diff --git a/stepaction/tekton-catalog-publish/0.1/README.md b/stepaction/tekton-catalog-publish/0.1/README.md new file mode 100644 index 00000000..d537c20e --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/README.md @@ -0,0 +1,110 @@ +# Tekton Catalog Publish + +This stepaction publishes each Task/StepAction in a Tekton catalog as [Tekton Bundles](https://tekton.dev/docs/pipelines/pipelines/#tekton-bundles). +The catalog must be structured as a [Tekton Catalog](https://github.com/tektoncd/catalog#catalog-structure). + +Bundles are published to `$REGISTRY/$PATH/:` and, when `TAG` is provided, to +`$REGISTRY/$PATH/:$TAG`. An example of extra tag could be the git sha of the catalog repo that +is being published. The task uses the `tkn bundle` command to publish and support for decoding `StepActions`, which is available +in `tkn` starting with version `v0.34.0`. + +## Install the StepAction + +```bash +kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/stepaction/tekton-catalog-publish/0.1/tekton-catalog-publish.yaml +``` + +## Parameters + +| name | description | default | +| ---------------- | ------------------------------------------------------------------------------ | ------------------------------------- | +| TKN_IMAGE | `tkn` CLI container image to run this task. | gcr.io/tekton-releases/dogfooding/tkn | +| REGISTRY | The registry where bundles are published to | | +| RESOURCE | The type of resouce being published: task or stepaction | task | +| PATH | The path in the registry | tekton/catalog/tasks | +| TAG | An optional extra tag (optional) | "" | +| catalogPath | The directory containing the catalog to be published | | +| dockerconfigPath | The directory providing `.docker/config.json`. | no-path | +| | The file should be placed at the root of the Workspace with name `config.json` | | + +## Platforms + +The Task can be run on `linux/amd64`, `linux/s390x`, and `linux/ppc64le` platforms. + +## Usage + +1. Passing `REGISTRY` and catalog workspace: + +```yaml +apiVersion: tekton.dev/v1beta1 +kind: TaskRun +metadata: + generateName: tekton-catalog-publish- +spec: + taskSpec: + workspaces: + - name: source + steps: + - name: publish + ref: + name: tekton-catalog-publish + params: + - name: catalogPath + value: $(workspaces.source.path) + - name: REGISTRY + value: $(params.REGISTRY) + workspaces: + - name: source + persistentVolumeClaim: + claimName: my-source + params: + - name: REGISTRY + value: icr.io +``` + +2. Passing `REGISTRY`, `PATH`, `TAG` and both workspaces + + 1. Sample secret can be found [here](https://github.com/tektoncd/catalog/tree/main/task/tekton-catalog-publish/0.1/samples/secrets.yaml) + + 2. Create `TaskRun` + +```yaml +apiVersion: tekton.dev/v1beta1 +kind: TaskRun +metadata: + generateName: tekton-catalog-publish- +spec: + taskSpec: + workspaces: + - name: source + - name: dockerconfig + steps: + - name: publish + ref: + name: tekton-catalog-publish + params: + - name: catalogPath + value: $(workspaces.source.path) + - name: dockerconfigPath + value: $(workspaces.dockerconfig.path) + - name: REGISTRY + value: $(params.REGISTRY) + - name: PATH + value: $(params.PATH) + - name: TAG + value: $(params.TAG) + workspaces: + - name: source + persistentVolumeClaim: + claimName: my-source + - name: dockerconfig + secret: + secretName: regcred + params: + - name: REGISTRY + value: icr.io + - name: PATH + value: tekton/mycatalog/tasks + - name: TAG + value: 49456927aef7e81a48a972db2bfd6e19a64d9a77 +``` diff --git a/stepaction/tekton-catalog-publish/0.1/samples/run-with-workspace-secret.yaml b/stepaction/tekton-catalog-publish/0.1/samples/run-with-workspace-secret.yaml new file mode 100644 index 00000000..f23bd688 --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/samples/run-with-workspace-secret.yaml @@ -0,0 +1,36 @@ +apiVersion: tekton.dev/v1 +kind: TaskRun +metadata: + generateName: tekton-catalog-publish- +spec: + taskSpec: + workspaces: + - name: dockerconfig + - name: source + ref: + name: tekton-catalog-publish + params: + - name: catalogPath + value: $(workspaces.source.path) + - name: dockerconfigPath + value: $(workspaces.dockerconfig.path) + - name: REGISTRY + value: $(params.REGISTRY) + - name: PATH + value: $(params.PATH) + - name: TAG + value: $(params.TAG) + workspaces: + - name: source + persistentVolumeClaim: + claimName: my-source + - name: dockerconfig + secret: + secretName: regcred + params: + - name: REGISTRY + value: icr.io + - name: PATH + value: tekton/mycatalog/tasks + - name: TAG + value: 49456927aef7e81a48a972db2bfd6e19a64d9a77 diff --git a/stepaction/tekton-catalog-publish/0.1/samples/run-without-workspace-secret.yaml b/stepaction/tekton-catalog-publish/0.1/samples/run-without-workspace-secret.yaml new file mode 100644 index 00000000..422d0e51 --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/samples/run-without-workspace-secret.yaml @@ -0,0 +1,22 @@ +apiVersion: tekton.dev/v1 +kind: TaskRun +metadata: + generateName: tekton-catalog-publish- +spec: + taskSpec: + workspaces: + - name: source + ref: + name: tekton-catalog-publish + params: + - name: catalogPath + value: $(workspaces.source.path) + - name: REGISTRY + value: $(params.REGISTRY) + workspaces: + - name: source + persistentVolumeClaim: + claimName: my-source + params: + - name: REGISTRY + value: icr.io diff --git a/stepaction/tekton-catalog-publish/0.1/samples/secrets.yaml b/stepaction/tekton-catalog-publish/0.1/samples/secrets.yaml new file mode 100644 index 00000000..93b946a9 --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/samples/secrets.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: regcred +stringData: + config.json: | + { + "auths" : { + "icr.io" : { + "auth" : "iamapikey", + "identitytoken" : "test123test123" + }, + } + } diff --git a/stepaction/tekton-catalog-publish/0.1/tekton-catalog-publish.yaml b/stepaction/tekton-catalog-publish/0.1/tekton-catalog-publish.yaml new file mode 100644 index 00000000..47ca01cf --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/tekton-catalog-publish.yaml @@ -0,0 +1,77 @@ +--- +apiVersion: tekton.dev/v1alpha1 +kind: StepAction +metadata: + name: tekton-catalog-publish + labels: + app.kubernetes.io/version: "0.1" + annotations: + tekton.dev/categories: Publishing + tekton.dev/pipelines.minVersion: "0.54.0" + tekton.dev/cli.minVersion: "0.34.0" + tekton.dev/tags: catalog, bundles + tekton.dev/displayName: "Publish a Tekton Catalog" + tekton.dev/platforms: "linux/amd64,linux/s390x,linux/ppc64le" +spec: + params: + - name: TKN_IMAGE + type: string + description: tkn CLI container image to run this stepaction + default: gcr.io/tekton-releases/dogfooding/tkn@sha256:79d21abf8a29128ede5091773078d5d8528f47240e455adb9824222d2fff489a + - name: REGISTRY + type: string + description: The registry where bundles are published to + - name: PATH + type: string + description: The path in the registry + default: tekton/catalog/tasks + - name: RESOURCE + type: string + description: task or stepaction. It must match the resource name in the root of the catalot path. + default: task + - name: TAG + type: string + description: An optional extra tag. If provided, tasks are tagged with it too. + default: "" + - name: catalogPath + description: >- + A directory that holds the catalog to be published. The catalog must be stored + in the root of the directory, and is must follow the + [Tetkon Catalog](https://github.com/tektoncd/catalog#catalog-structure) structure. + - name: dockerconfigPath + description: >- + An optional directory that allows providing a .docker/config.json + file for tkn to access the container registry. The file should be placed at + the root of the Directory with name config.json. + default: "no-path" + image: "$(params.TKN_IMAGE)" + workingDir: "$(params.catalogPath)" + env: + - name: REGISTRY + value: $(params.REGISTRY) + - name: REGISTRY_PATH + value: $(params.PATH) + - name: TAG + value: $(params.TAG) + - name: DOCKER_CONFIG_PATH + value: $(params.dockerconfigPath) + - name: RESOURCE + value: $(params.RESOURCE) + script: | + #!/usr/bin/env sh + set -e -o pipefail + TARGET="${REGISTRY}" + [ "${REGISTRY_PATH}" != "" ] && TARGET="${TARGET}/${REGISTRY_PATH}" + # If a dockerconfig workspace was provided, set DOCKER_CONFIG to point to it + if [ -d "$DOCKER_CONFIG_PATH" ]; then + export DOCKER_CONFIG="${DOCKER_CONFIG_PATH}" + fi + find ${RESOURCE} -type f -mindepth 3 -maxdepth 3 -name '*.yaml' -o -name '*.yml'| while read -r resource_version_dir; do + FOLDER=$(dirname "$resource_version_dir") + VERSION=$(basename "$FOLDER") + RESOURCE_NAME=$(basename "$(dirname "$FOLDER")") + tkn bundle push "${TARGET}/${RESOURCE_NAME}:${VERSION}" -f "$resource_version_dir" + [ "${TAG}" != "" ] && \ + tkn bundle push "${TARGET}/${RESOURCE_NAME}:${TAG}" -f "$resource_version_dir" + sleep 0.1 + done diff --git a/stepaction/tekton-catalog-publish/0.1/tests/pre-apply-task-hook.sh b/stepaction/tekton-catalog-publish/0.1/tests/pre-apply-task-hook.sh new file mode 100755 index 00000000..d9b1bde4 --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/tests/pre-apply-task-hook.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +# Add git-clone +add_stepaction git-clone latest diff --git a/stepaction/tekton-catalog-publish/0.1/tests/run.yaml b/stepaction/tekton-catalog-publish/0.1/tests/run.yaml new file mode 100644 index 00000000..4be6b2ae --- /dev/null +++ b/stepaction/tekton-catalog-publish/0.1/tests/run.yaml @@ -0,0 +1,54 @@ +apiVersion: tekton.dev/v1 +kind: Task +metadata: + name: catalog-publish-test-task +spec: + workspaces: + - name: shared-workspace + steps: + - name: fetch-repository + ref: + name: git-clone + params: + - name: url + value: https://github.com/tektoncd/catalog + - name: subdirectory + value: "" + - name: deleteExisting + value: "true" + - name: output-path + value: $(workspaces.shared-workspace.path) + - name: reduce + image: alpine + script: | + set -e + cd "$(workspaces.shared-workspace.path)/stepaction" + ls | grep -v 'git-clone' | xargs rm -rf + - name: publish + params: + - name: REGISTRY + value: localhost:5000 + - name: RESOURCE + value: stepaction + - name: PATH + value: tekton/catalog/stepactions + - name: TAG + value: $(steps.fetch-repository.results.commit) + - name: catalogPath + value: $(workspaces.shared-workspace.path) + ref: + name: tekton-catalog-publish + sidecars: + - name: registry + image: registry +--- +apiVersion: tekton.dev/v1 +kind: TaskRun +metadata: + name: catalog-publish-test-task-run +spec: + taskRef: + name: catalog-publish-test-task + workspaces: + - name: shared-workspace + emptyDir: {} diff --git a/test/e2e-common.sh b/test/e2e-common.sh index fa8ad506..3c34a3dd 100755 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -79,7 +79,6 @@ import sys, yaml f=open(0, encoding="utf-8") data=yaml.load(f.read(), Loader=yaml.FullLoader) - sidecars = map(lambda v: yaml.safe_load(v), sys.argv[1:]) # after -c for sidecar in sidecars: if "sidecars" in data["spec"]: @@ -132,6 +131,22 @@ function add_task() { ${KUBECTL_CMD} -n "${tns}" apply -f "${path_version}"/"${task}".yaml } +function add_stepaction() { + local array path_version stepaction + stepaction=${1} + if [[ "${2}" == "latest" ]];then + array=($(echo stepaction/${stepaction}/*/|sort -u)) + path_version=${array[-1]} + else + path_version=stepaction/${stepaction}/${2} + if [[ ! -d ${path_version} ]];then + echo "I could not find version '${2}' for the stepaction '${stepaction}' in ./stepaction/" + exit 1 + fi + fi + ${KUBECTL_CMD} -n "${tns}" apply -f "${path_version}"/"${stepaction}".yaml +} + function install_pipeline_crd() { local latestreleaseyaml echo ">> Deploying Tekton Pipelines"