diff --git a/kustomization/base/tekton/pipeline/symfonycheck.yaml b/kustomization/base/tekton/pipeline/symfonycheck.yaml index fecaa90..c71b8d5 100644 --- a/kustomization/base/tekton/pipeline/symfonycheck.yaml +++ b/kustomization/base/tekton/pipeline/symfonycheck.yaml @@ -24,15 +24,13 @@ spec: - name: requestid type: string description: The gitea request id. - - name: access_token - type: string - description: The gitea access_token id. workspaces: - name: shared-data description: This workspace contains the cloned repo files, so they can be read by the next task. - name: config - name: docker-credentials + - name: gitea-access-token tasks: # đŸ“„ Clone du repo git @@ -74,8 +72,6 @@ spec: value: $(params.apiurl) - name: requestid value: $(params.requestid) - - name: access_token - value: $(params.access_token) # ⭐ ExĂ©cution des tests php-cs-fixer - name: phpcsfixer @@ -108,13 +104,13 @@ spec: workspaces: - name: source workspace: shared-data + - name: gitea-access-token + workspace: gitea-access-token params: - name: apiurl value: $(params.apiurl) - name: requestid value: $(params.requestid) - - name: access_token - value: $(params.access_token) - name: title value: "PHP-CS-FIXER" - name: filepath @@ -127,13 +123,13 @@ spec: workspaces: - name: source workspace: shared-data + - name: gitea-access-token + workspace: gitea-access-token params: - name: apiurl value: $(params.apiurl) - name: requestid value: $(params.requestid) - - name: access_token - value: $(params.access_token) - name: title value: "PHPSTAN" - name: filepath @@ -146,13 +142,13 @@ spec: workspaces: - name: source workspace: shared-data + - name: gitea-access-token + workspace: gitea-access-token params: - name: apiurl value: $(params.apiurl) - name: requestid value: $(params.requestid) - - name: access_token - value: $(params.access_token) - name: title value: "PHP-SECURITY-CHECK" - name: filepath diff --git a/kustomization/base/tekton/task/symfonyapp/phpstan.yaml b/kustomization/base/tekton/task/symfonyapp/phpstan.yaml index 11c2860..99756d6 100644 --- a/kustomization/base/tekton/task/symfonyapp/phpstan.yaml +++ b/kustomization/base/tekton/task/symfonyapp/phpstan.yaml @@ -9,7 +9,6 @@ spec: params: - name: apiurl - name: requestid - - name: access_token steps: - name: exec image: ghcr.io/phpstan/phpstan:1 diff --git a/kustomization/base/tekton/trigger/msebuild-template.yaml b/kustomization/base/tekton/trigger/msebuild-template.yaml index 0f9a317..3d02503 100644 --- a/kustomization/base/tekton/trigger/msebuild-template.yaml +++ b/kustomization/base/tekton/trigger/msebuild-template.yaml @@ -15,105 +15,107 @@ spec: - name: requesttype resourcetemplates: - # # Portal - # - apiVersion: tekton.dev/v1beta1 - # kind: PipelineRun - # metadata: - # generateName: msebuild-portal-run- - # namespace: tekton - # spec: - # serviceAccountName: build-bot - # pipelineRef: - # name: imagebuild - # podTemplate: - # securityContext: - # fsGroup: 65532 - # workspaces: - # - name: shared-data - # volumeClaimTemplate: - # spec: - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1Gi - # - name: docker-credentials - # secret: - # secretName: regcred - # - name: git-credentials - # secret: - # secretName: git-credentials - # params: - # - name: url - # value: $(tt.params.url) - # - name: revision - # value: $(tt.params.revision) - # - name: image - # value: portal - # - name: tag - # value: $(tt.params.tag) - # - name: dockerfile - # value: ./misc/k8s/images/portal/Dockerfile - # - name: registry - # value: $(tt.params.registry) - # - name: apiurl - # value: $(tt.params.apiurl) - # - name: requestid - # value: $(tt.params.requestid) - # - name: requesttype - # value: pullrequest - # - name: access_token - # value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee + # Portal + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: msebuild-portal-run- + namespace: tekton + spec: + serviceAccountName: build-bot + pipelineRef: + name: imagebuild + podTemplate: + securityContext: + fsGroup: 65532 + workspaces: + - name: shared-data + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: docker-credentials + secret: + secretName: regcred + - name: git-credentials + secret: + secretName: git-credentials + - name: gitea-access-token + secret: + secretName: gitea-access-token + params: + - name: url + value: $(tt.params.url) + - name: revision + value: $(tt.params.revision) + - name: image + value: portal + - name: tag + value: $(tt.params.tag) + - name: dockerfile + value: ./misc/k8s/images/portal/Dockerfile + - name: registry + value: $(tt.params.registry) + - name: apiurl + value: $(tt.params.apiurl) + - name: requestid + value: $(tt.params.requestid) + - name: requesttype + value: pullrequest - # # Hydra Dispatcher Theme - # - apiVersion: tekton.dev/v1beta1 - # kind: PipelineRun - # metadata: - # generateName: msebuild-hydra-dispatcher-theme-run- - # namespace: tekton - # spec: - # serviceAccountName: build-bot - # pipelineRef: - # name: imagebuild - # podTemplate: - # securityContext: - # fsGroup: 65532 - # workspaces: - # - name: shared-data - # volumeClaimTemplate: - # spec: - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1Gi - # - name: docker-credentials - # secret: - # secretName: regcred - # - name: git-credentials - # secret: - # secretName: git-credentials - # params: - # - name: url - # value: $(tt.params.url) - # - name: revision - # value: $(tt.params.revision) - # - name: image - # value: hydra-dispatcher-theme - # - name: tag - # value: $(tt.params.tag) - # - name: dockerfile - # value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile - # - name: registry - # value: $(tt.params.registry) - # - name: apiurl - # value: $(tt.params.apiurl) - # - name: requestid - # value: $(tt.params.requestid) - # - name: requesttype - # value: pullrequest - # - name: access_token - # value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee + # Hydra Dispatcher Theme + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: msebuild-hydra-dispatcher-theme-run- + namespace: tekton + spec: + serviceAccountName: build-bot + pipelineRef: + name: imagebuild + podTemplate: + securityContext: + fsGroup: 65532 + workspaces: + - name: shared-data + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: docker-credentials + secret: + secretName: regcred + - name: git-credentials + secret: + secretName: git-credentials + - name: gitea-access-token + secret: + secretName: gitea-access-token + params: + - name: url + value: $(tt.params.url) + - name: revision + value: $(tt.params.revision) + - name: image + value: hydra-dispatcher-theme + - name: tag + value: $(tt.params.tag) + - name: dockerfile + value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile + - name: registry + value: $(tt.params.registry) + - name: apiurl + value: $(tt.params.apiurl) + - name: requestid + value: $(tt.params.requestid) + - name: requesttype + value: pullrequest # Hydra SQL Theme - apiVersion: tekton.dev/v1beta1 @@ -166,206 +168,208 @@ spec: - name: requesttype value: pullrequest - - - # # Job Base - # - apiVersion: tekton.dev/v1beta1 - # kind: PipelineRun - # metadata: - # generateName: msebuild-job-base-run- - # namespace: tekton - # spec: - # serviceAccountName: build-bot - # pipelineRef: - # name: imagebuild - # podTemplate: - # securityContext: - # fsGroup: 65532 - # workspaces: - # - name: shared-data - # volumeClaimTemplate: - # spec: - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1Gi - # - name: docker-credentials - # secret: - # secretName: regcred - # - name: git-credentials - # secret: - # secretName: git-credentials - # params: - # - name: url - # value: $(tt.params.url) - # - name: revision - # value: $(tt.params.revision) - # - name: image - # value: job-base - # - name: tag - # value: $(tt.params.tag) - # - name: dockerfile - # value: ./misc/k8s/images/job-base/Dockerfile - # - name: registry - # value: $(tt.params.registry) - # - name: apiurl - # value: $(tt.params.apiurl) - # - name: requestid - # value: $(tt.params.requestid) - # - name: requesttype - # value: pullrequest - # - name: access_token - # value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee - - # # Mock - # - apiVersion: tekton.dev/v1beta1 - # kind: PipelineRun - # metadata: - # generateName: msebuild-mock-run- - # namespace: tekton - # spec: - # serviceAccountName: build-bot - # pipelineRef: - # name: imagebuild - # podTemplate: - # securityContext: - # fsGroup: 65532 - # workspaces: - # - name: shared-data - # volumeClaimTemplate: - # spec: - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1Gi - # - name: docker-credentials - # secret: - # secretName: regcred - # - name: git-credentials - # secret: - # secretName: git-credentials - # params: - # - name: url - # value: $(tt.params.url) - # - name: revision - # value: $(tt.params.revision) - # - name: image - # value: mock - # - name: tag - # value: $(tt.params.tag) - # - name: dockerfile - # value: ./misc/k8s/images/mock/Dockerfile - # - name: registry - # value: $(tt.params.registry) - # - name: apiurl - # value: $(tt.params.apiurl) - # - name: requestid - # value: $(tt.params.requestid) - # - name: requesttype - # value: pullrequest - # - name: access_token - # value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee - - # # Ines - # - apiVersion: tekton.dev/v1beta1 - # kind: PipelineRun - # metadata: - # generateName: msebuild-ines-run- - # namespace: tekton - # spec: - # serviceAccountName: build-bot - # pipelineRef: - # name: imagebuild - # podTemplate: - # securityContext: - # fsGroup: 65532 - # workspaces: - # - name: shared-data - # volumeClaimTemplate: - # spec: - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1Gi - # - name: docker-credentials - # secret: - # secretName: regcred - # - name: git-credentials - # secret: - # secretName: git-credentials - # params: - # - name: url - # value: $(tt.params.url) - # - name: revision - # value: $(tt.params.revision) - # - name: image - # value: ines - # - name: tag - # value: $(tt.params.tag) - # - name: dockerfile - # value: ./misc/k8s/images/ines/Dockerfile - # - name: registry - # value: $(tt.params.registry) - # - name: apiurl - # value: $(tt.params.apiurl) - # - name: requestid - # value: $(tt.params.requestid) - # - name: requesttype - # value: pullrequest - # - name: access_token - # value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee - - # # Shibboleth-sp - # - apiVersion: tekton.dev/v1beta1 - # kind: PipelineRun - # metadata: - # generateName: msebuild-shibboleth-sp-run- - # namespace: tekton - # spec: - # serviceAccountName: build-bot - # pipelineRef: - # name: imagebuild - # podTemplate: - # securityContext: - # fsGroup: 65532 - # workspaces: - # - name: shared-data - # volumeClaimTemplate: - # spec: - # accessModes: - # - ReadWriteOnce - # resources: - # requests: - # storage: 1Gi - # - name: docker-credentials - # secret: - # secretName: regcred - # - name: git-credentials - # secret: - # secretName: git-credentials - # params: - # - name: url - # value: $(tt.params.url) - # - name: revision - # value: $(tt.params.revision) - # - name: image - # value: shibboleth-sp - # - name: tag - # value: $(tt.params.tag) - # - name: dockerfile - # value: ./misc/k8s/images/sp/Dockerfile - # - name: registry - # value: $(tt.params.registry) - # - name: apiurl - # value: $(tt.params.apiurl) - # - name: requestid - # value: $(tt.params.requestid) - # - name: requesttype - # value: pullrequest - # - name: access_token - # value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee + # Job Base + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: msebuild-job-base-run- + namespace: tekton + spec: + serviceAccountName: build-bot + pipelineRef: + name: imagebuild + podTemplate: + securityContext: + fsGroup: 65532 + workspaces: + - name: shared-data + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: docker-credentials + secret: + secretName: regcred + - name: git-credentials + secret: + secretName: git-credentials + - name: gitea-access-token + secret: + secretName: gitea-access-token + params: + - name: url + value: $(tt.params.url) + - name: revision + value: $(tt.params.revision) + - name: image + value: job-base + - name: tag + value: $(tt.params.tag) + - name: dockerfile + value: ./misc/k8s/images/job-base/Dockerfile + - name: registry + value: $(tt.params.registry) + - name: apiurl + value: $(tt.params.apiurl) + - name: requestid + value: $(tt.params.requestid) + - name: requesttype + value: pullrequest + + # Mock + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: msebuild-mock-run- + namespace: tekton + spec: + serviceAccountName: build-bot + pipelineRef: + name: imagebuild + podTemplate: + securityContext: + fsGroup: 65532 + workspaces: + - name: shared-data + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: docker-credentials + secret: + secretName: regcred + - name: git-credentials + secret: + secretName: git-credentials + - name: gitea-access-token + secret: + secretName: gitea-access-token + params: + - name: url + value: $(tt.params.url) + - name: revision + value: $(tt.params.revision) + - name: image + value: mock + - name: tag + value: $(tt.params.tag) + - name: dockerfile + value: ./misc/k8s/images/mock/Dockerfile + - name: registry + value: $(tt.params.registry) + - name: apiurl + value: $(tt.params.apiurl) + - name: requestid + value: $(tt.params.requestid) + - name: requesttype + value: pullrequest + + # Ines + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: msebuild-ines-run- + namespace: tekton + spec: + serviceAccountName: build-bot + pipelineRef: + name: imagebuild + podTemplate: + securityContext: + fsGroup: 65532 + workspaces: + - name: shared-data + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: docker-credentials + secret: + secretName: regcred + - name: git-credentials + secret: + secretName: git-credentials + - name: gitea-access-token + secret: + secretName: gitea-access-token + params: + - name: url + value: $(tt.params.url) + - name: revision + value: $(tt.params.revision) + - name: image + value: ines + - name: tag + value: $(tt.params.tag) + - name: dockerfile + value: ./misc/k8s/images/ines/Dockerfile + - name: registry + value: $(tt.params.registry) + - name: apiurl + value: $(tt.params.apiurl) + - name: requestid + value: $(tt.params.requestid) + - name: requesttype + value: pullrequest + + # Shibboleth-sp + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: msebuild-shibboleth-sp-run- + namespace: tekton + spec: + serviceAccountName: build-bot + pipelineRef: + name: imagebuild + podTemplate: + securityContext: + fsGroup: 65532 + workspaces: + - name: shared-data + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: docker-credentials + secret: + secretName: regcred + - name: git-credentials + secret: + secretName: git-credentials + - name: gitea-access-token + secret: + secretName: gitea-access-token + params: + - name: url + value: $(tt.params.url) + - name: revision + value: $(tt.params.revision) + - name: image + value: shibboleth-sp + - name: tag + value: $(tt.params.tag) + - name: dockerfile + value: ./misc/k8s/images/sp/Dockerfile + - name: registry + value: $(tt.params.registry) + - name: apiurl + value: $(tt.params.apiurl) + - name: requestid + value: $(tt.params.requestid) + - name: requesttype + value: pullrequest diff --git a/kustomization/base/tekton/trigger/symfonycheck-template.yaml b/kustomization/base/tekton/trigger/symfonycheck-template.yaml index 3c907c0..a0c280f 100644 --- a/kustomization/base/tekton/trigger/symfonycheck-template.yaml +++ b/kustomization/base/tekton/trigger/symfonycheck-template.yaml @@ -10,7 +10,6 @@ spec: - name: destination - name: apiurl - name: requesttype - - name: access_token resourcetemplates: - apiVersion: tekton.dev/v1beta1 kind: PipelineRun @@ -39,6 +38,9 @@ spec: - name: docker-credentials secret: secretName: regcred + - name: gitea-access-token + secret: + secretName: gitea-access-token params: - name: url value: $(tt.params.url) @@ -52,5 +54,3 @@ spec: value: $(tt.params.requestid) - name: requesttype value: pullrequest - - name: access_token - value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee