--wip-- [skip ci]

2025-03-24 16:46:15 +01:00 · 2025-03-24 16:46:15 +01:00 · 4fe0c0b1a0
commit 4fe0c0b1a0
parent 0b0b1ceb37
48 changed files with 0 additions and 2041 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +0,0 @@
-kustomization/base/tekton/secret/gitea/access_token
-kustomization/base/tekton/secret/gitea/basicauth
-kustomization/base/tekton/secret/dockerconfig/.dockerconfigjson
-kustomization/base/tekton/secret/ssh/id_ed25519
-kustomization/base/tekton/secret/ssh/known_hosts
--- a/49
+++ b/49
@ -1,49 +0,0 @@
-DESTDIR=./
-
-REG_CRED=$(shell kubectl get secret -n tekton -l type=regcred -o jsonpath='{.items[0].metadata.name}')
-SUBNET=$(shell docker network inspect kind --format '{{ (index .IPAM.Config 0).Subnet }}')
-BASEIP=$(shell docker network inspect kind --format '{{ (index .IPAM.Config 0).Subnet }}' | cut -d "/" -f 1)
-
-.PHONY: help
-help:
-	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
-
-.PHONY: deploy
-create-cluster: ## Créer un cluster kubernetes avec Kind
-	kind create cluster --name tekton --config kind/kind-tekton.yaml
-	@echo "SubNet Docker :" $(SUBNET)
-	@echo -e " \x1b[32m✓\x1b[0m Cluster Kind déployé"
-
-.PHONY: setup-cluster
-setup-cluster: create cluster
-	kubectl apply -k kind/cluster --server-side
-	kubectl --namespace ingress-nginx rollout status --timeout 5m deployment/ingress-nginx-controller
-	kubectl --namespace metallb-system rollout status --timeout 5m deployment controller
-	sed -i "/mse.dev.local/ s/.*/            $(BASEIP)\tmse.dev.local/g" kind/cluster/coredns/custom-dns.yaml
-	kubectl apply -f kind/cluster/coredns/custom-dns.yaml
-	kubectl -n kube-system rollout restart deployment/coredns
-	kubectl -n kube-system rollout status --timeout 5m deployment/coredns
-	@yq -i ".spec.addresses = [\"$(SUBNET)\"]" kind/cluster/lb/resources/ipaddresspoool.yaml
-	kubectl apply -k kind/cluster/lb --server-side
-
-deploy-dev: ## Déploie le projet dans le cluster (nécessite la variable $HARBOR_USER_NAME)
-	skaffold dev --cleanup=false
-
-delete-cluster: ## Supprime le cluster kubernetes Kind
-	kind delete clusters tekton
-
-docker-secret:
-	cp kustomization/base/tekton/secret/gitea/access_token.dist kustomization/base/tekton/secret/gitea/access_token
-	cp kustomization/base/tekton/secret/gitea/basicauth.dist kustomization/base/tekton/secret/gitea/basicauth
-	cp kustomization/base/tekton/secret/ssh/id_ed25519.dist kustomization/base/tekton/secret/ssh/id_ed25519
-	cp kustomization/base/tekton/secret/ssh/known_hosts.dist kustomization/base/tekton/secret/ssh/known_hosts
-
-	docker login reg.cadoles.com
-	docker --config kustomization/base/tekton/secret/dockerconfig login reg.cadoles.com
-	mv kustomization/base/tekton/secret/dockerconfig/config.json kustomization/base/tekton/secret/dockerconfig/.dockerconfigjson
-
-.mktools:
-	rm -rf .mktools
-	curl -q https://forge.cadoles.com/Cadoles/mktools/raw/branch/master/install.sh | $(SHELL)
-
-include .mktools/*.mk
--- a/README.md
+++ b/README.md
@ -1,64 +0,0 @@
-# MSE Tekton
-
-CI du projet MSE
-
-### Lancement de l'environnement
-
-#### Lancer l'environnement
-
-```
-make create-cluster
-```
-
-Si vous disposez déjà d'un environnement kubernetes, appliquez uniquement les CRDs :
-
-```
-kubectl apply -k kind/cluster --server-side
-```
-
-Il se peut qu'il y ait besoin de relancer la commande s'il n'arrive pas a charger `TektonConfig` correctement
-
-Puis
-
-```
-make deploy-dev
-```
-
-#### Préparer les secrets
-Créer les fichiers en renseignant et en copiant les fichiers `.dist` correspondants:
- - `kustomization/base/tekton/secret/gitea/access_token`
- - `kustomization/base/tekton/secret/gitea/basicauth`
- - `kustomization/base/tekton/secret/ssh/id_ed25519`
- - `kustomization/base/tekton/secret/ssh/known_hosts`
-
-Générer le secret docker
-```
-make docker-secret
-```
-
-### Lancement d'un pipeline
-
-```
-kubectl create -f kustomization/base/tekton/pipeline/pipelinerun.yaml
-```
-
-### Lister et voir les logs des pipelines
-
-```
-tkn pipelinerun list
-tkn pipelinerun logs clone-read-run-dqwcx -f
-```
-
-Pour installer le cli tekton : [Tekton CLI](https://tekton.dev/docs/cli/#installation)
-
-
-### Accès au Dashboard
-[Doc Tekton](https://tekton.dev/docs/dashboard/install/)
-
-On crée un port-forward pour accéder au dashboard
-
-```
-kubectl --namespace tekton-pipelines port-forward svc/tekton-dashboard 9097:9097
-```
-
-Accéder au dashboard : http://localhost:9097
--- a/doc/mesproject.md
+++ b/doc/mesproject.md
@ -1,10 +0,0 @@
-# Mse Project
-
-## Evénements et triggers
-
-Lors de l'émission d'un événement par Gitea, selon la nature de l'événement, les pipelines `symfonycheck` ou `buildimage` seront déclenchés.
-
- - Pull request créé, ou push sur une pull request : `symfonycheck`
- - merge d'une PR : `buildimage`
-
-
--- a/doc/tekton.md
+++ b/doc/tekton.md
@ -1,76 +0,0 @@
-# Tekton CI
-
-## Webhook, Événements et Triggers
-
-Un webhook Gitea configuré, envoi des événements sur un endpoint défini par en `EventListener`.
-
-Cet `EventListener`, selon les filtres et overlays définis, peut alors déclencher des `TriggerTemplates` (configuré selon un `TriggerBinding`), qui alors configurerons a leur tour des `PipelineRun`, qui exécuterons des `Pipelines`, qui configurerons des `TaskRun`, qui alors exécuterons des `Task`.
-
-```mermaid
-flowchart LR
-    A[Webhook Event] --> B(EventListener
-    filter et overlays)
-    B --> D(Pipeline Binding)
-    B --> E(Pipeline Template)
-    D --> E
-    E --> F(PipelineRun)
-    F --> G(Pipeline)
-
-
-```
-
-Les `Webhooks`, événements et triggers dans Tekton CI permettent de déclencher des actions automatisées en réponse à des événements spécifiques dans un système de gestion de code source.
-
-### Filter et overlay
-
-Le `filter` permet de déclencher les Triggers pour les événements répondant au critère du filtre
-
-Les `overlays` permettent de récupérer une valeur de la requête pour la passer en paramètre
-
-### Workspaces
-
-Les workspaces sont des volumes qui sont monté à la demande dans les conteneurs des différentes `Task` dans le répertoire `/workspace`.
-
-### Exemples
-
- - [EventListener MSE](kustomization/base/tekton/event/mseproject.yaml)
- - [TriggerBinding MSE](kustomization/base/tekton/event/msebuild-binding.yaml)
- - [TriggerTemplate MSE](kustomization/base/tekton/event/msebuild-template.yaml)
-
-
-
-## Pipelines
-
-Les `Pipeline` dans Tekton CI décrivent une série d'étapes ou de tâches à exécuter pour automatiser un processus de déploiement ou de test logiciel.
-Un `PipelineRun` permet d'exécuter un `Pipeline` en lui donnant des paramètres
-
-L'option `runAfter:` permet de définir si une `Task` doit s'exécuter une fois qu'une autre Task est terminé. Si `runAfter` n'est par défini, la `Task` sera exécuté en parallèle
-
-
-
-```mermaid
-flowchart LR
-    G(PipelineRun) --> H(Pipeline)
-    H --> I(TaskRun)
-    I --> J(Task)
-
-```
-### Exemples
-
- [SymfonyCheck](../kustomization/base/tekton/pipeline/symfonycheck.yaml)
-
-## Tasks
-
-Les `Task` dans Tekton CI représentent des actions individuelles à effectuer dans un pipeline. Elles peuvent inclure des opérations telles que la construction, le déploiement, les tests, etc.
-Une `TaskRun` permet d'exécuter une `Task` en lui donnant des paramètres.
-Les `Task` vont alors enchainer les différentes steps.
-Les `Task` peuvent émettre des résultats, qui seront alors accessible par d'autres `Task`
-
-L'option `OnError` permet de déclencher un évenement à la suite d'une erreur d'une `step`.
-On peut alors s'en servir pour passer à la st`ep suivante, sans bloquer l'exécution de la `Task`.
-
-### Exemple
- - [ImageFormater](kustomization/base/tekton/task/common/imageformater.yaml)
-
-
-
--- a/kind/cluster/coredns/custom-dns.yaml
+++ b/kind/cluster/coredns/custom-dns.yaml
@ -1,31 +0,0 @@
-apiVersion: v1
-data:
-  Corefile: |
-    .:53 {
-        errors
-        health {
-           lameduck 5s
-        }
-        ready
-        kubernetes cluster.local in-addr.arpa ip6.arpa {
-           pods insecure
-           fallthrough in-addr.arpa ip6.arpa
-           ttl 30
-        }
-        prometheus :9153
-        forward . /etc/resolv.conf
-        cache 30
-        loop
-        reload
-        loadbalance
-        hosts {
-            # Liste des noms de dommaine à résoudre dans le cluster.local
-            172.18.0.0	mse.dev.local
-
-            fallthrough
-        }
-    }
-kind: ConfigMap
-metadata:
-  name: coredns
-  namespace: kube-system
--- a/kind/cluster/kustomization.yaml
+++ b/kind/cluster/kustomization.yaml
@ -1,17 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop
- https://storage.googleapis.com/tekton-releases/operator/latest/release.yaml
- https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/config/all/operator_v1alpha1_config_cr.yaml
- https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
- https://storage.googleapis.com/tekton-releases/triggers/latest/release.yaml
- https://storage.googleapis.com/tekton-releases/triggers/latest/interceptors.yaml
- https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml
-
--- a/kind/cluster/lb/kustomization.yaml
+++ b/kind/cluster/lb/kustomization.yaml
@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: metallb-system
-
-resources:
- ./resources/ipaddresspoool.yaml
- ./resources/advertise.yaml
--- a/kind/cluster/lb/resources/advertise.yaml
+++ b/kind/cluster/lb/resources/advertise.yaml
@ -1,9 +0,0 @@
-apiVersion: metallb.io/v1beta1
-kind: L2Advertisement
-metadata:
-  name: l2-ip-pool-ad
-  namespace: metallb-system
-spec:
-  ipAddressPools:
-  - main-pool
-
--- a/kind/cluster/lb/resources/ipaddresspoool.yaml
+++ b/kind/cluster/lb/resources/ipaddresspoool.yaml
@ -1,8 +0,0 @@
-apiVersion: metallb.io/v1beta1
-kind: IPAddressPool
-metadata:
-  name: main-pool
-  namespace: metallb-system
-spec:
-  addresses:
-    - 172.18.0.0/16
--- a/kind/kind-tekton.yaml
+++ b/kind/kind-tekton.yaml
@ -1,45 +0,0 @@
-kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-name: tekton-pipelines
-nodes:
- role: control-plane
-  image: kindest/node:v1.27.2
-  kubeadmConfigPatches:
-  - |
-    kind: InitConfiguration
-    nodeRegistration:
-      kubeletExtraArgs:
-        node-labels: "ingress-ready=true"
-  extraPortMappings:
-  - containerPort: 31000
-    hostPort: 31000
-    listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
-  - containerPort: 80
-    hostPort: 8080
-    listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
-  labels:
-    ingress-ready: true
- role: worker
-  image: kindest/node:v1.27.2
-  kubeadmConfigPatches:
-  - |
-    kind: JoinConfiguration
-    nodeRegistration:
-      kubeletExtraArgs:
-        system-reserved: memory=2Gi
- role: worker
-  image: kindest/node:v1.27.2
-  kubeadmConfigPatches:
-  - |
-    kind: JoinConfiguration
-    nodeRegistration:
-      kubeletExtraArgs:
-        system-reserved: memory=2Gi
- role: worker
-  image: kindest/node:v1.27.2
-  kubeadmConfigPatches:
-  - |
-    kind: JoinConfiguration
-    nodeRegistration:
-      kubeletExtraArgs:
-        system-reserved: memory=2Gi
--- a/kind/scripts/init-kind.sh
+++ b/kind/scripts/init-kind.sh
@ -1,13 +0,0 @@
-#!/bin/bash
-
-
-
-${ENGINE} create cluster --config kind/kind-mse.yaml
-sleep 5
-kubectl apply -k kind/cluster --server-side
-sleep 5
-docker network inspect kind | jq '.[0].IPAM.Config[0].Subnet' -r
-echo "Si tout est ok :"
-echo "kubectl apply -k kind/cluster/lb --server-side"
-echo "skaffold dev -p dev --cleanup=false "
-
--- a/kustomization/base/kustomization.yaml
+++ b/kustomization/base/kustomization.yaml
@ -1,6 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
- tekton/
- tekton-pipelines/ingress/dashboard.yaml
--- a/kustomization/base/tekton-pipelines/ingress/dashboard.yaml
+++ b/kustomization/base/tekton-pipelines/ingress/dashboard.yaml
@ -1,25 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: dashboard
-  namespace: tekton-pipelines
-spec:
-  ingressClassName: nginx
-  rules:
-  - host: tekton.local
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: tekton-dashboard
-            port:
-              number: 9097
-      - path: /mseproject
-        pathType: Prefix
-        backend:
-          service:
-            name: el-mseproject
-            port:
-              number: 9000
--- a/kustomization/base/tekton/configmap/configmap-phpcsfixer.yaml
+++ b/kustomization/base/tekton/configmap/configmap-phpcsfixer.yaml
@ -1,49 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: config-phpcsfixer
-data:
-  php-cs-fixer.dist.php: |
-    <?php
-    $finder = (new PhpCsFixer\Finder())
-    ->ignoreDotFiles(false)
-    ->ignoreVCSIgnored(true)
-    ->exclude(['dev-tools/phpstan', 'tests/Fixtures'])
-    ->in(__DIR__);
-    // TODO: Définir les règles de style communes
-    // spécifiques au projet
-    return (new PhpCsFixer\Config())
-        ->setRules([
-            '@Symfony' => true,
-            'concat_space' => ['spacing' => 'none'],
-            'array_syntax' => ['syntax' => 'short'],
-            'combine_consecutive_issets' => true,
-            'explicit_indirect_variable' => true,
-            'no_useless_return' => true,
-            'ordered_imports' => true,
-            'no_unused_imports' => true,
-            'no_spaces_after_function_name' => true,
-            'no_spaces_inside_parenthesis' => true,
-            'ternary_operator_spaces' => true,
-            'class_definition' => ['single_line' => true],
-            'whitespace_after_comma_in_array' => true,
-            // phpdoc
-            'phpdoc_add_missing_param_annotation' => ['only_untyped' => true],
-            'phpdoc_order' => true,
-            'phpdoc_types_order' => [
-                'null_adjustment' => 'always_last',
-                'sort_algorithm' => 'alpha',
-            ],
-            'phpdoc_no_empty_return' => false,
-            'phpdoc_summary' => false,
-            'general_phpdoc_annotation_remove' => [
-                'annotations' => [
-                    'expectedExceptionMessageRegExp',
-                    'expectedException',
-                    'expectedExceptionMessage',
-                    'author',
-                ],
-            ],
-        ])
-        ->setFinder($finder);    
-
--- a/kustomization/base/tekton/event/imagebuild.yaml
+++ b/kustomization/base/tekton/event/imagebuild.yaml
@ -1,18 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: EventListener
-metadata:
-  name: imagebuild
-spec:
-  serviceAccountName: tekton-robot
-  triggers:
-    - name: imagebuild-trigger
-      interceptors:
-        - ref:
-            name: "cel"
-          params:
-          - name: "filter"
-            value: "body.action != 'deleted'"
-      bindings:
-      - ref: imagebuild-binding
-      template:
-        ref: imagebuild-template
--- a/kustomization/base/tekton/event/msebuild.yaml
+++ b/kustomization/base/tekton/event/msebuild.yaml
@ -1,26 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: EventListener
-metadata:
-  name: msebuild
-spec:
-  serviceAccountName: tekton-robot
-  triggers:
-    - name: msebuild-trigger
-      interceptors:
-        - ref:
-            name: "cel"
-          params:
-          # Filtre par événement
-          - name: "filter"
-            value: "body.action != 'deleted'"
-          # Récupération du queryParam registry
-          - name: "overlays"
-            value:
-              - key: registry
-                expression: "requestURL.parseURL().query['registry']"
-      bindings:
-      - ref: msebuild-binding
-      - name: registry
-        value: $(extensions.registry)
-      template:
-        ref: msebuild-template
--- a/kustomization/base/tekton/event/mseproject.yaml
+++ b/kustomization/base/tekton/event/mseproject.yaml
@ -1,39 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: EventListener
-metadata:
-  name: mseproject
-spec:
-  serviceAccountName: tekton-robot
-  triggers:
-    - name: mse-symfonycheck-trigger
-      interceptors:
-        - ref:
-            name: "cel"
-          params:
-          # Filtre par événement
-          - name: "filter"
-            value: "body.action in ['opened', 'synchronized']"
-      bindings:
-      - ref: symfonycheck-binding
-      template:
-        ref: symfonycheck-template
-
-    - name: mse-build-trigger
-      interceptors:
-        - ref:
-            name: "cel"
-          params:
-          # Filtre par événement
-          - name: "filter"
-            value: "body.pull_request.merged == true"
-          # Récupération du queryParam registry
-          - name: "overlays"
-            value:
-              - key: registry
-                expression: "requestURL.parseURL().query['registry']"
-      bindings:
-      - ref: msebuild-binding
-      - name: registry
-        value: $(extensions.registry)
-      template:
-        ref: msebuild-template
--- a/kustomization/base/tekton/event/symfonycheck.yaml
+++ b/kustomization/base/tekton/event/symfonycheck.yaml
@ -1,18 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: EventListener
-metadata:
-  name: symfonycheck
-spec:
-  serviceAccountName: tekton-robot
-  triggers:
-    - name: symfonycheck-trigger
-      interceptors:
-        - ref:
-            name: "cel"
-          params:
-          - name: "filter"
-            value: "body.action != 'closed'"
-      bindings:
-      - ref: symfonycheck-binding
-      template:
-        ref: symfonycheck-template
--- a/kustomization/base/tekton/kustomization.yaml
+++ b/kustomization/base/tekton/kustomization.yaml
@ -1,68 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: tekton-pipelines
-resources:
- namespace/namespace.yaml
- serviceaccount/service-account.yaml
- serviceaccount/rbac.yaml
- configmap/configmap-phpcsfixer.yaml
-
- resources/
-
-# Tasks
- https://raw.githubusercontent.com/tektoncd/catalog/main/task/git-clone/0.9/git-clone.yaml
- https://api.hub.tekton.dev/v1/resource/tekton/task/kaniko/0.6/raw
- task/common/giteacomment.yaml
- task/common/imageformater.yaml
- task/common/cleanup.yaml
- task/common/crane.yaml
- task/common/trivy.yaml
- task/symfonyapp/phpcsfixer.yaml
- task/symfonyapp/phpsecuritycheck.yaml
- task/symfonyapp/phpstan.yaml
- task/symfonyapp/phpunittest.yaml
- task/symfonyapp/phpfunctionaltest.yaml
-
-# Pipelines
- pipeline/imagebuild.yaml
- pipeline/symfonycheck.yaml
-
-# Triggers
- trigger/msebuild-binding.yaml
- trigger/msebuild-template.yaml
- trigger/imagebuild-binding.yaml
- trigger/imagebuild-template.yaml
- trigger/symfonycheck-binding.yaml
- trigger/symfonycheck-template.yaml
-
-# Events
- event/mseproject.yaml
-
-
-# # Ingress
-# - ingress/dashboard.yaml
-
-generatorOptions:
- disableNameSuffixHash: true
-secretGenerator:
- name: regcred
-  type: kubernetes.io/dockerconfigjson
-  files:
-  - secret/dockerconfig/.dockerconfigjson
-
- name: basic-auth
-  type: kubernetes.io/basic-auth
-  options:
-    annotations:
-      tekton.dev/git-0: https://forge.cadoles.com
-  envs:
-  - secret/gitea/basicauth
-
- name: gitea-access-token
-  files:
-  - secret/gitea/access_token
-
- name: git-credentials
-  files:
-  - secret/ssh/id_ed25519
-  - secret/ssh/known_hosts
--- a/kustomization/base/tekton/namespace/namespace.yaml
+++ b/kustomization/base/tekton/namespace/namespace.yaml
@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: tekton-pipelines
--- a/kustomization/base/tekton/pipeline/imagebuild.yaml
+++ b/kustomization/base/tekton/pipeline/imagebuild.yaml
@ -1,170 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Pipeline
-metadata:
-  name: imagebuild
-spec:
-  description: |
-    This pipeline clones a git repo, then echoes the README file to the stout.
-  params:
-  - name: url
-    type: string
-    description: The git repo URL to clone from.
-  - name: revision
-    type: string
-    description: The git repo branch to checkout.
-  - name: image
-    type: string
-    description: The image to build.
-  - name: context
-    type: string
-    description: The context of image to build.
-  - name: tag
-    type: string
-    description: The image tag.
-  - name: dockerfile
-    type: string
-    description: Path to the Dockerfile to build.
-  - name: registry
-    description: Registry of the Docker image
-  - name: apiurl
-    type: string
-    description: The gitea api url.
-  - name: requesttype
-    type: string
-    description: The gitea request type = "pullrequest / release".
-  - name: requestid
-    type: string
-    description: The gitea request id.
-
-
-  workspaces:
-  - name: shared-data
-  - name: docker-credentials
-  - name: git-credentials
-  - name: gitea-access-token
-
-  tasks:
-
-  # 📥 Clone du repo git
-  - name: gitclone
-    taskRef:
-      name: git-clone
-    workspaces:
-    - name: output
-      workspace: shared-data
-    - name: ssh-directory
-      workspace: git-credentials
-    params:
-    - name: url
-      value: $(params.url)
-    - name: revision
-      value: $(params.revision)
-    - name: submodules
-      value: 'false'
-    - name: depth
-      value: '50'
-
-  # ⭐ Image Tag Formater
-  - name: imageformater
-    taskRef:
-      name:  imageformater
-    runAfter: ["gitclone"]
-    workspaces:
-    - name: source
-      workspace: shared-data
-    params:
-    - name: revision
-      value: $(params.revision)
-
-  # 🔨 Build de l'image
-  - name: kaniko-build
-    taskRef:
-      name: kaniko
-    runAfter: ["imageformater"]
-    params:
-      - name: IMAGE
-        value: $(params.registry)/$(params.image):$(tasks.imageformater.results.imagetag)
-      - name: BUILDER_IMAGE
-        value: gcr.io/kaniko-project/executor:v1.20.0
-      - name: DOCKERFILE
-        value: $(params.dockerfile)
-      - name: CONTEXT
-        value: $(params.context)
-      - name: EXTRA_ARGS
-        value:
-          - --skip-tls-verify
-          - --insecure
-          - --no-push
-          - --tarPath=$(workspaces.source.path)/image.tar
-          - --destination=$(params.registry)/$(params.image):$(tasks.imageformater.results.imagetag)
-    workspaces:
-      - name: source
-        workspace: shared-data
-      - name: dockerconfig
-        workspace: docker-credentials
-
-   # 🔎 Scan de l'image
-  - name: trivy-scan
-    taskRef:
-      name: trivy-scanner
-      kind: Task
-    params:
-      - name: IMAGE_PATH
-        value: "$(workspaces.manifest-dir.path)/image.tar"
-    workspaces:
-      - name: manifest-dir
-        workspace: shared-data
-    runAfter:
-      - kaniko-build
-
-  # 📨 Envoyer du resulat de trivy à gitea
-  - name: trivy-giteacomment
-    taskRef:
-      name: giteacomment
-    workspaces:
-    - name: source
-      workspace: shared-data
-    - name: gitea-access-token
-      workspace: gitea-access-token
-    params:
-    - name: apiurl
-      value: $(params.apiurl)
-    - name: requestid
-      value: $(params.requestid)
-    - name: title
-      value: "TRIVY"
-    - name: filepath
-      value: "temp_trivy.txt"
-    runAfter:
-      - trivy-scan
-
-  # 🚀 Publication de l'image
-  - name: publish
-    taskRef:
-      name: crane-task
-    workspaces:
-      - name: source
-        workspace: shared-data
-      - name: dockerconfig
-        workspace: docker-credentials
-    params:
-      - name: IMAGE_TAG
-        value: $(tasks.imageformater.results.imagetag)
-      - name: IMAGE
-        value: $(params.image)
-      - name: REGISTRY
-        value: $(params.registry)
-    runAfter:
-      - trivy-scan
-
-
-
-  finally:
-  # 🧹 Cleanup
-  - name: cleanup-workspace
-    taskRef:
-      name: cleanup-workspace
-      kind: Task
-    workspaces:
-      - name: source
-        workspace: shared-data
--- a/kustomization/base/tekton/pipeline/symfonycheck.yaml
+++ b/kustomization/base/tekton/pipeline/symfonycheck.yaml
@ -1,166 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Pipeline
-metadata:
-  name: symfonycheck
-spec:
-  description: |
-    This pipeline clones a git repo, then echoes the README file to the stout.
-  params:
-  - name: url
-    type: string
-    description: The git repo URL to clone from.
-  - name: revision
-    type: string
-    description: The git repo branch to checkout.
-  - name: destination
-    type: string
-    description: The branch to merge to.
-  - name: apiurl
-    type: string
-    description: The gitea api url.
-  - name: requesttype
-    type: string
-    description: The gitea request type = "pullrequest / release".
-  - name: requestid
-    type: string
-    description: The gitea request id.
-
-  workspaces:
-  - name: shared-data
-    description: This workspace contains the cloned repo files, so they can be read by the next task.
-  - name: config
-  - name: docker-credentials
-  - name: gitea-access-token
-
-  tasks:
-  # 📥 Clone du repo git
-  - name: gitclone
-    taskRef:
-      name: git-clone
-    workspaces:
-    - name: output
-      workspace: shared-data
-    params:
-    - name: url
-      value: $(params.url)
-    - name: revision
-      value: $(params.revision)
-    - name: submodules
-      value: 'false'
-    - name: depth
-      value: '50'
-
-  # ⭐ Exécution des tests phpsecuritycheck
-  - name: phpsecuritycheck
-    runAfter: ["gitclone"]
-    taskRef:
-      name: phpsecuritycheck
-    workspaces:
-    - name: source
-      workspace: shared-data
-
-  # ⭐ Exécution des tests phpstan
-  - name: phpstan
-    runAfter: ["gitclone"]
-    taskRef:
-      name: phpstan
-    workspaces:
-    - name: source
-      workspace: shared-data
-    params:
-    - name: apiurl
-      value: $(params.apiurl)
-    - name: requestid
-      value: $(params.requestid)
-
-  # ⭐ Exécution des tests php-cs-fixer
-  - name: phpcsfixer
-    runAfter: ["gitclone"]
-    taskRef:
-      name: phpcsfixer
-    workspaces:
-    - name: source
-      workspace: shared-data
-    - name: config
-      workspace: config
-    params:
-    - name: destination
-      value: $(params.destination)
-
-  # ⭐ Execution des tests unitaires et fonctionnels
-  - name: phpunittest
-    runAfter: ["gitclone"]
-    taskRef:
-      name:  phpunittest
-    workspaces:
-    - name: source
-      workspace: shared-data
-
-  finally:
-  # 📨 Envoie du resulat de php-cs-fixer à gitea
-  - name: phpcsfixer-giteacomment
-    taskRef:
-      name: giteacomment
-    workspaces:
-    - name: source
-      workspace: shared-data
-    - name: gitea-access-token
-      workspace: gitea-access-token
-    params:
-    - name: apiurl
-      value: $(params.apiurl)
-    - name: requestid
-      value: $(params.requestid)
-    - name: title
-      value: "PHP-CS-FIXER"
-    - name: filepath
-      value: "temp_phpcsfixer.txt"
-
-  # 📨 Envoi du resulat de phpstan à gitea
-  - name: phpstan-giteacomment
-    taskRef:
-      name: giteacomment
-    workspaces:
-    - name: source
-      workspace: shared-data
-    - name: gitea-access-token
-      workspace: gitea-access-token
-    params:
-    - name: apiurl
-      value: $(params.apiurl)
-    - name: requestid
-      value: $(params.requestid)
-    - name: title
-      value: "PHPSTAN"
-    - name: filepath
-      value: "temp_phpstan.txt"
-
-  # 📨 Envoie le resulat de phpsecuritychecker à gitea
-  - name: phpsecuritychecker-giteacomment
-    taskRef:
-      name: giteacomment
-    workspaces:
-    - name: source
-      workspace: shared-data
-    - name: gitea-access-token
-      workspace: gitea-access-token
-    params:
-    - name: apiurl
-      value: $(params.apiurl)
-    - name: requestid
-      value: $(params.requestid)
-    - name: title
-      value: "PHP-SECURITY-CHECK"
-    - name: filepath
-      value: "temp_phpsecuritychecker.txt"
-
-  # 🧹 Cleanup
-  - name: cleanup-workspace
-    taskRef:
-      name: cleanup-workspace
-      kind: Task
-    workspaces:
-      - name: source
-        workspace: shared-data
-
-
--- a/kustomization/base/tekton/resources/kustomization.yaml
+++ b/kustomization/base/tekton/resources/kustomization.yaml
@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - ./redis/redis-cluster.yaml
--- a/kustomization/base/tekton/resources/redis/redis-cluster.yaml
+++ b/kustomization/base/tekton/resources/redis/redis-cluster.yaml
@ -1,22 +0,0 @@
-apiVersion: databases.spotahome.com/v1
-kind: RedisFailover
-metadata:
-  name: tekton-redis
-spec:
-  sentinel:
-    replicas: 3
-    resources:
-      requests:
-        cpu: 100m
-      limits:
-        memory: 100Mi
-  redis:
-    image: reg.cadoles.com/proxy_cache/library/redis:6.2.6-alpine
-    replicas: 3
-    resources:
-      requests:
-        cpu: 100m
-        memory: 100Mi
-      limits:
-        cpu: 400m
-        memory: 500Mi
--- a/kustomization/base/tekton/secret/gitea/access_token.dist
+++ b/kustomization/base/tekton/secret/gitea/access_token.dist
@ -1 +0,0 @@
-TOKEN_HERE
--- a/kustomization/base/tekton/secret/gitea/basicauth.dist
+++ b/kustomization/base/tekton/secret/gitea/basicauth.dist
@ -1,2 +0,0 @@
-username=<login>
-password=<password>
--- a/kustomization/base/tekton/secret/ssh/id_ed25519.dist
+++ b/kustomization/base/tekton/secret/ssh/id_ed25519.dist
@ -1 +0,0 @@
-YOUR_PRIVATE_KEY_HERE
--- a/kustomization/base/tekton/secret/ssh/known_hosts.dist
+++ b/kustomization/base/tekton/secret/ssh/known_hosts.dist
@ -1 +0,0 @@
-KNOWN_HOST_HERE
--- a/kustomization/base/tekton/serviceaccount/rbac.yaml
+++ b/kustomization/base/tekton/serviceaccount/rbac.yaml
@ -1,29 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: tekton-robot
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: triggers-example-eventlistener-binding
-subjects:
- kind: ServiceAccount
-  name: tekton-robot
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: tekton-triggers-eventlistener-roles
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: triggers-example-eventlistener-clusterbinding
-subjects:
- kind: ServiceAccount
-  name: tekton-robot
-  namespace: default
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: tekton-triggers-eventlistener-clusterroles
--- a/kustomization/base/tekton/serviceaccount/service-account.yaml
+++ b/kustomization/base/tekton/serviceaccount/service-account.yaml
@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: build-bot
-secrets:
-  - name: basic-auth
-  - name: regcred
--- a/kustomization/base/tekton/task/common/cleanup.yaml
+++ b/kustomization/base/tekton/task/common/cleanup.yaml
@ -1,24 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: cleanup-workspace
-spec:
-  workspaces:
-    - name: source
-  steps:
-    - name: cleanup
-      image: alpine:latest
-      command:
-        - /bin/sh
-      args:
-      - '-c'
-      - |
-        #set -e
-
-        echo ""
-        echo "== CLEAN UP WORKSPACES ==================================="
-        rm -rf /workspace/*
-
-        echo ""
-        echo ""
-
--- a/kustomization/base/tekton/task/common/crane.yaml
+++ b/kustomization/base/tekton/task/common/crane.yaml
@ -1,39 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: crane-task
-spec:
-  workspaces:
-    - name: source
-    - name: dockerconfig
-  params:
-    - name: IMAGE_TAG
-      type: string
-      description: "The image to push."
-    - name: IMAGE
-      type: string
-      description: "The image to push."
