diff --git a/config/00-init/01-db-secret.yaml b/config/00-init/01-db-secret.yaml index defd50b1bd..cc4fde80f6 100644 --- a/config/00-init/01-db-secret.yaml +++ b/config/00-init/01-db-secret.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: Secret metadata: name: db - namespace: tekton-hub labels: app: db type: Opaque diff --git a/config/00-init/02-db-pvc.yaml b/config/00-init/02-db-pvc.yaml index 367770c7fe..7becb1a25c 100644 --- a/config/00-init/02-db-pvc.yaml +++ b/config/00-init/02-db-pvc.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: db - namespace: tekton-hub labels: app: db spec: diff --git a/config/00-init/03-db-deployment.yaml b/config/00-init/03-db-deployment.yaml index 5b6898eb5b..a4e7f9e1c5 100644 --- a/config/00-init/03-db-deployment.yaml +++ b/config/00-init/03-db-deployment.yaml @@ -16,7 +16,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: db - namespace: tekton-hub labels: app: db spec: diff --git a/config/00-init/04-db-service.yaml b/config/00-init/04-db-service.yaml index 2f6ff47f66..a81b0c3f9d 100644 --- a/config/00-init/04-db-service.yaml +++ b/config/00-init/04-db-service.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: Service metadata: name: db - namespace: tekton-hub labels: app: db spec: diff --git a/config/01-db/10-db-migration.yaml b/config/01-db/10-db-migration.yaml index 7f79f3241a..204a50c384 100644 --- a/config/01-db/10-db-migration.yaml +++ b/config/01-db/10-db-migration.yaml @@ -16,7 +16,6 @@ apiVersion: batch/v1 kind: Job metadata: name: db-migration - namespace: tekton-hub labels: app: db spec: diff --git a/config/02-api/20-api-secret.yaml b/config/02-api/20-api-secret.yaml index eb9fbcd262..c166b00c40 100644 --- a/config/02-api/20-api-secret.yaml +++ b/config/02-api/20-api-secret.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Secret metadata: name: api - namespace: tekton-hub type: Opaque stringData: GH_CLIENT_ID: '' diff --git a/config/02-api/21-api-configmap.yaml b/config/02-api/21-api-configmap.yaml index 1b8ea29cf4..fd1b32c477 100644 --- a/config/02-api/21-api-configmap.yaml +++ b/config/02-api/21-api-configmap.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: api - namespace: tekton-hub labels: app: api data: diff --git a/config/02-api/22-api-deployment.yaml b/config/02-api/22-api-deployment.yaml index d3ef6b835c..466aeaaa42 100644 --- a/config/02-api/22-api-deployment.yaml +++ b/config/02-api/22-api-deployment.yaml @@ -16,7 +16,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: api - namespace: tekton-hub labels: app: api spec: diff --git a/config/02-api/23-api-service.yaml b/config/02-api/23-api-service.yaml index 9c74fead76..40142ad49c 100644 --- a/config/02-api/23-api-service.yaml +++ b/config/02-api/23-api-service.yaml @@ -17,7 +17,6 @@ apiVersion: v1 kind: Service metadata: name: api - namespace: tekton-hub labels: app: api spec: diff --git a/config/03-ui/30-ui-configmap.yaml b/config/03-ui/30-ui-configmap.yaml index b516de647b..2e6f895257 100644 --- a/config/03-ui/30-ui-configmap.yaml +++ b/config/03-ui/30-ui-configmap.yaml @@ -3,7 +3,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: ui - namespace: tekton-hub data: API_URL: 'https://api.hub.tekton.dev' GH_CLIENT_ID: '' diff --git a/config/03-ui/31-ui-deployment.yaml b/config/03-ui/31-ui-deployment.yaml index aeda3e75f9..6afafe5f65 100644 --- a/config/03-ui/31-ui-deployment.yaml +++ b/config/03-ui/31-ui-deployment.yaml @@ -3,7 +3,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: ui - namespace: tekton-hub labels: app: ui spec: diff --git a/config/03-ui/32-ui-service.yaml b/config/03-ui/32-ui-service.yaml index 927ed9d512..e26bba8f66 100644 --- a/config/03-ui/32-ui-service.yaml +++ b/config/03-ui/32-ui-service.yaml @@ -3,7 +3,6 @@ apiVersion: v1 kind: Service metadata: name: ui - namespace: tekton-hub labels: app: ui spec: diff --git a/config/04-kubernetes/40-api-ingress.yaml b/config/04-kubernetes/40-api-ingress.yaml index dc485dc908..daa62ee28a 100644 --- a/config/04-kubernetes/40-api-ingress.yaml +++ b/config/04-kubernetes/40-api-ingress.yaml @@ -5,7 +5,6 @@ metadata: acme.cert-manager.io/http01-edit-in-place: 'true' cert-manager.io/cluster-issuer: letsencrypt-prod name: api - namespace: tekton-hub spec: rules: - http: diff --git a/config/04-kubernetes/41-ui-ingress.yaml b/config/04-kubernetes/41-ui-ingress.yaml index cf8cf7fb3e..0977b9b064 100644 --- a/config/04-kubernetes/41-ui-ingress.yaml +++ b/config/04-kubernetes/41-ui-ingress.yaml @@ -2,7 +2,6 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: name: ui - namespace: tekton-hub annotations: acme.cert-manager.io/http01-edit-in-place: 'true' cert-manager.io/cluster-issuer: letsencrypt-prod diff --git a/config/04-openshift/40-api-route.yaml b/config/04-openshift/40-api-route.yaml index 3facbf92d4..852a11aa5d 100644 --- a/config/04-openshift/40-api-route.yaml +++ b/config/04-openshift/40-api-route.yaml @@ -16,7 +16,6 @@ apiVersion: route.openshift.io/v1 kind: Route metadata: name: api - namespace: tekton-hub labels: app: api spec: diff --git a/config/04-openshift/41-ui-route.yaml b/config/04-openshift/41-ui-route.yaml index 8ec7da52fc..20ac1cba9c 100644 --- a/config/04-openshift/41-ui-route.yaml +++ b/config/04-openshift/41-ui-route.yaml @@ -3,7 +3,6 @@ apiVersion: route.openshift.io/v1 kind: Route metadata: name: ui - namespace: tekton-hub spec: to: kind: Service diff --git a/config/05-catalog-refresh-cj/50-catalog-refresh-secret.yaml b/config/05-catalog-refresh-cj/50-catalog-refresh-secret.yaml index 4ae99874b9..559fe4bc72 100644 --- a/config/05-catalog-refresh-cj/50-catalog-refresh-secret.yaml +++ b/config/05-catalog-refresh-cj/50-catalog-refresh-secret.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Secret metadata: name: catalog-refresh - namespace: tekton-hub type: Opaque stringData: HUB_TOKEN: "" diff --git a/config/05-catalog-refresh-cj/51-catalog-refresh-cronjob.yaml b/config/05-catalog-refresh-cj/51-catalog-refresh-cronjob.yaml index bb336ab85f..d9aef4f122 100644 --- a/config/05-catalog-refresh-cj/51-catalog-refresh-cronjob.yaml +++ b/config/05-catalog-refresh-cj/51-catalog-refresh-cronjob.yaml @@ -3,7 +3,6 @@ apiVersion: batch/v1beta1 kind: CronJob metadata: name: catalog-refresh - namespace: tekton-hub labels: app: api spec: diff --git a/tekton/README.md b/tekton/README.md new file mode 100644 index 0000000000..a59963113f --- /dev/null +++ b/tekton/README.md @@ -0,0 +1,45 @@ +# Release Script + +The Release script does the following tasks: +- fetch the latest main branch +- create and push a git tag by version provided from the user +- create supporting configuration for hub on the cluster +- create secret and roles for the Tekton Pipelines +- install the pipeline which will deploy