vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-06-01 15:08:02 +02:00
parent a55965fe13
commit 8944d1380e
21 changed files with 2086 additions and 2163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

461
share/gitea-tekton-org/auto_Pipeline.tf Normal file
View File

@@ -0,0 +1,461 @@
locals {
finally = concat([yamldecode(<<-END
name: cleanup
taskRef:
name: auto-ci-cleanup
workspaces:
- name: source
END
)], var.conditions.have_gitea?yamldecode(<<-END
- name: inform-gitea-success
when:
- cel: '''$(tasks.status)'' in [''Succeeded'',''Completed'']'
params:
- name: REPO_FULL_NAME
value: $(params.project-path)
- name: SHA
value: $(params.git-revision)
- name: TARGET_URL
value: $(params.gramo-url)/workflow/tekton/PipelineRun/$(context.pipelineRun.namespace)/view/$(context.pipelineRun.name)
- name: DESCRIPTION
value: auto-ci-push
- name: STATE
value: success
taskRef:
name: gitea-set-status
- name: inform-gitea-warning
when:
- cel: '''$(tasks.status)'' == ''None'''
params:
- name: REPO_FULL_NAME
value: $(params.project-path)
- name: SHA
value: $(params.git-revision)
- name: TARGET_URL
value: $(params.gramo-url)/workflow/tekton/PipelineRun/$(context.pipelineRun.namespace)/view/$(context.pipelineRun.name)
- name: DESCRIPTION
value: auto-ci-push
- name: STATE
value: warning
taskRef:
name: gitea-set-status
- name: inform-gitea-error
when:
- cel: '''$(tasks.status)'' == ''Failed'''
params:
- name: REPO_FULL_NAME
value: $(params.project-path)
- name: SHA
value: $(params.git-revision)
- name: TARGET_URL
value: $(params.gramo-url)/workflow/tekton/PipelineRun/$(context.pipelineRun.namespace)/view/$(context.pipelineRun.name)
- name: DESCRIPTION
value: auto-ci-push
- name: STATE
value: error
taskRef:
name: gitea-set-status
END
):[])
cfg = {
tag = yamldecode(<<-END
onError: stopAndFail
END
)
push = yamldecode(<<-END
onError: continue
END
)
}
tasks = {
gitea_start = yamldecode(<<-END
name: inform-gitea-start
onError: continue
params:
- name: REPO_FULL_NAME
value: $(params.project-path)
- name: SHA
value: $(params.git-revision)
- name: TARGET_URL
value: $(params.gramo-url)/workflow/tekton/PipelineRun/$(context.pipelineRun.namespace)/view/$(context.pipelineRun.name)
- name: DESCRIPTION
value: auto-ci-push
- name: STATE
value: pending
taskRef:
name: gitea-set-status
END
)
git_clone = yamldecode(<<-END
name: git-clone
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.git-revision)
- name: branch
value: $(params.branch-name)
- name: depth
value: 0
taskRef:
name: git-clone
workspaces:
- name: output
workspace: source
- name: ssh-directory
workspace: ssh
END
)
build_id = yamldecode(<<-END
name: generate-build-id
runAfter:
- git-clone
params:
- name: branch
value: $(params.branch-name)
taskRef:
name: generate-build-id
workspaces:
- name: source
END
)
detect_push = yamldecode(<<-END
name: detect-stages
runAfter:
- generate-build-id
params:
- name: pipeline-type
value: push
- name: artifactory-url
value: $(params.artifactory-url)
- name: project-name
value: $(params.project-name)
- name: project-path
value: $(params.project-path)
- name: image-version
value: $(tasks.generate-build-id.results.build-id)
taskRef:
name: auto-ci-detector
workspaces:
- name: source
END
)
detect_tag = yamldecode(<<-END
name: detect-stages
runAfter:
- git-clone
params:
- name: pipeline-type
value: tag
- name: artifactory-url
value: $(params.artifactory-url)
- name: project-name
value: $(params.project-name)
- name: project-path
value: $(params.project-path)
- name: image-version
value: $(params.tag-name)
taskRef:
name: auto-ci-detector
workspaces:
- name: source
END
)
lint_shell = yamldecode(<<-END
name: lint-shell
runAfter:
- detect-stages
when:
- input: lint-shell
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value: $(tasks.detect-stages.results.shellcheck-args)
taskRef:
name: shellcheck
workspaces:
- name: shared-workspace
workspace: source
END
)
lint_docker = yamldecode(<<-END
name: lint-docker
runAfter:
- detect-stages
when:
- input: lint-docker
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
taskRef:
name: hadolint
matrix:
params:
- name: dockerfile-path
value: $(tasks.detect-stages.results.file-docker)
workspaces:
- name: source
END
)
lint_yaml = yamldecode(<<-END
name: lint-yaml
runAfter:
- detect-stages
when:
- input: lint-yaml
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value:
- .
