mlamalle/mse-tekton
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

event & trigger for scan & build pipeline symfony

Browse Source
This commit is contained in:
afornerot 2024-03-10 20:20:30 +01:00
parent 0d61ed1c07
commit b537ebc665
24 changed files with 598 additions and 383 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
kustomization/base/tekton/task/symfonyapp/configmap/configmap-php-cs-fixer.yaml → kustomization/base/tekton/configmap/configmap-phpcsfixer.yaml
View File

@ -1,7 +1,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: config-php-cs-fixer
name: config-phpcsfixer
data:
php-cs-fixer.dist.php: |
<?php
@ -45,5 +45,5 @@ data:
],
],
])
->setFinder($finder);
->setFinder($finder);

18
kustomization/base/tekton/event/pipeline-symfonyapp-listener.yaml
View File

@ -1,18 +0,0 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: pipeline-symfonyapp-listener
spec:
serviceAccountName: tekton-robot
triggers:
- name: pipeline-symfonyapp-trigger
interceptors:
- ref:
name: "cel"
params:
- name: "filter"
value: "header.match('X-Gitea-Signature', '2563371aaeb3e352c3c4c4a35d5591a31fd18686a90e1f3679d97177a728c356') && requestURL.parseURL().query['pipeline'] == 'symfonyapp'"
bindings:
- ref: pipeline-symfonyapp-binding
template:
ref: pipeline-symfonyapp-template

18
kustomization/base/tekton/event/symfonybuild.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: symfonybuild
spec:
serviceAccountName: tekton-robot
triggers:
- name: symfonybuild-trigger
interceptors:
- ref:
name: "cel"
params:
- name: "filter"
value: "body.action != 'deleted'"
bindings:
- ref: symfonybuild-binding
template:
ref: symfonybuild-template

18
kustomization/base/tekton/event/symfonycheck.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: symfonycheck
spec:
serviceAccountName: tekton-robot
triggers:
- name: symfonycheck-trigger
interceptors:
- ref:
name: "cel"
params:
- name: "filter"
value: "body.action != 'closed'"
bindings:
- ref: symfonycheck-binding
template:
ref: symfonycheck-template

20
kustomization/base/tekton/kustomization.yaml
View File

@ -9,10 +9,20 @@ resources:
- https://raw.githubusercontent.com/tektoncd/catalog/main/task/git-clone/0.9/git-clone.yaml
- https://api.hub.tekton.dev/v1/resource/tekton/task/kaniko/0.6/raw
- https://api.hub.tekton.dev/v1/resource/tekton/task/trivy-scanner/0.2/raw
- task/symfonyapp/
- pipeline/pipeline-symfonyapp.yaml
- trigger/pipeline-symfonyapp-binding.yaml
- trigger/pipeline-symfonyapp-template.yaml
- event/pipeline-symfonyapp-listener.yaml
- configmap/configmap-phpcsfixer.yaml
- task/giteacomment.yaml
- task/imageformater.yaml
- task/phpcsfixer.yaml
- task/phpsecuritycheck.yaml
- task/phpstan.yaml
- task/phpunittest.yaml
- pipeline/symfonybuild.yaml
- pipeline/symfonycheck.yaml
- trigger/symfonybuild-binding.yaml
- trigger/symfonybuild-template.yaml
- trigger/symfonycheck-binding.yaml
- trigger/symfonycheck-template.yaml
- event/symfonybuild.yaml
- event/symfonycheck.yaml

