Initial commit
This commit is contained in:
commit
a214445dea
|
@ -0,0 +1,18 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
# Kustomize will add the namespace and labels to all files being kustomized
|
||||||
|
namespace: tekton-argocd-example
|
||||||
|
commonLabels:
|
||||||
|
pipeline: tekton
|
||||||
|
deploy: argocd
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- resources/pipeline-admin-role.yml
|
||||||
|
- resources/triggers-admin-role.yml
|
||||||
|
- resources/build-task-cm.yml
|
||||||
|
- resources/argocd-task-cm.yml
|
||||||
|
- tasks/build-task.yml
|
||||||
|
- tasks/argocd-task.yml
|
||||||
|
- pipelines/build-deploy-pipeline.yml
|
||||||
|
- triggers/build-deploy-trigger.yml
|
|
@ -0,0 +1,35 @@
|
||||||
|
---
|
||||||
|
apiVersion: tekton.dev/v1alpha1
|
||||||
|
kind: Pipeline
|
||||||
|
metadata:
|
||||||
|
name: tekton-argocd-example-build-deploy-pipeline
|
||||||
|
spec:
|
||||||
|
resources:
|
||||||
|
- name: git-app-repo
|
||||||
|
type: git
|
||||||
|
- name: image-registry
|
||||||
|
type: image
|
||||||
|
tasks:
|
||||||
|
- name: build-docker-image
|
||||||
|
taskRef:
|
||||||
|
name: build-docker-image
|
||||||
|
params:
|
||||||
|
- name: pathToDockerFile
|
||||||
|
value: Dockerfile
|
||||||
|
- name: pathToContext
|
||||||
|
value: /workspace/git-app-repo
|
||||||
|
resources:
|
||||||
|
inputs:
|
||||||
|
- name: git-app-repo
|
||||||
|
resource: git-app-repo
|
||||||
|
outputs:
|
||||||
|
- name: image-registry
|
||||||
|
resource: image-registry
|
||||||
|
- name: sync-application
|
||||||
|
taskRef:
|
||||||
|
name: argocd-task-sync-and-wait
|
||||||
|
runAfter:
|
||||||
|
- build-docker-image
|
||||||
|
params:
|
||||||
|
- name: flags
|
||||||
|
value: --insecure # needed in this example only because the Argo CD server is locally hosted
|
|
@ -0,0 +1,9 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: argocd-env-configmap
|
||||||
|
data:
|
||||||
|
ARGOCD_SERVER: https://argocd.k8s-argocd.tk
|
||||||
|
ARGOCD_APPLICATION_NAME: tekton-pipeline-app
|
||||||
|
ARGOCD_APPLICATION_REVISION: HEAD
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: build-task-configmap
|
||||||
|
data:
|
||||||
|
DOCKER_TAG: "1.0.0"
|
||||||
|
DOCKER_IMAGE_NAME: hello-app
|
||||||
|
DOCKER_NAMESPACE: tekton-demo
|
|
@ -0,0 +1,25 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
|
||||||
|
namespace: tekton-argocd-example
|
||||||
|
commonLabels:
|
||||||
|
pipeline: tekton
|
||||||
|
deploy: argocd
|
||||||
|
|
||||||
|
resources:
|
||||||
|
- namespace.yaml
|
||||||
|
- secrets.yaml
|
||||||
|
|
||||||
|
# Generate secrets from <name>_secrets.env, appending the Base64-encoded values to the Secrets definition at the time of kustomize build
|
||||||
|
secretGenerator:
|
||||||
|
- behavior: merge
|
||||||
|
name: basic-git-app-repo-user-pass
|
||||||
|
type: kubernetes.io/basic-auth
|
||||||
|
env: secrets/git_app_secrets.env
|
||||||
|
- behavior: merge
|
||||||
|
name: basic-docker-user-pass
|
||||||
|
type: kubernetes.io/basic-auth
|
||||||
|
env: secrets/docker_secrets.env
|
||||||
|
- behavior: merge
|
||||||
|
name: argocd-env-secret
|
||||||
|
env: secrets/argocd_secrets.env
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: tekton-argocd-example
|
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: pipeline-sa
|
||||||
|
secrets:
|
||||||
|
- name: basic-docker-user-pass
|
||||||
|
- name: basic-git-app-repo-user-pass
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: Role
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: pipeline-role
|
||||||
|
rules:
|
||||||
|
- apiGroups: ["extensions", "apps", ""]
|
||||||
|
resources: ["services", "deployments", "pods"]
|
||||||
|
verbs: ["get", "create", "update", "patch", "list", "delete"]
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
name: pipeline-role-binding
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: Role
|
||||||
|
name: pipeline-role
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: pipeline-sa
|
||||||
|
namespace: tekton-argocd-example
|
