Skip to content

Commit

Permalink
feat(SPSTRAT-466): add pipeline for marketplacesvm
Browse files Browse the repository at this point in the history 
This commit introduces the Pipeline resource for publishing disk images
into various cloud marketplaces using the
`marketplacesvm-push-disk-images` task

Signed-off-by: Jonathan Gangi <[email protected]>
  • Loading branch information
@JAVGan
JAVGan committed Dec 12, 2024
1 parent 4f48923 commit 3fd9d41
Show file tree
Hide file tree
Showing 2 changed files with 277 additions and 0 deletions.
20 changes: 20 additions & 0 deletions pipelines/push-disk-images-to-marketplaces/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# push-disk-images-to-marketplaces pipeline

Tekton Pipeline to push disk images to various cloud marketplaces

## Parameters

| Name | Description | Optional | Default value |
|---------------------------------|--------------------------------------------------------------------------------------------------------|----------|-----------------------------------------------------------|
| release | The namespaced name (namespace/name) of the Release custom resource initiating this pipeline execution | No | - |
| releasePlan | The namespaced name (namespace/name) of the releasePlan | No | - |
| releasePlanAdmission | The namespaced name (namespace/name) of the releasePlanAdmission | No | - |
| releaseServiceConfig | The namespaced name (namespace/name) of the releaseServiceConfig | No | - |
| snapshot | The namespaced name (namespace/name) of the snapshot | No | - |
| enterpriseContractPolicy | JSON representation of the policy to be applied when validating the enterprise contract | No | - |
| enterpriseContractExtraRuleData | Extra rule data to be merged into the policy specified in params.enterpriseContractPolicy. Use syntax "key1=value1,key2=value2..." | Yes |pipeline_intention=release |
| enterpriseContractTimeout | Timeout setting for `ec validate` | Yes | 10m0s |
| postCleanUp | Cleans up workspace after finishing executing the pipeline | Yes | true |
| verify_ec_task_bundle | The location of the bundle containing the verify-enterprise-contract task | No | - |
| taskGitUrl | The url to the git repo where the release-service-catalog tasks to be used are stored | Yes | https://github.com/konflux-ci/release-service-catalog.git |
| taskGitRevision | The revision in the taskGitUrl repo to be used | No | - |
257 changes: 257 additions & 0 deletions pipelines/push-disk-images-to-marketplaces/push-disk-images-to-marketplaces.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,257 @@
---
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: push-disk-images-to-marketplaces
labels:
app.kubernetes.io/version: "0.1.0"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
spec:
description: >-
Tekton Pipeline to push disk images to various cloud marketplaces
params:
- name: release
type: string
description:
The namespaced name (namespace/name) of the Release custom resource initiating this pipeline execution
- name: releasePlan
type: string
description: The namespaced name (namespace/name) of the releasePlan
- name: releasePlanAdmission
type: string
description: The namespaced name (namespace/name) of the releasePlanAdmission
- name: releaseServiceConfig
type: string
description: The namespaced name (namespace/name) of the releaseServiceConfig
- name: snapshot
type: string
description: The namespaced name (namespace/name) of the snapshot
- name: enterpriseContractPolicy
type: string
description: JSON representation of the EnterpriseContractPolicy
- name: enterpriseContractExtraRuleData
type: string
description: |
Extra rule data to be merged into the policy specified in params.enterpriseContractPolicy. Use syntax
"key1=value1,key2=value2..."
default: "pipeline_intention=release"
- name: enterpriseContractTimeout
type: string
description: Timeout setting for `ec validate`
default: 10m0s
- name: verify_ec_task_bundle
type: string
description: The location of the bundle containing the verify-enterprise-contract task
- name: taskGitUrl
type: string
description: The url to the git repo where the release-service-catalog tasks to be used are stored
default: https://github.com/konflux-ci/release-service-catalog.git
- name: taskGitRevision
type: string
description: The revision in the taskGitUrl repo to be used
- name: postCleanUp
