mlamalle/mse-tekton
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

set gitea access token for symfony check

Browse Source
This commit is contained in:
Matthieu Lamalle 2024-03-22 11:46:39 +01:00
parent 4588441ddb
commit d097c822ae
4 changed files with 313 additions and 314 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
kustomization/base/tekton/pipeline/symfonycheck.yaml
View File

@ -24,15 +24,13 @@ spec:
- name: requestid - name: requestid
type: string type: string
description: The gitea request id. description: The gitea request id.
- name: access_token
type: string
description: The gitea access_token id.
workspaces: workspaces:
- name: shared-data - name: shared-data
description: This workspace contains the cloned repo files, so they can be read by the next task. description: This workspace contains the cloned repo files, so they can be read by the next task.
- name: config - name: config
- name: docker-credentials - name: docker-credentials
- name: gitea-access-token
tasks: tasks:
# 📥 Clone du repo git # 📥 Clone du repo git
@ -74,8 +72,6 @@ spec:
value: $(params.apiurl) value: $(params.apiurl)
- name: requestid - name: requestid
value: $(params.requestid) value: $(params.requestid)
- name: access_token
value: $(params.access_token)
# ⭐ Exécution des tests php-cs-fixer # ⭐ Exécution des tests php-cs-fixer
- name: phpcsfixer - name: phpcsfixer
@ -108,13 +104,13 @@ spec:
workspaces: workspaces:
- name: source - name: source
workspace: shared-data workspace: shared-data
- name: gitea-access-token
workspace: gitea-access-token
params: params:
- name: apiurl - name: apiurl
value: $(params.apiurl) value: $(params.apiurl)
- name: requestid - name: requestid
value: $(params.requestid) value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title - name: title
value: "PHP-CS-FIXER" value: "PHP-CS-FIXER"
- name: filepath - name: filepath
@ -127,13 +123,13 @@ spec:
workspaces: workspaces:
- name: source - name: source
workspace: shared-data workspace: shared-data
- name: gitea-access-token
workspace: gitea-access-token
params: params:
- name: apiurl - name: apiurl
value: $(params.apiurl) value: $(params.apiurl)
- name: requestid - name: requestid
value: $(params.requestid) value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title - name: title
value: "PHPSTAN" value: "PHPSTAN"
- name: filepath - name: filepath
@ -146,13 +142,13 @@ spec:
workspaces: workspaces:
- name: source - name: source
workspace: shared-data workspace: shared-data
- name: gitea-access-token
workspace: gitea-access-token
params: params:
- name: apiurl - name: apiurl
value: $(params.apiurl) value: $(params.apiurl)
- name: requestid - name: requestid
value: $(params.requestid) value: $(params.requestid)
- name: access_token
value: $(params.access_token)
- name: title - name: title
value: "PHP-SECURITY-CHECK" value: "PHP-SECURITY-CHECK"
- name: filepath - name: filepath

1
kustomization/base/tekton/task/symfonyapp/phpstan.yaml
View File

@ -9,7 +9,6 @@ spec:
params: params:
- name: apiurl - name: apiurl
- name: requestid - name: requestid
- name: access_token
steps: steps:
- name: exec - name: exec
image: ghcr.io/phpstan/phpstan:1 image: ghcr.io/phpstan/phpstan:1

602
kustomization/base/tekton/trigger/msebuild-template.yaml
View File

@ -15,105 +15,107 @@ spec:
- name: requesttype - name: requesttype
resourcetemplates: resourcetemplates:
# # Portal # Portal
# - apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun kind: PipelineRun
# metadata: metadata:
# generateName: msebuild-portal-run- generateName: msebuild-portal-run-
# namespace: tekton namespace: tekton
# spec: spec:
# serviceAccountName: build-bot serviceAccountName: build-bot
# pipelineRef: pipelineRef:
# name: imagebuild name: imagebuild
# podTemplate: podTemplate:
# securityContext: securityContext:
# fsGroup: 65532 fsGroup: 65532
# workspaces: workspaces:
# - name: shared-data - name: shared-data
# volumeClaimTemplate: volumeClaimTemplate:
# spec: spec:
# accessModes: accessModes:
# - ReadWriteOnce - ReadWriteOnce
# resources: resources:
# requests: requests:
# storage: 1Gi storage: 1Gi
# - name: docker-credentials - name: docker-credentials
# secret: secret:
# secretName: regcred secretName: regcred
# - name: git-credentials - name: git-credentials
# secret: secret:
# secretName: git-credentials secretName: git-credentials
# params: - name: gitea-access-token
# - name: url secret:
# value: $(tt.params.url) secretName: gitea-access-token
# - name: revision params:
# value: $(tt.params.revision) - name: url
# - name: image value: $(tt.params.url)
# value: portal - name: revision
# - name: tag value: $(tt.params.revision)
# value: $(tt.params.tag) - name: image
# - name: dockerfile value: portal
# value: ./misc/k8s/images/portal/Dockerfile - name: tag
# - name: registry value: $(tt.params.tag)
# value: $(tt.params.registry) - name: dockerfile
# - name: apiurl value: ./misc/k8s/images/portal/Dockerfile
# value: $(tt.params.apiurl) - name: registry
# - name: requestid value: $(tt.params.registry)
# value: $(tt.params.requestid) - name: apiurl
# - name: requesttype value: $(tt.params.apiurl)
# value: pullrequest - name: requestid
# - name: access_token value: $(tt.params.requestid)
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee - name: requesttype
value: pullrequest
# # Hydra Dispatcher Theme # Hydra Dispatcher Theme
# - apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun kind: PipelineRun
# metadata: metadata:
# generateName: msebuild-hydra-dispatcher-theme-run- generateName: msebuild-hydra-dispatcher-theme-run-
# namespace: tekton namespace: tekton
# spec: spec:
# serviceAccountName: build-bot serviceAccountName: build-bot
# pipelineRef: pipelineRef:
# name: imagebuild name: imagebuild
# podTemplate: podTemplate:
# securityContext: securityContext:
# fsGroup: 65532 fsGroup: 65532
# workspaces: workspaces:
# - name: shared-data - name: shared-data
# volumeClaimTemplate: volumeClaimTemplate:
# spec: spec:
# accessModes: accessModes:
# - ReadWriteOnce - ReadWriteOnce
# resources: resources:
# requests: requests:
# storage: 1Gi storage: 1Gi
# - name: docker-credentials - name: docker-credentials
# secret: secret:
# secretName: regcred secretName: regcred
# - name: git-credentials - name: git-credentials
# secret: secret:
# secretName: git-credentials secretName: git-credentials
# params: - name: gitea-access-token
# - name: url secret:
# value: $(tt.params.url) secretName: gitea-access-token
# - name: revision params:
# value: $(tt.params.revision) - name: url
# - name: image value: $(tt.params.url)
# value: hydra-dispatcher-theme - name: revision
# - name: tag value: $(tt.params.revision)
# value: $(tt.params.tag) - name: image
# - name: dockerfile value: hydra-dispatcher-theme
# value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile - name: tag
# - name: registry value: $(tt.params.tag)
# value: $(tt.params.registry) - name: dockerfile
# - name: apiurl value: ./misc/k8s/images/hydra-dispatcher-mse-theme/Dockerfile
# value: $(tt.params.apiurl) - name: registry
# - name: requestid value: $(tt.params.registry)
# value: $(tt.params.requestid) - name: apiurl
# - name: requesttype value: $(tt.params.apiurl)
# value: pullrequest - name: requestid
# - name: access_token value: $(tt.params.requestid)
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee - name: requesttype
value: pullrequest
# Hydra SQL Theme # Hydra SQL Theme
- apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
@ -166,206 +168,208 @@ spec:
- name: requesttype - name: requesttype
value: pullrequest value: pullrequest
# Job Base
- apiVersion: tekton.dev/v1beta1
# # Job Base kind: PipelineRun
# - apiVersion: tekton.dev/v1beta1 metadata:
# kind: PipelineRun generateName: msebuild-job-base-run-
# metadata: namespace: tekton
# generateName: msebuild-job-base-run- spec:
# namespace: tekton serviceAccountName: build-bot
# spec: pipelineRef:
# serviceAccountName: build-bot name: imagebuild
# pipelineRef: podTemplate:
# name: imagebuild securityContext:
# podTemplate: fsGroup: 65532
# securityContext: workspaces:
# fsGroup: 65532 - name: shared-data
# workspaces: volumeClaimTemplate:
# - name: shared-data spec:
# volumeClaimTemplate: accessModes:
# spec: - ReadWriteOnce
# accessModes: resources:
# - ReadWriteOnce requests:
# resources: storage: 1Gi
# requests: - name: docker-credentials
# storage: 1Gi secret:
# - name: docker-credentials secretName: regcred
# secret: - name: git-credentials
# secretName: regcred secret:
# - name: git-credentials secretName: git-credentials
# secret: - name: gitea-access-token
# secretName: git-credentials secret:
# params: secretName: gitea-access-token
# - name: url params:
# value: $(tt.params.url) - name: url
# - name: revision value: $(tt.params.url)
# value: $(tt.params.revision) - name: revision
# - name: image value: $(tt.params.revision)
# value: job-base - name: image
# - name: tag value: job-base
# value: $(tt.params.tag) - name: tag
# - name: dockerfile value: $(tt.params.tag)
# value: ./misc/k8s/images/job-base/Dockerfile - name: dockerfile
# - name: registry value: ./misc/k8s/images/job-base/Dockerfile
# value: $(tt.params.registry) - name: registry
# - name: apiurl value: $(tt.params.registry)
# value: $(tt.params.apiurl) - name: apiurl
# - name: requestid value: $(tt.params.apiurl)
# value: $(tt.params.requestid) - name: requestid
# - name: requesttype value: $(tt.params.requestid)
# value: pullrequest - name: requesttype
# - name: access_token value: pullrequest
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee
# Mock
# # Mock - apiVersion: tekton.dev/v1beta1
# - apiVersion: tekton.dev/v1beta1 kind: PipelineRun
# kind: PipelineRun metadata:
# metadata: generateName: msebuild-mock-run-
# generateName: msebuild-mock-run- namespace: tekton
# namespace: tekton spec:
# spec: serviceAccountName: build-bot
# serviceAccountName: build-bot pipelineRef:
# pipelineRef: name: imagebuild
# name: imagebuild podTemplate:
# podTemplate: securityContext:
# securityContext: fsGroup: 65532
# fsGroup: 65532 workspaces:
# workspaces: - name: shared-data
# - name: shared-data volumeClaimTemplate:
# volumeClaimTemplate: spec:
# spec: accessModes:
# accessModes: - ReadWriteOnce
# - ReadWriteOnce resources:
# resources: requests:
# requests: storage: 1Gi
# storage: 1Gi - name: docker-credentials
# - name: docker-credentials secret:
# secret: secretName: regcred
# secretName: regcred - name: git-credentials
# - name: git-credentials secret:
# secret: secretName: git-credentials
# secretName: git-credentials - name: gitea-access-token
# params: secret:
# - name: url secretName: gitea-access-token
# value: $(tt.params.url) params:
# - name: revision - name: url
# value: $(tt.params.revision) value: $(tt.params.url)
# - name: image - name: revision
# value: mock value: $(tt.params.revision)
# - name: tag - name: image
# value: $(tt.params.tag) value: mock
# - name: dockerfile - name: tag
# value: ./misc/k8s/images/mock/Dockerfile value: $(tt.params.tag)
# - name: registry - name: dockerfile
# value: $(tt.params.registry) value: ./misc/k8s/images/mock/Dockerfile
# - name: apiurl - name: registry
# value: $(tt.params.apiurl) value: $(tt.params.registry)
# - name: requestid - name: apiurl
# value: $(tt.params.requestid) value: $(tt.params.apiurl)
# - name: requesttype - name: requestid
# value: pullrequest value: $(tt.params.requestid)
# - name: access_token - name: requesttype
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee value: pullrequest
