Skip to content

Commit

Permalink
feat: mise en place basic cicd (build and deploy only) [HOOK FAIL OK]
Browse files Browse the repository at this point in the history
  • Loading branch information
@batleforc
batleforc committed Aug 23, 2024
1 parent 3f72e67 commit 2a23236
Show file tree
Hide file tree
Showing 8 changed files with 402 additions and 1 deletion.
87 changes: 87 additions & 0 deletions cicd/templates/eventListener.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
apiVersion: triggers.tekton.dev/v1alpha1
kind: EventListener
metadata:
name: {{.Values.prefix}}-event-listener
spec:
serviceAccountName: {{.Values.prefix}}-sa
triggers:
{{- range $key, $val := .Values.build }}
- name: {{$.Values.prefix}}-trigger-push-{{- $key }}
interceptors:
- ref:
name: "github"
params:
- name: secretRef
value:
secretName: {{$.Values.secrets.githubTokenWebhook}}
secretKey: secretToken
- name: eventTypes
value:
- push
- name: "addChangedFiles"
value:
enabled: true
- ref:
name: "cel"
params:
- name: filter
value: "body.ref.startsWith('refs/heads/') && ({{- range $index, $folder := $val.folder }} extensions.changed_files.matches('{{$folder}}') {{- if ne $index (sub ($val.folder | len) 1) }} || {{- end }} {{- end }})"
- name: overlays
value:
- key: branch_name
expression: "body.ref.split('/')[2]"
bindings:
- ref: {{$.Values.prefix}}-trigger-binding-push
template:
ref: {{$.Values.prefix}}-pipeline-template-push-{{- $key -}}
{{- end }}
# - name: {{.Values.prefix}}-trigger-pr
# interceptors:
# - ref:
# name: "github"
# params:
# - name: secretRef
# value:
# secretName: {{.Values.secrets.githubTokenWebhook}}
# secretKey: secretToken
# - name: eventTypes
# value:
# - pull_request
# - ref:
# name: "cel"
# params:
# - name: filter
# value: "body.action == 'synchronize'"
# - name: overlays
# value:
# - key: branch_name
# expression: "body.pull_request.head.ref"
# bindings:
# - ref: {{.Values.prefix}}-trigger-binding-pr
# template:
# ref: {{.Values.prefix}}-pipeline-template-pr
# - name: {{.Values.prefix}}-trigger-tag-created
# interceptors:
# - ref:
# name: "github"
# params:
# - name: secretRef
# value:
# secretName: {{.Values.secrets.githubTokenWebhook}}
# secretKey: secretToken
# - name: eventTypes
# value:
# - create
# - ref:
# name: "cel"
# params:
# - name: filter
# value: "body.ref_type == 'tag'"
# - name: overlays
# value:
# - key: tag_name
# expression: "body.ref.split('/')[2]"
# bindings:
# - ref: {{.Values.prefix}}-trigger-binding-tag-created
# template:
# ref: {{.Values.prefix}}-pipeline-template-tag-created
13 changes: 13 additions & 0 deletions cicd/templates/pull_request/triggerBindingPr.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# https://docs.github.com/en/webhooks/webhook-events-and-payloads?actionType=synchronize#pull_request
apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: {{.Values.prefix}}-trigger-binding-pr
spec:
params:
- name: gitrepositoryurl
value: $(body.repository.clone_url)
- name: gitrevision
value: $(body.head_commit.id)
- name: gitbranch
value: $(extensions.branch_name)
186 changes: 186 additions & 0 deletions cicd/templates/push/pipelinePush.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,186 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: {{.Values.prefix}}-pipeline-push
spec:
## TODO https://tekton.dev/docs/pipelines/pipelines/#using-execution-status-of-pipelinetask
description: |
This pipeline builds batleforc template-rust.
params:
- name: repo-url
type: string
description: The git repo URL to clone from.
- name: repo-branch
type: string
default: main
description: The git repo branch to clone from.
- name: repo-revision
type: string
default: main
description: The git repo revision to clone from.
- name: conteneurfile-path
type: string
default: .
description: The path to the conteneurfile to build.
- name: image-name
type: string
default: "docker.io/batleforc/back"
description: The name of the image to build.
- name: helm-path
type: string
default: "deploy/back"
description: The path to the helm chart to deploy.
- name: githubSecretName
type: string
default: "github-token"
description: The name of the secret containing the github token.
workspaces:
- name: shared-data
description: |
This workspace contains the cloned repo files, so they can be read by the
next task.
- name: dockerAuthConfig
description: |
This workspace contains the docker config.json file, so it can be used by
the next task.
- name: kubeconfig
description: |
This workspace contains the kubeconfig file, it define the namespace to rollout.
- name: githubTokenApi
description: |
This workspace contains the github token to use the github api.
- name: discordWebhook
description: |
This workspace contains the discord webhook to send messages.
tasks:
- name: github-status-pending
taskRef:
name: github-set-status
params:
- name: REPO_FULL_NAME
value: $(params.repo-url)
- name: SHA
value: $(params.repo-revision)
- name: DESCRIPTION
value: Monofolio build and push $(params.image-name)
- name: STATE
value: pending
- name: CONTEXT
value: monofolio-ci
- name: GITHUB_TOKEN_SECRET_NAME
value: $(params.githubSecretName)
- name: fetch-source
runAfter: ["github-status-pending"]
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-data
params:
- name: url
value: $(params.repo-url)
- name: revision
value: $(params.repo-revision)
- name: build-docker
runAfter: ["fetch-source"]
taskRef:
name: build
workspaces:
- name: shared-data
workspace: shared-data
- name: dockerconfig
workspace: dockerAuthConfig
params:
- name: path-dockerfile
value: $(params.conteneurfile-path)
- name: context-dockerfile
value: .
- name: IMAGE
value: $(params.image-name)
- name: repo-branch
value: $(params.repo-branch)
# Directly upgrade the helm chart from the source code
# When argocd is ready, we will use it to deploy and upgrade the helm chart
- name: helm-upgrade
runAfter: ["build-docker"]
taskRef:
name: helm-upgrade-from-source
workspaces:
- name: source
workspace: shared-data
- name: kubeconfig-dir
workspace: kubeconfig
params:
- name: charts_dir
value: $(params.helm-path)
- name: release_name
value: $(params.repo-branch)
- name: release_namespace
value: {{.Release.Namespace}}
- name: overwrite_values
value: "image.tag=$(params.repo-branch),ingress.host={{.Values.config.domain}}"
finally:
- name: github-status-finally-succeeded
when:
- input: $(tasks.status)
operator: in
values:
- Succeeded
- Completed
taskRef:
name: github-set-status
params:
- name: REPO_FULL_NAME
value: $(params.repo-url)
- name: SHA
value: $(params.repo-revision)
- name: DESCRIPTION
value: Monofolio build and push $(params.image-name)
- name: CONTEXT
value: monofolio-ci
- name: GITHUB_TOKEN_SECRET_NAME
value: $(params.githubSecretName)
- name: STATE
value: success
- name: github-status-finally-failed
when:
- input: $(tasks.status)
operator: in
values:
- Failed
taskRef:
name: github-set-status
params:
- name: REPO_FULL_NAME
value: $(params.repo-url)
- name: SHA
value: $(params.repo-revision)
- name: DESCRIPTION
value: Monofolio build and push $(params.image-name)
- name: CONTEXT
value: monofolio-ci
- name: GITHUB_TOKEN_SECRET_NAME
value: $(params.githubSecretName)
- name: STATE
value: failure
- name: github-status-finally-error
when:
- input: $(tasks.status)
operator: in
values:
- None
taskRef:
name: github-set-status
params:
- name: REPO_FULL_NAME
value: $(params.repo-url)
- name: SHA
value: $(params.repo-revision)
- name: DESCRIPTION
value: Monofolio build and push $(params.image-name)
- name: CONTEXT
value: monofolio-ci
- name: GITHUB_TOKEN_SECRET_NAME
value: $(params.githubSecretName)
- name: STATE
value: error
12 changes: 12 additions & 0 deletions cicd/templates/push/triggerBindingPush.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: {{.Values.prefix}}-trigger-binding-push
spec:
params:
- name: gitrepositoryurl
value: $(body.repository.clone_url)
- name: gitrevision
value: $(body.head_commit.id)
- name: gitbranch
value: $(extensions.branch_name)
57 changes: 57 additions & 0 deletions cicd/templates/push/triggerTemplatePush.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
{{- range $key, $val := .Values.build}}
---
apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerTemplate
metadata:
name: "{{$.Values.prefix}}-pipeline-template-push-{{- $key -}}"
spec:
params:
- name: gitrevision
description: The git revision (SHA)
default: master
- name: gitbranch
description: The git branch
default: master
- name: gitrepositoryurl
description: The git repository url ("https://github.com/batleforc/rust-template")
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: {{$.Values.prefix}}-pipeline-push-{{- $key -}}-run-
spec:
pipelineRef:
name: {{$.Values.prefix}}-pipeline-push
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
storageClassName: local-path
{{- range $key, $value := $.Values.secrets }}
{{- if ne $key "githubTokenWebhook" }}
- name: {{ $key }}
secret:
secretName: {{ $value }}
{{- end }}
{{- end }}
params:
- name: repo-revision
value: $(tt.params.gitrevision)
- name: repo-branch
value: $(tt.params.gitbranch)
- name: repo-url
value: $(tt.params.gitrepositoryurl)
- name: conteneurfile-path
value: "{{ $val.file_path }}"
- name: image-name
value: "{{ $.Values.image.registry }}/{{ $val.imageName }}"
- name: helm-path
value: "{{ $val.helm }}"
- name: githubSecretName
value: "{{ $.Values.secrets.githubTokenApi }}"
{{- end}}
13 changes: 13 additions & 0 deletions cicd/templates/tag_created/triggerBindingTagCreated.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# https://docs.github.com/en/webhooks/webhook-events-and-payloads?actionType=synchronize#pull_request
apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: {{.Values.prefix}}-trigger-binding-tag-created
spec:
params:
- name: gitrepositoryurl
value: $(body.repository.clone_url)
- name: gitrevision
value: $(body.head_commit.id)
- name: gittag
value: $(extensions.tag_name)
Loading

0 comments on commit 2a23236

Please sign in to comment.