-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpipeline.yaml
350 lines (335 loc) · 9.6 KB
/
pipeline.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: moodle-workspace
labels:
app.kubernetes.io/instance: moodle
app.kubernetes.io/name: moodle
app.kubernetes.io/part-of: moodle
app: moodle
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 1Gi
---
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: s2i-php-74
spec:
description: >-
s2i-php task clones a Git repository and builds and pushes a container image
using S2I and a PHP builder image.
params:
- default: latest
description: The tag of php imagestream for php version
name: VERSION
type: string
- default: .
description: The location of the path to run s2i from.
name: PATH_CONTEXT
type: string
- default: 'true'
description: >-
Verify the TLS on the registry endpoint (for push/pull to a non-TLS
registry)
name: TLSVERIFY
type: string
- description: Location of the repo where image has to be pushed
name: IMAGE
type: string
- default: >-
registry.redhat.io/rhel8/buildah@sha256:55f5c7d88c77e1ab5a2ab8e877172b2b66cb196e21f10dc45148470d0ee8bbae
description: The location of the buildah builder image.
name: BUILDER_IMAGE
type: string
- default: 'false'
description: Skip pushing the built image
name: SKIP_PUSH
type: string
- default: []
description: Environment variables to set during _build-time_.
name: ENV_VARS
type: array
results:
- description: Digest of the image just built.
name: IMAGE_DIGEST
type: string
steps:
- args:
- '$(params.ENV_VARS[*])'
computeResources: {}
env:
- name: HOME
value: /tekton/home
image: >-
registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:6a6025914296a62fdf2092c3a40011bd9b966a6806b094d51eec5e1bd5026ef4
name: generate
script: >
echo "Processing Build Environment Variables"
echo "" > /env-vars/env-file
for var in "$@"
do
echo "$var" >> /env-vars/env-file
done
s2i build $(params.PATH_CONTEXT)
image-registry.openshift-image-registry.svc:5000/$(params.VERSION) \
--as-dockerfile /gen-source/Dockerfile.gen --environment-file
/env-vars/env-file
volumeMounts:
- mountPath: /gen-source
name: gen-source
- mountPath: /env-vars
name: env-vars
workingDir: $(workspaces.source.path)
- computeResources: {}
image: $(params.BUILDER_IMAGE)
name: build-and-push
script: >
buildah bud --storage-driver=vfs --tls-verify=$(params.TLSVERIFY) \
--layers -f /gen-source/Dockerfile.gen -t $(params.IMAGE) .
[[ "$(params.SKIP_PUSH)" == "true" ]] && echo "Push skipped" && exit 0
[[ "$(workspaces.dockerconfig.bound)" == "true" ]] && export
DOCKER_CONFIG="$(workspaces.dockerconfig.path)"
buildah push --storage-driver=vfs --tls-verify=$(params.TLSVERIFY) \
--digestfile $(workspaces.source.path)/image-digest $(params.IMAGE) \
docker://$(params.IMAGE)
cat $(workspaces.source.path)/image-digest | tee
/tekton/results/IMAGE_DIGEST
securityContext:
capabilities:
add:
- SETFCAP
volumeMounts:
- mountPath: /var/lib/containers
name: varlibcontainers
- mountPath: /gen-source
name: gen-source
workingDir: /gen-source
volumes:
- emptyDir: {}
name: varlibcontainers
- emptyDir: {}
name: gen-source
- emptyDir: {}
name: env-vars
workspaces:
- mountPath: /workspace/source
name: source
- description: >-
An optional workspace that allows providing a .docker/config.json file
for Buildah to access the container registry. The file should be placed
at the root of the Workspace with name config.json.
name: dockerconfig
optional: true
---
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: moodle
labels:
app.kubernetes.io/instance: moodle
app.kubernetes.io/name: moodle
app: moodle
operator.tekton.dev/operand-name: openshift-pipelines-addons
pipeline.openshift.io/runtime: php74
pipeline.openshift.io/runtime-version: php74
pipeline.openshift.io/type: kubernetes
spec:
params:
- default: moodle
name: APP_NAME
type: string
- default: 'https://github.com/moodle/moodle'
name: GIT_REPO
type: string
- default: MOODLE_311_STABLE
name: GIT_REVISION
type: string
- default: >-
image-registry.openshift-image-registry.svc:5000/maximilianopizarro5-dev/moodle
name: IMAGE_NAME
type: string
- default: .
