Skip to content

Commit

Permalink
feat(SPSTRAT-466): add pipeline for marketplacesvm (#737)
Browse files Browse the repository at this point in the history 
This commit introduces the Pipeline resource for publishing disk images
into various cloud marketplaces using the
`marketplacesvm-push-disk-images` task

Signed-off-by: Jonathan Gangi <[email protected]>
  • Loading branch information
@JAVGan
JAVGan authored Dec 13, 2024
1 parent 4f48923 commit cef8d58
Show file tree
Hide file tree
Showing 2 changed files with 277 additions and 0 deletions.
20 changes: 20 additions & 0 deletions pipelines/push-disk-images-to-marketplaces/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# push-disk-images-to-marketplaces pipeline

Tekton Pipeline to push disk images to various cloud marketplaces

## Parameters

| Name | Description | Optional | Default value |
|---------------------------------|--------------------------------------------------------------------------------------------------------|----------|-----------------------------------------------------------|
| release | The namespaced name (namespace/name) of the Release custom resource initiating this pipeline execution | No | - |
| releasePlan | The namespaced name (namespace/name) of the releasePlan | No | - |
| releasePlanAdmission | The namespaced name (namespace/name) of the releasePlanAdmission | No | - |
| releaseServiceConfig | The namespaced name (namespace/name) of the releaseServiceConfig | No | - |
| snapshot | The namespaced name (namespace/name) of the snapshot | No | - |
| enterpriseContractPolicy | JSON representation of the policy to be applied when validating the enterprise contract | No | - |
| enterpriseContractExtraRuleData | Extra rule data to be merged into the policy specified in params.enterpriseContractPolicy. Use syntax "key1=value1,key2=value2..." | Yes |pipeline_intention=release |
| enterpriseContractTimeout | Timeout setting for `ec validate` | Yes | 10m0s |
| postCleanUp | Cleans up workspace after finishing executing the pipeline | Yes | true |
| verify_ec_task_bundle | The location of the bundle containing the verify-enterprise-contract task | No | - |
| taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | Yes | https://github.com/konflux-ci/release-service-catalog.git |
| taskGitRevision | The revision in the taskGitUrl repo to be used | No | - |
257 changes: 257 additions & 0 deletions pipelines/push-disk-images-to-marketplaces/push-disk-images-to-marketplaces.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,257 @@
---
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: push-disk-images-to-marketplaces
labels:
app.kubernetes.io/version: "0.1.0"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
spec:
description: >-
Tekton Pipeline to push disk images to various cloud marketplaces
params:
- name: release
type: string
description:
The namespaced name (namespace/name) of the Release custom resource initiating this pipeline execution
- name: releasePlan
type: string
description: The namespaced name (namespace/name) of the releasePlan
- name: releasePlanAdmission
type: string
description: The namespaced name (namespace/name) of the releasePlanAdmission
- name: releaseServiceConfig
type: string
description: The namespaced name (namespace/name) of the releaseServiceConfig
- name: snapshot
type: string
description: The namespaced name (namespace/name) of the snapshot
- name: enterpriseContractPolicy
type: string
description: JSON representation of the EnterpriseContractPolicy
- name: enterpriseContractExtraRuleData
type: string
description: |
Extra rule data to be merged into the policy specified in params.enterpriseContractPolicy. Use syntax
"key1=value1,key2=value2..."
default: "pipeline_intention=release"
- name: enterpriseContractTimeout
type: string
description: Timeout setting for `ec validate`
default: 10m0s
- name: verify_ec_task_bundle
type: string
description: The location of the bundle containing the verify-enterprise-contract task
- name: taskGitUrl
type: string
description: The url to the git repo where the release-service-catalog tasks to be used are stored
default: https://github.com/konflux-ci/release-service-catalog.git
- name: taskGitRevision
type: string
description: The revision in the taskGitUrl repo to be used