taskRef:
name: yaml-lint
workspaces:
- name: shared-workspace
workspace: source
END
)
lint_black = yamldecode(<<-END
name: lint-black
runAfter:
- detect-stages
when:
- input: lint-black
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value: $(tasks.detect-stages.results.black-args)
taskRef:
name: black
workspaces:
- name: shared-workspace
workspace: source
END
)
lint_python = yamldecode(<<-END
name: lint-python
runAfter:
- detect-stages
when:
- input: lint-python
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value: $(tasks.detect-stages.results.pylint-args)
taskRef:
name: pylint
workspaces:
- name: source
workspace: source
END
)
lint_make = yamldecode(<<-END
name: lint-make
runAfter:
- detect-stages
when:
- input: lint-make
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value: $(tasks.detect-stages.results.checkmake-args)
taskRef:
name: check-make
workspaces:
- name: shared-workspace
workspace: source
END
)
lint_md = yamldecode(<<-END
name: lint-md
runAfter:
- detect-stages
when:
- input: lint-md
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value: $(tasks.detect-stages.results.mdl-args)
taskRef:
name: markdown-lint
workspaces:
- name: shared-workspace
workspace: source
END
)
lint_kube = yamldecode(<<-END
name: lint-kube
runAfter:
- detect-stages
when:
- input: lint-kube
operator: in
values:
- $(tasks.detect-stages.results.stages-lint[*])
params:
- name: args
value: $(tasks.detect-stages.results.kubelinter-args)
- name: manifest
value: k8
- name: default_option
value: do-not-auto-add-defaults
- name: includelist
value: no-extensions-v1beta,default-service-account,no-readiness-probe
taskRef:
name: kube-linter
workspaces:
- name: source
END
)
publish_docker = yamldecode(<<-END
name: publish-docker
runAfter:
- lint-md
- lint-kube
- lint-make
- lint-shell
- lint-docker
- lint-yaml
- lint-black
- lint-python
when:
- input: publish-docker
operator: in
values:
- $(tasks.detect-stages.results.stages-publish[*])
- input: $(params.branch-name)
operator: in
values:
- $(params.git-default-branch)
taskRef:
name: buildah
matrix:
params:
- name: DOCKERFILE
value: $(tasks.detect-stages.results.file-docker)
- name: IMAGE
value: $(tasks.detect-stages.results.images-name)
workspaces:
- name: source
- name: sslcertdir
- name: dockerconfig
END
)
}
push_tasks = concat(
var.conditions.have_gitea?[local.tasks.gitea_start]:[],
[local.tasks.git_clone,local.tasks.build_id,local.tasks.detect_push],
[merge(local.tasks.lint_black,local.cfg.push), merge(local.tasks.lint_python,local.cfg.push)],
[
merge(local.tasks.lint_shell,local.cfg.push), merge(local.tasks.lint_docker,local.cfg.push), merge(local.tasks.lint_yaml,local.cfg.push),
merge(local.tasks.lint_make,local.cfg.push), merge(local.tasks.lint_md,local.cfg.push), merge(local.tasks.lint_kube,local.cfg.push),
],
[local.tasks.publish_docker]
)
tag_tasks = concat(
var.conditions.have_gitea?[local.tasks.gitea_start]:[],
[local.tasks.gitea_start,local.tasks.git_clone,local.tasks.detect_tag],
[merge(local.tasks.lint_black,local.cfg.tag), merge(local.tasks.lint_python,local.cfg.tag)],
[
merge(local.tasks.lint_shell,local.cfg.tag), merge(local.tasks.lint_docker,local.cfg.tag), merge(local.tasks.lint_yaml,local.cfg.tag),
merge(local.tasks.lint_make,local.cfg.tag), merge(local.tasks.lint_md,local.cfg.tag), merge(local.tasks.lint_kube,local.cfg.tag),
],
[local.tasks.publish_docker]
)
}
resource "kubectl_manifest" "Pipeline_auto-ci-push" {
yaml_body = <<-EOF
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: auto-ci-push
namespace: ${var.namespace}
ownerReferences: ${jsonencode(var.install_owner)}
labels: ${jsonencode(local.common_labels)}
spec:
workspaces:
- name: source
- name: dockerconfig
- name: ssh
- name: sslcertdir
params:
- name: artifactory-url
default: docker.io
description: The url of the current artifactory
type: string
- name: gramo-url
default: https://gramo.${var.domain_name}
type: string
- name: project-name
description: The name of the current project
type: string
- name: project-path
description: The path of the current project
type: string
- name: git-default-branch
description: The git revision
default: main
- name: git-url
type: string
- name: git-revision
type: string
- name: branch-name
type: string
finally: ${jsonencode(local.finally)}
tasks: ${jsonencode(local.push_tasks)}
EOF
}
resource "kubectl_manifest" "Pipeline_auto-ci-tag" {
yaml_body = <<-EOF
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: auto-ci-tag
namespace: ${var.namespace}
ownerReferences: ${jsonencode(var.install_owner)}
labels: ${jsonencode(local.common_labels)}
spec:
workspaces:
- name: source
- name: dockerconfig
- name: ssh
- name: sslcertdir
params:
- name: artifactory-url
default: docker.io
description: The url of the current artifactory
type: string
- name: gramo-url
default: https://gramo.${var.domain_name}
type: string
- name: project-name
description: The name of the current project
type: string
- name: project-path
description: The path of the current project
type: string
- name: git-url
type: string
- name: git-revision
type: string
- name: tag-name
type: string
finally: ${jsonencode(local.finally)}
tasks: ${jsonencode(local.tag_tasks)}
EOF
}