set gitea access token for symfony check

This commit is contained in:
Matthieu Lamalle 2024-03-22 11:46:39 +01:00
parent 4588441ddb
commit d097c822ae
4 changed files with 313 additions and 314 deletions

View File

@ -24,15 +24,13 @@ spec:
- name: requestid
type: string
description: The gitea request id.
- name: access_token
type: string
description: The gitea access_token id.
workspaces:
- name: shared-data
description: This workspace contains the cloned repo files, so they can be read by the next task.
- name: config
- name: docker-credentials
- name: gitea-access-token
tasks:
# 📥 Clone du repo git
@ -74,8 +72,6 @@ spec:
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
# ⭐ Exécution des tests php-cs-fixer
- name: phpcsfixer
@ -108,13 +104,13 @@ spec:
workspaces:
- name: source
workspace: shared-data
- name: gitea-access-token
workspace: gitea-access-token
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title
value: "PHP-CS-FIXER"
- name: filepath
@ -127,13 +123,13 @@ spec:
workspaces:
- name: source
workspace: shared-data
- name: gitea-access-token
workspace: gitea-access-token
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title
value: "PHPSTAN"
- name: filepath
@ -146,13 +142,13 @@ spec:
workspaces:
- name: source
workspace: shared-data
- name: gitea-access-token
workspace: gitea-access-token
params:
- name: apiurl
value: $(params.apiurl)
- name: requestid
value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title
value: "PHP-SECURITY-CHECK"
- name: filepath

View File

@ -9,7 +9,6 @@ spec:
params:
- name: apiurl
- name: requestid
- name: access_token
steps:
- name: exec
image: ghcr.io/phpstan/phpstan:1

View File

@ -15,105 +15,107 @@ spec:
- name: requesttype
resourcetemplates:
# # Portal
# - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun
# metadata:
# generateName: msebuild-portal-run-
# namespace: tekton
# spec:
# serviceAccountName: build-bot
# pipelineRef:
# name: imagebuild
# podTemplate:
# securityContext:
# fsGroup: 65532
# workspaces:
# - name: shared-data
# volumeClaimTemplate:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi
# - name: docker-credentials
# secret:
# secretName: regcred
# - name: git-credentials
# secret:
# secretName: git-credentials
# params:
# - name: url
# value: $(tt.params.url)
# - name: revision
# value: $(tt.params.revision)
# - name: image
# value: portal
# - name: tag
# value: $(tt.params.tag)
# - name: dockerfile
# value: ./misc/k8s/images/portal/Dockerfile
# - name: registry
# value: $(tt.params.registry)
# - name: apiurl
# value: $(tt.params.apiurl)
# - name: requestid
# value: $(tt.params.requestid)
# - name: requesttype
# value: pullrequest
# - name: access_token
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# Portal
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: msebuild-portal-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: imagebuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: docker-credentials
secret:
secretName: regcred
- name: git-credentials
secret:
secretName: git-credentials
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: portal
- name: tag
value: $(tt.params.tag)
- name: dockerfile
value: ./misc/k8s/images/portal/Dockerfile
- name: registry
value: $(tt.params.registry)
- name: apiurl
value: $(tt.params.apiurl)
- name: requestid
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest
# # Hydra Dispatcher Theme
# - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun
# metadata:
# generateName: msebuild-hydra-dispatcher-theme-run-
# namespace: tekton
# spec:
# serviceAccountName: build-bot
# pipelineRef:
# name: imagebuild
# podTemplate:
# securityContext:
# fsGroup: 65532
# workspaces:
# - name: shared-data
# volumeClaimTemplate:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi
# - name: docker-credentials
# secret:
# secretName: regcred
# - name: git-credentials
# secret:
# secretName: git-credentials
# params:
# - name: url
# value: $(tt.params.url)
# - name: revision
# value: $(tt.params.revision)
# - name: image
# value: hydra-dispatcher-theme
# - name: tag
# value: $(tt.params.tag)
# - name: dockerfile
# value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile
# - name: registry
# value: $(tt.params.registry)
# - name: apiurl
# value: $(tt.params.apiurl)
# - name: requestid
# value: $(tt.params.requestid)
# - name: requesttype
# value: pullrequest
# - name: access_token
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# Hydra Dispatcher Theme
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: msebuild-hydra-dispatcher-theme-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: imagebuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: docker-credentials
secret:
secretName: regcred
- name: git-credentials
secret:
secretName: git-credentials
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: hydra-dispatcher-theme
- name: tag
value: $(tt.params.tag)
- name: dockerfile
value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile
- name: registry
value: $(tt.params.registry)
- name: apiurl
value: $(tt.params.apiurl)
- name: requestid
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest
# Hydra SQL Theme
- apiVersion: tekton.dev/v1beta1
@ -166,206 +168,208 @@ spec:
- name: requesttype
value: pullrequest
# # Job Base
# - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun
# metadata:
# generateName: msebuild-job-base-run-
# namespace: tekton
# spec:
# serviceAccountName: build-bot
# pipelineRef:
# name: imagebuild
# podTemplate:
# securityContext:
# fsGroup: 65532
# workspaces:
# - name: shared-data
# volumeClaimTemplate:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi
# - name: docker-credentials
# secret:
# secretName: regcred
# - name: git-credentials
# secret:
# secretName: git-credentials
# params:
# - name: url
# value: $(tt.params.url)
# - name: revision
# value: $(tt.params.revision)
# - name: image
# value: job-base
# - name: tag
# value: $(tt.params.tag)
# - name: dockerfile
# value: ./misc/k8s/images/job-base/Dockerfile
# - name: registry
# value: $(tt.params.registry)
# - name: apiurl
# value: $(tt.params.apiurl)
# - name: requestid
# value: $(tt.params.requestid)
# - name: requesttype
# value: pullrequest
# - name: access_token
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# # Mock
# - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun
# metadata:
# generateName: msebuild-mock-run-
# namespace: tekton
# spec:
# serviceAccountName: build-bot
# pipelineRef:
# name: imagebuild
# podTemplate:
# securityContext:
# fsGroup: 65532
# workspaces:
# - name: shared-data
# volumeClaimTemplate:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi
# - name: docker-credentials
# secret:
# secretName: regcred
# - name: git-credentials
# secret:
# secretName: git-credentials
# params:
# - name: url
# value: $(tt.params.url)
# - name: revision
# value: $(tt.params.revision)
# - name: image
# value: mock
# - name: tag
# value: $(tt.params.tag)
# - name: dockerfile
# value: ./misc/k8s/images/mock/Dockerfile
# - name: registry
# value: $(tt.params.registry)
# - name: apiurl
# value: $(tt.params.apiurl)
# - name: requestid
# value: $(tt.params.requestid)
# - name: requesttype
# value: pullrequest
# - name: access_token
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# # Ines
# - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun
# metadata:
# generateName: msebuild-ines-run-
# namespace: tekton
# spec:
# serviceAccountName: build-bot
# pipelineRef:
# name: imagebuild
# podTemplate:
# securityContext:
# fsGroup: 65532
# workspaces:
# - name: shared-data
# volumeClaimTemplate:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi
# - name: docker-credentials
# secret:
# secretName: regcred
# - name: git-credentials
# secret:
# secretName: git-credentials
# params:
# - name: url
# value: $(tt.params.url)
# - name: revision
# value: $(tt.params.revision)
# - name: image
# value: ines
# - name: tag
# value: $(tt.params.tag)
# - name: dockerfile
# value: ./misc/k8s/images/ines/Dockerfile
# - name: registry
# value: $(tt.params.registry)
# - name: apiurl
# value: $(tt.params.apiurl)
# - name: requestid
# value: $(tt.params.requestid)
# - name: requesttype
# value: pullrequest
# - name: access_token
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# # Shibboleth-sp
# - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun
# metadata:
# generateName: msebuild-shibboleth-sp-run-
# namespace: tekton
# spec:
# serviceAccountName: build-bot
# pipelineRef:
# name: imagebuild
# podTemplate:
# securityContext:
# fsGroup: 65532
# workspaces:
# - name: shared-data
# volumeClaimTemplate:
# spec:
# accessModes:
# - ReadWriteOnce
# resources:
# requests:
# storage: 1Gi
# - name: docker-credentials
# secret:
# secretName: regcred
# - name: git-credentials
# secret:
# secretName: git-credentials
# params:
# - name: url
# value: $(tt.params.url)
# - name: revision
# value: $(tt.params.revision)
# - name: image
# value: shibboleth-sp
# - name: tag
# value: $(tt.params.tag)
# - name: dockerfile
# value: ./misc/k8s/images/sp/Dockerfile
# - name: registry
# value: $(tt.params.registry)
# - name: apiurl
# value: $(tt.params.apiurl)
# - name: requestid
# value: $(tt.params.requestid)
# - name: requesttype
# value: pullrequest
# - name: access_token
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# Job Base
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: msebuild-job-base-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: imagebuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: docker-credentials
secret:
secretName: regcred
- name: git-credentials
secret:
secretName: git-credentials
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: job-base
- name: tag
value: $(tt.params.tag)
- name: dockerfile
value: ./misc/k8s/images/job-base/Dockerfile
- name: registry
value: $(tt.params.registry)
- name: apiurl
value: $(tt.params.apiurl)
- name: requestid
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest
# Mock
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: msebuild-mock-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: imagebuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: docker-credentials
secret:
secretName: regcred
- name: git-credentials
secret:
secretName: git-credentials
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: mock
- name: tag
value: $(tt.params.tag)
- name: dockerfile
value: ./misc/k8s/images/mock/Dockerfile
- name: registry
value: $(tt.params.registry)
- name: apiurl
value: $(tt.params.apiurl)
- name: requestid
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest
# Ines
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: msebuild-ines-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: imagebuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: docker-credentials
secret:
secretName: regcred
- name: git-credentials
secret:
secretName: git-credentials
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: ines
- name: tag
value: $(tt.params.tag)
- name: dockerfile
value: ./misc/k8s/images/ines/Dockerfile
- name: registry
value: $(tt.params.registry)
- name: apiurl
value: $(tt.params.apiurl)
- name: requestid
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest
# Shibboleth-sp
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: msebuild-shibboleth-sp-run-
namespace: tekton
spec:
serviceAccountName: build-bot
pipelineRef:
name: imagebuild
podTemplate:
securityContext:
fsGroup: 65532
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: docker-credentials
secret:
secretName: regcred
- name: git-credentials
secret:
secretName: git-credentials
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
- name: revision
value: $(tt.params.revision)
- name: image
value: shibboleth-sp
- name: tag
value: $(tt.params.tag)
- name: dockerfile
value: ./misc/k8s/images/sp/Dockerfile
- name: registry
value: $(tt.params.registry)
- name: apiurl
value: $(tt.params.apiurl)
- name: requestid
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest

View File

@ -10,7 +10,6 @@ spec:
- name: destination
- name: apiurl
- name: requesttype
- name: access_token
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
@ -39,6 +38,9 @@ spec:
- name: docker-credentials
secret:
secretName: regcred
- name: gitea-access-token
secret:
secretName: gitea-access-token
params:
- name: url
value: $(tt.params.url)
@ -52,5 +54,3 @@ spec:
value: $(tt.params.requestid)
- name: requesttype
value: pullrequest
- name: access_token
value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee