From d31c85dc44245c3da3b3a31de2c3bfcdf2fc0882 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Mon, 30 Sep 2024 18:00:51 -0400 Subject: [PATCH] Switch to using webhook_bridge instead of lighthouse to trigger the CI. --- .lighthouse/triggers.yaml | 27 ---- .../pipeline-build-homepage-staging.yaml | 117 +++++++++-------- .../pipeline-build-homepage.yaml | 122 +++++++++--------- .../pipeline-semver.yaml | 27 ++-- .webhook_bridge/webhook_bridge.toml | 19 +++ docker/organic/Dockerfile | 2 +- docker/server/Dockerfile | 2 +- 7 files changed, 159 insertions(+), 157 deletions(-) delete mode 100644 .lighthouse/triggers.yaml rename {.lighthouse => .webhook_bridge}/pipeline-build-homepage-staging.yaml (86%) rename {.lighthouse => .webhook_bridge}/pipeline-build-homepage.yaml (87%) rename {.lighthouse => .webhook_bridge}/pipeline-semver.yaml (89%) create mode 100644 .webhook_bridge/webhook_bridge.toml diff --git a/.lighthouse/triggers.yaml b/.lighthouse/triggers.yaml deleted file mode 100644 index 690d50a..0000000 --- a/.lighthouse/triggers.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: config.lighthouse.jenkins-x.io/v1alpha1 -kind: TriggerConfig -spec: - postsubmits: - - name: semver - source: "pipeline-semver.yaml" - max_concurrency: 1 - # Override https-based url from lighthouse events. - clone_uri: "git@code.fizz.buzz:talexander/homepage.git" - branches: - - ^main$ - - ^master$ - - name: build-homepage-staging - source: "pipeline-build-homepage-staging.yaml" - max_concurrency: 1 - # Override https-based url from lighthouse events. - clone_uri: "git@code.fizz.buzz:talexander/homepage.git" - skip_branches: - # We already run on every commit, so running when the semver tags get pushed is causing needless double-processing. - - "^v[0-9]+\\.[0-9]+\\.[0-9]+$" - - name: build-homepage - source: "pipeline-build-homepage.yaml" - max_concurrency: 1 - # Override https-based url from lighthouse events. - clone_uri: "git@code.fizz.buzz:talexander/homepage.git" - branches: - - "^v[0-9]+\\.[0-9]+\\.[0-9]+$" diff --git a/.lighthouse/pipeline-build-homepage-staging.yaml b/.webhook_bridge/pipeline-build-homepage-staging.yaml similarity index 86% rename from .lighthouse/pipeline-build-homepage-staging.yaml rename to .webhook_bridge/pipeline-build-homepage-staging.yaml index 456f796..604324b 100644 --- a/.lighthouse/pipeline-build-homepage-staging.yaml +++ b/.webhook_bridge/pipeline-build-homepage-staging.yaml @@ -1,13 +1,22 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: PipelineRun metadata: name: build-homepage-staging spec: + timeouts: + pipeline: "2h0m0s" + tasks: "1h0m0s" + finally: "0h30m0s" + taskRunTemplate: + serviceAccountName: build-bot pipelineSpec: params: - name: image-name description: The name for the built image type: string + - name: target-name + description: The dockerfile target to build + type: string - name: path-to-image-context description: The path to the build context type: string @@ -19,18 +28,17 @@ spec: taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi - workingDir: /workspace/source + workingDir: "/" results: - name: unix-time - description: The current date in unix timestamp format + description: The current date in unix timestamp format. steps: - - image: alpine:3.19 + - image: alpine:3.20 name: get-time-step script: | #!/usr/bin/env sh @@ -41,7 +49,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -71,7 +79,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -91,7 +99,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -106,38 +114,12 @@ spec: value: main - name: deleteExisting value: "true" - - name: copy-private-files - taskSpec: - metadata: {} - stepTemplate: - image: alpine:3.19 - name: "" - resources: - requests: - cpu: 10m - memory: 600Mi - workingDir: "$(workspaces.source.path)" - steps: - - image: alpine:3.19 - name: copy-private-files - script: | - #!/usr/bin/env sh - set -euo pipefail - cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/" - workspaces: - - name: source - workspace: git-source - - name: source-private - workspace: git-source-private - runAfter: - - get-time - - report-pending - name: fetch-repository-explorer taskRef: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -157,7 +139,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -172,16 +154,41 @@ spec: value: main - name: deleteExisting value: "true" + - name: copy-private-files + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.source.path)" + steps: + - image: alpine:3.20 + name: copy-private-files + script: | + #!