From ec401c1045f01a817a4764bf851f57dbe7c5363f Mon Sep 17 00:00:00 2001 From: Andrea Frittoli Date: Thu, 29 Apr 2021 13:57:58 +0100 Subject: [PATCH] Deploy the tekton catalog nightly to gcr.io Create a pipeline to deploy the catalog to gcr.io. Add a new trigger/template to the CD event listener, and set up a cronjob to trigger nightly. Fixes: https://github.com/tektoncd/catalog/issues/577 Signed-off-by: Andrea Frittoli --- tekton/cronjobs/bases/catalog/README.md | 1 + .../cronjobs/bases/catalog/kustomization.yaml | 2 + .../bases/catalog/trigger-resource-cd.yaml | 65 +++++++ .../catalog/tekton-upstream/README.md | 4 + .../catalog/tekton-upstream/cronjob.yaml | 22 +++ .../tekton-upstream/kustomization.yaml | 5 + tekton/resources/cd/bindings.yaml | 11 ++ tekton/resources/cd/catalog-template.yaml | 159 ++++++++++++++++++ tekton/resources/cd/eventlistener.yaml | 14 ++ 9 files changed, 283 insertions(+) create mode 100644 tekton/cronjobs/bases/catalog/README.md create mode 100644 tekton/cronjobs/bases/catalog/kustomization.yaml create mode 100644 tekton/cronjobs/bases/catalog/trigger-resource-cd.yaml create mode 100644 tekton/cronjobs/dogfooding/catalog/tekton-upstream/README.md create mode 100644 tekton/cronjobs/dogfooding/catalog/tekton-upstream/cronjob.yaml create mode 100644 tekton/cronjobs/dogfooding/catalog/tekton-upstream/kustomization.yaml create mode 100644 tekton/resources/cd/catalog-template.yaml diff --git a/tekton/cronjobs/bases/catalog/README.md b/tekton/cronjobs/bases/catalog/README.md new file mode 100644 index 0000000000..1e09b6ff11 --- /dev/null +++ b/tekton/cronjobs/bases/catalog/README.md @@ -0,0 +1 @@ +Cron Job template to deploy a catalog from a git repo to a container registry diff --git a/tekton/cronjobs/bases/catalog/kustomization.yaml b/tekton/cronjobs/bases/catalog/kustomization.yaml new file mode 100644 index 0000000000..0571151fa1 --- /dev/null +++ b/tekton/cronjobs/bases/catalog/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- trigger-resource-cd.yaml diff --git a/tekton/cronjobs/bases/catalog/trigger-resource-cd.yaml b/tekton/cronjobs/bases/catalog/trigger-resource-cd.yaml new file mode 100644 index 0000000000..803a40255d --- /dev/null +++ b/tekton/cronjobs/bases/catalog/trigger-resource-cd.yaml @@ -0,0 +1,65 @@ +# Copyright 2019 The Tekton Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: folder-cd-trigger +spec: + schedule: "12 * * * *" # Houly at *:12 + jobTemplate: + spec: + template: + spec: + volumes: + - name: workspace + emptyDir: {} + containers: + - name: trigger + image: curlimages/curl + command: + - /bin/sh + args: + - -ce + - | + cat < /workspace/post-body.json + { + "trigger-template": "catalog", + "params": { + "git": { + "repository": "$GIT_REPOSITORY", + "revision": "$GIT_REVISION" + }, + "catalog": { + "registry": "$REGISTRY_URL", + "registryPath": "$REGISTRY_PATH", + } + } + } + EOF + curl -d @/workspace/post-body.json $SINK_URL + volumeMounts: + - mountPath: /workspace + name: workspace + env: + - name: SINK_URL + value: "http://el-tekton-cd.default.svc.cluster.local:8080" + - name: GIT_REPOSITORY + value: "github.com/tektoncd/catalog" + - name: GIT_REVISION + value: "main" + - name: REGISTRY_URL + value: "replace" + - name: REGISTRY_PATH + value: "replace" + restartPolicy: Never diff --git a/tekton/cronjobs/dogfooding/catalog/tekton-upstream/README.md b/tekton/cronjobs/dogfooding/catalog/tekton-upstream/README.md new file mode 100644 index 0000000000..f1302f6035 --- /dev/null +++ b/tekton/cronjobs/dogfooding/catalog/tekton-upstream/README.md @@ -0,0 +1,4 @@ +# Tekton Catalog CD - gcr.io/tekton-releases + +Cron Job to daily deploy the Tekton catalog to the +gcr.io/tekton-releases container registry project as bundles. diff --git a/tekton/cronjobs/dogfooding/catalog/tekton-upstream/cronjob.yaml b/tekton/cronjobs/dogfooding/catalog/tekton-upstream/cronjob.yaml new file mode 100644 index 0000000000..a10f238c94 --- /dev/null +++ b/tekton/cronjobs/dogfooding/catalog/tekton-upstream/cronjob.yaml @@ -0,0 +1,22 @@ +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: folder-cd-trigger +spec: + schedule: "30 * * * *" + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + containers: + - name: trigger + env: + - name: GIT_REPOSITORY + value: "github.com/tektoncd/plumbing" + - name: GIT_REVISION + value: "main" + - name: REGISTRY_URL + value: "gcr.io" + - name: REGISTRY_PATH + value: "tekton-releases/catalog/upstream" diff --git a/tekton/cronjobs/dogfooding/catalog/tekton-upstream/kustomization.yaml b/tekton/cronjobs/dogfooding/catalog/tekton-upstream/kustomization.yaml new file mode 100644 index 0000000000..8c73b3615a --- /dev/null +++ b/tekton/cronjobs/dogfooding/catalog/tekton-upstream/kustomization.yaml @@ -0,0 +1,5 @@ +bases: +- ../../../bases/folder +patchesStrategicMerge: +- cronjob.yaml +nameSuffix: "-tekton-upstream" diff --git a/tekton/resources/cd/bindings.yaml b/tekton/resources/cd/bindings.yaml