Initial commit
This commit is contained in:
commit
a214445dea
|
@ -0,0 +1,18 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
# Kustomize will add the namespace and labels to all files being kustomized
|
||||
namespace: tekton-argocd-example
|
||||
commonLabels:
|
||||
pipeline: tekton
|
||||
deploy: argocd
|
||||
|
||||
resources:
|
||||
- resources/pipeline-admin-role.yml
|
||||
- resources/triggers-admin-role.yml
|
||||
- resources/build-task-cm.yml
|
||||
- resources/argocd-task-cm.yml
|
||||
- tasks/build-task.yml
|
||||
- tasks/argocd-task.yml
|
||||
- pipelines/build-deploy-pipeline.yml
|
||||
- triggers/build-deploy-trigger.yml
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
apiVersion: tekton.dev/v1alpha1
|
||||
kind: Pipeline
|
||||
metadata:
|
||||
name: tekton-argocd-example-build-deploy-pipeline
|
||||
spec:
|
||||
resources:
|
||||
- name: git-app-repo
|
||||
type: git
|
||||
- name: image-registry
|
||||
type: image
|
||||
tasks:
|
||||
- name: build-docker-image
|
||||
taskRef:
|
||||
name: build-docker-image
|
||||
params:
|
||||
- name: pathToDockerFile
|
||||
value: Dockerfile
|
||||
- name: pathToContext
|
||||
value: /workspace/git-app-repo
|
||||
resources:
|
||||
inputs:
|
||||
- name: git-app-repo
|
||||
resource: git-app-repo
|
||||
outputs:
|
||||
- name: image-registry
|
||||
resource: image-registry
|
||||
- name: sync-application
|
||||
taskRef:
|
||||
name: argocd-task-sync-and-wait
|
||||
runAfter:
|
||||
- build-docker-image
|
||||
params:
|
||||
- name: flags
|
||||
value: --insecure # needed in this example only because the Argo CD server is locally hosted
|
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: argocd-env-configmap
|
||||
data:
|
||||
ARGOCD_SERVER: https://argocd.k8s-argocd.tk
|
||||
ARGOCD_APPLICATION_NAME: tekton-pipeline-app
|
||||
ARGOCD_APPLICATION_REVISION: HEAD
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: build-task-configmap
|
||||
data:
|
||||
DOCKER_TAG: "1.0.0"
|
||||
DOCKER_IMAGE_NAME: hello-app
|
||||
DOCKER_NAMESPACE: tekton-demo
|
|
@ -0,0 +1,25 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: tekton-argocd-example
|
||||
commonLabels:
|
||||
pipeline: tekton
|
||||
deploy: argocd
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- secrets.yaml
|
||||
|
||||
# Generate secrets from <name>_secrets.env, appending the Base64-encoded values to the Secrets definition at the time of kustomize build
|
||||
secretGenerator:
|
||||
- behavior: merge
|
||||
name: basic-git-app-repo-user-pass
|
||||
type: kubernetes.io/basic-auth
|
||||
env: secrets/git_app_secrets.env
|
||||
- behavior: merge
|
||||
name: basic-docker-user-pass
|
||||
type: kubernetes.io/basic-auth
|
||||
env: secrets/docker_secrets.env
|
||||
- behavior: merge
|
||||
name: argocd-env-secret
|
||||
env: secrets/argocd_secrets.env
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: tekton-argocd-example
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: pipeline-sa
|
||||
secrets:
|
||||
- name: basic-docker-user-pass
|
||||
- name: basic-git-app-repo-user-pass
|
||||
|
||||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: pipeline-role
|
||||
rules:
|
||||
- apiGroups: ["extensions", "apps", ""]
|
||||
resources: ["services", "deployments", "pods"]
|
||||
verbs: ["get", "create", "update", "patch", "list", "delete"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: pipeline-role-binding
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: pipeline-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: pipeline-sa
|
||||
namespace: tekton-argocd-example
|
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: basic-git-app-repo-user-pass
