apiVersion: tekton.dev/v1 kind: Task metadata: name: git-clone-checkout labels: app.kubernetes.io/version: "0.4" annotations: tekton.dev/pipelines.minVersion: "0.21.0" tekton.dev/categories: git tekton.dev/tags: git tekton.dev/displayName: "git-clone-checkout" tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le" spec: description: >- This task can be used to perform git operations. git command that needs to be run can be passed as a script to the task. workspaces: - name: output description: The git repo will be cloned onto the volume backing this Workspace. - name: ssh-directory optional: true description: | A .ssh directory with private key, known_hosts, config, etc. Copied to the user's home before git commands are executed. Used to authenticate with the git remote when performing the clone. Binding a Secret to this Workspace is strongly recommended over other volume types. - name: basic-auth optional: true description: | A Workspace containing a .gitconfig and .git-credentials file. These will be copied to the user's home before any git commands are run. Any other files in this Workspace are ignored. It is strongly recommended to use ssh-directory over basic-auth whenever possible and to bind a Secret to this Workspace over other volume types. - name: ssl-ca-directory optional: true description: | A workspace containing CA certificates, this will be used by Git to verify the peer with when fetching or pushing over HTTPS. params: - name: url description: Repository URL to clone from. type: string - name: revision description: Revision to checkout. (branch, tag, sha, ref, etc...) type: string - name: gitInitImage description: The image providing the git-init binary that this Task runs. type: string default: "alpine/git:latest" - name: userHome description: | Absolute path to the user's home directory. type: string default: "/home/git" steps: - name: clone-checkout image: $(params.gitInitImage) workingDir: $(workspaces.output.path) script: | #!/usr/bin/env sh set -eu if [ "${PARAM_VERBOSE}" = "true" ] ; then set -x fi # apiVersion: tekton.dev/v1 # kind: Task # metadata: # name: git-clone-checkout # labels: # app.kubernetes.io/version: "0.9" # annotations: # tekton.dev/pipelines.minVersion: "0.38.0" # tekton.dev/categories: Git # tekton.dev/tags: git # tekton.dev/displayName: "git clone & checkout" # tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le,linux/arm64" # spec: # description: >- # These Tasks are Git tasks to work with repositories used by other tasks # in your Pipeline. # The git-clone-checkout Task will clone a repo from the provided url into the # output Workspace. By default the repo will be cloned into the root of # your Workspace. You can clone into a subdirectory by setting this Task's # subdirectory param. This Task also supports sparse checkouts. To perform # a sparse checkout, pass a list of comma separated directory patterns to # this Task's sparseCheckoutDirectories param. # workspaces: # - name: output # description: The git repo will be cloned onto the volume backing this Workspace. # - name: ssh-directory # optional: true # description: | # A .ssh directory with private key, known_hosts, config, etc. Copied to # the user's home before git commands are executed. Used to authenticate # with the git remote when performing the clone. Binding a Secret to this # Workspace is strongly recommended over other volume types. # - name: basic-auth # optional: true # description: | # A Workspace containing a .gitconfig and .git-credentials file. These # will be copied to the user's home before any git commands are run. Any # other files in this Workspace are ignored. It is strongly recommended # to use ssh-directory over basic-auth whenever possible and to bind a # Secret to this Workspace over other volume types. # - name: ssl-ca-directory # optional: true # description: | # A workspace containing CA certificates, this will be used by Git to # verify the peer with when fetching or pushing over HTTPS. # params: # - name: repo-url # description: Repository URL to clone from. # type: string # - name: revision # description: Revision to checkout. (branch, tag, sha, ref, etc...) # type: string # default: "" # - name: verbose # description: Log the commands that are executed during `git-clone-checkout`'s operation. # type: string # default: "true" # - name: gitInitImage # description: The image providing the git-init binary that this Task runs. # type: string # default: "alpine/git:latest" # - name: userHome # description: | # Absolute path to the user's home directory. # type: string # default: "/home/git" # results: # - name: commit # description: The precise commit SHA that was fetched by this Task. # - name: url # description: The precise URL that was fetched by this Task. # - name: committer-date # description: The epoch timestamp of the commit that was fetched by this Task. # steps: # - name: clone-checkout # image: "$(params.gitInitImage)" # env: # - name: HOME # value: "$(params.userHome)" # - name: PARAM_URL # value: $(params.repo-url) # - name: PARAM_REVISION # value: $(params.revision) # - name: PARAM_VERBOSE # value: $(params.verbose) # - name: PARAM_USER_HOME # value: $(params.userHome) # - name: WORKSPACE_OUTPUT_PATH # value: $(workspaces.output.path) # - name: WORKSPACE_SSH_DIRECTORY_BOUND # value: $(workspaces.ssh-directory.bound) # - name: WORKSPACE_SSH_DIRECTORY_PATH # value: $(workspaces.ssh-directory.path) # - name: WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND # value: $(workspaces.basic-auth.bound) # - name: WORKSPACE_BASIC_AUTH_DIRECTORY_PATH # value: $(workspaces.basic-auth.path) # - name: WORKSPACE_SSL_CA_DIRECTORY_BOUND # value: $(workspaces.ssl-ca-directory.bound) # - name: WORKSPACE_SSL_CA_DIRECTORY_PATH # value: $(workspaces.ssl-ca-directory.path) # script: | # #!/usr/bin/env sh # set -eu # if [ "${PARAM_VERBOSE}" = "true" ] ; then # set -x # fi # if [ "${WORKSPACE_BASIC_AUTH_DIRECTORY_BOUND}" = "true" ] ; then # cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.git-credentials" "${PARAM_USER_HOME}/.git-credentials" # cp "${WORKSPACE_BASIC_AUTH_DIRECTORY_PATH}/.gitconfig" "${PARAM_USER_HOME}/.gitconfig" # chmod 400 "${PARAM_USER_HOME}/.git-credentials" # chmod 400 "${PARAM_USER_HOME}/.gitconfig" # fi # if [ "${WORKSPACE_SSH_DIRECTORY_BOUND}" = "true" ] ; then # cp -R "${WORKSPACE_SSH_DIRECTORY_PATH}" "${PARAM_USER_HOME}"/.ssh # chmod 700 "${PARAM_USER_HOME}"/.ssh # chmod -R 400 "${PARAM_USER_HOME}"/.ssh/* # fi # if [ "${WORKSPACE_SSL_CA_DIRECTORY_BOUND}" = "true" ] ; then # export GIT_SSL_CAPATH="${WORKSPACE_SSL_CA_DIRECTORY_PATH}" # if [ "${PARAM_CRT_FILENAME}" != "" ] ; then # export GIT_SSL_CAINFO="${WORKSPACE_SSL_CA_DIRECTORY_PATH}/${PARAM_CRT_FILENAME}" # fi # fi # git config --global --add safe.directory "${WORKSPACE_OUTPUT_PATH}" # cd "${WORKSPACE_OUTPUT_PATH}" # git clone "${PARAM_URL}" . # git checkout "${PARAM_REVISION}" # RESULT_SHA="$(git rev-parse HEAD)" # EXIT_CODE="$?" # if [ "${EXIT_CODE}" != 0 ] ; then # exit "${EXIT_CODE}" # fi # RESULT_COMMITTER_DATE="$(git log -1 --pretty=%ct)" # printf "%s" "${RESULT_COMMITTER_DATE}" > "$(results.committer-date.path)" # printf "%s" "${RESULT_SHA}" > "$(results.commit.path)" # printf "%s" "${PARAM_URL}" > "$(results.url.path)"