- name: postCleanUp
type: string
description: Cleans up workspace after finishing executing the pipeline
default: "true"
workspaces:
- name: release-workspace
tasks:
- name: verify-access-to-resources
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/verify-access-to-resources/verify-access-to-resources.yaml
params:
- name: release
value: $(params.release)
- name: releasePlan
value: $(params.releasePlan)
- name: releasePlanAdmission
value: $(params.releasePlanAdmission)
- name: releaseServiceConfig
value: $(params.releaseServiceConfig)
- name: snapshot
value: $(params.snapshot)
- name : requireInternalServices
value: "true"
- name: collect-data
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/collect-data/collect-data.yaml
params:
- name: release
value: $(params.release)
- name: releasePlan
value: $(params.releasePlan)
- name: releasePlanAdmission
value: $(params.releasePlanAdmission)
- name: releaseServiceConfig
value: $(params.releaseServiceConfig)
- name: snapshot
value: $(params.snapshot)
- name: subdirectory
value: $(context.pipelineRun.uid)
workspaces:
- name: data
workspace: release-workspace
runAfter:
- verify-access-to-resources
- name: reduce-snapshot
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/reduce-snapshot/reduce-snapshot.yaml
params:
- name: SNAPSHOT
value: $(workspaces.data.path)/$(tasks.collect-data.results.snapshotSpec)
- name: SINGLE_COMPONENT
value: $(tasks.collect-data.results.singleComponentMode)
- name: SINGLE_COMPONENT_CUSTOM_RESOURCE
value: snapshot/$(tasks.collect-data.results.snapshotName)
- name: SINGLE_COMPONENT_CUSTOM_RESOURCE_NS
value: $(tasks.collect-data.results.snapshotNamespace)
- name: SNAPSHOT_PATH
value: $(workspaces.data.path)/$(tasks.collect-data.results.snapshotSpec)
workspaces:
- name: data
workspace: release-workspace
runAfter:
- collect-data
- name: apply-mapping
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/apply-mapping/apply-mapping.yaml
params:
- name: failOnEmptyResult
value: "true"
- name: dataPath
value: "$(tasks.collect-data.results.data)"
- name: snapshotPath
value: "$(tasks.collect-data.results.snapshotSpec)"
workspaces:
- name: config
workspace: release-workspace
runAfter:
- reduce-snapshot
- name: verify-enterprise-contract
taskRef:
resolver: "bundles"
params:
- name: bundle
value: $(params.verify_ec_task_bundle)
- name: kind
value: task
- name: name
value: verify-enterprise-contract
params:
- name: IMAGES
value: "$(workspaces.data.path)/$(tasks.collect-data.results.snapshotSpec)"
- name: SSL_CERT_DIR
value: /var/run/secrets/kubernetes.io/serviceaccount
- name: POLICY_CONFIGURATION
value: $(params.enterpriseContractPolicy)
- name: STRICT
value: "1"
- name: IGNORE_REKOR
value: "true"
- name: EXTRA_RULE_DATA
value: $(params.enterpriseContractExtraRuleData)
- name: TIMEOUT
value: $(params.enterpriseContractTimeout)
workspaces:
- name: data
workspace: release-workspace
runAfter:
- apply-mapping
- name: collect-marketplacesvm-secret
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/collect-marketplacesvm-secret/collect-marketplacesvm-secret.yaml
params:
- name: dataPath
value: "$(tasks.collect-data.results.data)"
workspaces:
- name: data
workspace: release-workspace
runAfter:
- verify-enterprise-contract
- name: push-disk-images-marketplaces
timeout: "12h00m0s"
when:
- input: "$(tasks.apply-mapping.results.mapped)"
operator: in
values: ["true"]
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/marketplacesvm-push-disk-images/marketplacesvm-push-disk-images.yaml
params:
- name: snapshotPath
value: "$(tasks.collect-data.results.snapshotSpec)"
- name: dataPath
value: "$(tasks.collect-data.results.data)"
- name: cloudMarketplacesSecret
value: "$(tasks.collect-marketplacesvm-secret.results.cloudMarketplacesSecret)"
workspaces:
- name: data
workspace: release-workspace
runAfter:
- collect-marketplacesvm-secret
finally:
- name: cleanup
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/cleanup-workspace/cleanup-workspace.yaml
when:
- input: $(params.postCleanUp)
operator: in
values: ["true"]
params:
- name: subdirectory
value: "$(context.pipelineRun.uid)"
- name: pipelineRunUid
value: $(context.pipelineRun.uid)
workspaces:
- name: input
workspace: release-workspace

0 comments on commit cef8d58

Please sign in to comment.