# # Ines # Ines
# - apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
# kind: PipelineRun kind: PipelineRun
# metadata: metadata:
# generateName: msebuild-ines-run- generateName: msebuild-ines-run-
# namespace: tekton namespace: tekton
# spec: spec:
# serviceAccountName: build-bot serviceAccountName: build-bot
# pipelineRef: pipelineRef:
# name: imagebuild name: imagebuild
# podTemplate: podTemplate:
# securityContext: securityContext:
# fsGroup: 65532 fsGroup: 65532
# workspaces: workspaces:
# - name: shared-data - name: shared-data
# volumeClaimTemplate: volumeClaimTemplate:
# spec: spec:
# accessModes: accessModes:
# - ReadWriteOnce - ReadWriteOnce
# resources: resources:
# requests: requests:
# storage: 1Gi storage: 1Gi
# - name: docker-credentials - name: docker-credentials
# secret: secret:
# secretName: regcred secretName: regcred
# - name: git-credentials - name: git-credentials
# secret: secret:
# secretName: git-credentials secretName: git-credentials
# params: - name: gitea-access-token
# - name: url secret:
# value: $(tt.params.url) secretName: gitea-access-token
# - name: revision params:
# value: $(tt.params.revision) - name: url
# - name: image value: $(tt.params.url)
# value: ines - name: revision
# - name: tag value: $(tt.params.revision)
# value: $(tt.params.tag) - name: image
# - name: dockerfile value: ines
# value: ./misc/k8s/images/ines/Dockerfile - name: tag
# - name: registry value: $(tt.params.tag)
# value: $(tt.params.registry) - name: dockerfile
# - name: apiurl value: ./misc/k8s/images/ines/Dockerfile
# value: $(tt.params.apiurl) - name: registry
# - name: requestid value: $(tt.params.registry)
# value: $(tt.params.requestid) - name: apiurl
# - name: requesttype value: $(tt.params.apiurl)
# value: pullrequest - name: requestid
# - name: access_token value: $(tt.params.requestid)
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee - name: requesttype
value: pullrequest
# # Shibboleth-sp
# - apiVersion: tekton.dev/v1beta1 # Shibboleth-sp
# kind: PipelineRun - apiVersion: tekton.dev/v1beta1
# metadata: kind: PipelineRun
# generateName: msebuild-shibboleth-sp-run- metadata:
# namespace: tekton generateName: msebuild-shibboleth-sp-run-
# spec: namespace: tekton
# serviceAccountName: build-bot spec:
# pipelineRef: serviceAccountName: build-bot
# name: imagebuild pipelineRef:
# podTemplate: name: imagebuild
# securityContext: podTemplate:
# fsGroup: 65532 securityContext:
# workspaces: fsGroup: 65532
# - name: shared-data workspaces:
# volumeClaimTemplate: - name: shared-data
# spec: volumeClaimTemplate:
# accessModes: spec:
# - ReadWriteOnce accessModes:
# resources: - ReadWriteOnce
# requests: resources:
# storage: 1Gi requests:
# - name: docker-credentials storage: 1Gi
# secret: - name: docker-credentials
# secretName: regcred secret:
# - name: git-credentials secretName: regcred
# secret: - name: git-credentials
# secretName: git-credentials secret:
# params: secretName: git-credentials
# - name: url - name: gitea-access-token
# value: $(tt.params.url) secret:
# - name: revision secretName: gitea-access-token
# value: $(tt.params.revision) params:
# - name: image - name: url
# value: shibboleth-sp value: $(tt.params.url)
# - name: tag - name: revision
# value: $(tt.params.tag) value: $(tt.params.revision)
# - name: dockerfile - name: image
# value: ./misc/k8s/images/sp/Dockerfile value: shibboleth-sp
# - name: registry - name: tag
# value: $(tt.params.registry) value: $(tt.params.tag)
# - name: apiurl - name: dockerfile
# value: $(tt.params.apiurl) value: ./misc/k8s/images/sp/Dockerfile
# - name: requestid - name: registry
# value: $(tt.params.requestid) value: $(tt.params.registry)
# - name: requesttype - name: apiurl
# value: pullrequest value: $(tt.params.apiurl)
# - name: access_token - name: requestid
# value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee value: $(tt.params.requestid)
- name: requesttype
value: pullrequest

6
kustomization/base/tekton/trigger/symfonycheck-template.yaml
View File

@ -10,7 +10,6 @@ spec:
- name: destination - name: destination
- name: apiurl - name: apiurl
- name: requesttype - name: requesttype
- name: access_token
resourcetemplates: resourcetemplates:
- apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
kind: PipelineRun kind: PipelineRun
@ -39,6 +38,9 @@ spec:
- name: docker-credentials - name: docker-credentials
secret: secret:
secretName: regcred secretName: regcred
- name: gitea-access-token
secret:
secretName: gitea-access-token
params: params:
- name: url - name: url
value: $(tt.params.url) value: $(tt.params.url)
@ -52,5 +54,3 @@ spec:
value: $(tt.params.requestid) value: $(tt.params.requestid)
- name: requesttype - name: requesttype
value: pullrequest value: pullrequest
- name: access_token
value: 69f6d1db6cf1e47dc7958ac20a31e76abf1582ee