133
kustomization/base/tekton/pipeline/pipeline-symfonyapp.yaml
View File

@ -1,133 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: pipeline-symfonyapp
spec:
description: |
This pipeline clones a git repo, then echoes the README file to the stout.
params:
- name: url
type: string
description: The git repo URL to clone from.
- name: revision
type: string
description: The git repo branch to checkout.
- name: destination
type: string
description: The git repo branch to merge to.
# - name: image
# type: string
# description: Full name of image repo.
# - name: dockerfile
# type: string
# description: 'The path to the Dockerfile to execute (default: ./Dockerfile)'
workspaces:
- name: shared-data
description: |
This workspace contains the cloned repo files, so they can be read by the
next task.
- name: config
- name: docker-credentials
tasks:
# 📥 Clone du repo git
- name: fetch-source
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-data
params:
- name: url
value: $(params.url)
- name: revision
value: $(params.revision)
- name: submodules
value: 'false'
- name: depth
value: '50'
# ⭐ Lecture du readme du projet
- name: show-readme
runAfter: ["fetch-source"]
taskRef:
name: show-readme
workspaces:
- name: source
workspace: shared-data
# ⭐ Execution des tests php-security-check
- name: php-security-check
runAfter: ["fetch-source"]
taskRef:
name: php-security-check
workspaces:
- name: source
workspace: shared-data
# ⭐ Execution des tests phpstan
- name: phpstan
runAfter: ["fetch-source"]
taskRef:
name: phpstan
workspaces:
- name: source
workspace: shared-data
# ⭐ Execution des tests php-cs-fixer
- name: php-cs-fixer
runAfter: ["fetch-source"]
taskRef:
name: php-cs-fixer
workspaces:
- name: source
workspace: shared-data
- name: config
workspace: config
params:
- name: destination
value: $(params.destination)
# ⭐ Execution des tests unitaires avec une BDD en sidecar
- name: php-unit-test
runAfter:
- fetch-source
# - php-cs-fixer
# - phpstan
# - php-security-check
taskRef:
name: php-unit-test
workspaces:
- name: source
workspace: shared-data
## 🔨 Build de l'image
# - name: kaniko-build
# taskRef:
# name: kaniko
# params:
# - name: IMAGE
# value: $(params.image)
# - name: DOCKERFILE
# value: $(params.dockerfile)
# - name: BUILDER_IMAGE
# value: gcr.io/kaniko-project/executor:v1.20.0
# - name: EXTRA_ARGS
# value:
# - --skip-tls-verify
# - --insecure
# - --ignore-path=/product_uuid
# workspaces:
# - name: source
# workspace: shared-data
# - name: dockerconfig
# workspace: docker-credentials
# runAfter:
# - php-unit-test
# retries: 3

38
kustomization/base/tekton/pipeline/pipelinerun.yaml
View File

@ -1,38 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: symfonyapp-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: symfonyapp
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: config
configmap:
name: config-php-cs-fixer
- name: docker-credentials
secret:
secretName: regcred
params:
- name: url
value: https://forge.cadoles.com/CNOUS/mse.git
- name: revision
value: issue-2977
- name: destination
value: sprint-8
# - name: image
# value: reg.cadoles.com/mlamalle/testtekton
# - name: dockerfile
# value: misc/docker/Dockerfile

101
kustomization/base/tekton/pipeline/symfonybuild.yaml Normal file
View File

@ -0,0 +1,101 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: symfonybuild
spec:
description: |
This pipeline clones a git repo, then echoes the README file to the stout.
params:
- name: url
type: string
description: The git repo URL to clone from.
- name: revision
type: string
description: The git repo branch to checkout.
- name: image
type: string
description: The image to build.
- name: apiurl
type: string
description: The gitea api url.
- name: requesttype
type: string
description: The gitea request type = pullrequet or release
- name: requestid
type: string
description: The gitea request id.
- name: access_token
type: string
description: The gitea access_token id.
workspaces:
- name: shared-data
- name: config
- name: docker-credentials
tasks:
# ⭐ Execution des tests unitaires avec une BDD en sidecar
- name: imageformater
taskRef:
name: imageformater
params:
- name: image
value: $(params.image)
# 📥 Clone du repo git
- name: gitclone
runAfter: [imageformater]
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-data
params:
- name: url
value: $(params.url)
- name: revision
value: $(params.revision)
- name: submodules
value: 'false'
- name: depth
value: '50'
## ⭐ Execution des tests unitaires avec une BDD en sidecar
#- name: phpunittest
# runAfter:
# - gitclone
# # - phpcsfixer
# # - phpstan
# # - phpsecuritycheck
# taskRef:
# name: phpunittest
# workspaces:
# - name: source
# workspace: shared-data
# 🔨 Build de l'image
- name: kanikobuild
taskRef:
name: kaniko
params:
- name: IMAGE
value: $(tasks.imageformater.results.imagetag)
- name: BUILDER_IMAGE
value: gcr.io/kaniko-project/executor:v1.20.0
- name: EXTRA_ARGS
value:
- --skip-tls-verify
- --insecure
- --ignore-path=/product_uuid
workspaces:
- name: source
workspace: shared-data
- name: dockerconfig
workspace: docker-credentials
runAfter:
- gitclone

