242 lines
7.5 KiB
YAML
242 lines
7.5 KiB
YAML
{{- define "common.promote" }}
|
|
{{- $common := dict "Values" .Values.common -}}
|
|
{{- $noCommon := omit .Values "common" -}}
|
|
{{- $overrides := dict "Values" $noCommon -}}
|
|
{{- $noValues := omit . "Values" -}}
|
|
{{- with merge $noValues $overrides $common -}}
|
|
apiVersion: tekton.dev/v1
|
|
kind: Task
|
|
metadata:
|
|
name: promote
|
|
namespace: {{ .Release.Namespace }}
|
|
spec:
|
|
params:
|
|
- description: The git branch reference
|
|
name: ref
|
|
type: string
|
|
- name: repofullname
|
|
type: string
|
|
- description: git unique head commit id
|
|
name: revision
|
|
type: string
|
|
- description: Symantic version number
|
|
name: semver
|
|
type: string
|
|
- name: author
|
|
type: string
|
|
- name: email
|
|
type: string
|
|
- name: appname
|
|
type: string
|
|
- name: index
|
|
type: string
|
|
- name: githost
|
|
type: string
|
|
- name: quayhost
|
|
type: string
|
|
steps:
|
|
- image: {{ .Values.quayHostname }}/goghvideo/python:3-alpine
|
|
name: tag-image-with-release-ver
|
|
script: |
|
|
#!/usr/bin/env python
|
|
|
|
"""This script will set tag the image with the release version"""
|
|
|
|
import json
|
|
import sys
|
|
import http.client
|
|
import ssl
|
|
|
|
quay_token = open("$(workspaces.quayauth.path)/apikey", "r").read()
|
|
authHeader = "Bearer " + quay_token
|
|
|
|
conn = http.client.HTTPSConnection(
|
|
"{{ .Values.quayHostname }}",
|
|
context = ssl._create_unverified_context()
|
|
)
|
|
|
|
existing_tag = "/api/v1/repository/$(params.repofullname)/tag/?specificTag=$(params.revision)"
|
|
|
|
print("Getting existing tag information from Quay")
|
|
print("URL: %s" % (existing_tag))
|
|
|
|
conn.request(
|
|
"GET",
|
|
existing_tag,
|
|
headers={
|
|
"User-Agent": "TektonCD, the peaceful cat",
|
|
"Authorization": authHeader,
|
|
"Accept": "application/json",
|
|
"Content-Type": "application/json",
|
|
}
|
|
)
|
|
resp = conn.getresponse()
|
|
if not str(resp.status).startswith("2"):
|
|
print("Error: %d" % (resp.status))
|
|
print(resp.read())
|
|
sys.exit(1)
|
|
else:
|
|
print("Successfully Retrieved quay information for tag")
|
|
tag_info = json.loads(resp.read().decode('utf-8'))
|
|
for item in tag_info['tags']:
|
|
manifest_digest = item['manifest_digest']
|
|
|
|
print("Tagging image with semver")
|
|
tag_url = "/api/v1/repository/$(params.repofullname)/tag/v$(params.semver)"
|
|
print("URL: %s" % (tag_url))
|
|
print("Manifest SHA: %s" % (manifest_digest))
|
|
|
|
data = {
|
|
"manifest_digest": manifest_digest
|
|
}
|
|
|
|
conn.request(
|
|
"PUT",
|
|
tag_url,
|
|
body=json.dumps(data),
|
|
headers={
|
|
"User-Agent": "TektonCD, the peaceful cat",
|
|
"Authorization": authHeader,
|
|
"Accept": "application/json",
|
|
"Content-Type": "application/json",
|
|
}
|
|
)
|
|
resp = conn.getresponse()
|
|
if not str(resp.status).startswith("2"):
|
|
print("Error: %d" % (resp.status))
|
|
print(resp.read())
|
|
sys.exit(1)
|
|
else:
|
|
print("Successfully tagged image")
|
|
- image: {{ .Values.quayHostname }}/goghvideo/bitnami-git:latest
|
|
name: release-notes
|
|
script: |
|
|
#!/bin/sh
|
|
export USERNAME=$(cat $(workspaces.gitauth.path)/username)
|
|
export PASSWORD=$(cat $(workspaces.gitauth.path)/password)
|
|
|
|
git config --global --add safe.directory $(workspaces.source.path)/$(params.appname)
|
|
git config --global user.name "$(params.author)"
|
|
git config --global user.email "$(params.email)"
|
|
|
|
HOSTPATH=$(git remote get-url origin | sed 's_https://__')
|
|
git remote set-url origin https://${USERNAME}:${PASSWORD}@${HOSTPATH}
|
|
|
|
git fetch --all --tags >/dev/null 2>&1
|
|
#git log main..$(params.ref) --oneline --no-merges --decorate > release-v$(params.semver).md 2>/dev/null
|
|
#git add release-v$(params.semver).md
|
|
#git commit -m "Including release notes"
|
|
git tag -a v$(params.semver) -m "Upgrade to v$(params.semver)"
|
|
git push origin $(params.ref) --tags
|
|
workingDir: $(workspaces.source.path)/$(params.appname)
|
|
- image: {{ .Values.quayHostname }}/goghvideo/python:3-alpine
|
|
name: get-tag-data
|
|
script: |
|
|
#!/usr/bin/env python
|
|
|
|
"""This script will get the Gitea tag status"""
|
|
|
|
import json
|
|
import sys
|
|
import http.client
|
|
|
|
gitea_token = open("$(workspaces.gitauth.path)/password", "r").read()
|
|
|
|
merge_url = "https://$(params.githost)/api/v1" + "/repos/$(params.repofullname)/" + \
|
|
"commits/v$(params.semver)/status"
|
|
|
|
authHeader = "token " + gitea_token
|
|
|
|
conn = http.client.HTTPSConnection("$(params.githost)")
|
|
|
|
conn.request(
|
|
"GET",
|
|
merge_url,
|
|
headers={
|
|
"User-Agent": "TektonCD, the peaceful cat",
|
|
"Authorization": authHeader,
|
|
"Accept": "application/json",
|
|
"Content-Type": "application/json",
|
|
})
|
|
resp = conn.getresponse()
|
|
if not str(resp.status).startswith("2"):
|
|
print("Error: %d" % (resp.status))
|
|
print(resp.read())
|
|
sys.exit(1)
|
|
else:
|
|
print("Gitea tag verification completed on $(params.githost)")
|
|
- image: {{ .Values.quayHostname }}/goghvideo/python:3-alpine
|
|
name: merge-pull-request
|
|
script: |
|
|
#!/usr/bin/env python
|
|
|
|
"""This script will set the CI status on a Gitea commit"""
|
|
|
|
import json
|
|
import sys
|
|
import http.client
|
|
|
|
gitea_token = open("$(workspaces.gitauth.path)/password", "r").read()
|
|
|
|
merge_url = "https://$(params.githost)/api/v1" + "/repos/$(params.repofullname)/" + \
|
|
"pulls/$(params.index)/merge"
|
|
|
|
data = {
|
|
"Do": "merge"
|
|
}
|
|
print("Sending this data to Gitea: ")
|
|
print(data)
|
|
|
|
authHeader = "token " + gitea_token
|
|
|
|
conn = http.client.HTTPSConnection("$(params.githost)")
|
|
|
|
conn.request(
|
|
"POST",
|
|
merge_url,
|
|
body=json.dumps(data),
|
|
headers={
|
|
"User-Agent": "TektonCD, the peaceful cat",
|
|
"Authorization": authHeader,
|
|
"Accept": "application/json",
|
|
"Content-Type": "application/json",
|
|
})
|
|
resp = conn.getresponse()
|
|
if not str(resp.status).startswith("2"):
|
|
print("Error: %d" % (resp.status))
|
|
print(resp.read())
|
|
sys.exit(1)
|
|
else:
|
|
print("Gitea merge completed on $(params.githost)")
|
|
- image: {{ .Values.quayHostname}}/goghvideo/bitnami-git:latest
|
|
name: update-helm-chart
|
|
script: |
|
|
#!/bin/sh
|
|
export USERNAME=$(cat $(workspaces.gitauth.path)/username)
|
|
export PASSWORD=$(cat $(workspaces.gitauth.path)/password)
|
|
|
|
git config --global --add safe.directory $(workspaces.helm.path)
|
|
git config --global user.name "$(params.author)"
|
|
git config --global user.email "$(params.email)"
|
|
|
|
HOSTPATH=$(git remote get-url origin | sed 's_https://__')
|
|
git remote set-url origin https://${USERNAME}:${PASSWORD}@${HOSTPATH}
|
|
git fetch
|
|
git checkout main && git pull
|
|
|
|
$(workspaces.utilities.path)/yq -i '.version |= (split(".") | .[-1] |= ((. tag = "!!int") + 1) | join("."))' $(params.appname)/Chart.yaml
|
|
$(workspaces.utilities.path)/yq -i '.appVersion="v$(params.semver)"' $(params.appname)/Chart.yaml
|
|
|
|
git add $(params.appname)/Chart.yaml
|
|
git commit -m "Updating chart version"
|
|
git push
|
|
workingDir: $(workspaces.helm.path)
|
|
workspaces:
|
|
- name: source
|
|
- name: gitauth
|
|
- name: quayauth
|
|
- name: utilities
|
|
- name: helm
|
|
{{- end }}
|
|
{{- end }}
|