Skip to content

Commit

Permalink
change to remote resolution for examples
Browse files Browse the repository at this point in the history
  • Loading branch information
@JeromeJu
JeromeJu committed Oct 4, 2022
1 parent 07f91e3 commit efa0da9
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 174 deletions.
116 changes: 10 additions & 106 deletions examples/v1/pipelineruns/pipelinerun-with-final-tasks.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,108 +1,3 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: git-clone-from-catalog
spec:
workspaces:
- name: output
description: The git repo will be cloned onto the volume backing this workspace
params:
- name: url
description: git url to clone
type: string
- name: revision
description: git revision to checkout (branch, tag, sha, ref…)
type: string
default: main
- name: refspec
description: (optional) git refspec to fetch before checking out revision
default: ""
- name: submodules
description: defines if the resource should initialize and fetch the submodules
type: string
default: "true"
- name: depth
description: performs a shallow clone where only the most recent commit(s) will be fetched
type: string
default: "1"
- name: sslVerify
description: defines if http.sslVerify should be set to true or false in the global git config
type: string
default: "true"
- name: subdirectory
description: subdirectory inside the "output" workspace to clone the git repo into
type: string
default: ""
- name: deleteExisting
description: clean out the contents of the repo's destination directory (if it already exists) before trying to clone the repo there
type: string
default: "false"
- name: httpProxy
description: git HTTP proxy server for non-SSL requests
type: string
default: ""
- name: httpsProxy
description: git HTTPS proxy server for SSL requests
type: string
default: ""
- name: noProxy
description: git no proxy - opt out of proxying HTTP/HTTPS requests
type: string
default: ""
results:
- name: commit
description: The precise commit SHA that was fetched by this Task
steps:
- name: clone
image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init:latest
securityContext:
runAsUser: 0 # This needs root, and git-init is nonroot by default
script: |
CHECKOUT_DIR="$(workspaces.output.path)/$(params.subdirectory)"
cleandir() {
# Delete any existing contents of the repo directory if it exists.
#
# We don't just "rm -rf $CHECKOUT_DIR" because $CHECKOUT_DIR might be "/"
# or the root of a mounted volume.
if [[ -d "$CHECKOUT_DIR" ]] ; then
# Delete non-hidden files and directories
rm -rf "$CHECKOUT_DIR"/*
# Delete files and directories starting with . but excluding ..
rm -rf "$CHECKOUT_DIR"/.[!.]*
# Delete files and directories starting with .. plus any other character
rm -rf "$CHECKOUT_DIR"/..?*
fi
}
if [[ "$(params.deleteExisting)" == "true" ]] ; then
cleandir
fi
test -z "$(params.httpProxy)" || export HTTP_PROXY=$(params.httpProxy)
test -z "$(params.httpsProxy)" || export HTTPS_PROXY=$(params.httpsProxy)
test -z "$(params.noProxy)" || export NO_PROXY=$(params.noProxy)
/ko-app/git-init \
-url "$(params.url)" \
-revision "$(params.revision)" \
-refspec "$(params.refspec)" \
-path "$CHECKOUT_DIR" \
-sslVerify="$(params.sslVerify)" \
-submodules="$(params.submodules)" \
-depth "$(params.depth)"
cd "$CHECKOUT_DIR"
RESULT_SHA="$(git rev-parse HEAD | tr -d '\n')"
EXIT_CODE="$?"
if [ "$EXIT_CODE" != 0 ]
then
exit $EXIT_CODE
fi
# Make sure we don't add a trailing newline to the result!
echo -n "$RESULT_SHA" > $(results.commit.path)
---

# Task to cleanup shared workspace
apiVersion: tekton.dev/v1
kind: Task
Expand Down Expand Up @@ -146,7 +41,16 @@ spec:
# Clone app repo to workspace
- name: clone-app-repo
taskRef:
name: git-clone-from-catalog
resolver: git
params:
- name: org
value: tektoncd
- name: repo
value: catalog
- name: revision
value: v1beta1
- name: pathInRepo
value: git/git-clone.yaml
params:
- name: url
value: https://github.com/tektoncd/community.git
Expand Down
88 changes: 20 additions & 68 deletions examples/v1/pipelineruns/pipelinerun.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,72 +116,6 @@ spec:
# Make sure we don't add a trailing newline to the result!
echo -n "$RESULT_SHA" > $(results.commit.path)
---
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: kaniko
spec:
workspaces:
- name: source
params:
- name: IMAGE
description: Name (reference) of the image to build.
- name: DOCKERFILE
description: Path to the Dockerfile to build.
default: ./Dockerfile
- name: CONTEXT
description: The build context used by Kaniko.
default: ./
- name: EXTRA_ARGS
default: ""
- name: BUILDER_IMAGE
description: The image on which builds will run
default: gcr.io/kaniko-project/executor:v1.8.1
- name: baseImage
description: Base image for GoogleContainerTools/skaffold microservice apps
default: BASE=alpine:3.9
results:
- name: IMAGE_DIGEST
description: Digest of the image just built.
steps:
- name: build-and-push
workingDir: $(workspaces.source.path)
image: $(params.BUILDER_IMAGE)
# specifying DOCKER_CONFIG is required to allow kaniko to detect docker credential
# https://github.com/tektoncd/pipeline/pull/706
env:
- name: DOCKER_CONFIG
value: /tekton/home/.docker
command:
- /kaniko/executor
- $(params.EXTRA_ARGS)
- --dockerfile=$(params.DOCKERFILE)
- --context=$(workspaces.source.path)/$(params.CONTEXT) # The user does not need to care the workspace and the source.
- --destination=$(params.IMAGE)
- --oci-layout-path=$(workspaces.source.path)/$(params.CONTEXT)/image-digest
- --build-arg=$(inputs.params.baseImage)
- --ignore-path=/product_uuid # TODO(abayer): Work around Kaniko multi-stage build issues on Kind: https://github.com/GoogleContainerTools/kaniko/issues/2164
# kaniko assumes it is running as root, which means this example fails on platforms
# that default to run containers as random uid (like OpenShift). Adding this securityContext
# makes it explicit that it needs to run as root.
securityContext:
runAsUser: 0
- name: write-digest
workingDir: $(workspaces.source.path)
image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/imagedigestexporter:latest
# output of imagedigestexport [{"name":"image","digest":"sha256:eed29..660"}]
command: ["/ko-app/imagedigestexporter"]
securityContext:
runAsUser: 0
args:
- -images=[{"name":"$(params.IMAGE)","type":"image","url":"$(params.IMAGE)","digest":"","OutputImageDir":"$(workspaces.source.path)/$(params.CONTEXT)/image-digest"}]
- -terminationMessagePath=$(params.CONTEXT)/image-digested
- name: digest-to-results
workingDir: $(workspaces.source.path)
image: stedolan/jq
script: |
cat $(params.CONTEXT)/image-digested | jq '.[0].value' -rj | tee /tekton/results/IMAGE_DIGEST
---
# This task deploys with kubectl apply -f <filename>
apiVersion: tekton.dev/v1
kind: Task
Expand Down Expand Up @@ -252,7 +186,16 @@ spec:
- name: build-skaffold-web
runAfter: [skaffold-unit-tests]
taskRef:
name: kaniko
resolver: git
params:
- name: org
value: tektoncd
- name: repo
value: catalog
- name: revision
value: v1beta1
- name: pathInRepo
value: kaniko/kaniko.yaml
params:
- name: IMAGE
value: $(params.image-registry)/leeroy-web
Expand All @@ -266,7 +209,16 @@ spec:
- name: build-skaffold-app
runAfter: [skaffold-unit-tests]
taskRef:
name: kaniko
resolver: git
params:
- name: org
value: tektoncd
- name: repo
value: catalog
- name: revision
value: v1beta1
- name: pathInRepo
value: kaniko/kaniko.yaml
params:
- name: IMAGE
value: $(params.image-registry)/leeroy-app
Expand Down

0 comments on commit efa0da9

Please sign in to comment.