the hub on the clusters + +## Prerequisites + +- Kubernetes or OpenShift cluster with Tekton Pipelines installed +- kubectl CLI +- git CLI + +### User Prerequisites + +- Access to push images to `quay.io/tekton-hub` +- Access to push git tag to `tektoncd/hub` + +## Before Running the Script + +- Enable Tekton Bundle in Pipelines +- Check the last hub release version [here](https://github.com/tektoncd/hub/releases) and enter the next in the script to +- If you are deploying hub on a clean cluster + - You will need GitHub OAuth. You can create one using the steps given [here](https://docs.github.com/en/developers/apps/creating-an-oauth-app). Use any url for creating OAuth, later you can change it once hub is deployed. + + +## Running the Script + +This will deploy the hub in `tekton-hub` namespace and run the Tekton pipelines for it in the `tekton-hub-ci` namespace. + +Input asked by the script: +- Target Release Version: This is the tag to be created and pushed to the repository. Check the last tag created and enter the next verion. +- Deploying on Openshift? Enter (Y or n) depending on your cluster. If OpenShift is selected, it will configure adm policy for the service account. +- If there are not existing hub configuration in `tekton-hub` namespace, the script will ask for + - Database Configuration: Enter Database name, user and password for the db to be created + - GitHub OAuth Configuration: Enter the OAuth Configuration you have created. + - JWT Signing key: Enter any random key which will be used to sign User JWTs. + - Access and Refresh Expire Time: Enter the time the token should be expired in. Refresh Expire time must be greater than Access Expire time. You can input time as `1d` = 1 day, `15h` = 15 hours, `30m` = 30 minutes. + - Hub Config Raw URL: No need to change it unless you are not deploying hub from tektoncd/hub. +NOTE: If you have already hub instance in tekton-hub namespace and the above configuration are already created using secrets and config maps, then the above step will be skipped. +- Quay registry credentials: Enter your credentials to push images to the registry + +Once, that is done,the script will create all configuration and then install the pipeline and resources requires by it. And start the Pipeline. diff --git a/tekton/api/golang-db-test.yaml b/tekton/api/golang-db-test.yaml new file mode 100644 index 0000000000..da4cc74eaf --- /dev/null +++ b/tekton/api/golang-db-test.yaml @@ -0,0 +1,95 @@ +# Copyright © 2021 The Tekton Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: tekton.dev/v1beta1 +kind: Task +metadata: + name: golang-db-test + labels: + app.kubernetes.io/version: "0.1" + annotations: + tekton.dev/pipelines.minVersion: "0.12.1" + tekton.dev/tags: test + tekton.dev/displayName: "golang test" +spec: + description: >- + This Task is Golang task to test Go projects. + + params: + - name: package + description: package (and its children) under test + - name: packages + description: "packages to test (default: ./...)" + default: "./..." + - name: path_context + description: path to the directory to use as context. + default: "." + - name: version + description: golang version to use for tests + default: "latest" + - name: flags + description: flags to use for the test command + default: -race -cover -v + - name: GOOS + description: "running program's operating system