added Shipwright CLI task

task/shp/0.1/OWNERS

@@ -0,0 +1,6 @@
+approvers:
+- siamaksade
+- adambkaplan
+reviewers:
+- siamaksade
+- adambkaplan

task/shp/0.1/README.md

@@ -0,0 +1,66 @@
+### Shipwright CLI
+
+This task performs operations on Shipwright Builds using the CLI [`shp`](https://github.com/shipwright-io/cli).
+
+## Install the Task
+
+```bash
+kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/main/task/shp/0.1/shp.yaml
+```
+
+
+## Parameters
+
+| name      | description                                 | default                                      |
+| --------- | ------------------------------------------- | ---------------------------------------------|
+| SHP_IMAGE | `shp` CLI container image to run this task. | `quay.io/shipwright/cli:0.12`   |
+| ARGS      | The arguments to pass to the `shp` CLI.     | `--help`                                     |
+| SCRIPT    | `shp` CLI script to execute                 | `shp \$@`                                    |
+
+## Workspaces
+
+- **kubeconfig**: An [optional workspace](https://github.com/tektoncd/pipeline/blob/main/docs/workspaces.md#using-workspaces-in-tasks) that allows you to provide a `.kube/config` file for `shp` to access the cluster. The file should be placed at the root of the Workspace with name `kubeconfig`.
+
+## Platforms
+
+The Task can be run on `linux/amd64`
+
+## Usage
+
+1. Passing only `ARGS`
+
+```yaml
+  tasks:
+    - name: build
+      taskRef:
+        kind: Task
+        name: shp
+      params:
+        - name: ARGS
+            value:  
+            - build 
+            - run 
+            - $(params.BUILD_NAME)
+            - --follow
+
+```
+
+2. Passing `SCRIPT` and `ARGS` and `WORKSPACE`
+
+Sample secret can be found [here](https://github.com/tektoncd/catalog/tree/main/task/shp/0.1/samples/kubeconfig-secret.yaml)
+
+```yaml
+  tasks:
+    - name: build
+      params:
+        - name: SCRIPT
+          value:  |
+            shp build run $(params.BUILD_NAME) --follow
+      taskRef:
+        kind: Task
+        name: shp
+      workspaces:
+        - name: kubeconfig
+            secret:
+                secretName: kubeconfig-secret
+```

task/shp/0.1/samples/kubeconfig-secret.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubeconfig
+stringData:
+  kubeconfig: |
+    apiVersion: v1
+    kind: Config
+    preferences: {}
+    clusters:
+    - cluster:
+        certificate-authority-data: LS0exampleexampleexample=
+        server: https://cluster.example.com:8443
+      name: my-cluster
+    contexts:
+    - context:
+        cluster: my-cluster
+        user: my-cluster-user
+      name: my-cluster
+    current-context: my-cluster
+    users:
+    - name: my-cluster-user
+      user:
+        client-certificate-data: LS0exampleexampleexample=
+        client-key-data: LS0exampleexampleexample=

task/shp/0.1/samples/taskrun-with-workspaces copy.yaml

@@ -0,0 +1,16 @@
+apiVersion: tekton.dev/v1
+kind: TaskRun
+metadata:
+  name: shp-run-with-workspace
+spec:
+  taskRef:
+    name: shp
+  workspaces:
+    - name: kubeconfig
+      secret:
+        secretName: kubeconfig
+  params:
+    - name: SCRIPT
+      value: |
+        shp build list
+        shp build run BUILD-NAME --follow

task/shp/0.1/samples/taskrun.yaml

@@ -0,0 +1,12 @@
+apiVersion: tekton.dev/v1
+kind: TaskRun
+metadata:
+  name: shp-taskrun
+spec:
+  taskRef:
+    name: shp
+  params:
+    - name: SCRIPT
+      value: |
+        shp build list
+        shp build run BUILD-NAME --follow

task/shp/0.1/shp.yaml

@@ -0,0 +1,50 @@
+---
+apiVersion: tekton.dev/v1
+kind: Task
+metadata:
+  name: shp
+  labels:
+    app.kubernetes.io/version: "1.20"
+  annotations:
+    tekton.dev/pipelines.minVersion: "0.12.0"
+    tekton.dev/categories: CLI
+    tekton.dev/tags: cli
+    tekton.dev/displayName: "Shipwright CLI"
+    tekton.dev/platforms: "linux/amd64"
+spec:
+  workspaces:
+    - name: kubeconfig
+      description: >-
+        An optional workspace that allows you to provide a .kube/config
+        file for shp to access the cluster. The file should be placed at
+        the root of the Workspace with name kubeconfig.
+      optional: true
+  description: This task performs operations on Shipwright resources using shp
+  params:
+    - name: SHP_IMAGE
+      description: shp CLI container image to run this task
+      default: quay.io/shipwright/cli:0.12
+    - name: SCRIPT
+      description: shp CLI script to execute
+      type: string
+      default: "shp $@"
+    - name: ARGS
+      type: array
+      description: shp CLI arguments to run
+      default: ["--help"]
+  steps:
+    - name: shp
+      env:
+      - name: HOME
+        value: /tekton/home
+      image: "$(params.SHP_IMAGE)"
+      script: |
+        if [ "$(workspaces.kubeconfig.bound)" = "true" ] && [ -e $(workspaces.kubeconfig.path)/kubeconfig ]; then
+          export KUBECONFIG="$(workspaces.kubeconfig.path)"/kubeconfig
+        fi
+
+        eval "$(params.SCRIPT)"
+      args: ["$(params.ARGS)"]
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 65532

task/shp/0.1/tests/resources.yaml

@@ -0,0 +1,30 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: shp-account
+  namespace: shp-0-1
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: shp-role
+  namespace: shp-0-1
+rules:
+  - apiGroups: ["shipwright.io"]
+    resources: ["*"]
+    verbs: ["*"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: shp-binding
+  namespace: shp-0-1
+subjects:
+  - kind: ServiceAccount
+    name: shp-account
+    namespace: shp-0-1
+roleRef:
+  kind: Role
+  name: shp-role
+  apiGroup: rbac.authorization.k8s.io

task/shp/0.1/tests/run.yaml

@@ -0,0 +1,12 @@
+apiVersion: tekton.dev/v1
+kind: TaskRun
+metadata:
+  name: shp-taskrun
+spec:
+  serviceAccountName: shp-account
+  taskRef:
+    name: shp
+  params:
+    - name: SCRIPT
+      value: |
+        shp version