_rsa.pub"
+  EOF
+}
+resource "kubectl_manifest" "ci-trigger-tag" {
+  count = var.autoCI?1:0
+  yaml_body  = <<-EOF
+    apiVersion: triggers.tekton.dev/v1beta1
+    kind: Trigger
+    metadata:
+    metadata:
+      name: "${var.instance}-${var.component}-auto-tag"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.tag-labels)}
+    spec:
+      bindings:
+        - name: artifactory-url
+          value: "$(extensions.artifactory-url)"
+        - name: project-name
+          value: "$(extensions.project-name)"
+        - name: project-path
+          value: "$(extensions.project-path)"
+        - name: git-repository-url
+          value: "$(extensions.git-repository-url)"
+        - name: tag-name
+          value: $(extensions.tag-name)
+      template:
+        spec:
+          params:
+          - name: artifactory-url
+            description: The url of the current artifactory
+          - name: project-name
+            description: The git repository name
+          - name: project-path
+            description: The path of the current project
+          - name: git-repository-url
+            description: The git repository url
+          - name: tag-name
+            description: The git tag
+          resourcetemplates:
+          - apiVersion: tekton.dev/v1beta1
+            kind: PipelineRun
+            metadata:
+              generateName: $(tt.params.project-name)-tag-$(tt.params.tag-name)-
+              annotations:
+                "mayfly.cloud.namecheap.com/expire": "1440h" # 2 months
+            spec:
+              pipelineRef:
+                name: "auto-ci-tag"
+              params:
+              - name: git-revision
+                value: $(tt.params.gitrevision)
+              - name: git-url
+                value: $(tt.params.gitrepositoryurl)
+              workspaces:
+              - name: source
+                volumeClaimTemplate:
+                  metadata:
+                    annotations:
+                      "mayfly.cloud.namecheap.com/expire": "2h"
+                  spec:
+                    accessModes:
+                      - ReadWriteOnce
+                    resources:
+                      requests:
+                        storage: 1Gi
+              - name: ssh
+                secret:
+                  secretName: ssh-credentials
+                  items:
+                  - key: "known_hosts"
+                    path: "known_hosts"
+                  - key: "ssh-privatekey"
+                    path: "id_rsa"
+                  - key: "ssh-publickey"
+                    path: "id_rsa.pub"
+  EOF
+}