target" + default: linux + - name: GOARCH + description: "running program's architecture target" + default: amd64 + - name: GO111MODULE + description: "value of module support" + default: auto + workspaces: + - name: source + steps: + - name: unit-test + image: docker.io/library/golang:$(params.version) + script: | + SRC_PATH="$GOPATH/src/$(params.package)/$(params.path_context)" + mkdir -p $SRC_PATH + cp -R "$(workspaces.source.path)"/"$(params.path_context)"/* $SRC_PATH + cd $SRC_PATH + go test $(params.flags) $(params.packages) + env: + - name: GOOS + value: "$(params.GOOS)" + - name: GOARCH + value: "$(params.GOARCH)" + - name: GO111MODULE + value: "$(params.GO111MODULE)" + - name: POSTGRES_HOST + value: localhost + - name: POSTGRES_DB + value: hub_test + - name: POSTGRES_USER + value: postgres + - name: POSTGRES_PASSWORD + value: postgres + - name: POSTGRES_PORT + value: "5432" + sidecars: + - image: postgres:12@sha256:8f10c40e5e687b2cbf2f28acb5192049cdb89ef1a8db44d2f21e6bdd1a36e4be + name: db + ports: + - containerPort: 5432 + protocol: TCP + env: + - name: POSTGRES_DB + value: hub_test + - name: POSTGRES_USER + value: postgres + - name: POSTGRES_PASSWORD + value: postgres + - name: PGDATA + value: /var/lib/postgresql/data/pgdata diff --git a/tekton/api/pipeline.yaml b/tekton/api/pipeline.yaml new file mode 100644 index 0000000000..740b1ba6d3 --- /dev/null +++ b/tekton/api/pipeline.yaml @@ -0,0 +1,218 @@ +# Copyright © 2021 The Tekton Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: tekton.dev/v1beta1 +kind: Pipeline +metadata: + name: api-deploy +spec: + params: + - name: HUB_REPO + - name: REVISION + - name: API_IMAGE + - name: DB_MIGRATION_IMAGE + - name: TAG + - name: HUB_NAMESPACE + - name: K8S_VARIANT + workspaces: + - name: shared-workspace + - name: kubeconfig-dir + optional: true + tasks: + - name: fetch-repository + taskRef: + name: git-clone + bundle: gcr.io/tekton-releases/catalog/upstream/git-clone:0.2 + workspaces: + - name: output + workspace: shared-workspace + params: + - name: url + value: $(params.HUB_REPO) + - name: subdirectory + value: "" + - name: deleteExisting + value: "true" + - name: revision + value: $(params.REVISION) + - name: unit-test + taskRef: + name: golang-db-test + workspaces: + - name: source + workspace: shared-workspace + params: + - name: package + value: github.com/tektoncd/hub + - name: packages + value: ./pkg/... + - name: path_context + value: api + - name: flags + value: "-p 1 -v --timeout 10m" + runAfter: + - fetch-repository + - name: build-push-api-image + taskRef: + name: buildah + bundle: gcr.io/tekton-releases/catalog/upstream/buildah:0.2 + workspaces: + - name: source + workspace: shared-workspace + params: + - name: IMAGE + value: $(params.API_IMAGE):$(params.TAG) + - name: CONTEXT + value: "api" + - name: FORMAT + value: "docker" + runAfter: + - unit-test + - name: build-push-migration-image + taskRef: + name: buildah + bundle: gcr.io/tekton-releases/catalog/upstream/buildah:0.2 + workspaces: + - name: source + workspace: shared-workspace + params: + - name: IMAGE + value: $(params.DB_MIGRATION_IMAGE):$(params.TAG) + - name: CONTEXT + value: "api" + - name: FORMAT + value: "docker" + - name: DOCKERFILE + value: ./db.Dockerfile + runAfter: + - unit-test + - name: check-db-deployment + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + params: + - name: script + value: | + kubectl describe deployment db -n "$(params.HUB_NAMESPACE)" >/dev/null 2>/dev/null + if [[ $? -eq 0 ]]; then + printf yes | tee /tekton/results/output-result + else + printf no | tee /tekton/results/output-result + fi + runAfter: + - build-push-migration-image + - build-push-api-image + workspaces: + - name: kubeconfig-dir + workspace: kubeconfig-dir + - name: create-db-deployment + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + workspaces: + - name: manifest-dir + workspace: shared-workspace + - name: kubeconfig-dir + workspace: kubeconfig-dir + params: + - name: script + value: | + kubectl -n $(params.HUB_NAMESPACE) apply -f config/00-init/02-db-pvc.yaml + kubectl -n $(params.HUB_NAMESPACE) apply -f config/00-init/03-db-deployment.yaml + kubectl -n $(params.HUB_NAMESPACE) apply -f config/00-init/04-db-service.yaml + runAfter: + - check-db-deployment + when: + - input: "$(tasks.check-db-deployment.results.output-result)" + operator: in + values: ["no"] + - name: create-new-migration-job + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + params: + - name: script + value: | + kubectl -n $(params.HUB_NAMESPACE) delete job db-migration --ignore-not-found + kubectl -n $(params.HUB_NAMESPACE) apply -f <(sed "s@image:.*@image: $(params.DB_MIGRATION_IMAGE):$(params.TAG)@" config/01-db/10-db-migration.yaml) + workspaces: + - name: kubeconfig-dir + workspace: kubeconfig-dir + - name: manifest-dir + workspace: shared-workspace + runAfter: + - check-db-deployment + - name: check-api-deployment + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + params: + - name: script + value: | + kubectl describe deployment api -n "$(params.HUB_NAMESPACE)" >/dev/null 2>/dev/null + if [[ $? -eq 0 ]]; then + printf yes | tee /tekton/results/output-result + else + printf no | tee /tekton/results/output-result + fi + runAfter: + - create-new-migration-job + workspaces: + - name: kubeconfig-dir + workspace: kubeconfig-dir + - name: patch-api-image + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + params: + - name: script + value: | + kubectl patch deployment api --patch='{"spec":{"template":{"spec":{ + "containers":[{ + "name": "api", + "image": "$(params.API_IMAGE):$(params.TAG)" + }] + }}}}' -n $(params.HUB_NAMESPACE) + when: + - input: "$(tasks.check-api-deployment.results.output-result)" + operator: in + values: ["yes"] + workspaces: + - name: kubeconfig-dir + workspace: kubeconfig-dir + runAfter: + - check-api-deployment + - name: create-deployment + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + workspaces: + - name: manifest-dir + workspace: shared-workspace + - name: kubeconfig-dir + workspace: kubeconfig-dir + params: + - name: script + value: | + kubectl -n $(params.HUB_NAMESPACE) apply -f <(sed "s@image:.*@image: $(params.API_IMAGE):$(params.TAG)@" config/02-api/22-api-deployment.yaml) + kubectl -n $(params.HUB_NAMESPACE) apply -f config/02-api/23-api-service.yaml + + if [ "$(params.K8S_VARIANT)" == "openshift" ] + then + kubectl -n $(params.HUB_NAMESPACE) apply -f config/04-openshift/40-api-route.yaml + fi + when: + - input: "$(tasks.check-api-deployment.results.output-result)" + operator: in + values: ["no"] diff --git a/tekton/release.sh b/tekton/release.sh new file mode 100755 index 0000000000..bbd372aeca --- /dev/null +++ b/tekton/release.sh @@ -0,0 +1,316 @@ +#!