161
kustomization/base/tekton/pipeline/symfonycheck.yaml Normal file
View File

@ -0,0 +1,161 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: symfonycheck
spec:
description: |
This pipeline clones a git repo, then echoes the README file to the stout.
params:
- name: url
type: string
description: The git repo URL to clone from.
- name: revision
type: string
description: The git repo branch to checkout.
- name: apiurl
type: string
description: The gitea api url.
- name: requesttype
type: string
description: The gitea request type = "pullrequest / release".
- name: requestid
type: string
description: The gitea request id.
- name: access_token
type: string
description: The gitea access_token id.
workspaces:
- name: shared-data
description: This workspace contains the cloned repo files, so they can be read by the next task.
- name: config
- name: docker-credentials
tasks:
# 📥 Clone du repo git
- name: gitclone
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-data
params:
- name: url
value: $(params.url)
- name: revision
value: $(params.revision)
- name: submodules
value: 'false'
- name: depth
value: '50'
# ⭐ Execution des tests phpsecuritycheck
- name: phpsecuritycheck
runAfter: ["gitclone"]
taskRef:
name: phpsecuritycheck
workspaces:
- name: source
workspace: shared-data
# ⭐ Execution des tests phpstan
- name: phpstan
runAfter: ["gitclone"]
taskRef:
name: phpstan
workspaces:
- name: source
workspace: shared-data
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
# ⭐ Execution des tests php-cs-fixer
- name: phpcsfixer
runAfter: ["gitclone"]
taskRef:
name: phpcsfixer
workspaces:
- name: source
workspace: shared-data
- name: config
workspace: config
finally:
# ⭐ Envoyer le resulat de php-cs-fixer à gitea
- name: phpcsfixer-giteacomment
taskRef:
name: giteacomment
workspaces:
- name: source
workspace: shared-data
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title
value: "PHP-CS-FIXER"
- name: filepath
value: "temp_phpcsfixer.txt"
# ⭐ Envoyer le resulat de phpstan à gitea
- name: phpstan-giteacomment
taskRef:
name: giteacomment
workspaces:
- name: source
workspace: shared-data
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title
value: "PHPSTAN"
- name: filepath
value: "temp_phpstan.txt"
# ⭐ Envoyer le resulat de phpsecuritychecker à gitea
- name: phpsecuritychecker-giteacomment
taskRef:
name: giteacomment
workspaces:
- name: source
workspace: shared-data
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title
value: ""
- name: filepath
value: "temp_phpsecuritychecker.txt"
## ⭐ Execution des tests unitaires avec une BDD en sidecar
#- name: phpunittest
# runAfter:
# - gitclone
# # - phpcsfixer
# # - phpstan
# # - phpsecuritycheck
# taskRef:
# name: phpunittest
# workspaces:
# - name: source
# workspace: shared-data

53
kustomization/base/tekton/task/giteacomment.yaml Normal file
View File

@ -0,0 +1,53 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: giteacomment
spec:
description: Send file content to a comment of the pullrequest gitea
workspaces:
- name: source
params:
- name: apiurl
- name: requestid
- name: access_token
- name: title
- name: filepath
steps:
- name: exec
image: alpine
command:
- /bin/sh
args:
- '-c'
- |
#set -ex
cd $(workspaces.source.path)
echo ""
echo "== INSTALL DEPENDANCES ==================================="
apk add jq curl
echo ""
echo "== SEND COMMENT TO GITEA ================================="
if [[ -n "$(params.title)" ]]; then
sed -i '1i\# $(params.title)' $(params.filepath)
fi
RESULT=$(cat $(params.filepath))
rm -f $(params.filepath)
APIURL=$(params.apiurl)/issues/$(params.requestid)/comments?access_token=$(params.access_token)
RESULT_ESCAPED=$(jq --null-input --arg result "${RESULT}" '$result')
BODY="{\"body\": ${RESULT_ESCAPED}}"
echo ${BODY}
curl -X 'POST' \
${APIURL} \
-s \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d "${BODY}"
echo ""
echo ""

33
kustomization/base/tekton/task/imageformater.yaml Normal file
View File

@ -0,0 +1,33 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: imageformater
spec:
description: transform image name to standart name
params:
- name: image
results:
- name: imagetag
steps:
- name: exec
image: alpine
command:
- /bin/sh
args:
- '-c'
- |
#set -ex
echo ""
echo "== IMAGE NAME FORMATER ==================================="
echo "IMAGE TAG BEFORE = $(params.image)"
temp="$(params.image)"
lowercase=$(echo "$temp" | awk '{print tolower($0)}')
echo "IMAGE TAF AFTER = ${lowercase}"
echo -n "${lowercase}" > "$(results.imagetag.path)"
echo ""
echo ""

28
kustomization/base/tekton/task/phpcsfixer.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: phpcsfixer
spec:
description: PHP-CS-Fixer on modified code
workspaces:
- name: source
- name: config
steps:
- name: exec
image: ghcr.io/php-cs-fixer/php-cs-fixer:3-php8.3
command:
- /bin/sh
args:
- '-c'
- |
#set -ex
cd $(workspaces.source.path)
echo ""
echo "== RUN PHP-CS-FIXER ======================================"
EXTRA_ARGS=$(printf -- '--path-mode=intersection -- %s' "${CHANGED_FILES}")
php-cs-fixer fix --dry-run --config=$(workspaces.config.path)/php-cs-fixer.dist.php ${EXTRA_ARGS} > temp_phpcsfixer.txt 2>&1
cat temp_phpcsfixer.txt
echo ""
echo ""

17
kustomization/base/tekton/task/symfonyapp/task/php-security-check.yaml → kustomization/base/tekton/task/phpsecuritycheck.yaml
View File

@ -1,7 +1,7 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: php-security-check
name: phpsecuritycheck
spec:
description: Check PHP security issues
workspaces:
@ -11,9 +11,22 @@ spec:
image: alpine:latest
script: |
#!/bin/sh
#set -ex
echo ""
echo "== INSTALL PHP-SECURITY-CHECKER =========================="
export PHP_SECURITY_CHECKER_VERSION=1.0.0
export ARG JQ_VERSION=1.6
wget -O /usr/local/bin/local-php-security-checker https://github.com/fabpot/local-php-security-checker/releases/download/v${PHP_SECURITY_CHECKER_VERSION}/local-php-security-checker_${PHP_SECURITY_CHECKER_VERSION}_linux_amd64 \
&& chmod +x /usr/local/bin/local-php-security-checker
echo ""
echo "== RUN PHP-SECURITY-CHECKER =============================="
cd $(workspaces.source.path)
local-php-security-checker --format=markdown || true
local-php-security-checker --format=markdown > temp_phpsecuritychecker.txt 2>&1
RESULT=$(cat temp_phpsecuritychecker.txt)
echo "${RESULT}"
echo ""
echo ""

21
kustomization/base/tekton/task/symfonyapp/task/phpstan.yaml → kustomization/base/tekton/task/phpstan.yaml
View File