/usr/bin/env sh + set -euo pipefail + cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/" + workspaces: + - name: source + workspace: git-source + - name: source-private + workspace: git-source-private + runAfter: + - fetch-repository + - fetch-repository-private - name: build-explorer-image taskRef: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo - value: task/kaniko/0.6//kaniko.yaml + value: task/kaniko/0.6/kaniko.yaml params: - name: IMAGE value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)" @@ -194,6 +201,7 @@ spec: - name: EXTRA_ARGS value: - "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image + - "--target=" - --cache=true - --cache-copy-layers - --cache-repo=harbor.fizz.buzz/kanikocache/cache @@ -208,15 +216,13 @@ spec: - name: dockerconfig workspace: docker-credentials runAfter: - - get-time - - report-pending + - fetch-repository - name: build-explorer-wasm taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi @@ -231,21 +237,19 @@ spec: - name: organic workspace: git-source-organic runAfter: - - get-time - build-explorer-image - name: copy-explorer-files taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi workingDir: "$(workspaces.source-explorer.path)" steps: - - image: node:lts-alpine3.19 + - image: node:lts-alpine3.20 name: copy-explorer-files script: | #!/usr/bin/env sh @@ -268,11 +272,11 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo - value: task/kaniko/0.6//kaniko.yaml + value: task/kaniko/0.6/kaniko.yaml params: - name: IMAGE value: "$(params.image-name):$(tasks.get-time.results.unix-time)" @@ -285,6 +289,7 @@ spec: - name: EXTRA_ARGS value: - "--destination=$(params.image-name)" # Also write the :latest image + - "--target=$(params.target-name)" - --cache=true - --cache-copy-layers - --cache-repo=harbor.fizz.buzz/kanikocache/cache @@ -311,7 +316,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -340,7 +345,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -407,11 +412,11 @@ spec: - name: docker-credentials secret: secretName: harbor-plain - serviceAccountName: build-bot - timeout: 240h0m0s params: - name: image-name value: "harbor.fizz.buzz/private/homepage-staging" + - name: target-name + value: "" - name: path-to-image-context value: . - name: path-to-dockerfile diff --git a/.lighthouse/pipeline-build-homepage.yaml b/.webhook_bridge/pipeline-build-homepage.yaml similarity index 87% rename from .lighthouse/pipeline-build-homepage.yaml rename to .webhook_bridge/pipeline-build-homepage.yaml index 68f2c09..1821e3a 100644 --- a/.lighthouse/pipeline-build-homepage.yaml +++ b/.webhook_bridge/pipeline-build-homepage.yaml @@ -1,13 +1,22 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: PipelineRun metadata: name: build-homepage spec: + timeouts: + pipeline: "2h0m0s" + tasks: "1h0m0s" + finally: "0h30m0s" + taskRunTemplate: + serviceAccountName: build-bot pipelineSpec: params: - name: image-name description: The name for the built image type: string + - name: target-name + description: The dockerfile target to build + type: string - name: path-to-image-context description: The path to the build context type: string @@ -19,18 +28,17 @@ spec: taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi - workingDir: /workspace/source + workingDir: "/" results: - name: unix-time - description: The current date in unix timestamp format + description: The current date in unix timestamp format. steps: - - image: alpine:3.19 + - image: alpine:3.20 name: get-time-step script: | #!/usr/bin/env sh @@ -40,9 +48,8 @@ spec: taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi @@ -74,7 +81,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -104,7 +111,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -124,7 +131,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -139,37 +146,12 @@ spec: value: main - name: deleteExisting value: "true" - - name: copy-private-files - taskSpec: - metadata: {} - stepTemplate: - image: alpine:3.19 - name: "" - resources: - requests: - cpu: 10m - memory: 600Mi - workingDir: "$(workspaces.source.path)" - steps: - - image: alpine:3.19 - name: copy-private-files - script: | - #!/usr/bin/env sh - set -euo pipefail - cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/" - workspaces: - - name: source - workspace: git-source - - name: source-private - workspace: git-source-private - runAfter: - - report-pending - name: fetch-repository-explorer taskRef: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -189,7 +171,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -204,16 +186,41 @@ spec: value: main - name: deleteExisting value: "true" + - name: copy-private-files + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.source.path)" + steps: + - image: alpine:3.20 + name: copy-private-files + script: | + #!/usr/bin/env sh + set -euo pipefail + cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/" + workspaces: + - name: source + workspace: git-source + - name: source-private + workspace: git-source-private + runAfter: + - fetch-repository + - fetch-repository-private - name: build-explorer-image taskRef: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo - value: task/kaniko/0.6//kaniko.yaml + value: task/kaniko/0.6/kaniko.yaml params: - name: IMAGE value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)" @@ -226,6 +233,7 @@ spec: - name: EXTRA_ARGS value: - "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image + - "--target=" - --cache=true - --cache-copy-layers - --cache-repo=harbor.fizz.buzz/kanikocache/cache @@ -240,15 +248,13 @@ spec: - name: dockerconfig workspace: docker-credentials runAfter: - - get-time - - report-pending + - fetch-repository - name: build-explorer-wasm taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi @@ -263,21 +269,19 @@ spec: - name: organic workspace: git-source-organic runAfter: - - get-time - build-explorer-image - name: copy-explorer-files taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi workingDir: "$(workspaces.source-explorer.path)" steps: - - image: node:lts-alpine3.19 + - image: node:lts-alpine3.20 name: copy-explorer-files script: | #!/usr/bin/env sh @@ -300,11 +304,11 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo - value: task/kaniko/0.6//kaniko.yaml + value: task/kaniko/0.6/kaniko.yaml params: - name: IMAGE value: "$(params.image-name):$(tasks.detect-tag.results.tag)" @@ -317,6 +321,7 @@ spec: - name: EXTRA_ARGS value: - "--destination=$(params.image-name)" # Also write the :latest image + - "--target=$(params.target-name)" - --cache=true - --cache-copy-layers - --cache-repo=harbor.fizz.buzz/kanikocache/cache @@ -331,7 +336,6 @@ spec: - name: dockerconfig workspace: docker-credentials runAfter: - - detect-tag - copy-private-files - copy-explorer-files finally: @@ -344,7 +348,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -373,7 +377,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -440,11 +444,11 @@ spec: - name: docker-credentials secret: secretName: harbor-plain - serviceAccountName: build-bot - timeout: 240h0m0s params: - name: image-name value: "harbor.fizz.buzz/private/homepage" + - name: target-name + value: "" - name: path-to-image-context value: . - name: path-to-dockerfile diff --git a/.lighthouse/pipeline-semver.yaml b/.webhook_bridge/pipeline-semver.yaml similarity index 89% rename from .lighthouse/pipeline-semver.yaml rename to .webhook_bridge/pipeline-semver.yaml index 9a9e7e3..49a597c 100644 --- a/.lighthouse/pipeline-semver.yaml +++ b/.webhook_bridge/pipeline-semver.yaml @@ -1,8 +1,14 @@ -apiVersion: tekton.dev/v1beta1 +apiVersion: tekton.dev/v1 kind: PipelineRun metadata: name: semver spec: + timeouts: + pipeline: "2h0m0s" + tasks: "1h0m0s" + finally: "0h30m0s" + taskRunTemplate: + serviceAccountName: build-bot pipelineSpec: params: - name: REPO_OWNER @@ -20,16 +26,15 @@ spec: tasks: - name: calculate-tag runAfter: - - report-pending + - fetch-repository workspaces: - name: source workspace: git-source taskSpec: metadata: {} stepTemplate: - image: alpine:3.19 - name: "" - resources: + image: alpine:3.20 + computeResources: requests: cpu: 10m memory: 600Mi @@ -67,13 +72,11 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo value: task/gitea-set-status/0.1/gitea-set-status.yaml - runAfter: - - fetch-repository params: - name: CONTEXT value: "$(params.JOB_NAME)" @@ -94,7 +97,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -119,7 +122,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -148,7 +151,7 @@ spec: resolver: git params: - name: url - value: https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git - name: revision value: df36b3853a5657fd883015cdbf07ad6466918acf - name: pathInRepo @@ -181,6 +184,4 @@ spec: requests: storage: 10Gi subPath: source - serviceAccountName: build-bot - timeout: 240h0m0s params: [] diff --git a/.webhook_bridge/webhook_bridge.toml b/.webhook_bridge/webhook_bridge.toml new file mode 100644 index 0000000..cbf3bfe --- /dev/null +++ b/.webhook_bridge/webhook_bridge.toml @@ -0,0 +1,19 @@ +version = "0.0.1" + +[[push]] + name = "build" + source = "pipeline-build-homepage.yaml" + clone_uri = "git@code.fizz.buzz:talexander/homepage.git" + branches = [ "^v[0-9]+\\.[0-9]+\\.[0-9]+$" ] + +[[push]] + name = "build-staging" + source = "pipeline-build-homepage-staging.yaml" + clone_uri = "git@code.fizz.buzz:talexander/homepage.git" + skip_branches = [ "^v[0-9]+\\.[0-9]+\\.[0-9]+$" ] + +[[push]] + name = "semver" + source = "pipeline-semver.yaml" + clone_uri = "git@code.fizz.buzz:talexander/homepage.git" + branches = [ "^main$", "^master$" ] diff --git a/docker/organic/Dockerfile b/docker/organic/Dockerfile index 11cf9d2..dfb7a02 100644 --- a/docker/organic/Dockerfile +++ b/docker/organic/Dockerfile @@ -1,4 +1,4 @@ -FROM rustlang/rust:nightly-alpine3.19 +FROM rustlang/rust:nightly-alpine3.20 RUN apk add --no-cache musl-dev make bash RUN rustup target add wasm32-unknown-unknown diff --git a/docker/server/Dockerfile b/docker/server/Dockerfile index 970aafb..713f521 100644 --- a/docker/server/Dockerfile +++ b/docker/server/Dockerfile @@ -4,7 +4,7 @@ COPY . /source RUN ls /source/ RUN natter build --config /source/natter.toml -FROM alpine:3.19 AS server +FROM alpine:3.20 AS server RUN apk add --no-cache bash nginx RUN addgroup web && adduser -D -G web web && install -d -D -o web -g web -m 700 /srv/http/public