loafle/tekton-hub
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
병준 박 2025-04-08 22:03:19 +00:00
parent 07e247d51e
commit 2bbb92b32d
4 changed files with 93 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
tasks/git-clone-checkout/task.yaml
View File

@ -1,45 +1,87 @@
apiVersion: tekton.dev/v1 ---
apiVersion: tekton.dev/v1beta1
kind: Task kind: Task
metadata: metadata:
name: git-clone-checkout name: git-clone-checkout
namespace: tekton-pipelines namespace: gitops-ci
labels:
app.kubernetes.io/version: "0.9"
annotations:
tekton.dev/pipelines.minVersion: "0.38.0"
tekton.dev/categories: Git
tekton.dev/tags: git
tekton.dev/displayName: "git clone & checkout"
tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le,linux/arm64"
spec: spec:
description: >-
These Tasks are Git tasks to work with repositories used by other tasks
in your Pipeline.
The git-clone-checkout Task will clone a repo from the provided url into the
output Workspace. By default the repo will be cloned into the root of
your Workspace. You can clone into a subdirectory by setting this Task's
subdirectory param. This Task also supports sparse checkouts. To perform
a sparse checkout, pass a list of comma separated directory patterns to
this Task's sparseCheckoutDirectories param.
workspaces: workspaces:
- name: output - name: output
description: The git repo will be cloned onto the volume backing this Workspace.
- name: ssh-directory - name: ssh-directory
optional: true optional: true
description: |
A .ssh directory with private key, known_hosts, config, etc. Copied to
the user's home before git commands are executed. Used to authenticate
with the git remote when performing the clone. Binding a Secret to this
Workspace is strongly recommended over other volume types.
- name: basic-auth - name: basic-auth
optional: true optional: true
description: |
A Workspace containing a .gitconfig and .git-credentials file. These
will be copied to the user's home before any git commands are run. Any
other files in this Workspace are ignored. It is strongly recommended
to use ssh-directory over basic-auth whenever possible and to bind a
Secret to this Workspace over other volume types.
- name: ssl-ca-directory - name: ssl-ca-directory
optional: true optional: true
description: |
A workspace containing CA certificates, this will be used by Git to
verify the peer with when fetching or pushing over HTTPS.
params: params:
- name: repo-url - name: url
description: Repository URL to clone from.
type: string type: string
- name: revision - name: revision
description: Revision to checkout. (branch, tag, sha, ref, etc...)
type: string type: string
default: "" default: ""
- name: verbose - name: verbose
description: Log the commands that are executed during `git-clone-checkout`'s operation.
type: string type: string
default: "true" default: "true"
- name: gitInitImage - name: gitInitImage
description: The image providing the git-init binary that this Task runs.
type: string type: string
default: "alpine/git:latest" default: "alpine/git:latest"
- name: userHome - name: userHome
description: |
Absolute path to the user's home directory.
type: string type: string
default: "/home/git" default: "/home/git"
results: results:
- name: commit - name: commit
description: The precise commit SHA that was fetched by this Task.
- name: url - name: url
description: The precise URL that was fetched by this Task.
- name: committer-date - name: committer-date
description: The epoch timestamp of the commit that was fetched by this Task.
steps: steps:
- name: clone-checkout - name: clone-checkout
image: "$(params.gitInitImage)" image: "$(params.gitInitImage)"
env: env:
- name: HOME - name: HOME
value: "$(params.userHome)" value: "$(params.userHome)"
- name: PARAM_URL - name: PARAM_URL
value: $(params.repo-url) value: $(params.url)
- name: PARAM_REVISION - name: PARAM_REVISION