-    - name: REGISTRY
-      description: Docker Registry
-
-
-  steps:
-    - name: push-image-tar
-      image: gcr.io/go-containerregistry/crane:debug
-      script: |
-        #!/busybox/sh
-        set -eu -o pipefail
-
-        echo ""
-        echo "== CONFIGURE CREDENTIALS ==================================="
-
-        mkdir ~/.docker
-        cp $(workspaces.dockerconfig.path)/config.json ~/.docker/config.json
-        echo ""
-        echo "== PUSH IMAGE ==================================="
-
-        crane push $(workspaces.source.path)/image.tar $(params.REGISTRY)/$(params.IMAGE):$(params.IMAGE_TAG)
-
-        echo ""
-        echo ""
-
--- a/kustomization/base/tekton/task/common/giteacomment.yaml
+++ b/kustomization/base/tekton/task/common/giteacomment.yaml
@ -1,55 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: giteacomment
-spec:
-  description: Send file content to a comment of the pullrequest gitea
-  workspaces:
-  - name: source
-  - name: gitea-access-token
-  params:
-  - name: apiurl
-  - name: requestid
-  - name: title
-  - name: filepath
-  steps:
-  - name: exec
-    image: alpine
-    command:
-      - /bin/sh
-    args:
-      - '-c'
-      - |
-        #set -e
-
-        cd $(workspaces.source.path)
-
-        echo ""
-        echo "== INSTALL DEPENDENCIES ==================================="
-        apk add jq curl
-
-        echo ""
-        echo "== SEND COMMENT TO GITEA ================================="
-
-        if [[ -n "$(params.title)" ]]; then
-          sed -i '1i\# $(params.title)' $(params.filepath)
-        fi
-
-        RESULT=$(cat $(params.filepath))
-        rm -f $(params.filepath)
-        TOKEN_PATH="$(workspaces.gitea-access-token.path)"
-        GITEA_ACCESS_TOKEN="$(cat ${TOKEN_PATH}/access_token)"
-        APIURL=$(params.apiurl)/issues/$(params.requestid)/comments?access_token=${GITEA_ACCESS_TOKEN}
-        RESULT_ESCAPED=$(jq --null-input --arg result "${RESULT}" '$result')
-        BODY="{\"body\": ${RESULT_ESCAPED}}"
-        echo ${BODY}
-
-        curl -X 'POST' \
-          ${APIURL} \
-          -s \
-          -H 'accept: application/json' \
-          -H 'Content-Type: application/json' \
-          -d "${BODY}"
-
-        echo ""
-        echo ""
--- a/kustomization/base/tekton/task/common/imageformater.yaml
+++ b/kustomization/base/tekton/task/common/imageformater.yaml
@ -1,35 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: imageformater
-spec:
-  description: transform image name to standart name
-  workspaces:
-  - name: source
-  params:
-  - name: revision
-  results:
-  - name: imagetag
-  steps:
-  - name: exec
-    image: alpine:3.19
-    script: |
-        #!/usr/bin/env sh
-        set -eu
-        set +x
-        apk add make curl bash git
-
-        cd $(workspaces.source.path)
-        git config --global --add safe.directory /workspace/source
-        git checkout $(params.revision)
-        set -x
-        echo ""
-        echo "== IMAGE NAME FORMATER ==================================="
-
-        make .mktools
-        version=$(make mkt-project-version)
-
-        echo -n "${version}" > "$(results.imagetag.path)"
-
-        echo ""
-        echo ""
--- a/kustomization/base/tekton/task/common/trivy.yaml
+++ b/kustomization/base/tekton/task/common/trivy.yaml
@ -1,46 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: trivy-scanner
-  labels:
-    app.kubernetes.io/version: "0.2"
-  annotations:
-    tekton.dev/pipelines.minVersion: "0.12.1"
-    tekton.dev/categories: Security
-    tekton.dev/tags: CLI, trivy
-    tekton.dev/displayName: "trivy scanner"
-    tekton.dev/platforms: "linux/amd64,linux/arm64,linux/ppc64le,linux/390x"
-spec:
-  description: >-
-    Trivy is a simple and comprehensive scanner for
-    vulnerabilities in container images,file systems
-    ,and Git repositories, as well as for configuration issues.
-
-    This task can be used to scan for vulnenrabilities on the source code
-    in stand alone mode.
-  workspaces:
-    - name: manifest-dir
-  params:
-    - name: TRIVY_IMAGE
-      default: docker.io/aquasec/trivy@sha256:944a044451791617cc0ed2ee4d1942a4f66b790d527fcd0575a6b399ccbc05a1  # 0.43.1
-      description: Trivy scanner image to be used
-    - name: IMAGE_PATH
-      description: Image or Path to be scanned by trivy.
-      type: string
-    - name: AIR_GAPPED_ENABLED
-      default: "false"
-      description: a flag enabling Air-Gapped mode
-      type: string
-  steps:
-    - name: trivy-scan
-      image: $(params.TRIVY_IMAGE)
-      workingDir: $(workspaces.manifest-dir.path)
-      script: |
-        #!/usr/bin/env sh
-
-          echo ""
-          echo "== SCAN IMAGE ==================================="
-
-          echo "Running trivy task with command below"
-          trivy image --exit-code 1 --severity CRITICAL --no-progress -o temp_trivy.txt --input $(params.IMAGE_PATH)
-          cat temp_trivy.txt
--- a/kustomization/base/tekton/task/symfonyapp/phpcsfixer.yaml
+++ b/kustomization/base/tekton/task/symfonyapp/phpcsfixer.yaml
@ -1,35 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: phpcsfixer
-spec:
-  description: PHP-CS-Fixer on modified code
-  workspaces:
-  - name: source
-  - name: config
-  params:
-  - name: destination
-  steps:
-  - name: exec
-    image:  ghcr.io/php-cs-fixer/php-cs-fixer:3-php8.3
-    command:
-      - /bin/sh
-    args:
-      - '-c'
-      - |
-        #set -e
-        apk add git
-        cd $(workspaces.source.path)
-        git config --global --add safe.directory /workspace/source
-        git fetch origin $(params.destination)
-        CHANGED_FILES=$(git diff --name-only --diff-filter=ACMRTUXB origin/$(params.destination) -- | grep -F ".php" | tr "\n" " ")
-        if ! echo "${CHANGED_FILES}" | grep -qE "^(\\.php-cs-fixer(\\.dist)\\.php?|composer\\.lock)$"; then EXTRA_ARGS=$(printf -- '--path-mode=intersection -- %s' "${CHANGED_FILES}"); else EXTRA_ARGS=''; fi
-
-        echo ""
-        echo "== RUN PHP-CS-FIXER ======================================"
-
-        php-cs-fixer fix --dry-run --config=$(workspaces.config.path)/php-cs-fixer.dist.php ${EXTRA_ARGS} > temp_phpcsfixer.txt 2>&1
-        cat temp_phpcsfixer.txt
-
-        echo ""
-        echo ""
--- a/kustomization/base/tekton/task/symfonyapp/phpfunctionaltest.yaml
+++ b/kustomization/base/tekton/task/symfonyapp/phpfunctionaltest.yaml
@ -1,70 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: phpfunctionaltest
-spec:
-  description: PHP functional test with bdd sidecar
-  workspaces:
-  - name: source
-  sidecars:
-    - name: database
-      image: postgres:16
-      env:
-      - name: POSTGRES_PASSWORD
-        value: not_so_secret
-      - name: POSTGRES_HOST_AUTH_METHOD
-        value: trust
-    - name: redis
-      image: redis:4.0
-
-  steps:
-  - name: exec
-    image:  reg.cadoles.com/cadoles/symfony:alpine-php-7.4-base-20230926
-    env:
-    - name: PHP_FPM_MEMORY_LIMIT
-      value: 512m
-    - name: MSE_DATABASE_DRIVER
-      value: pdo_pgsql
-    - name: MSE_DATABASE_HOST
-      value: localhost
-    - name: MSE_DATABASE_PORT
-      value: '5432'
-    - name: MSE_DATABASE_NAME
-      value: postgres
-    - name: MSE_DATABASE_USER
-      value: postgres
-    - name: MSE_DATABASE_PASSWORD
-      value: not_so_secret
-    - name: MSE_REDIS_SERVER
-      value: localhost
-    - name: MSE_REDIS_PORT
-      value: '6379'
-    - name: MSE_REDIS_SERVER
-      value: rfs-tekton-redis
-    command:
-      - /bin/sh
-    args:
-      - '-c'
-      - |
-        set -e
-        apk add bash=5.1.16-r0 \
-        postgresql-client \
-        php7-gd=7.4.33-r1   \
-        php7-xsl=7.4.33-r1   \
-        php7-pdo=7.4.33-r1   \
-        php7-pgsql=7.4.33-r1 \
-        php7-pdo_pgsql=7.4.33-r1 \
-        php7-soap=7.4.33-r1 \
-        php7-ldap=7.4.33-r1 \
-        php7-pdo_mysql=7.4.33-r1 \
-        php7-bcmath=7.4.33-r1 \
-        php7-intl=7.4.33-r1 \
-        php7-fileinfo=7.4.33-r1 \
-        php7-iconv=7.4.33-r1 \
-        php7-pecl-amqp=1.11.0-r0 \
-        php7-pecl-redis=5.3.6-r0
-        cd $(workspaces.source.path)
-        app/console doctrine:migrations:migrate -n
-        ./scripts/run-php-tests.sh --group integration --stderr --testdox -d memory_limit=512M
-
-
--- a/kustomization/base/tekton/task/symfonyapp/phpsecuritycheck.yaml
+++ b/kustomization/base/tekton/task/symfonyapp/phpsecuritycheck.yaml
@ -1,32 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: phpsecuritycheck
-spec:
-  description: Check PHP security issues
-  workspaces:
-  - name: source
-  steps:
-  - name: exec
-    image:  alpine:latest
-    script: |
-      #!/bin/sh
-      #set -e
-
-      echo ""
-      echo "== INSTALL PHP-SECURITY-CHECKER =========================="
-      export PHP_SECURITY_CHECKER_VERSION=1.0.0
-      export ARG JQ_VERSION=1.6
-      wget -O /usr/local/bin/local-php-security-checker https://github.com/fabpot/local-php-security-checker/releases/download/v${PHP_SECURITY_CHECKER_VERSION}/local-php-security-checker_${PHP_SECURITY_CHECKER_VERSION}_linux_amd64 \
-      && chmod +x /usr/local/bin/local-php-security-checker
-
-
-      echo ""
-      echo "== RUN PHP-SECURITY-CHECKER =============================="
-      cd $(workspaces.source.path)
-      local-php-security-checker --format=markdown > temp_phpsecuritychecker.txt 2>&1
-      RESULT=$(cat temp_phpsecuritychecker.txt)
-      echo "${RESULT}"
-
-      echo ""
-      echo ""
--- a/kustomization/base/tekton/task/symfonyapp/phpstan.yaml
+++ b/kustomization/base/tekton/task/symfonyapp/phpstan.yaml
@ -1,20 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: phpstan
-spec:
-  description: Phpstan on modified code
-  workspaces:
-  - name: source
-  params:
-  - name: apiurl
-  - name: requestid
-  steps:
-  - name: analyse
-    image:  reg.cadoles.com/cadoles/phpstan
-    script: |
-      #!/bin/sh
-      echo "== RUN PHPSTAN ==========================================="
-      cd $(workspaces.source.path)
-      phpstan analyse -l 5 --configuration phpstan-pipeline.neon --error-format table --no-progress > temp_phpstan.txt 2>&1
-      cat temp_phpstan.txt
--- a/kustomization/base/tekton/task/symfonyapp/phpunittest.yaml
+++ b/kustomization/base/tekton/task/symfonyapp/phpunittest.yaml
@ -1,119 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: phpunittest
-spec:
-  description: PHP unit test
-  workspaces:
-  - name: source
-  sidecars:
-    - name: database
-      image: postgres:16
-      env:
-      - name: POSTGRES_PASSWORD
-        value: not_so_secret
-      - name: POSTGRES_HOST_AUTH_METHOD
-        value: trust
-
-  steps:
-  - name: php-unit
-    image:  reg.cadoles.com/cadoles/symfony:alpine-php-7.4-base-20230926
-    env:
-    - name: PHP_FPM_MEMORY_LIMIT
-      value: 512m
-    - name: MSE_DATABASE_DRIVER
-      value: pdo_pgsql
-    - name: MSE_DATABASE_HOST
-      value: localhost
-    - name: MSE_DATABASE_PORT
-      value: '5432'
-    - name: MSE_DATABASE_NAME
-      value: postgres
-    - name: MSE_DATABASE_USER
-      value: postgres
-    - name: MSE_DATABASE_PASSWORD
-      value: not_so_secret
-    - name: MSE_REDIS_SERVER
-      value: localhost
-    - name: MSE_REDIS_PORT
-      value: '6379'
-    command:
-      - /bin/sh
-    args:
-      - '-c'
-      - |
-        set -e
-        apk add bash=5.1.16-r0 \
-        postgresql-client \
-        php7-gd=7.4.33-r1   \
-        php7-xsl=7.4.33-r1   \
-        php7-pdo=7.4.33-r1   \
-        php7-pgsql=7.4.33-r1 \
-        php7-pdo_pgsql=7.4.33-r1 \
-        php7-soap=7.4.33-r1 \
-        php7-ldap=7.4.33-r1 \
-        php7-pdo_mysql=7.4.33-r1 \
-        php7-bcmath=7.4.33-r1 \
-        php7-intl=7.4.33-r1 \
-        php7-fileinfo=7.4.33-r1 \
-        php7-iconv=7.4.33-r1 \
-        php7-pecl-amqp=1.11.0-r0 \
-        php7-pecl-redis=5.3.6-r0
-        echo "memory_limit = 512M" >> /etc/php7/conf.d/03_base.ini
-        echo "memory_limit = 512M" >> /etc/php8/conf.d/03_base.ini
-        cd $(workspaces.source.path)
-        ./bin/phpunit -c ./app --group unit --stderr --testdox -d memory_limit=1024M $(PHPUNIT_ARGS)
-    onError: continue
-
-  - name: php-functional
-    image:  reg.cadoles.com/cadoles/symfony:alpine-php-7.4-base-20230926
-    env:
-    - name: PHP_FPM_MEMORY_LIMIT
-      value: 512m
-    - name: MSE_DATABASE_DRIVER
-      value: pdo_pgsql
-    - name: MSE_DATABASE_HOST
-      value: localhost
-    - name: MSE_DATABASE_PORT
-      value: '5432'
-    - name: MSE_DATABASE_NAME
-      value: postgres
-    - name: MSE_DATABASE_USER
-      value: postgres
-    - name: MSE_DATABASE_PASSWORD
-      value: not_so_secret
-    - name: MSE_REDIS_SERVER
-      value: rfs-portal-redis
-    - name: MSE_REDIS_PORT
-      value: '26379'
-    - name: MSE_REDIS_SERVER
-      value: rfs-tekton-redis
-    command:
-      - /bin/sh
-    args:
-      - '-c'
-      - |
-        set -e
-        apk add bash=5.1.16-r0 \
-        postgresql-client \
-        php7-gd=7.4.33-r1   \
-        php7-xsl=7.4.33-r1   \
-        php7-pdo=7.4.33-r1   \
-        php7-pgsql=7.4.33-r1 \
-        php7-pdo_pgsql=7.4.33-r1 \
-        php7-soap=7.4.33-r1 \
-        php7-ldap=7.4.33-r1 \
-        php7-pdo_mysql=7.4.33-r1 \
-        php7-bcmath=7.4.33-r1 \
-        php7-intl=7.4.33-r1 \
-        php7-fileinfo=7.4.33-r1 \
-        php7-iconv=7.4.33-r1 \
-        php7-pecl-amqp=1.11.0-r0 \
-        php7-pecl-redis=5.3.6-r0
-        echo "memory_limit = 512M" >> /etc/php7/conf.d/03_base.ini
-        echo "memory_limit = 512M" >> /etc/php8/conf.d/03_base.ini
-        cd $(workspaces.source.path)
-        /bin/sh ./sidecar-scripts/init_database.sh
-        ./bin/phpunit -c ./app --group integration --stderr --testdox -d memory_limit=1024M $(PHPUNIT_ARGS)
-
-
--- a/kustomization/base/tekton/trigger/imagebuild-binding.yaml
+++ b/kustomization/base/tekton/trigger/imagebuild-binding.yaml
@ -1,19 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: TriggerBinding
-metadata:
-  name: imagebuild-binding
-spec:
-  params:
-  - name: url
-    value: $(body.repository.clone_url)
-  - name: revision
-    value: $(body.pull_request.base.ref)
-  - name: image
-    value: $(body.repository.full_name)
-  - name: tag
-    value: $(body.release.target_commitish)-$(body.release.tag_name)
-  - name: apiurl
-    value: $(body.release.url)
-  - name: requestid
-    value: $(body.release.id)
-
--- a/kustomization/base/tekton/trigger/imagebuild-template.yaml
+++ b/kustomization/base/tekton/trigger/imagebuild-template.yaml
@ -1,66 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: TriggerTemplate
-metadata:
-  name: imagebuild-template
-spec:
-  params:
-  - name: url
-  - name: revision
-  - name: image
-  - name: tag
-  - name: dockerfile
-  - name: registry
-  - name: apiurl
-  - name: requestid
-  - name: requesttype
-
-  resourcetemplates:
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: imagebuild-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: hydra-sql-theme
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/hydra-sql-mse-theme/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
--- a/kustomization/base/tekton/trigger/msebuild-binding.yaml
+++ b/kustomization/base/tekton/trigger/msebuild-binding.yaml
@ -1,18 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: TriggerBinding
-metadata:
-  name: msebuild-binding
-spec:
-  params:
-  - name: url
-    value: $(body.repository.clone_url)
-  - name: revision
-    value: $(body.pull_request.base.ref)
-  - name: image
-    value: $(body.repository.full_name)
-  - name: apiurl
-    value: $(body.pull_request.base.repo.url)
-  - name: requestid
-    value: $(body.pull_request.number)
-
-
--- a/kustomization/base/tekton/trigger/msebuild-template.yaml
+++ b/kustomization/base/tekton/trigger/msebuild-template.yaml
@ -1,389 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: TriggerTemplate
-metadata:
-  name: msebuild-template
-spec:
-  params:
-  - name: url
-  - name: revision
-  - name: image
-  - name: tag
-  - name: dockerfile
-  - name: registry
-  - name: apiurl
-  - name: requestid
-  - name: requesttype
-
-  resourcetemplates:
-  # Portal
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-portal-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: portal
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/portal/Dockerfile
-      - name: context
-        value: ./
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-  # Hydra Dispatcher Theme
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-hydra-dispatcher-theme-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: hydra-dispatcher-theme
-      - name: context
-        value: misc/k8s/images/hydra-dispatcher-mse-theme
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-  # Hydra SQL Theme
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-hydra-sql-theme-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: hydra-sql-theme
-      - name: context
-        value: misc/k8s/images/hydra-sql-mse-theme
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/hydra-sql-mse-theme/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-  # Job Base
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-job-base-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: job-base
-      - name: context
-        value: misc/k8s/images/job-base
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/job-base/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-  # Mock
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-mock-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: mock
-      - name: context
-        value: misc/k8s/images/mock
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/mock/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-  # Ines
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-ines-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: ines
-      - name: context
-        value: misc/k8s/images/ines
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/ines/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-  # Shibboleth-sp
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: msebuild-shibboleth-sp-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: imagebuild
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: git-credentials
-        secret:
-          secretName: git-credentials
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: image
-        value: shibboleth-sp
-      - name: context
-        value: misc/k8s/images/sp
-      - name: tag
-        value: $(tt.params.tag)
-      - name: dockerfile
-        value: ./misc/k8s/images/sp/Dockerfile
-      - name: registry
-        value: $(tt.params.registry)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
-
-
--- a/kustomization/base/tekton/trigger/symfonycheck-binding.yaml
+++ b/kustomization/base/tekton/trigger/symfonycheck-binding.yaml
@ -1,16 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: TriggerBinding
-metadata:
-  name: symfonycheck-binding
-spec:
-  params:
-  - name: url
-    value: $(body.pull_request.head.repo.clone_url)
-  - name: revision
-    value: $(body.pull_request.head.ref)
-  - name: apiurl
-    value: $(body.pull_request.head.repo.url)
-  - name: requestid
-    value: $(body.pull_request.number)
-  - name: destination
-    value: $(body.pull_request.base.ref)
--- a/kustomization/base/tekton/trigger/symfonycheck-template.yaml
+++ b/kustomization/base/tekton/trigger/symfonycheck-template.yaml
@ -1,56 +0,0 @@
-apiVersion: triggers.tekton.dev/v1beta1
-kind: TriggerTemplate
-metadata:
-  name: symfonycheck-template
-spec:
-  params:
-  - name: url
-  - name: revision
-  - name: requestid
-  - name: destination
-  - name: apiurl
-  - name: requesttype
-  resourcetemplates:
-  - apiVersion: tekton.dev/v1beta1
-    kind: PipelineRun
-    metadata:
-      generateName: symfonycheck-run-
-      namespace: tekton-pipelines
-    spec:
-      serviceAccountName: build-bot
-      pipelineRef:
-        name: symfonycheck
-      podTemplate:
-        securityContext:
-          fsGroup: 65532
-      workspaces:
-      - name: shared-data
-        volumeClaimTemplate:
-          spec:
-            accessModes:
-            - ReadWriteOnce
-            resources:
-              requests:
-                storage: 1Gi
-      - name: config
-        configmap:
-          name: config-phpcsfixer
-      - name: docker-credentials
-        secret:
-          secretName: regcred
-      - name: gitea-access-token
-        secret:
-          secretName: gitea-access-token
-      params:
-      - name: url
-        value: $(tt.params.url)
-      - name: revision
-        value: $(tt.params.revision)
-      - name: destination
-        value: $(tt.params.destination)
-      - name: apiurl
-        value: $(tt.params.apiurl)
-      - name: requestid
-        value: $(tt.params.requestid)
-      - name: requesttype
-        value: pullrequest
--- a/skaffold.yaml
+++ b/skaffold.yaml
@ -1,11 +0,0 @@
-apiVersion: skaffold/v3
-kind: Config
-
-metadata:
-  name: tekton-pipelines
-
-manifests:
-  kustomize:
-    paths:
-    - kustomization/base
-