type: string
description: Cleans up workspace after finishing executing the pipeline
default: "true"
workspaces:
- name: release-workspace
tasks:
- name: verify-access-to-resources
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/verify-access-to-resources/verify-access-to-resources.yaml
params:
- name: release
value: $(params.release)
- name: releasePlan
value: $(params.releasePlan)
- name: releasePlanAdmission
value: $(params.releasePlanAdmission)
- name: releaseServiceConfig
value: $(params.releaseServiceConfig)
- name: snapshot
value: $(params.snapshot)
- name : requireInternalServices
value: "true"
- name: collect-data
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/collect-data/collect-data.yaml
params:
- name: release
value: $(params.release)
- name: releasePlan
value: $(params.releasePlan)
- name: releasePlanAdmission
value: $(params.releasePlanAdmission)
- name: releaseServiceConfig
value: $(params.releaseServiceConfig)
- name: snapshot
value: $(params.snapshot)
- name: subdirectory
value: $(context.pipelineRun.uid)
workspaces:
- name: data
workspace: release-workspace
runAfter:
- verify-access-to-resources
- name: reduce-snapshot
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/reduce-snapshot/reduce-snapshot.yaml
params:
- name: SNAPSHOT
value: $(workspaces.data.path)/$(tasks.collect-data.results.snapshotSpec)
- name: SINGLE_COMPONENT
value: $(tasks.collect-data.results.singleComponentMode)
- name: SINGLE_COMPONENT_CUSTOM_RESOURCE
value: snapshot/$(tasks.collect-data.results.snapshotName)
- name: SINGLE_COMPONENT_CUSTOM_RESOURCE_NS
value: $(tasks.collect-data.results.snapshotNamespace)
- name: SNAPSHOT_PATH
value: $(workspaces.data.path)/$(tasks.collect-data.results.snapshotSpec)
workspaces:
- name: data
workspace: release-workspace
runAfter:
- collect-data
- name: apply-mapping
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/apply-mapping/apply-mapping.yaml
params:
- name: failOnEmptyResult
value: "true"
- name: dataPath
value: "$(tasks.collect-data.results.data)"
- name: snapshotPath
value: "$(tasks.collect-data.results.snapshotSpec)"
workspaces:
- name: config
workspace: release-workspace
runAfter:
- reduce-snapshot
- name: verify-enterprise-contract
taskRef:
resolver: "bundles"
params:
- name: bundle
value: $(params.verify_ec_task_bundle)
- name: kind
value: task
- name: name
value: verify-enterprise-contract
params:
- name: IMAGES
value: "$(workspaces.data.path)/$(tasks.collect-data.results.snapshotSpec)"
- name: SSL_CERT_DIR
value: /var/run/secrets/kubernetes.io/serviceaccount
- name: POLICY_CONFIGURATION
value: $(params.enterpriseContractPolicy)
- name: STRICT
value: "1"
- name: IGNORE_REKOR
value: "true"
- name: EXTRA_RULE_DATA
value: $(params.enterpriseContractExtraRuleData)
- name: TIMEOUT
value: $(params.enterpriseContractTimeout)
workspaces:
- name: data
workspace: release-workspace
runAfter:
- apply-mapping
- name: collect-marketplacesvm-secret
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/collect-marketplacesvm-secret/collect-marketplacesvm-secret.yaml
params:
- name: dataPath
value: "$(tasks.collect-data.results.data)"
workspaces:
- name: data
workspace: release-workspace
runAfter:
- verify-enterprise-contract
- name: push-disk-images-marketplaces
timeout: "12h00m0s"
when:
- input: "$(tasks.apply-mapping.results.mapped)"
operator: in
values: ["true"]
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/marketplacesvm-push-disk-images/marketplacesvm-push-disk-images.yaml
params:
- name: snapshotPath
value: "$(tasks.collect-data.results.snapshotSpec)"
- name: dataPath
value: "$(tasks.collect-data.results.data)"
- name: cloudMarketplacesSecret
value: "$(tasks.collect-marketplacesvm-secret.results.cloudMarketplacesSecret)"
workspaces:
- name: data
workspace: release-workspace
runAfter:
- collect-marketplacesvm-secret
finally:
- name: cleanup
taskRef:
resolver: "git"
params:
- name: url
value: $(params.taskGitUrl)
- name: revision
value: $(params.taskGitRevision)
- name: pathInRepo
value: tasks/cleanup-workspace/cleanup-workspace.yaml
when:
- input: $(params.postCleanUp)
operator: in
values: ["true"]
params:
- name: subdirectory
value: "$(context.pipelineRun.uid)"
- name: pipelineRunUid
value: $(context.pipelineRun.uid)
workspaces:
- name: input
workspace: release-workspace

0 comments on commit 3fd9d41

Please sign in to comment.