value: $(params.revision) value: $(params.revision)
- name: PARAM_VERBOSE - name: PARAM_VERBOSE
@ -60,40 +102,49 @@ spec:
value: $(workspaces.ssl-ca-directory.bound) value: $(workspaces.ssl-ca-directory.bound)
- name: WORKSPACE_SSL_CA_DIRECTORY_PATH - name: WORKSPACE_SSL_CA_DIRECTORY_PATH
value: $(workspaces.ssl-ca-directory.path) value: $(workspaces.ssl-ca-directory.path)
securityContext:
runAsNonRoot: true
runAsUser: 65532
script: | script: |
#!/usr/bin/env sh #!/usr/bin/env sh
set -eu set -eu
if [ "${PARAM_VERBOSE}" = "true" ]; then if [ "${PARAM_VERBOSE}" = "true" ] ; then
set -x set -x
fi fi
if [ "${WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND}" = "true" ]; then if [ "${WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND}" = "true" ] ; then
cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.git-credentials" "${PARAM_USER_HOME}/.git-credentials" cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.git-credentials" "${PARAM_USER_HOME}/.git-credentials"
cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.gitconfig" "${PARAM_USER_HOME}/.gitconfig" cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.gitconfig" "${PARAM_USER_HOME}/.gitconfig"
chmod 400 "${PARAM_USER_HOME}/.git-credentials" chmod 400 "${PARAM_USER_HOME}/.git-credentials"
chmod 400 "${PARAM_USER_HOME}/.gitconfig" chmod 400 "${PARAM_USER_HOME}/.gitconfig"
fi fi
if [ "${WORKSPACE_SSH_DIRECTORY_BOUND}" = "true" ]; then if [ "${WORKSPACE_SSH_DIRECTORY_BOUND}" = "true" ] ; then
cp -R "${WORKSPACE_SSH_DIRECTORY_PATH}" "${PARAM_USER_HOME}/.ssh" cp -R "${WORKSPACE_SSH_DIRECTORY_PATH}" "${PARAM_USER_HOME}"/.ssh
chmod 700 "${PARAM_USER_HOME}/.ssh" chmod 700 "${PARAM_USER_HOME}"/.ssh
chmod -R 400 "${PARAM_USER_HOME}/.ssh"/* chmod -R 400 "${PARAM_USER_HOME}"/.ssh/*
fi fi
if [ "${WORKSPACE_SSL_CA_DIRECTORY_BOUND}" = "true" ]; then if [ "${WORKSPACE_SSL_CA_DIRECTORY_BOUND}" = "true" ] ; then
export GIT_SSL_CAPATH="${WORKSPACE_SSL_CA_DIRECTORY_PATH}" export GIT_SSL_CAPATH="${WORKSPACE_SSL_CA_DIRECTORY_PATH}"
if [ "${PARAM_CRT_FILENAME}" != "" ] ; then
export GIT_SSL_CAINFO="${WORKSPACE_SSL_CA_DIRECTORY_PATH}/${PARAM_CRT_FILENAME}"
fi
fi fi
git config --global --add safe.directory "${WORKSPACE_OUTPUT_PATH}" git config --global --add safe.directory "${WORKSPACE_OUTPUT_PATH}"
cd "${WORKSPACE_OUTPUT_PATH}" cd "${WORKSPACE_OUTPUT_PATH}"
git clone "${PARAM_URL}" . git clone "$(params.url)" .
git checkout "${PARAM_REVISION}" git checkout "${PARAM_REVISION}"
RESULT_SHA="$(git rev-parse HEAD)" RESULT_SHA="$(git rev-parse HEAD)"
EXIT_CODE="$?"
if [ "${EXIT_CODE}" != 0 ] ; then
exit "${EXIT_CODE}"
fi
RESULT_COMMITTER_DATE="$(git log -1 --pretty=%ct)" RESULT_COMMITTER_DATE="$(git log -1 --pretty=%ct)"
printf "%s" "${RESULT_COMMITTER_DATE}" > "$(results.committer-date.path)" printf "%s" "${RESULT_COMMITTER_DATE}" > "$(results.committer-date.path)"
printf "%s" "${RESULT_SHA}" > "$(results.commit.path)" printf "%s" "${RESULT_SHA}" > "$(results.commit.path)"
printf "%s" "${PARAM_URL}" > "$(results.url.path)" printf "%s" "$(params.url)" > "$(results.url.path)"

1
tasks/poetry/task.yaml
View File

@ -2,6 +2,7 @@ apiVersion: tekton.dev/v1
kind: Task kind: Task
metadata: metadata:
name: poetry name: poetry
namespace: gitops-ci
labels: labels:
app.kubernetes.io/version: "0.4" app.kubernetes.io/version: "0.4"
annotations: annotations:

1
tasks/pypi/task.yaml
View File

@ -2,6 +2,7 @@ apiVersion: tekton.dev/v1
kind: Task kind: Task
metadata: metadata:
name: pypi name: pypi
namespace: gitops-ci
labels: labels:
app.kubernetes.io/version: "0.2" app.kubernetes.io/version: "0.2"
annotations: annotations:

1
tasks/pytest/task.yaml
View File

@ -2,6 +2,7 @@ apiVersion: tekton.dev/v1
kind: Task kind: Task
metadata: metadata:
name: pytest name: pytest
namespace: gitops-ci
labels: labels:
app.kubernetes.io/version: "0.2" app.kubernetes.io/version: "0.2"
annotations: annotations: