Add a build step to clone the private homepage files.

This is currently used to deploy a PGP WKD (Web Key Directory) for my PGP keys.
2024-01-02 12:36:17 -05:00
parent 81a5788ba9
commit ce6d2d4442
3 changed files with 64 additions and 30 deletions
--- a/.lighthouse/pipeline-build-homepage-staging.yaml
+++ b/.lighthouse/pipeline-build-homepage-staging.yaml
@@ -34,6 +34,7 @@ spec:
              name: get-time-step
              script: |
                #!/usr/bin/env sh
+                set -euo pipefail
                echo -n "$(date +%s)" | tee $(results.unix-time.path)
      - name: report-pending
        taskRef:
@@ -47,6 +48,7 @@ spec:
              value: task/gitea-set-status/0.1/gitea-set-status.yaml
        runAfter:
          - fetch-repository
+          - fetch-repository-private
        params:
          - name: CONTEXT
            value: "$(params.JOB_NAME)"
@@ -82,6 +84,52 @@ spec:
            value: $(params.PULL_BASE_SHA)
          - name: deleteExisting
            value: "true"
+      - name: fetch-repository-private
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/git-clone/0.9/git-clone.yaml
+        workspaces:
+          - name: output
+            workspace: git-source-private
+        params:
+          - name: url
+            value: git@code.fizz.buzz:talexander/homepage_private.git
+          - name: revision
+            value: main
+          - name: deleteExisting
+            value: "true"
+      - name: copy-private-files
+        taskSpec:
+          metadata: {}
+          stepTemplate:
+            image: alpine:3.18
+            name: ""
+            resources:
+              requests:
+                cpu: 10m
+                memory: 600Mi
+            workingDir: "$(workspaces.source.path)"
+          steps:
+            - image: alpine:3.18
+              name: copy-private-files
+              script: |
+                #!/usr/bin/env sh
+                set -euo pipefail
+                cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/"
+        workspaces:
+          - name: source
+            workspace: git-source
+          - name: source-private
+            workspace: git-source-private
+        runAfter:
+          - get-time
+          - report-pending
      - name: build-image
        taskRef:
          resolver: git
@@ -118,9 +166,7 @@ spec:
          - name: dockerconfig
            workspace: docker-credentials
        runAfter:
-          - get-time
-          - report-pending
-          - fetch-repository
+          - copy-private-files
    finally:
      - name: report-success
        when:
@@ -194,6 +240,16 @@ spec:
            requests:
              storage: 10Gi
      subPath: rust-source
+    - name: git-source-private
+      volumeClaimTemplate:
+        spec:
+          storageClassName: "nfs-client"
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 10Gi
+      subPath: git-source
    - name: docker-credentials
      secret:
        secretName: harbor-plain