name: PATH_CONTEXT
type: string
- default: maximilianopizarro5-dev/php-74
name: VERSION
type: string
- default: moodle-maximilianopizarro5-dev.apps.sandbox-m2.ll9k.p1.openshiftapps.com
name: EXTERNAL_URL
type: string
tasks:
- name: fetch-repository
params:
- name: url
value: $(params.GIT_REPO)
- name: revision
value: $(params.GIT_REVISION)
- name: subdirectory
value: ''
- name: deleteExisting
value: 'true'
runAfter:
- build-php74-ubi
taskRef:
kind: ClusterTask
name: git-clone
workspaces:
- name: output
workspace: workspace
- name: deploy
params:
- name: SCRIPT
value: oc rollout status deploy/$(params.APP_NAME)
runAfter:
- build-moodle
taskRef:
kind: ClusterTask
name: openshift-client
- name: build-moodle
params:
- name: VERSION
value: $(params.VERSION)
- name: PATH_CONTEXT
value: .
- name: TLSVERIFY
value: 'true'
- name: IMAGE
value: $(params.IMAGE_NAME)
- name: BUILDER_IMAGE
value: >-
registry.redhat.io/rhel8/buildah@sha256:55f5c7d88c77e1ab5a2ab8e877172b2b66cb196e21f10dc45148470d0ee8bbae
- name: SKIP_PUSH
value: 'false'
- name: ENV_VARS
value: []
retries: 3
runAfter:
- fetch-repository
taskRef:
kind: Task
name: s2i-php-74
workspaces:
- name: source
workspace: workspace
- name: build-php74-ubi
params:
- name: SCRIPT
value: oc start-build bc/php-74-moodle
- name: VERSION
value: latest
runAfter:
- oc-apply-manifest
taskRef:
kind: ClusterTask
name: openshift-client
workspaces:
- name: manifest-dir
workspace: workspace
- name: fetch-gitops
params:
- name: url
value: 'https://github.com/maximilianoPizarro/moodle'
- name: revision
value: main
- name: refspec
value: ''
- name: submodules
value: 'true'
- name: depth
value: '1'
- name: sslVerify
value: 'true'
- name: crtFileName
value: ca-bundle.crt
- name: subdirectory
value: gitops
- name: sparseCheckoutDirectories
value: ''
- name: deleteExisting
value: 'true'
- name: httpProxy
value: ''
- name: httpsProxy
value: ''
- name: noProxy
value: ''
- name: verbose
value: 'true'
- name: gitInitImage
value: >-
registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c4b2183f7c7997bd401d86b33eefb637b3ef2fa90618e875106292cd69a15c14
- name: userHome
value: /home/git
taskRef:
kind: ClusterTask
name: git-clone
workspaces:
- name: output
workspace: workspace
- name: yq-patch-deployment
params:
- name: SCRIPT
value: >
yq e -i
'.spec.template.spec.containers[0].image="$(params.IMAGE_NAME)"'
gitops/overlay/develop/deployment-patches.yaml
cat gitops/overlay/develop/deployment-patches.yaml
- name: image
value: >-
docker.io/mikefarah/yq:4.27.5@sha256:2be3626ed633fbe1fc33ee9343a1256a6be53334412b2251b9a859f8c145bb53
- name: files
value: []
- name: expression
value: ''
runAfter:
- fetch-gitops
taskRef:
kind: Task
name: yq
workspaces:
- name: source
workspace: workspace
- name: yq-patch-route
params:
- name: SCRIPT
value: >-
yq e -i '.spec.host="$(params.EXTERNAL_URL)"'
gitops/overlay/develop/route.yaml
cat gitops/overlay/develop/route.yaml
- name: image
value: >-
docker.io/mikefarah/yq:4.27.5@sha256:2be3626ed633fbe1fc33ee9343a1256a6be53334412b2251b9a859f8c145bb53
- name: files
value: []
- name: expression
value: ''
runAfter:
- fetch-gitops
taskRef:
kind: Task
name: yq
workspaces:
- name: source
workspace: workspace
- name: oc-apply-manifest
params:
- name: SCRIPT
value: oc apply -k gitops/overlay/develop
- name: VERSION
value: latest
runAfter:
- yq-patch-deployment
- yq-patch-route
taskRef:
kind: ClusterTask
name: openshift-client
workspaces:
- name: manifest-dir
workspace: workspace
workspaces:
- name: workspace