/usr/bin/env bash +set -u -e -o pipefail + +HUB_REPO="https://github.com/tektoncd/hub" +UPSTREAM_REMOTE="upstream" +BRANCH="main" +IMAGE_REGISTRY="quay.io/tekton-hub" + +RELEASE_VERSION="" +HUB_NAMESPACE="tekton-hub" +HUB_CI_NAMESPACE="tekton-hub-ci" +CLUSTER="" + +declare -a BINARIES=( + kubectl + git +) + +checkPrerequisites() { + for b in "${BINARIES[@]}"; do + type -p "${b}" >/dev/null || { + echo "'${b}' need to be available" + exit 1 + } + done + + kubectl version 2>/dev/null >/dev/null || { + echo "you need to have access to a kubernetes cluster" + exit 1 + } + + kubectl get pipelineresource 2>/dev/null >/dev/null || { + echo "you need to have tekton install onto the cluster" + exit 1 + } +} + +getReleaseVersion() { + [[ -z ${RELEASE_VERSION} ]] && { + read -r -e -p "Enter a target release (i.e: v0.1.2): " RELEASE_VERSION + [[ -z ${RELEASE_VERSION} ]] && { + echo "no target release" + exit 1 + } + } + [[ ${RELEASE_VERSION} =~ v[0-9]+\.[0-9]*\.[0-9]+ ]] || { + echo "invalid version provided, need to match v\d+\.\d+\.\d+" + exit 1 + } +} + +whichCluster() { + read -r -e -p "Are you deploying on OpenShift (Y/n): " YESORNO + if [ "${YESORNO}" == "Y" ] || [ "${YESORNO}" == "y" ]; then + CLUSTER='openshift' + type -p oc >/dev/null || { + echo "'oc' need to be available" + exit 1 + } + elif [ "${YESORNO}" == "N" ] || [ "${YESORNO}" == "n" ]; then + CLUSTER='kubernetes' + else + echo 'invalid input' + exit 1 + fi +} + +createGitTag() { + cd "${GOPATH}"/src/github.com/tektoncd/hub + + [[ -n $(git status --porcelain 2>&1) ]] && { + echo "We have detected some changes in your repo" + echo "Stash them before executing this script" + exit 1 + } + + git checkout ${BRANCH} + git reset --hard ${UPSTREAM_REMOTE}/${BRANCH} + + echo; echo 'Creating tag for new release: ' + read -r -e -p "Enter tag message: " TAG_MESSAGE + git tag -a "${RELEASE_VERSION}" -m "${TAG_MESSAGE}" + git push ${UPSTREAM_REMOTE} --tags +} + +createHubSecretAndCM() { + kubectl create namespace ${HUB_NAMESPACE} 2>/dev/null || true + + kubectl -n ${HUB_NAMESPACE} get secret db 2>/dev/null >/dev/null || { + + echo; echo "Database Configurations:" + read -r -e -p "Enter DB Name: " DB_NAME + read -r -e -p "Enter DB Username: " DB_USERNAME + read -r -e -p "Enter DB Password: " DB_PASSWORD + + kubectl -n ${HUB_NAMESPACE} create secret generic db \ + --from-literal=POSTGRES_DB="${DB_NAME}" \ + --from-literal=POSTGRES_USER="${DB_USERNAME}" \ + --from-literal=POSTGRES_PASSWORD="${DB_PASSWORD}" \ + --from-literal=POSTGRES_PORT="5432" + + kubectl -n ${HUB_NAMESPACE} label secret db app=db + echo; + } + + kubectl -n ${HUB_NAMESPACE} get secret api 2>/dev/null >/dev/null || { + echo "API Configurations:" + read -r -e -p "Enter GitHub OAuth Client ID: " GH_CLIENT_ID + read -r -e -p "Enter GitHub OAuth Client Secret: " GH_CLIENT_SECRET + read -r -e -p "Enter JWT Signing key: " JWT_SIGNING_KEY + read -r -e -p "Enter the Access JWT expire time: (eg. 1d) " ACCESS_JWT_EXPIRES_IN + read -r -e -p "Enter the Refresh JWT expire time: (eg. 1d) " REFRESH_JWT_EXPIRES_IN + + kubectl -n ${HUB_NAMESPACE} create secret generic api \ + --from-literal=GH_CLIENT_ID="${GH_CLIENT_ID}" \ + --from-literal=GH_CLIENT_SECRET="${GH_CLIENT_SECRET}" \ + --from-literal=JWT_SIGNING_KEY="${JWT_SIGNING_KEY}" \ + --from-literal=ACCESS_JWT_EXPIRES_IN="${ACCESS_JWT_EXPIRES_IN}" \ + --from-literal=REFRESH_JWT_EXPIRES_IN="${REFRESH_JWT_EXPIRES_IN}" + + kubectl -n ${HUB_NAMESPACE} label secret api app=api + + kubectl -n ${HUB_NAMESPACE} create cm ui \ + --from-literal=GH_CLIENT_ID="${GH_CLIENT_ID}" \ + --from-literal=API_URL="https://api.hub.tekton.dev" \ + --from-literal=API_VERSION="v1" + + kubectl -n ${HUB_NAMESPACE} label cm ui app=ui + echo; + } + + kubectl -n ${HUB_NAMESPACE} get cm api 2>/dev/null >/dev/null || { + echo "Hub Config File:" + read -r -e -p "Enter Raw URL of the hub config file (Default: https://raw.githubusercontent.com/tektoncd/hub/main/config.yaml): " HUB_CONFIG + + if [ -z "$HUB_CONFIG" ]; then + HUB_CONFIG=https://raw.githubusercontent.com/tektoncd/hub/main/config.yaml + fi + + kubectl -n ${HUB_NAMESPACE} create cm api \ + --from-literal=CONFIG_FILE_URL="${HUB_CONFIG}" + + kubectl -n ${HUB_NAMESPACE} label cm api app=api + echo; + } +} + +createRegistrySecret() { + kubectl create namespace ${HUB_CI_NAMESPACE} 2>/dev/null || true + + kubectl -n ${HUB_CI_NAMESPACE} delete secret registry-sec --ignore-not-found + kubectl -n ${HUB_CI_NAMESPACE} get secret registry-sec 2>/dev/null >/dev/null || { + + echo; echo "Enter Quay registry credentials to push the images: (quay.io/tekton-hub) " + read -r -e -p "Enter Username: " USERNAME + read -r -e -sp "Enter Password: " PASSWORD + + kubectl -n ${HUB_CI_NAMESPACE} create secret generic registry-sec \ + --type="kubernetes.io/basic-auth" \ + --from-literal=username="${USERNAME}" \ + --from-literal=password="${PASSWORD}" + + kubectl -n ${HUB_CI_NAMESPACE} annotate secret registry-sec tekton.dev/docker-0=quay.io + } +} + +createNecessaryRoles() { + + echo; echo 'Creates service account and necessary role to create resources: ' + + kubectl -n ${HUB_CI_NAMESPACE} delete serviceaccount registry-login --ignore-not-found + cat </dev/null 2>/dev/null + if [[ $? -eq 0 ]]; then + printf yes | tee /tekton/results/output-result + else + printf no | tee /tekton/results/output-result + fi + runAfter: + - build-push-image + workspaces: + - name: kubeconfig-dir + workspace: kubeconfig-dir + - name: patch-ui-image + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + params: + - name: script + value: | + kubectl patch deployment ui --patch='{"spec":{"template":{"spec":{ + "containers":[{ + "name": "ui", + "image": "$(params.IMAGE):$(params.TAG)" + }] + }}}}' -n $(params.HUB_NAMESPACE) + when: + - input: "$(tasks.check-ui-deployment.results.output-result)" + operator: in + values: ["yes"] + workspaces: + - name: kubeconfig-dir + workspace: kubeconfig-dir + - name: create-deployment + taskRef: + name: kubernetes-actions + bundle: gcr.io/tekton-releases/catalog/upstream/kubernetes-actions:0.2 + runAfter: + - check-ui-deployment + params: + - name: script + value: | + kubectl -n $(params.HUB_NAMESPACE) apply -f <(sed "s@image:.*@image: $(params.IMAGE):$(params.TAG)@" config/03-ui/31-ui-deployment.yaml) + kubectl -n $(params.HUB_NAMESPACE) apply -f config/03-ui/32-ui-service.yaml + + if [ "$(params.K8S_VARIANT)" == "openshift" ] + then + kubectl -n $(params.HUB_NAMESPACE) apply -f config/04-openshift/41-ui-route.yaml + fi + workspaces: + - name: manifest-dir + workspace: shared-workspace + - name: kubeconfig-dir + workspace: kubeconfig-dir + when: + - input: "$(tasks.check-ui-deployment.results.output-result)" + operator: in + values: ["no"]