@ -6,6 +6,10 @@ spec:
description: PHP-CS-Fixer on modified code
workspaces:
- name: source
params:
- name: apiurl
- name: requestid
- name: access_token
steps:
- name: exec
image: ghcr.io/phpstan/phpstan:1
@ -14,16 +18,27 @@ spec:
args:
- '-c'
- |
set -ex
#set -ex
echo ""
echo "== INSTALL PHPSTAN ======================================="
composer require phpstan/phpstan-symfony
composer require phpstan/phpstan-doctrine
cat << EOF > /app/phpstan.neon
includes:
- /app/vendor/phpstan/phpstan-symfony/extension.neon
- /app/vendor/phpstan/phpstan-doctrine/extension.neon
- /app/vendor/phpstan/phpstan-doctrine/rules.neon
EOF
echo ""
echo "== RUN PHPSTAN ==========================================="
cd $(workspaces.source.path)
php $(which phpstan) analyse -l 1 --error-format=table src/
php $(which phpstan) analyse -l 1 --error-format=table src/ > temp_phpstan.txt
RESULT=$(cat temp_phpstan.txt)
echo "${RESULT}"
echo ""
echo ""

2
kustomization/base/tekton/task/symfonyapp/task/php-unit-test.yaml → kustomization/base/tekton/task/phpunittest.yaml
View File

@ -1,7 +1,7 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: php-unit-test
name: phpunittest
spec:
description: PHP unit test with bdd sidecar
workspaces:

10
kustomization/base/tekton/task/symfonyapp/kustomization.yaml
View File

@ -1,10 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: tekton
resources:
- configmap/configmap-php-cs-fixer.yaml
- task/show-readme.yaml
- task/php-cs-fixer.yaml
- task/php-security-check.yaml
- task/phpstan.yaml
- task/php-unit-test.yaml

28
kustomization/base/tekton/task/symfonyapp/task/php-cs-fixer.yaml
View File

@ -1,28 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: php-cs-fixer
spec:
description: PHP-CS-Fixer on modified code
workspaces:
- name: source
- name: config
params:
- name: destination
default: develop
steps:
- name: exec
image: ghcr.io/php-cs-fixer/php-cs-fixer:3-php8.3
command:
- /bin/sh
args:
- '-c'
- |
set -ex
apk add git
cd $(workspaces.source.path)
#git config --global --add safe.directory /workspace/source
#git fetch origin $(params.destination)
#CHANGED_FILES=$(git diff --name-only --diff-filter=ACMRTUXB origin/$(params.destination) -- | grep -F ".php" | tr "\n" " ")
if ! echo "${CHANGED_FILES}" | grep -qE "^(\\.php-cs-fixer(\\.dist)\\.php?|composer\\.lock)$"; then EXTRA_ARGS=$(printf -- '--path-mode=intersection -- %s' "${CHANGED_FILES}"); else EXTRA_ARGS=''; fi
php-cs-fixer fix --dry-run --config=$(workspaces.config.path)/php-cs-fixer.dist.php ${EXTRA_ARGS}

15
kustomization/base/tekton/task/symfonyapp/task/show-readme.yaml
View File

@ -1,15 +0,0 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: show-readme
spec:
description: Read and display README file.
workspaces:
- name: source
steps:
- name: showreadme
image: alpine:latest
script: |
#!/usr/bin/env sh
cat $(workspaces.source.path)/README.md
ls $(workspaces.source.path)

