657 lines
20 KiB
YAML
657 lines
20 KiB
YAML
|
apiVersion: v1
|
||
|
kind: ServiceAccount
|
||
|
metadata:
|
||
|
labels:
|
||
|
app: tekton-webhooks-extension
|
||
|
name: tekton-webhooks-extension
|
||
|
namespace: tekton-pipelines
|
||
|
---
|
||
|
apiVersion: v1
|
||
|
kind: ServiceAccount
|
||
|
metadata:
|
||
|
labels:
|
||
|
app: tekton-webhooks-extension
|
||
|
name: tekton-webhooks-extension-eventlistener
|
||
|
namespace: tekton-pipelines
|
||
|
---
|
||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: Role
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-minimal
|
||
|
namespace: tekton-pipelines
|
||
|
rules:
|
||
|
- apiGroups:
|
||
|
- extensions
|
||
|
resources:
|
||
|
- ingresses
|
||
|
- ingresses/status
|
||
|
verbs:
|
||
|
- delete
|
||
|
- create
|
||
|
- patch
|
||
|
- get
|
||
|
- list
|
||
|
- update
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- ""
|
||
|
resources:
|
||
|
- pods
|
||
|
- services
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- create
|
||
|
- update
|
||
|
- delete
|
||
|
- patch
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- ""
|
||
|
resources:
|
||
|
- pods/log
|
||
|
- namespaces
|
||
|
- events
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- ""
|
||
|
resources:
|
||
|
- secrets
|
||
|
- configmaps
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- create
|
||
|
- delete
|
||
|
- update
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- extensions
|
||
|
- apps
|
||
|
resources:
|
||
|
- deployments
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- create
|
||
|
- update
|
||
|
- delete
|
||
|
- patch
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- tekton.dev
|
||
|
resources:
|
||
|
- tasks
|
||
|
- clustertasks
|
||
|
- taskruns
|
||
|
- pipelines
|
||
|
- pipelineruns
|
||
|
- pipelineresources
|
||
|
- conditions
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- create
|
||
|
- update
|
||
|
- delete
|
||
|
- patch
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- triggers.tekton.dev
|
||
|
resources:
|
||
|
- eventlisteners
|
||
|
- triggerbindings
|
||
|
- triggertemplates
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- create
|
||
|
- update
|
||
|
- delete
|
||
|
- patch
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- tekton.dev
|
||
|
resources:
|
||
|
- taskruns/finalizers
|
||
|
- pipelineruns/finalizers
|
||
|
- tasks/status
|
||
|
- clustertasks/status
|
||
|
- taskruns/status
|
||
|
- pipelines/status
|
||
|
- pipelineruns/status
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- create
|
||
|
- update
|
||
|
- delete
|
||
|
- patch
|
||
|
- watch
|
||
|
---
|
||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: ClusterRole
|
||
|
metadata:
|
||
|
name: tekton-triggers-minimal
|
||
|
rules:
|
||
|
- apiGroups:
|
||
|
- tekton.dev
|
||
|
resources:
|
||
|
- tasks
|
||
|
- taskruns
|
||
|
verbs:
|
||
|
- get
|
||
|
- apiGroups:
|
||
|
- triggers.tekton.dev
|
||
|
resources:
|
||
|
- triggerbindings
|
||
|
- triggertemplates
|
||
|
- eventlisteners
|
||
|
verbs:
|
||
|
- get
|
||
|
- apiGroups:
|
||
|
- tekton.dev
|
||
|
resources:
|
||
|
- pipelineruns
|
||
|
- pipelineresources
|
||
|
- taskruns
|
||
|
verbs:
|
||
|
- create
|
||
|
- apiGroups:
|
||
|
- ""
|
||
|
resources:
|
||
|
- configmaps
|
||
|
verbs:
|
||
|
- list
|
||
|
- get
|
||
|
- watch
|
||
|
---
|
||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: ClusterRole
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-minimal-cluster-powers
|
||
|
rules:
|
||
|
- apiGroups:
|
||
|
- ""
|
||
|
resources:
|
||
|
- serviceaccounts
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- tekton.dev
|
||
|
resources:
|
||
|
- pipelines
|
||
|
- pipelineruns
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- watch
|
||
|
- apiGroups:
|
||
|
- triggers.tekton.dev
|
||
|
resources:
|
||
|
- pipelines
|
||
|
- pipelineruns
|
||
|
- tasks
|
||
|
- taskruns
|
||
|
verbs:
|
||
|
- get
|
||
|
- list
|
||
|
- watch
|
||
|
---
|
||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: RoleBinding
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-minimal
|
||
|
namespace: tekton-pipelines
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: Role
|
||
|
name: tekton-webhooks-extension-minimal
|
||
|
subjects:
|
||
|
- kind: ServiceAccount
|
||
|
name: tekton-webhooks-extension
|
||
|
namespace: tekton-pipelines
|
||
|
---
|
||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: ClusterRoleBinding
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-eventlistener-minimal
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: ClusterRole
|
||
|
name: tekton-triggers-minimal
|
||
|
subjects:
|
||
|
- kind: ServiceAccount
|
||
|
name: tekton-webhooks-extension-eventlistener
|
||
|
namespace: tekton-pipelines
|
||
|
---
|
||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||
|
kind: ClusterRoleBinding
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-minimal-cluster-powers
|
||
|
roleRef:
|
||
|
apiGroup: rbac.authorization.k8s.io
|
||
|
kind: ClusterRole
|
||
|
name: tekton-webhooks-extension-minimal-cluster-powers
|
||
|
subjects:
|
||
|
- kind: ServiceAccount
|
||
|
name: tekton-webhooks-extension
|
||
|
namespace: tekton-pipelines
|
||
|
---
|
||
|
apiVersion: v1
|
||
|
kind: Service
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-validator
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
ports:
|
||
|
- port: 80
|
||
|
protocol: TCP
|
||
|
targetPort: 8080
|
||
|
selector:
|
||
|
app: tekton-webhooks-extension-validator
|
||
|
type: ClusterIP
|
||
|
---
|
||
|
apiVersion: v1
|
||
|
kind: Service
|
||
|
metadata:
|
||
|
annotations:
|
||
|
tekton-dashboard-bundle-location: web/extension.c591f714.js
|
||
|
tekton-dashboard-display-name: Webhooks
|
||
|
tekton-dashboard-endpoints: webhooks.web
|
||
|
labels:
|
||
|
app: webhooks-extension
|
||
|
tekton-dashboard-extension: "true"
|
||
|
name: webhooks-extension
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
ports:
|
||
|
- port: 8080
|
||
|
targetPort: 8080
|
||
|
selector:
|
||
|
app: webhooks-extension
|
||
|
type: NodePort
|
||
|
---
|
||
|
apiVersion: apps/v1
|
||
|
kind: Deployment
|
||
|
metadata:
|
||
|
name: tekton-webhooks-extension-validator
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
replicas: 1
|
||
|
selector:
|
||
|
matchLabels:
|
||
|
app: tekton-webhooks-extension-validator
|
||
|
template:
|
||
|
metadata:
|
||
|
labels:
|
||
|
app: tekton-webhooks-extension-validator
|
||
|
spec:
|
||
|
containers:
|
||
|
- env:
|
||
|
- name: INSTALLED_NAMESPACE
|
||
|
valueFrom:
|
||
|
fieldRef:
|
||
|
fieldPath: metadata.namespace
|
||
|
image: gcr.io/tekton-releases/github.com/tektoncd/experimental/webhooks-extension/cmd/interceptor@sha256:657d40a9116ef0b6f886f94fa7980755e3267dd34017f2fd9b713b63ddfc0d55
|
||
|
name: validate
|
||
|
serviceAccountName: tekton-webhooks-extension
|
||
|
---
|
||
|
apiVersion: apps/v1
|
||
|
kind: Deployment
|
||
|
metadata:
|
||
|
labels:
|
||
|
app: webhooks-extension
|
||
|
name: webhooks-extension
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
replicas: 1
|
||
|
selector:
|
||
|
matchLabels:
|
||
|
app: webhooks-extension
|
||
|
template:
|
||
|
metadata:
|
||
|
labels:
|
||
|
app: webhooks-extension
|
||
|
spec:
|
||
|
containers:
|
||
|
- env:
|
||
|
- name: PORT
|
||
|
value: "8080"
|
||
|
- name: INSTALLED_NAMESPACE
|
||
|
valueFrom:
|
||
|
fieldRef:
|
||
|
fieldPath: metadata.namespace
|
||
|
- name: DOCKER_REGISTRY_LOCATION
|
||
|
value: DOCKER_REPO
|
||
|
- name: WEB_RESOURCES_DIR
|
||
|
value: web
|
||
|
- name: WEBHOOK_CALLBACK_URL
|
||
|
value: http://listener.IPADDRESS.nip.io
|
||
|
- name: SSL_VERIFICATION_ENABLED
|
||
|
value: "false"
|
||
|
- name: SERVICE_ACCOUNT
|
||
|
valueFrom:
|
||
|
fieldRef:
|
||
|
fieldPath: spec.serviceAccountName
|
||
|
image: gcr.io/tekton-releases/github.com/tektoncd/experimental/webhooks-extension/cmd/extension@sha256:e7bcffbd2db6b874dbb4b4e71fc0c089acf7ccb803df896d9592063b649ac292
|
||
|
imagePullPolicy: Always
|
||
|
livenessProbe:
|
||
|
httpGet:
|
||
|
path: /liveness
|
||
|
port: 8080
|
||
|
name: webhooks-extension
|
||
|
ports:
|
||
|
- containerPort: 8080
|
||
|
readinessProbe:
|
||
|
httpGet:
|
||
|
path: /readiness
|
||
|
port: 8080
|
||
|
serviceAccountName: tekton-webhooks-extension
|
||
|
---
|
||
|
apiVersion: tekton.dev/v1beta1
|
||
|
kind: Task
|
||
|
metadata:
|
||
|
name: monitor-task
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
params:
|
||
|
- description: The statuses url
|
||
|
name: statusesurl
|
||
|
type: string
|
||
|
- default: Success
|
||
|
description: The text to use in the situation where a PipelineRun has succeeded.
|
||
|
name: commentsuccess
|
||
|
type: string
|
||
|
- default: Failed
|
||
|
description: The text to use in the situation where a PipelineRun has failed.
|
||
|
name: commentfailure
|
||
|
type: string
|
||
|
- default: Unknown
|
||
|
description: The text to use in the situation where a PipelineRun has timed out.
|
||
|
name: commenttimeout
|
||
|
type: string
|
||
|
- default: Missing
|
||
|
description: The text to use in the situation where a PipelineRun cannot be found.
|
||
|
name: commentmissing
|
||
|
type: string
|
||
|
- default: http://localhost:9097/
|
||
|
description: The URL to the PipelineRuns page of the dashboard
|
||
|
name: dashboard-url
|
||
|
type: string
|
||
|
- default: github
|
||
|
description: The Git provider ("github" or "gitlab")
|
||
|
name: provider
|
||
|
type: string
|
||
|
- description: The Git API URL for the repository
|
||
|
name: apiurl
|
||
|
type: string
|
||
|
- default: "false"
|
||
|
description: Whether or not to verify SSL Certificates from the git server ("true"
|
||
|
or "false")
|
||
|
name: insecure-skip-tls-verify
|
||
|
type: string
|
||
|
- description: The secret containing the access token to access the git server
|
||
|
name: secret
|
||
|
type: string
|
||
|
resources:
|
||
|
inputs:
|
||
|
- name: pull-request
|
||
|
type: pullRequest
|
||
|
outputs:
|
||
|
- name: pull-request
|
||
|
type: pullRequest
|
||
|
steps:
|
||
|
- args:
|
||
|
- -ce
|
||
|
- "set -e\ncat <<EOF | python\nimport time, os, json, requests, pprint, shutil,
|
||
|
distutils.util\nfrom kubernetes import client, config\ndef diff(li1, li2): \n
|
||
|
\ li_dif = [i for i in li1 + li2 if i not in li1 or i not in li2] \n return
|
||
|
li_dif\nconfig.load_incluster_config()\napi_instance = client.CustomObjectsApi(client.ApiClient(client.Configuration()))\ngitPRcontext
|
||
|
= \"Tekton\"\ngitPRurl = \"\" \nif not \"$URL\".startswith(\"http\"):\n pipelineRunURLPrefix
|
||
|
= \"http://\" + \"$URL\"\nelse:\n pipelineRunURLPrefix = \"$URL\" \nverifySSL
|
||
|
= not bool(distutils.util.strtobool(\"$SKIPSSLVERIFY\"))\nif \"$GITPROVIDER\"
|
||
|
== \"github\":\n statusurl = \"$STATUSES_URL\"\n pendingData = {\n \"state\":
|
||
|
\"pending\",\n \"description\": \"pipelines in progress\",\n \"target_url\":
|
||
|
pipelineRunURLPrefix + \"/#/pipelineruns\",\n \"context\": \"Tekton\"\n }\n
|
||
|
\ resp = requests.post(statusurl, json.dumps(pendingData), headers = {'Content-Type':
|
||
|
'application/json', 'Authorization': \"Token $GITTOKEN\"}, verify=verifySSL)\n
|
||
|
\ print(resp)\nif \"$GITPROVIDER\" == \"gitlab\":\n statusurl = \"$GITAPIURL\"
|
||
|
+ \"/\" + \"$STATUSES_URL\" + \"?state=pending&name=Tekton&target_url=\" + pipelineRunURLPrefix
|
||
|
+ \"/#/pipelineruns\"\n resp = requests.post(statusurl, headers = {'Authorization':
|
||
|
\"Bearer $GITTOKEN\"}, verify=verifySSL)\n print(resp)\nlabelToCheck = \"triggers.tekton.dev/triggers-eventid=$EVENTID\"\nrunsPassed
|
||
|
= []\nrunsFailed = []\nrunsIncomplete = []\nrunsMissing = []\nfailed = 0\ni
|
||
|
= range(180)\ninitial_runs = api_instance.list_cluster_custom_object(\"tekton.dev\",
|
||
|
\"v1beta1\", \"pipelineruns\", label_selector=labelToCheck)[\"items\"]\nfor
|
||
|
x in i:\n time.sleep( 10 )\n runsPassed = []\n runsFailed = []\n runsIncomplete
|
||
|
= []\n # To test this we need a webhook that will kick off two Pipelines\n
|
||
|
\ # We will then delete one PipelineRun and observe it is correctly picked
|
||
|
up as missing\n # This is easiest done by reopening an existing PullRequest\n
|
||
|
\ # It's important to delete the PipelineRun only after the monitor task is
|
||
|
already running because \n # the first thing it's going to do is figure out
|
||
|
the PipelineRuns to watch over\n failed = 0\n \n found_runs = api_instance.list_cluster_custom_object(\"tekton.dev\",
|
||
|
\"v1beta1\", \"pipelineruns\", label_selector=labelToCheck)[\"items\"]\n missingRuns
|
||
|
= diff(initial_runs, found_runs)\n if len(missingRuns) > 0:\n for missingRun
|
||
|
in missingRuns:\n pr = missingRun[\"metadata\"][\"name\"]\n namespace
|
||
|
= missingRun[\"metadata\"][\"namespace\"]\n pipeline = missingRun[\"spec\"][\"pipelineRef\"][\"name\"]\n
|
||
|
\ link = pipelineRunURLPrefix + \"/#/namespaces/\" + namespace + \"/pipelineruns/\"\n
|
||
|
\ data = \"[**$COMMENT_MISSING**](\" + link + \") | \" + pipeline + \"
|
||
|
| \" + pr + \" | \" + namespace\n if data not in runsMissing:\n #
|
||
|
Don't add duplicates. Fear not, once this run is found it'll be removed\n runsMissing.append(data)\n
|
||
|
\ if len(found_runs) > 0:\n for entry in found_runs:\n pr = entry[\"metadata\"][\"name\"]\n
|
||
|
\ namespace = entry[\"metadata\"][\"namespace\"]\n pipeline = entry[\"spec\"][\"pipelineRef\"][\"name\"]\n
|
||
|
\ link = pipelineRunURLPrefix + \"/#/namespaces/\" + namespace + \"/pipelineruns/\"
|
||
|
+ pr\n missingLink = pipelineRunURLPrefix + \"/#/namespaces/\" + namespace
|
||
|
+ \"/pipelineruns/\"\n missingDataEntry = \"[**$COMMENT_MISSING**](\"
|
||
|
+ missingLink + \") | \" + pipeline + \" | \" + pr + \" | \" + namespace\n if
|
||
|
missingDataEntry in runsMissing:\n runsMissing.remove(missingDataEntry)\n
|
||
|
\ print(\"Checking PipelineRun \" + pr + \" in namespace \" + namespace)\n
|
||
|
\ if entry[\"status\"][\"conditions\"][0][\"status\"] == u'True' and entry[\"status\"][\"conditions\"][0][\"type\"]
|
||
|
== u'Succeeded':\n print(\"Success - pipelinerun \" + pr + \" in namespace
|
||
|
\" + namespace)\n runsPassed.append(\"[**$COMMENT_SUCCESS**](\" + link
|
||
|
+ \") | \" + pipeline + \" | \" + pr + \" | \" + namespace)\n continue\n
|
||
|
\ if entry[\"status\"][\"conditions\"][0][\"status\"] == u'False' and
|
||
|
entry[\"status\"][\"conditions\"][0][\"type\"] == u'Succeeded':\n failed
|
||
|
=+ 1\n print(\"Failed - PipelineRun \" + pr + \" in namespace \" +
|
||
|
namespace)\n runsFailed.append(\"[**$COMMENT_FAILURE**](\" + link +
|
||
|
\") | \" + pipeline + \" | \" + pr + \" | \" + namespace)\n continue\n
|
||
|
\ link = pipelineRunURLPrefix + \"/#/namespaces/\" + namespace + \"/pipelineruns/\"
|
||
|
+ pr\n runsIncomplete.append(\"[**$COMMENT_TIMEOUT**](\" + link + \")
|
||
|
| \" + pipeline + \" | \" + pr + \" | \" + namespace)\n if len(runsIncomplete)
|
||
|
== 0:\n break\n else:\n break\ngitPRdescription = \"All pipelines
|
||
|
succeeded!\"\ngitPRcode = \"success\"\nif failed > 0:\n gitPRdescription =
|
||
|
str(failed) + \" pipeline(s) failed!\"\n gitPRcode = \"failure\"\nif len(runsMissing)
|
||
|
> 0:\n gitPRdescription = \"Pipeline(s) missing!\"\n gitPRcode = \"failure\"\nif
|
||
|
len(runsIncomplete) > 0:\n print(\"Some PipelineRuns had not completed when
|
||
|
the monitor reached its timeout\")\n gitPRdescription = \"timed out monitoring
|
||
|
PipelineRuns\"\n gitPRcode = \"error\"\n\nresults = runsPassed + runsFailed
|
||
|
+ runsIncomplete + runsMissing\n\nif (results == []):\n gitPRdescription =
|
||
|
\"No PipelineRuns were ever found for my PullRequest!\"\n gitPRcode = \"error\"\n
|
||
|
\ data = \"**$COMMENT_MISSING** | N/A | No PipelineRuns were ever detected,
|
||
|
failing the build | N/A\"\n runsMissing.append(data) \n \n results
|
||
|
= runsMissing\n\ncomment = (\"## Tekton Status Report \\n\\n\"\n \"Status
|
||
|
| Pipeline | PipelineRun | Namespace\\n\"\n \":----- | :------- |
|
||
|
:--------------- | :--------\\n\"\n ) + \"\\n\".join(results)\n\nshutil.copyfile(\"/workspace/pull-request/pr.json\",\"/workspace/output/pull-request/pr.json\")\n#
|
||
|
Preserve existing comments\nshutil.copytree(\"/workspace/pull-request/comments\",\"/workspace/output/pull-request/comments\")\nhandle
|
||
|
= open(\"/workspace/output/pull-request/comments/newcomment.json\", 'w')\nhandle.write(comment)\nhandle.close()\nif
|
||
|
not \"$URL\".startswith(\"http\"):\n detailsURL = \"http://\" + \"$URL\" +
|
||
|
\"/#/pipelineruns\"\nelse:\n detailsURL = \"$URL\" + \"/#/pipelineruns\"\nprint(\"Set
|
||
|
details url to \" + detailsURL)\nstatus = json.dumps(dict(Label=gitPRcontext,state=gitPRcode,Desc=gitPRdescription,Target=detailsURL))\nprint(\"Setting
|
||
|
status to \" + status)\nif not os.path.exists(\"/workspace/output/pull-request/status\"):\n
|
||
|
\ os.makedirs(\"/workspace/output/pull-request/status\")\nhandle = open(\"/workspace/output/pull-request/status/Tekton.json\",
|
||
|
'w')\nhandle.write(status)\nhandle.close()\nif not os.path.exists(\"/workspace/output/pull-request/labels\"):\n
|
||
|
\ shutil.copytree(\"/workspace/pull-request/labels\",\"/workspace/output/pull-request/labels\")\nshutil.copyfile(\"/workspace/pull-request/base.json\",\"/workspace/output/pull-request/base.json\")
|
||
|
\nshutil.copyfile(\"/workspace/pull-request/head.json\",\"/workspace/output/pull-request/head.json\")\nEOF\n"
|
||
|
command:
|
||
|
- /bin/bash
|
||
|
env:
|
||
|
- name: EVENTID
|
||
|
valueFrom:
|
||
|
fieldRef:
|
||
|
fieldPath: metadata.labels['triggers.tekton.dev/triggers-eventid']
|
||
|
- name: COMMENT_SUCCESS
|
||
|
value: $(inputs.params.commentsuccess)
|
||
|
- name: COMMENT_FAILURE
|
||
|
value: $(inputs.params.commentfailure)
|
||
|
- name: COMMENT_TIMEOUT
|
||
|
value: $(inputs.params.commenttimeout)
|
||
|
- name: COMMENT_MISSING
|
||
|
value: $(inputs.params.commentmissing)
|
||
|
- name: URL
|
||
|
value: $(inputs.params.dashboard-url)
|
||
|
- name: STATUSES_URL
|
||
|
value: $(inputs.params.statusesurl)
|
||
|
- name: GITPROVIDER
|
||
|
value: $(inputs.params.provider)
|
||
|
- name: GITAPIURL
|
||
|
value: $(inputs.params.apiurl)
|
||
|
- name: SKIPSSLVERIFY
|
||
|
value: $(inputs.params.insecure-skip-tls-verify)
|
||
|
- name: GITTOKEN
|
||
|
valueFrom:
|
||
|
secretKeyRef:
|
||
|
key: accessToken
|
||
|
name: $(inputs.params.secret)
|
||
|
image: maiwj/kubernetes-python-client@sha256:74a868a0dff5c8ada64472db3efd09d205d4f877d14d2d3226511adbb25cfea3
|
||
|
name: check
|
||
|
---
|
||
|
apiVersion: triggers.tekton.dev/v1alpha1
|
||
|
kind: TriggerBinding
|
||
|
metadata:
|
||
|
name: monitor-task-github-binding
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
params:
|
||
|
- name: pullrequesturl
|
||
|
value: $(body.pull_request.html_url)
|
||
|
- name: statusesurl
|
||
|
value: $(body.pull_request.statuses_url)
|
||
|
---
|
||
|
apiVersion: triggers.tekton.dev/v1alpha1
|
||
|
kind: TriggerBinding
|
||
|
metadata:
|
||
|
name: monitor-task-gitlab-binding
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
params:
|
||
|
- name: pullrequesturl
|
||
|
value: $(body.object_attributes.url)
|
||
|
- name: statusesurl
|
||
|
value: projects/$(body.project.id)/statuses/$(body.object_attributes.last_commit.id)
|
||
|
---
|
||
|
apiVersion: triggers.tekton.dev/v1alpha1
|
||
|
kind: TriggerTemplate
|
||
|
metadata:
|
||
|
name: monitor-task-template
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
params:
|
||
|
- description: The pull request url
|
||
|
name: pullrequesturl
|
||
|
type: string
|
||
|
- description: The statuses url
|
||
|
name: statusesurl
|
||
|
type: string
|
||
|
- default: github-secrets
|
||
|
description: The git secret name
|
||
|
name: gitsecretname
|
||
|
type: string
|
||
|
- default: token
|
||
|
description: The git secret key name
|
||
|
name: gitsecretkeyname
|
||
|
type: string
|
||
|
- default: Success
|
||
|
description: The text of the success comment
|
||
|
name: commentsuccess
|
||
|
type: string
|
||
|
- default: Failed
|
||
|
description: The text of the failure comment
|
||
|
name: commentfailure
|
||
|
type: string
|
||
|
- default: Unknown
|
||
|
description: The text of the timeout comment
|
||
|
name: commenttimeout
|
||
|
type: string
|
||
|
- default: Missing
|
||
|
description: The text of the missing comment
|
||
|
name: commentmissing
|
||
|
type: string
|
||
|
- default: http://localhost:9097/
|
||
|
description: The URL to the pipelineruns page of the dashboard
|
||
|
name: dashboardurl
|
||
|
type: string
|
||
|
- default: github
|
||
|
description: The git provider, "github" or "gitlab"
|
||
|
name: provider
|
||
|
type: string
|
||
|
- default: ""
|
||
|
description: The git api URL for the repository
|
||
|
name: apiurl
|
||
|
type: string
|
||
|
- default: "false"
|
||
|
description: Whether or not to skip SSL validation of certificates ("true" or
|
||
|
"false")
|
||
|
name: insecure-skip-tls-verify
|
||
|
type: string
|
||
|
resourcetemplates:
|
||
|
- apiVersion: tekton.dev/v1alpha1
|
||
|
kind: PipelineResource
|
||
|
metadata:
|
||
|
name: pull-request-$(uid)
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
params:
|
||
|
- name: url
|
||
|
value: $(params.pullrequesturl)
|
||
|
- name: insecure-skip-tls-verify
|
||
|
value: $(params.insecure-skip-tls-verify)
|
||
|
secrets:
|
||
|
- fieldName: authToken
|
||
|
secretKey: $(params.gitsecretkeyname)
|
||
|
secretName: $(params.gitsecretname)
|
||
|
type: pullRequest
|
||
|
- apiVersion: tekton.dev/v1beta1
|
||
|
kind: TaskRun
|
||
|
metadata:
|
||
|
generateName: monitor-taskrun-
|
||
|
namespace: tekton-pipelines
|
||
|
spec:
|
||
|
params:
|
||
|
- name: commentsuccess
|
||
|
value: $(params.commentsuccess)
|
||
|
- name: commentfailure
|
||
|
value: $(params.commentfailure)
|
||
|
- name: commenttimeout
|
||
|
value: $(params.commenttimeout)
|
||
|
- name: dashboard-url
|
||
|
value: $(params.dashboardurl)
|
||
|
- name: secret
|
||
|
value: $(params.gitsecretname)
|
||
|
- name: statusesurl
|
||
|
value: $(params.statusesurl)
|
||
|
- name: provider
|
||
|
value: $(params.provider)
|
||
|
- name: apiurl
|
||
|
value: $(params.apiurl)
|
||
|
- name: insecure-skip-tls-verify
|
||
|
value: $(params.insecure-skip-tls-verify)
|
||
|
resources:
|
||
|
inputs:
|
||
|
- name: pull-request
|
||
|
resourceRef:
|
||
|
name: pull-request-$(uid)
|
||
|
outputs:
|
||
|
- name: pull-request
|
||
|
resourceRef:
|
||
|
name: pull-request-$(uid)
|
||
|
serviceAccountName: tekton-webhooks-extension
|
||
|
taskRef:
|
||
|
name: monitor-task
|
||
|
|
||
|
---
|