|
||||
annotations:
|
||||
# Replace <git_repo_url> with your git repo URL (e.g. https://github.com/d0-labs/tekton-pipeline-example-app)
|
||||
tekton.dev/git-0: https://github.com/victor-timofei/tekton-pipeline-example-app
|
||||
type: kubernetes.io/basic-auth
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: basic-docker-user-pass
|
||||
annotations:
|
||||
# Replace <docker_registry_url> with your docker registry URL (e.g. https://my-acr.azurecr.io)
|
||||
tekton.dev/docker-0: https://hub.docker.com/u/vtimofei
|
||||
type: kubernetes.io/basic-auth
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: argocd-env-secret
|
|
@ -0,0 +1 @@
|
|||
*_secrets.env
|
|
@ -0,0 +1,49 @@
|
|||
---
|
||||
kind: Role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: tekton-triggers-admin
|
||||
rules:
|
||||
- apiGroups:
|
||||
- triggers.tekton.dev
|
||||
resources:
|
||||
- eventlisteners
|
||||
- triggerbindings
|
||||
- triggertemplates
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- tekton.dev
|
||||
resources:
|
||||
- pipelineruns
|
||||
- pipelineresources
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: tekton-triggers-admin
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: tekton-triggers-admin-binding
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: tekton-triggers-admin
|
||||
namespace: tekton-argocd-example
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: tekton-triggers-admin
|
|
@ -0,0 +1,23 @@
|
|||
apiVersion: tekton.dev/v1beta1
|
||||
kind: Task
|
||||
metadata:
|
||||
name: argocd-task-sync-and-wait
|
||||
spec:
|
||||
params:
|
||||
- name: flags
|
||||
default: --
|
||||
- name: argocd-version
|
||||
default: v1.7.6
|
||||
stepTemplate:
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: argocd-env-configmap # used for server address
|
||||
- secretRef:
|
||||
name: argocd-env-secret # used for authentication (username/password or auth token)
|
||||
steps:
|
||||
- name: argocd-app-sync
|
||||
image: argoproj/argocd:$(params.argocd-version)
|
||||
script: |
|
||||
argocd login $ARGOCD_SERVER --grpc-web-root-path /argo-cd --username $ARGOCD_USERNAME --password $ARGOCD_PASSWORD
|
||||
argocd app sync $ARGOCD_APPLICATION_NAME $(params.flags) --grpc-web-root-path /argo-cd --server $ARGOCD_SERVER
|
||||
argocd app wait $ARGOCD_APPLICATION_NAME --health $(params.flags) --grpc-web-root-path /argo-cd --server $ARGOCD_SERVER
|
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
apiVersion: tekton.dev/v1beta1
|
||||
kind: Task
|
||||
metadata:
|
||||
name: build-docker-image
|
||||
spec:
|
||||
resources:
|
||||
inputs:
|
||||
- name: git-app-repo
|
||||
type: git
|
||||
outputs:
|
||||
- name: image-registry
|
||||
type: image
|
||||
params:
|
||||
- name: pathToDockerFile
|
||||
description: Path to Dockerfile
|
||||
default: Dockerfile
|
||||
- name: pathToContext
|
||||
description: The build context used by Kaniko
|
||||
default: /workspace/git-app-repo
|
||||
|
||||
# Get our Docker image details from the build-task-configmap configmap
|
||||
stepTemplate:
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: build-task-configmap
|
||||
steps:
|
||||
- name: build-and-push
|
||||
image: gcr.io/kaniko-project/executor:v0.10.0
|
||||
env:
|
||||
- name: "DOCKER_CONFIG"
|
||||
value: "/builder/home/.docker/"
|
||||
command:
|
||||
- /kaniko/executor
|
||||
args:
|
||||
- --dockerfile=$(params.pathToContext)/$(params.pathToDockerFile)
|
||||
- --destination=$(resources.outputs.image-registry.url)/$(DOCKER_NAMESPACE)/$(DOCKER_IMAGE_NAME):$(DOCKER_TAG)
|
||||
- --context=$(params.pathToContext)
|
|
@ -0,0 +1,131 @@
|
|||
apiVersion: triggers.tekton.dev/v1alpha1
|
||||
kind: TriggerTemplate
|
||||
metadata:
|
||||
name: tekton-argocd-example-build-tt
|
||||
spec:
|
||||
params:
|
||||
- name: git-app-repo-url
|
||||
- name: git-app-repo-name
|
||||
- name: git-app-repo-revision
|
||||
resourcetemplates:
|
||||
- apiVersion: tekton.dev/v1alpha1
|
||||
kind: PipelineResource
|
||||
metadata:
|
||||
name: git-app-repo-$(uid)
|
||||
namespace: tekton-argocd-example
|
||||
labels:
|
||||
pipeline: tekton
|
||||
deploy: argocd
|
||||
spec:
|
||||
params:
|
||||
- name: url
|
||||
value: $(tt.params.git-app-repo-url)
|
||||
- name: revision
|
||||
value: $(tt.params.git-app-repo-revision)
|
||||
- name: git-app-repo-name
|
||||
value: $(tt.params.git-app-repo-name)
|
||||
type: git
|
||||
- apiVersion: tekton.dev/v1alpha1
|
||||
kind: PipelineResource
|
||||
metadata:
|
||||
name: image-registry-$(uid)
|
||||
namespace: tekton-argocd-example
|
||||
labels:
|
||||
pipeline: tekton
|
||||
deploy: argocd
|
||||
spec:
|
||||
params:
|
||||
- name: url
|
||||
# Replace <docker_registry_name> with your docker registry name (e.g. my-acr.azurecr.io)
|
||||
value: "https://hub.docker.com/u/vtimofei"
|
||||
type: image
|
||||
- apiVersion: tekton.dev/v1alpha1
|
||||
kind: PipelineRun
|
||||
metadata:
|
||||
generateName: tekton-argocd-example-build-deploy-pipeline-run-
|
||||
namespace: tekton-argocd-example
|
||||
labels:
|
||||
pipeline: tekton
|
||||
deploy: argocd
|
||||
spec:
|
||||
serviceAccountName: pipeline-sa
|
||||
pipelineRef:
|
||||
name: tekton-argocd-example-build-deploy-pipeline
|
||||
resources:
|
||||
- name: git-app-repo
|
||||
resourceRef:
|
||||
name: git-app-repo-$(uid)
|
||||
- name: image-registry
|
||||
resourceRef:
|
||||
name: image-registry-$(uid)
|
||||
|
||||
---
|
||||
|
||||
apiVersion: triggers.tekton.dev/v1alpha1
|
||||
kind: TriggerBinding
|
||||
metadata:
|
||||
name: tekton-argocd-example-build-git-tb
|
||||
spec:
|
||||
params:
|
||||
- name: git-app-repo-url
|
||||
# Replace with path to the JSON resource you want, based on the Git provider that you're using (e.g. for AzureDevOps: resource.repository.remoteUrl)
|
||||
value: $(body.repository.url)
|
||||
- name: git-app-repo-revision
|
||||
value: master
|
||||
|
||||
---
|
||||
|
||||
apiVersion: triggers.tekton.dev/v1alpha1
|
||||
kind: EventListener
|
||||
metadata:
|
||||
name: tekton-argocd-example-build-el
|
||||
spec:
|
||||
serviceAccountName: tekton-triggers-admin
|
||||
triggers:
|
||||
- bindings:
|
||||
- ref: tekton-argocd-example-build-git-tb
|
||||
template:
|
||||
name: tekton-argocd-example-build-tt
|
||||
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: argocd-app
|
||||
namespace: argocd
|
||||
spec:
|
||||
dnsNames:
|
||||
- k8s-argocd.tk
|
||||
secretName: argocd-app-tls
|
||||
issuerRef:
|
||||
name: letsencrypt-cluster-issuer
|
||||
kind: ClusterIssuer
|
||||
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: tekton-argocd-example-build-el-ingress
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
|
||||
kubernetes.io/ingress.class: nginx
|
||||
kubernetes.io/tls-acme: "true"
|
||||
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
|
||||
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
||||
spec:
|
||||
rules:
|
||||
- host: k8s-argocd.tk
|
||||
http:
|
||||
paths:
|
||||
- path: /tekton-argocd-example-build-mapping/
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: el-tekton-argocd-example-build-el
|
||||
port:
|
||||
number: 8080
|
||||
tls:
|
||||
- hosts:
|
||||
- k8s-argocd.tk
|
||||
secretName: argocd-app-tls
|
||||
|
Loading…
Reference in New Issue