diff --git a/tasks/git-clone-checkout/task.yaml b/tasks/git-clone-checkout/task.yaml index 3893789..4b49b93 100644 --- a/tasks/git-clone-checkout/task.yaml +++ b/tasks/git-clone-checkout/task.yaml @@ -1,4 +1,3 @@ ---- apiVersion: tekton.dev/v1 kind: Task metadata: @@ -9,14 +8,14 @@ metadata: tekton.dev/pipelines.minVersion: "0.38.0" tekton.dev/categories: Git tekton.dev/tags: git - tekton.dev/displayName: "git clone & checkout" + tekton.dev/displayName: "git clone and checkout" tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le,linux/arm64" spec: description: >- These Tasks are Git tasks to work with repositories used by other tasks in your Pipeline. - The git-clone-checkout Task will clone a repo from the provided url into the + The git-clone Task will clone a repo from the provided url into the output Workspace. By default the repo will be cloned into the root of your Workspace. You can clone into a subdirectory by setting this Task's subdirectory param. This Task also supports sparse checkouts. To perform @@ -46,15 +45,58 @@ spec: A workspace containing CA certificates, this will be used by Git to verify the peer with when fetching or pushing over HTTPS. params: - - name: repo-url + - name: url description: Repository URL to clone from. type: string - name: revision description: Revision to checkout. (branch, tag, sha, ref, etc...) type: string default: "" + - name: refspec + description: Refspec to fetch before checking out revision. + default: "" + - name: submodules + description: Initialize and fetch git submodules. + type: string + default: "true" + - name: depth + description: Perform a shallow clone, fetching only the most recent N commits. + type: string + default: "1" + - name: sslVerify + description: Set the `http.sslVerify` global git config. Setting this to `false` is not advised unless you are sure that you trust your git remote. + type: string + default: "true" + - name: crtFileName + description: file name of mounted crt using ssl-ca-directory workspace. default value is ca-bundle.crt. + type: string + default: "ca-bundle.crt" + - name: subdirectory + description: Subdirectory inside the `output` Workspace to clone the repo into. + type: string + default: "" + - name: sparseCheckoutDirectories + description: Define the directory patterns to match or exclude when performing a sparse checkout. + type: string + default: "" + - name: deleteExisting + description: Clean out the contents of the destination directory if it already exists before cloning. + type: string + default: "true" + - name: httpProxy + description: HTTP proxy server for non-SSL requests. + type: string + default: "" + - name: httpsProxy + description: HTTPS proxy server for SSL requests. + type: string + default: "" + - name: noProxy + description: Opt out of proxying HTTP/HTTPS requests. + type: string + default: "" - name: verbose - description: Log the commands that are executed during `git-clone-checkout`'s operation. + description: Log the commands that are executed during `git-clone`'s operation. type: string default: "true" - name: gitInitImage @@ -74,17 +116,39 @@ spec: - name: committer-date description: The epoch timestamp of the commit that was fetched by this Task. steps: - - name: clone-checkout + - name: clone image: "$(params.gitInitImage)" env: - # - name: HOME - # value: "$(params.userHome)" + - name: HOME + value: "$(params.userHome)" - name: PARAM_URL - value: $(params.repo-url) + value: $(params.url) - name: PARAM_REVISION value: $(params.revision) + - name: PARAM_REFSPEC + value: $(params.refspec) + - name: PARAM_SUBMODULES + value: $(params.submodules) + - name: PARAM_DEPTH + value: $(params.depth) + - name: PARAM_SSL_VERIFY + value: $(params.sslVerify) + - name: PARAM_CRT_FILENAME + value: $(params.crtFileName) + - name: PARAM_SUBDIRECTORY + value: $(params.subdirectory) + - name: PARAM_DELETE_EXISTING + value: $(params.deleteExisting) + - name: PARAM_HTTP_PROXY + value: $(params.httpProxy) + - name: PARAM_HTTPS_PROXY + value: $(params.httpsProxy) + - name: PARAM_NO_PROXY + value: $(params.noProxy) - name: PARAM_VERBOSE value: $(params.verbose) + - name: PARAM_SPARSE_CHECKOUT_DIRECTORIES + value: $(params.sparseCheckoutDirectories) - name: PARAM_USER_HOME value: $(params.userHome) - name: WORKSPACE_OUTPUT_PATH @@ -131,13 +195,42 @@ spec: export GIT_SSL_CAINFO="${WORKSPACE_SSL_CA_DIRECTORY_PATH}/${PARAM_CRT_FILENAME}" fi fi + CHECKOUT_DIR="${WORKSPACE_OUTPUT_PATH}/${PARAM_SUBDIRECTORY}" + + cleandir() { + # Delete any existing contents of the repo directory if it exists. + # + # We don't just "rm -rf ${CHECKOUT_DIR}" because ${CHECKOUT_DIR} might be "/" + # or the root of a mounted volume. + if [ -d "${CHECKOUT_DIR}" ] ; then + # Delete non-hidden files and directories + rm -rf "${CHECKOUT_DIR:?}"/* + # Delete files and directories starting with . but excluding .. + rm -rf "${CHECKOUT_DIR}"/.[!.]* + # Delete files and directories starting with .. plus any other character + rm -rf "${CHECKOUT_DIR}"/..?* + fi + } + + if [ "${PARAM_DELETE_EXISTING}" = "true" ] ; then + cleandir || true + fi + + test -z "${PARAM_HTTP_PROXY}" || export HTTP_PROXY="${PARAM_HTTP_PROXY}" + test -z "${PARAM_HTTPS_PROXY}" || export HTTPS_PROXY="${PARAM_HTTPS_PROXY}" + test -z "${PARAM_NO_PROXY}" || export NO_PROXY="${PARAM_NO_PROXY}" git config --global --add safe.directory "${WORKSPACE_OUTPUT_PATH}" - cd "${WORKSPACE_OUTPUT_PATH}" - - git clone "${PARAM_URL}" . - git checkout "${PARAM_REVISION}" - + /ko-app/git-init \ + -url="${PARAM_URL}" \ + -revision="${PARAM_REVISION}" \ + -refspec="${PARAM_REFSPEC}" \ + -path="${CHECKOUT_DIR}" \ + -sslVerify="${PARAM_SSL_VERIFY}" \ + -submodules="${PARAM_SUBMODULES}" \ + -depth="${PARAM_DEPTH}" \ + -sparseCheckoutDirectories="${PARAM_SPARSE_CHECKOUT_DIRECTORIES}" + cd "${CHECKOUT_DIR}" RESULT_SHA="$(git rev-parse HEAD)" EXIT_CODE="$?" if [ "${EXIT_CODE}" != 0 ] ; then