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: basic-git-app-repo-user-pass
|
||||||
|
annotations:
|
||||||
|
# Replace <git_repo_url> with your git repo URL (e.g. https://github.com/d0-labs/tekton-pipeline-example-app)
|
||||||
|
tekton.dev/git-0: https://github.com/victor-timofei/tekton-pipeline-example-app
|
||||||
|
type: kubernetes.io/basic-auth
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: basic-docker-user-pass
|
||||||
|
annotations:
|
||||||
|
# Replace <docker_registry_url> with your docker registry URL (e.g. https://my-acr.azurecr.io)
|
||||||
|
tekton.dev/docker-0: https://hub.docker.com/u/vtimofei
|
||||||
|
type: kubernetes.io/basic-auth
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: argocd-env-secret
|
|
@ -0,0 +1 @@
|
||||||
|
*_secrets.env
|
|
@ -0,0 +1,49 @@
|
||||||
|
---
|
||||||
|
kind: Role
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: tekton-triggers-admin
|
||||||
|
rules:
|
||||||
|
- apiGroups:
|
||||||
|
- triggers.tekton.dev
|
||||||
|
resources:
|
||||||
|
- eventlisteners
|
||||||
|
- triggerbindings
|
||||||
|
- triggertemplates
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- apiGroups:
|
||||||
|
- tekton.dev
|
||||||
|
resources:
|
||||||
|
- pipelineruns
|
||||||
|
- pipelineresources
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ServiceAccount
|
||||||
|
metadata:
|
||||||
|
name: tekton-triggers-admin
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
name: tekton-triggers-admin-binding
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: tekton-triggers-admin
|
||||||
|
namespace: tekton-argocd-example
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: Role
|
||||||
|
name: tekton-triggers-admin
|
|
@ -0,0 +1,23 @@
|
||||||
|
apiVersion: tekton.dev/v1beta1
|
||||||
|
kind: Task
|
||||||
|
metadata:
|
||||||
|
name: argocd-task-sync-and-wait
|
||||||
|
spec:
|
||||||
|
params:
|
||||||
|
- name: flags
|
||||||
|
default: --
|
||||||
|
- name: argocd-version
|
||||||
|
default: v1.7.6
|
||||||
|
stepTemplate:
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: argocd-env-configmap # used for server address
|
||||||
|
- secretRef:
|
||||||
|
name: argocd-env-secret # used for authentication (username/password or auth token)
|
||||||
|
steps:
|
||||||
|
- name: argocd-app-sync
|
||||||
|
image: argoproj/argocd:$(params.argocd-version)
|
||||||
|
script: |
|
||||||
|
argocd login $ARGOCD_SERVER --grpc-web-root-path /argo-cd --username $ARGOCD_USERNAME --password $ARGOCD_PASSWORD
|
||||||
|
argocd app sync $ARGOCD_APPLICATION_NAME $(params.flags) --grpc-web-root-path /argo-cd --server $ARGOCD_SERVER
|
||||||
|
argocd app wait $ARGOCD_APPLICATION_NAME --health $(params.flags) --grpc-web-root-path /argo-cd --server $ARGOCD_SERVER
|
|
@ -0,0 +1,38 @@
|
||||||
|
---
|
||||||
|
apiVersion: tekton.dev/v1beta1
|
||||||
|
kind: Task
|
||||||
|
metadata:
|
||||||
|
name: build-docker-image
|
||||||
|
spec:
|
||||||
|
resources:
|
||||||
|
inputs:
|
||||||
|
- name: git-app-repo
|
||||||
|
type: git
|
||||||
|
outputs:
|
||||||
|
- name: image-registry
|
||||||
|
type: image
|
||||||
|
params:
|
||||||
|
- name: pathToDockerFile
|
||||||
|
description: Path to Dockerfile
|
||||||
|
default: Dockerfile
|
||||||
|
- name: pathToContext
|
||||||
|
description: The build context used by Kaniko
|
||||||
|
default: /workspace/git-app-repo
|
||||||
|
|
||||||
|
# Get our Docker image details from the build-task-configmap configmap
|
||||||
|
stepTemplate:
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: build-task-configmap
|
||||||
|
steps:
|
||||||
|
- name: build-and-push
|
||||||
|
image: gcr.io/kaniko-project/executor:v0.10.0
|
||||||
|
env:
|
||||||
|
- name: "DOCKER_CONFIG"
|
||||||
|
value: "/builder/home/.docker/"
|
||||||
|
command:
|
||||||
|
- /kaniko/executor
|
||||||
|
args:
|
||||||
|
- --dockerfile=$(params.pathToContext)/$(params.pathToDockerFile)
|
||||||
|
- --destination=$(resources.outputs.image-registry.url)/$(DOCKER_NAMESPACE)/$(DOCKER_IMAGE_NAME):$(DOCKER_TAG)
|
||||||
|
- --context=$(params.pathToContext)
|
|
@ -0,0 +1,131 @@
|
||||||
|
apiVersion: triggers.tekton.dev/v1alpha1
|
||||||
|
kind: TriggerTemplate
|
||||||
|
metadata:
|
||||||
|
name: tekton-argocd-example-build-tt
|
||||||
|
spec:
|
||||||
|
params:
|
||||||
|
- name: git-app-repo-url
|
||||||
|
- name: git-app-repo-name
|
||||||
|
- name: git-app-repo-revision
|
||||||
|
resourcetemplates:
|
||||||
|
- apiVersion: tekton.dev/v1alpha1
|
||||||
|
kind: PipelineResource
|
||||||
|
metadata:
|
||||||
|
name: git-app-repo-$(uid)
|
||||||
|
namespace: tekton-argocd-example
|
||||||
|
labels:
|
||||||
|
pipeline: tekton
|
||||||
|
deploy: argocd
|
||||||
|
spec:
|
||||||
|
params:
|
||||||
|
- name: url
|
||||||
|
value: $(tt.params.git-app-repo-url)
|
||||||
|
- name: revision
|
||||||
|
value: $(tt.params.git-app-repo-revision)
|
||||||
|
- name: git-app-repo-name
|
||||||
|
value: $(tt.params.git-app-repo-name)
|
||||||
|
type: git
|
||||||
|
- apiVersion: tekton.dev/v1alpha1
|
||||||
|
kind: PipelineResource
|
||||||
|
metadata:
|
||||||
|
name: image-registry-$(uid)
|
||||||
|
namespace: tekton-argocd-example
|
||||||
|
labels:
|
||||||
|
pipeline: tekton
|
||||||
|
deploy: argocd
|
||||||
|
spec:
|
||||||
|
params:
|
||||||
|
- name: url
|
||||||
|
# Replace <docker_registry_name> with your docker registry name (e.g. my-acr.azurecr.io)
|
||||||
|
value: "https://hub.docker.com/u/vtimofei"
|
||||||
|
type: image
|
||||||
|
- apiVersion: tekton.dev/v1alpha1
|
||||||
|
kind: PipelineRun
|
||||||
|
metadata:
|
||||||
|
generateName: tekton-argocd-example-build-deploy-pipeline-run-
|
||||||
|
namespace: tekton-argocd-example
|
||||||
|
labels:
|
||||||
|
pipeline: tekton
|
||||||
|
deploy: argocd
|
||||||
|
spec:
|
||||||
|
serviceAccountName: pipeline-sa
|
||||||
|
pipelineRef:
|
||||||
|
name: tekton-argocd-example-build-deploy-pipeline
|
||||||
|
resources:
|
||||||
|
- name: git-app-repo
|
||||||
|
resourceRef:
|
||||||
|
name: git-app-repo-$(uid)
|
||||||
|
- name: image-registry
|
||||||
|
resourceRef:
|
||||||
|
name: image-registry-$(uid)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
apiVersion: triggers.tekton.dev/v1alpha1
|
||||||
|
kind: TriggerBinding
|
||||||
|
metadata:
|
||||||
|
name: tekton-argocd-example-build-git-tb
|
||||||
|
spec:
|
||||||
|
params:
|
||||||
|
- name: git-app-repo-url
|
||||||
|
# Replace with path to the JSON resource you want, based on the Git provider that you're using (e.g. for AzureDevOps: resource.repository.remoteUrl)
|
||||||
|
value: $(body.repository.url)
|
||||||
|
- name: git-app-repo-revision
|
||||||
|
value: master
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
apiVersion: triggers.tekton.dev/v1alpha1
|
||||||
|
kind: EventListener
|
||||||
|
metadata:
|
||||||
|
name: tekton-argocd-example-build-el
|
||||||
|
spec:
|
||||||
|
serviceAccountName: tekton-triggers-admin
|
||||||
|
triggers:
|
||||||
|
- bindings:
|
||||||
|
- ref: tekton-argocd-example-build-git-tb
|
||||||
|
template:
|
||||||
|
name: tekton-argocd-example-build-tt
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: argocd-app
|
||||||
|
namespace: argocd
|
||||||
|
spec:
|
||||||
|
dnsNames:
|
||||||
|
- k8s-argocd.tk
|
||||||
|
secretName: argocd-app-tls
|
||||||
|
issuerRef:
|
||||||
|
name: letsencrypt-cluster-issuer
|
||||||
|
kind: ClusterIssuer
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: tekton-argocd-example-build-el-ingress
|
||||||
|
annotations:
|
||||||
|
cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
|
||||||
|
kubernetes.io/ingress.class: nginx
|
||||||
|
kubernetes.io/tls-acme: "true"
|
||||||
|
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||||
|
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: k8s-argocd.tk
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /tekton-argocd-example-build-mapping/
|
||||||
|
pathType: Prefix
|
||||||
|
backend:
|
||||||
|
service:
|
||||||
|
name: el-tekton-argocd-example-build-el
|
||||||
|
port:
|
||||||
|
number: 8080
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- k8s-argocd.tk
|
||||||
|
secretName: argocd-app-tls
|
||||||
|
|
Loading…
Reference in New Issue