index 4c01c3156d..c51262a044 100644 --- a/tekton/resources/cd/bindings.yaml +++ b/tekton/resources/cd/bindings.yaml @@ -125,6 +125,17 @@ spec: --- apiVersion: triggers.tekton.dev/v1alpha1 kind: TriggerBinding +metadata: + name: catalog-details +spec: + params: + - name: registry + value: $(body.params.catalog.registry) + - name: registryPath + value: $(body.params.catalog.registryPath) +--- +apiVersion: triggers.tekton.dev/v1alpha1 +kind: TriggerBinding metadata: name: cd-pipeline-type spec: diff --git a/tekton/resources/cd/catalog-template.yaml b/tekton/resources/cd/catalog-template.yaml new file mode 100644 index 0000000000..9b8e1f0581 --- /dev/null +++ b/tekton/resources/cd/catalog-template.yaml @@ -0,0 +1,159 @@ +# Copyright 2021 The Tekton Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: tekton.dev/v1beta1 +kind: Pipeline +metadata: + name: catalog-publish +spec: + params: + - name: gitRepository + description: The git URL of the catalog to publish + type: string + default: https://github.com/tektoncd/catalog + - name: gitRevision + description: The git revision of the catalog to publish + type: string + default: main + - name: registry + description: The registry to publish to + type: string + - name: registryPath + description: The base path in the registry + type: string + - name: serviceAccountFilename + description: The name of the GKE service account file on the serviceaccount workspace + type: string + workspaces: + - name: shared + description: Shared workspace for tasks + - name: serviceaccount + description: Hosts a GKE service account file + tasks: + - name: git-clone + taskRef: + name: git-clone + workspaces: + - name: output + workspace: shared + params: + - name: url + value: "$(params.gitRepository)" + - name: revision + value: "$(params.gitRevision)" + - name: create-dockerfile + runAfter: ['git-clone'] + taskSpec: + workspaces: + - name: serviceaccount + - name: dockerfile + params: + - name: serviceAccountFilename + - name: registry + steps: + - name: gke-serviceaccount-to-dockerfile + image: debian:bullseye-slim + env: + - name: DOCKER_CONFIG_FOLDER + value: $(workspaces.dockerfile.path) + - name: SERVICE_ACCOUNT_FILE + value: $(workspaces.serviceaccount.path)/$(params.serviceAccountFilename) + - name: REGISTRY + value: $(params.registry) + script: | + set -ex + cat < "${DOCKER_CONFIG_FOLDER}/config.json" + { + "auths": { + "$REGISTRY": { + "auth": "$(echo "_json_key:$(cat ${SERVICE_ACCOUNT_FILE})" | base64 -w 0)" + } + } + } + EOF + cat "${DOCKER_CONFIG_FOLDER}/config.json" + params: + - name: serviceAccountFilename + value: "$(params.serviceAccountFilename)" + - name: registry + value: "$(params.registry)" + workspaces: + - name: serviceaccount + workspace: serviceaccount + - name: dockerfile + workspace: shared + - name: publish + runAfter: ['create-dockerfile'] + workspaces: + - name: catalog + workspace: shared + - name: dockerconfig + workspace: shared + params: + - name: REGISTRY + value: "$(params.registry)" + - name: PATH + value: "$(params.registryPath)" + - name: TAG + value: $(tasks.git-clone.results.commit) + taskRef: + name: tekton-catalog-publish +--- +apiVersion: triggers.tekton.dev/v1alpha1 +kind: TriggerTemplate +metadata: + name: publish-catalog +spec: + params: + - name: gitRepository + description: URL of the repository that holds the catalog + - name: gitRevision + description: Git revision + - name: registry + description: The registry to publish to + - name: registryPath + description: The base path in the registry + - name: catalogDescription + description: A descriptive name for the catalog + resourcetemplates: + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: publish-catalog-$(tt.params.catalogDescription)- + spec: + pipelineRef: + name: catalog-publish + params: + - name: gitRepository + value: $(tt.params.gitRepository) + - name: gitRevision + value: $(tt.params.gitRevision) + - name: registry + value: $(tt.params.registry) + - name: registryPath + value: $(tt.params.registryPath) + - name: serviceAccountFilename + value: "release.json" + workspaces: + - name: shared + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + - name: serviceaccount + secret: + secretName: "release-secret" diff --git a/tekton/resources/cd/eventlistener.yaml b/tekton/resources/cd/eventlistener.yaml index 8e350bc857..25189b14b8 100644 --- a/tekton/resources/cd/eventlistener.yaml +++ b/tekton/resources/cd/eventlistener.yaml @@ -76,6 +76,20 @@ spec: - ref: cleanup-details template: ref: cleanup-runs + - name: catalog + interceptors: + - cel: + filter: >- + 'trigger-template' in body && + body['trigger-template'] == 'catalog' + bindings: + - ref: deploy-source-git + - name: registry + value: $(body.params.catalog.registry) + - name: registryPath + value: $(body.params.catalog.registryPath) + template: + ref: catalog-publish --- apiVersion: triggers.tekton.dev/v1alpha1 kind: EventListener