60
kustomization/base/tekton/trigger/pipeline-symfonyapp-binding.yaml
View File

@ -1,60 +0,0 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: pipeline-symfonyapp-binding
spec:
params:
- name: ref
value: $(body.ref)
- name: before
value: $(body.before)
- name: after
value: $(body.after)
- name: compare_url
value: $(body.compare_url)
- name: repository.id
value: $(body.repository.id)
- name: repository.name
value: $(body.repository.name)
- name: repository.fullname
value: $(body.repository.full_name)
- name: repository.owner.id
value: $(body.repository.owner.id)
- name: repository_owner.username
value: $(body.repository.owner.username)
- name: repository_owner.full_name
value: $(body.repository.owner.full_name)
- name: repository.html_url
value: $(body.repository.html_url)
- name: repository.clone_url
value: $(body.repository.clone_url)
- name: repository.ssh_url
value: $(body.repository.ssh_url)
- name: repository.default_branch
value: $(body.repository.default_branch)
- name: pusher.id
value: $(body.pusher.id)
- name: pusher.username
value: $(body.pusher.username)
- name: pusher.full_name
value: $(body.pusher.full_name)
- name: sender.id
value: $(body.sender.id)
- name: sender.username
value: $(body.sender.username)
- name: sender.full_name
value: $(body.sender.full_name)
- name: commits.id
value: $(body.commits[0].id)
- name: commits.message
value: $(body.commits[0].message)
- name: commits.url
value: $(body.commits[0].url)
- name: commits.author.name
value: $(body.commits[0].author.name)
- name: commits.author.email
value: $(body.commits[0].author.email)
- name: commits.author.username
value: $(body.commits[0].author.username)
- name: commits.timestamp
value: $(body.commits[0].timestamp)

68
kustomization/base/tekton/trigger/pipeline-symfonyapp-template.yaml
View File

@ -1,68 +0,0 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: pipeline-symfonyapp-template
spec:
params:
- name: ref
- name: before
- name: after
- name: compare_url
- name: repository.id
- name: repository.name
- name: repository.full_name
- name: repository.owner.id
- name: repository_owner.username
- name: repository_owner.full_name
- name: repository.html_url
- name: repository.clone_url
- name: repository.ssh_url
- name: repository.default_branch
- name: pusher.id
- name: pusher.username
- name: pusher.full_name
- name: sender.id
- name: sender.username
- name: sender.full_name
- name: commits.id
- name: commits.message
- name: commits.url
- name: commits.author.name
- name: commits.author.email
- name: commits.author.username
- name: commits.timestamp
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: symfonyapp-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: pipeline-symfonyapp
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: config
configmap:
name: config-php-cs-fixer
- name: docker-credentials
secret:
secretName: regcred
params:
- name: url
value: $(tt.params.repository.html_url)
- name: revision
value: $(tt.params.ref)
- name: destination
value: sprint-8

16
kustomization/base/tekton/trigger/symfonybuild-binding.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: symfonybuild-binding
spec:
params:
- name: url
value: $(body.repository.clone_url)
- name: revision
value: $(body.release.target_commitish)
- name: image
value: reg.cadoles.com/$(body.repository.full_name):$(body.release.target_commitish)-$(body.release.tag_name)
- name: apiurl
value: $(body.release.url)
- name: requestid
value: $(body.release.id)

54
kustomization/base/tekton/trigger/symfonybuild-template.yaml Normal file
View File

@ -0,0 +1,54 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: symfonybuild-template
spec:
params:
- name: url
- name: revision
- name: image
- name: apiurl
- name: requestid
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: symfonybuild-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: symfonybuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: config
configmap:
name: config-phpcsfixer
- name: docker-credentials
secret:
secretName: regcred
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: $(tt.params.image)
- name: apiurl
value: $(tt.params.apiurl)
- name: requesttype
value: "release"
- name: requestid
value: $(tt.params.requestid)
- name: access_token
value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee

14
kustomization/base/tekton/trigger/symfonycheck-binding.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: symfonycheck-binding
spec:
params:
- name: url
value: $(body.pull_request.head.repo.clone_url)
- name: revision
value: $(body.pull_request.head.ref)
- name: apiurl
value: $(body.pull_request.head.repo.url)
- name: requestid
value: $(body.pull_request.number)

51
kustomization/base/tekton/trigger/symfonycheck-template.yaml Normal file
View File

@ -0,0 +1,51 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: symfonycheck-template
spec:
params:
- name: url
- name: revision
- name: apiurl
- name: requestid
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: symfonycheck-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: symfonycheck
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: config
configmap:
name: config-phpcsfixer
- name: docker-credentials
secret:
secretName: regcred
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: apiurl
value: $(tt.params.apiurl)
- name: requesttype
value: "pullrequest"
- name: requestid
value: $(tt.params.requestid)
- name: access_token
value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee