Update version of BuiltKit task.

This version does not launch the ssh agent if no keys are mounted.

.lighthouse/pipeline-build-homepage-staging.yaml

@@ -1,418 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: PipelineRun
-metadata:
-  name: build-homepage-staging
-spec:
-  pipelineSpec:
-    params:
-      - name: image-name
-        description: The name for the built image
-        type: string
-      - name: path-to-image-context
-        description: The path to the build context
-        type: string
-      - name: path-to-dockerfile
-        description: The path to the Dockerfile
-        type: string
-    tasks:
-      - name: get-time
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: /workspace/source
-          results:
-            - name: unix-time
-              description: The current date in unix timestamp format
-          steps:
-            - image: alpine:3.19
-              name: get-time-step
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                echo -n "$(date +%s)" | tee $(results.unix-time.path)
-      - name: report-pending
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
-          - fetch-repository-private
-          - fetch-repository-explorer
-          - fetch-repository-organic
-        params:
-          - name: CONTEXT
-            value: "$(params.JOB_NAME)"
-          - name: REPO_FULL_NAME
-            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
-          - name: GITEA_HOST_URL
-            value: code.fizz.buzz
-          - name: SHA
-            value: "$(tasks.fetch-repository.results.commit)"
-          - name: DESCRIPTION
-            value: "Build $(params.JOB_NAME) has started"
-          - name: STATE
-            value: pending
-          - name: TARGET_URL
-            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
-      - name: fetch-repository
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source
-        params:
-          - name: url
-            value: $(params.REPO_URL)
-          - name: revision
-            value: $(params.PULL_BASE_SHA)
-          - name: deleteExisting
-            value: "true"
-      - name: fetch-repository-private
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source-private
-        params:
-          - name: url
-            value: git@code.fizz.buzz:talexander/homepage_private.git
-          - name: revision
-            value: main
-          - name: deleteExisting
-            value: "true"
-      - name: copy-private-files
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.source.path)"
-          steps:
-            - image: alpine:3.19
-              name: copy-private-files
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/"
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: source-private
-            workspace: git-source-private
-        runAfter:
-          - get-time
-          - report-pending
-      - name: fetch-repository-explorer
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source-explorer
-        params:
-          - name: url
-            value: git@code.fizz.buzz:talexander/organic_ast_explorer.git
-          - name: revision
-            value: main
-          - name: deleteExisting
-            value: "true"
-      - name: fetch-repository-organic
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source-organic
-        params:
-          - name: url
-            value: git@code.fizz.buzz:talexander/organic.git
-          - name: revision
-            value: main
-          - name: deleteExisting
-            value: "true"
-      - name: build-explorer-image
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/kaniko/0.6//kaniko.yaml
-        params:
-          - name: IMAGE
-            value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
-          - name: CONTEXT
-            value: .
-          - name: DOCKERFILE
-            value: docker/organic/Dockerfile
-          - name: BUILDER_IMAGE
-            value: "gcr.io/kaniko-project/executor:v1.12.1"
-          - name: EXTRA_ARGS
-            value:
-              - "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image
-              - --cache=true
-              - --cache-copy-layers
-              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
-              - --use-new-run # Should result in a speed-up
-              - --reproducible # To remove timestamps so layer caching works.
-              - --snapshot-mode=redo
-              - --skip-unused-stages=true
-              - --registry-mirror=dockerhub.dockerhub.svc.cluster.local
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: dockerconfig
-            workspace: docker-credentials
-        runAfter:
-          - get-time
-          - report-pending
-      - name: build-explorer-wasm
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.organic.path)"
-          steps:
-            - image: "$(params.IMAGE)"
-              name: build-explorer-wasm
-        params:
-          - name: IMAGE
-            value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
-        workspaces:
-          - name: organic
-            workspace: git-source-organic
-        runAfter:
-          - get-time
-          - build-explorer-image
-      - name: copy-explorer-files
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.source-explorer.path)"
-          steps:
-            - image: node:lts-alpine3.19
-              name: copy-explorer-files
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                npm install
-                npm run release
-                mkdir -p "$(workspaces.source.path)/static/organic/ast_explorer/"
-                cp -r "$(workspaces.source-explorer.path)/dist/"* "$(workspaces.source.path)/static/organic/ast_explorer/"
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: source-explorer
-            workspace: git-source-explorer
-          - name: organic
-            workspace: git-source-organic
-        runAfter:
-          - build-explorer-wasm
-      - name: build-image
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/kaniko/0.6//kaniko.yaml
-        params:
-          - name: IMAGE
-            value: "$(params.image-name):$(tasks.get-time.results.unix-time)"
-          - name: CONTEXT
-            value: $(params.path-to-image-context)
-          - name: DOCKERFILE
-            value: $(params.path-to-dockerfile)
-          - name: BUILDER_IMAGE
-            value: "gcr.io/kaniko-project/executor:v1.12.1"
-          - name: EXTRA_ARGS
-            value:
-              - "--destination=$(params.image-name)" # Also write the :latest image
-              - --cache=true
-              - --cache-copy-layers
-              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
-              - --use-new-run # Should result in a speed-up
-              - --reproducible # To remove timestamps so layer caching works.
-              - --snapshot-mode=redo
-              - --skip-unused-stages=true
-              - --registry-mirror=dockerhub.dockerhub.svc.cluster.local
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: dockerconfig
-            workspace: docker-credentials
-        runAfter:
-          - copy-private-files
-          - copy-explorer-files
-    finally:
-      - name: report-success
-        when:
-          - input: "$(tasks.status)"
-            operator: in
-            values: ["Succeeded", "Completed"]
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        params:
-          - name: CONTEXT
-            value: "$(params.JOB_NAME)"
-          - name: REPO_FULL_NAME
-            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
-          - name: GITEA_HOST_URL
-            value: code.fizz.buzz
-          - name: SHA
-            value: "$(tasks.fetch-repository.results.commit)"
-          - name: DESCRIPTION
-            value: "Build $(params.JOB_NAME) has succeeded"
-          - name: STATE
-            value: success
-          - name: TARGET_URL
-            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
-      - name: report-failure
-        when:
-          - input: "$(tasks.status)"
-            operator: in
-            values: ["Failed"]
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        params:
-          - name: CONTEXT
-            value: "$(params.JOB_NAME)"
-          - name: REPO_FULL_NAME
-            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
-          - name: GITEA_HOST_URL
-            value: code.fizz.buzz
-          - name: SHA
-            value: "$(tasks.fetch-repository.results.commit)"
-          - name: DESCRIPTION
-            value: "Build $(params.JOB_NAME) has failed"
-          - name: STATE
-            value: failure
-          - name: TARGET_URL
-            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
-    workspaces:
-      - name: git-source
-      - name: docker-credentials
-  workspaces:
-    - name: git-source
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: rust-source
-    - name: git-source-private
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: git-source
-    - name: git-source-explorer
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: git-source
-    - name: git-source-organic
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: git-source
-    - name: docker-credentials
-      secret:
-        secretName: harbor-plain
-  serviceAccountName: build-bot
-  timeout: 240h0m0s
-  params:
-    - name: image-name
-      value: "harbor.fizz.buzz/private/homepage-staging"
-    - name: path-to-image-context
-      value: .
-    - name: path-to-dockerfile
-      value: docker/server/Dockerfile

.lighthouse/pipeline-build-homepage.yaml

@@ -1,451 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: PipelineRun
-metadata:
-  name: build-homepage
-spec:
-  pipelineSpec:
-    params:
-      - name: image-name
-        description: The name for the built image
-        type: string
-      - name: path-to-image-context
-        description: The path to the build context
-        type: string
-      - name: path-to-dockerfile
-        description: The path to the Dockerfile
-        type: string
-    tasks:
-      - name: get-time
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: /workspace/source
-          results:
-            - name: unix-time
-              description: The current date in unix timestamp format
-          steps:
-            - image: alpine:3.19
-              name: get-time-step
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                echo -n "$(date +%s)" | tee $(results.unix-time.path)
-      - name: detect-tag
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.repo.path)"
-          results:
-            - name: tag
-              description: The tag to use for the docker container.
-          steps:
-            - image: alpine/git:v2.34.2
-              name: detect-tag-step
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                git fetch --tags
-                current_tag=$(git tag --points-at HEAD --list 'v*.*.*')
-                if [ -z "$current_tag" ]; then
-                  echo "No tag at current commit"
-                  exit 1
-                else
-                  echo -n "${current_tag}" | tee $(results.tag.path)
-                fi
-        workspaces:
-          - name: repo
-            workspace: git-source
-        runAfter:
-          - fetch-repository
-      - name: report-pending
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
-          - fetch-repository-private
-          - fetch-repository-explorer
-          - fetch-repository-organic
-        params:
-          - name: CONTEXT
-            value: "$(params.JOB_NAME)"
-          - name: REPO_FULL_NAME
-            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
-          - name: GITEA_HOST_URL
-            value: code.fizz.buzz
-          - name: SHA
-            value: "$(tasks.fetch-repository.results.commit)"
-          - name: DESCRIPTION
-            value: "Build $(params.JOB_NAME) has started"
-          - name: STATE
-            value: pending
-          - name: TARGET_URL
-            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
-      - name: fetch-repository
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source
-        params:
-          - name: url
-            value: $(params.REPO_URL)
-          - name: revision
-            value: $(params.PULL_BASE_SHA)
-          - name: deleteExisting
-            value: "true"
-      - name: fetch-repository-private
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source-private
-        params:
-          - name: url
-            value: git@code.fizz.buzz:talexander/homepage_private.git
-          - name: revision
-            value: main
-          - name: deleteExisting
-            value: "true"
-      - name: copy-private-files
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.source.path)"
-          steps:
-            - image: alpine:3.19
-              name: copy-private-files
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/"
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: source-private
-            workspace: git-source-private
-        runAfter:
-          - report-pending
-      - name: fetch-repository-explorer
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source-explorer
-        params:
-          - name: url
-            value: git@code.fizz.buzz:talexander/organic_ast_explorer.git
-          - name: revision
-            value: main
-          - name: deleteExisting
-            value: "true"
-      - name: fetch-repository-organic
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/git-clone/0.9/git-clone.yaml
-        workspaces:
-          - name: output
-            workspace: git-source-organic
-        params:
-          - name: url
-            value: git@code.fizz.buzz:talexander/organic.git
-          - name: revision
-            value: main
-          - name: deleteExisting
-            value: "true"
-      - name: build-explorer-image
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/kaniko/0.6//kaniko.yaml
-        params:
-          - name: IMAGE
-            value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
-          - name: CONTEXT
-            value: .
-          - name: DOCKERFILE
-            value: docker/organic/Dockerfile
-          - name: BUILDER_IMAGE
-            value: "gcr.io/kaniko-project/executor:v1.12.1"
-          - name: EXTRA_ARGS
-            value:
-              - "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image
-              - --cache=true
-              - --cache-copy-layers
-              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
-              - --use-new-run # Should result in a speed-up
-              - --reproducible # To remove timestamps so layer caching works.
-              - --snapshot-mode=redo
-              - --skip-unused-stages=true
-              - --registry-mirror=dockerhub.dockerhub.svc.cluster.local
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: dockerconfig
-            workspace: docker-credentials
-        runAfter:
-          - get-time
-          - report-pending
-      - name: build-explorer-wasm
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.organic.path)"
-          steps:
-            - image: "$(params.IMAGE)"
-              name: build-explorer-wasm
-        params:
-          - name: IMAGE
-            value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
-        workspaces:
-          - name: organic
-            workspace: git-source-organic
-        runAfter:
-          - get-time
-          - build-explorer-image
-      - name: copy-explorer-files
-        taskSpec:
-          metadata: {}
-          stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
-              requests:
-                cpu: 10m
-                memory: 600Mi
-            workingDir: "$(workspaces.source-explorer.path)"
-          steps:
-            - image: node:lts-alpine3.19
-              name: copy-explorer-files
-              script: |
-                #!/usr/bin/env sh
-                set -euo pipefail
-                npm install
-                npm run release
-                mkdir -p "$(workspaces.source.path)/static/organic/ast_explorer/"
-                cp -r "$(workspaces.source-explorer.path)/dist/"* "$(workspaces.source.path)/static/organic/ast_explorer/"
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: source-explorer
-            workspace: git-source-explorer
-          - name: organic
-            workspace: git-source-organic
-        runAfter:
-          - build-explorer-wasm
-      - name: build-image
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/kaniko/0.6//kaniko.yaml
-        params:
-          - name: IMAGE
-            value: "$(params.image-name):$(tasks.detect-tag.results.tag)"
-          - name: CONTEXT
-            value: $(params.path-to-image-context)
-          - name: DOCKERFILE
-            value: $(params.path-to-dockerfile)
-          - name: BUILDER_IMAGE
-            value: "gcr.io/kaniko-project/executor:v1.12.1"
-          - name: EXTRA_ARGS
-            value:
-              - "--destination=$(params.image-name)" # Also write the :latest image
-              - --cache=true
-              - --cache-copy-layers
-              - --cache-repo=harbor.fizz.buzz/kanikocache/cache
-              - --use-new-run # Should result in a speed-up
-              - --reproducible # To remove timestamps so layer caching works.
-              - --snapshot-mode=redo
-              - --skip-unused-stages=true
-              - --registry-mirror=dockerhub.dockerhub.svc.cluster.local
-        workspaces:
-          - name: source
-            workspace: git-source
-          - name: dockerconfig
-            workspace: docker-credentials
-        runAfter:
-          - detect-tag
-          - copy-private-files
-          - copy-explorer-files
-    finally:
-      - name: report-success
-        when:
-          - input: "$(tasks.status)"
-            operator: in
-            values: ["Succeeded", "Completed"]
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        params:
-          - name: CONTEXT
-            value: "$(params.JOB_NAME)"
-          - name: REPO_FULL_NAME
-            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
-          - name: GITEA_HOST_URL
-            value: code.fizz.buzz
-          - name: SHA
-            value: "$(tasks.fetch-repository.results.commit)"
-          - name: DESCRIPTION
-            value: "Build $(params.JOB_NAME) has succeeded"
-          - name: STATE
-            value: success
-          - name: TARGET_URL
-            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
-      - name: report-failure
-        when:
-          - input: "$(tasks.status)"
-            operator: in
-            values: ["Failed"]
-        taskRef:
-          resolver: git
-          params:
-            - name: url
-              value: https://github.com/tektoncd/catalog.git
-            - name: revision
-              value: df36b3853a5657fd883015cdbf07ad6466918acf
-            - name: pathInRepo
-              value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        params:
-          - name: CONTEXT
-            value: "$(params.JOB_NAME)"
-          - name: REPO_FULL_NAME
-            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
-          - name: GITEA_HOST_URL
-            value: code.fizz.buzz
-          - name: SHA
-            value: "$(tasks.fetch-repository.results.commit)"
-          - name: DESCRIPTION
-            value: "Build $(params.JOB_NAME) has failed"
-          - name: STATE
-            value: failure
-          - name: TARGET_URL
-            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
-    workspaces:
-      - name: git-source
-      - name: docker-credentials
-  workspaces:
-    - name: git-source
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: rust-source
-    - name: git-source-private
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: git-source
-    - name: git-source-explorer
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: git-source
-    - name: git-source-organic
-      volumeClaimTemplate:
-        spec:
-          storageClassName: "nfs-client"
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-      subPath: git-source
-    - name: docker-credentials
-      secret:
-        secretName: harbor-plain
-  serviceAccountName: build-bot
-  timeout: 240h0m0s
-  params:
-    - name: image-name
-      value: "harbor.fizz.buzz/private/homepage"
-    - name: path-to-image-context
-      value: .
-    - name: path-to-dockerfile
-      value: docker/server/Dockerfile

.lighthouse/triggers.yaml

@@ -1,27 +0,0 @@
-apiVersion: config.lighthouse.jenkins-x.io/v1alpha1
-kind: TriggerConfig
-spec:
-  postsubmits:
-    - name: semver
-      source: "pipeline-semver.yaml"
-      max_concurrency: 1
-      # Override https-based url from lighthouse events.
-      clone_uri: "git@code.fizz.buzz:talexander/homepage.git"
-      branches:
-        - ^main$
-        - ^master$
-    - name: build-homepage-staging
-      source: "pipeline-build-homepage-staging.yaml"
-      max_concurrency: 1
-      # Override https-based url from lighthouse events.
-      clone_uri: "git@code.fizz.buzz:talexander/homepage.git"
-      skip_branches:
-        # We already run on every commit, so running when the semver tags get pushed is causing needless double-processing.
-        - "^v[0-9]+\\.[0-9]+\\.[0-9]+$"
-    - name: build-homepage
-      source: "pipeline-build-homepage.yaml"
-      max_concurrency: 1
-      # Override https-based url from lighthouse events.
-      clone_uri: "git@code.fizz.buzz:talexander/homepage.git"
-      branches:
-        - "^v[0-9]+\\.[0-9]+\\.[0-9]+$"

.webhook_bridge/pipeline-build-homepage-staging.yaml

@@ -0,0 +1,244 @@
+apiVersion: tekton.dev/v1
+kind: PipelineRun
+metadata:
+  name: build-homepage-staging
+spec:
+  timeouts:
+    pipeline: "2h0m0s"
+    tasks: "1h0m0s"
+    finally: "0h30m0s"
+  taskRunTemplate:
+    serviceAccountName: build-bot
+  pipelineSpec:
+    params:
+      - name: image-name
+        description: The name for the built image
+        type: string
+      - name: target-name
+        description: The dockerfile target to build
+        type: string
+      - name: path-to-image-context
+        description: The path to the build context
+        type: string
+      - name: path-to-dockerfile
+        description: The path to the Dockerfile
+        type: string
+    tasks:
+      - name: get-time
+        taskSpec:
+          metadata: {}
+          stepTemplate:
+            image: alpine:3.20
+            computeResources:
+              requests:
+                cpu: 10m
+                memory: 600Mi
+            workingDir: "/"
+          results:
+            - name: unix-time
+              description: The current date in unix timestamp format.
+          steps:
+            - image: alpine:3.20
+              name: get-time-step
+              script: |
+                #!/usr/bin/env sh
+                set -euo pipefail
+                echo -n "$(date +%s)" | tee $(results.unix-time.path)
+      - name: get-git-commit-time
+        taskSpec:
+          metadata: {}
+          stepTemplate:
+            image: alpine:3.20
+            computeResources:
+              requests:
+                cpu: 10m
+                memory: 600Mi
+            workingDir: "$(workspaces.repo.path)"
+          results:
+            - name: unix-time
+              description: The time of the git commit in unix timestamp format.
+          steps:
+            - image: alpine/git:v2.34.2
+              name: detect-tag-step
+              script: |
+                #!/usr/bin/env sh
+                set -euo pipefail
+                echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
+        workspaces:
+          - name: repo
+            workspace: git-source
+        runAfter:
+          - fetch-repository
+      - name: report-pending
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/gitea-set-status/0.1/gitea-set-status.yaml
+        runAfter:
+          - fetch-repository
+        params:
+          - name: CONTEXT
+            value: "$(params.JOB_NAME)"
+          - name: REPO_FULL_NAME
+            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
+          - name: GITEA_HOST_URL
+            value: code.fizz.buzz
+          - name: SHA
+            value: "$(tasks.fetch-repository.results.commit)"
+          - name: DESCRIPTION
+            value: "Build $(params.JOB_NAME) has started"
+          - name: STATE
+            value: pending
+          - name: TARGET_URL
+            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
+      - name: fetch-repository
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/git-clone/0.9/git-clone.yaml
+        workspaces:
+          - name: output
+            workspace: git-source
+        params:
+          - name: url
+            value: $(params.REPO_URL)
+          - name: revision
+            value: $(params.PULL_BASE_SHA)
+          - name: deleteExisting
+            value: "true"
+      - name: build-image
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
+            - name: revision
+              value: 7ee31a185243ee6da13dcd26a592c585b64c80e5
+            - name: pathInRepo
+              value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
+        params:
+          - name: OUTPUT
+            value: >-
+              type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.get-time.results.unix-time)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
+          - name: CONTEXT
+            value: $(params.path-to-image-context)
+          - name: DOCKERFILE
+            value: $(params.path-to-dockerfile)
+          - name: EXTRA_ARGS
+            value:
+              - --import-cache
+              - "type=registry,ref=$(params.image-name):buildcache"
+              - --export-cache
+              - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
+              - --opt
+              - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
+          - name: BUILDKITD_TOML
+            value: |
+              debug = true
+              [registry."docker.io"]
+                mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
+              [registry."dockerhub.dockerhub.svc.cluster.local"]
+                http = true
+                insecure = true
+        workspaces:
+          - name: source
+            workspace: git-source
+          - name: dockerconfig
+            workspace: docker-credentials
+        runAfter:
+          - fetch-repository
+    finally:
+      - name: report-success
+        when:
+          - input: "$(tasks.status)"
+            operator: in
+            values: ["Succeeded", "Completed"]
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/gitea-set-status/0.1/gitea-set-status.yaml
+        params:
+          - name: CONTEXT
+            value: "$(params.JOB_NAME)"
+          - name: REPO_FULL_NAME
+            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
+          - name: GITEA_HOST_URL
+            value: code.fizz.buzz
+          - name: SHA
+            value: "$(tasks.fetch-repository.results.commit)"
+          - name: DESCRIPTION
+            value: "Build $(params.JOB_NAME) has succeeded"
+          - name: STATE
+            value: success
+          - name: TARGET_URL
+            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
+      - name: report-failure
+        when:
+          - input: "$(tasks.status)"
+            operator: in
+            values: ["Failed"]
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/gitea-set-status/0.1/gitea-set-status.yaml
+        params:
+          - name: CONTEXT
+            value: "$(params.JOB_NAME)"
+          - name: REPO_FULL_NAME
+            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
+          - name: GITEA_HOST_URL
+            value: code.fizz.buzz
+          - name: SHA
+            value: "$(tasks.fetch-repository.results.commit)"
+          - name: DESCRIPTION
+            value: "Build $(params.JOB_NAME) has failed"
+          - name: STATE
+            value: failure
+          - name: TARGET_URL
+            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
+    workspaces:
+      - name: git-source
+      - name: docker-credentials
+  workspaces:
+    - name: git-source
+      volumeClaimTemplate:
+        spec:
+          storageClassName: "nfs-client"
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 10Gi
+      subPath: rust-source
+    - name: docker-credentials
+      secret:
+        secretName: harbor-plain
+  params:
+    - name: image-name
+      value: "harbor.fizz.buzz/private/homepage-staging"
+    - name: target-name
+      value: ""
+    - name: path-to-image-context
+      value: .
+    - name: path-to-dockerfile
+      value: docker/server

.webhook_bridge/pipeline-build-homepage.yaml

@@ -0,0 +1,256 @@
+apiVersion: tekton.dev/v1
+kind: PipelineRun
+metadata:
+  name: build-homepage
+spec:
+  timeouts:
+    pipeline: "2h0m0s"
+    tasks: "1h0m0s"
+    finally: "0h30m0s"
+  taskRunTemplate:
+    serviceAccountName: build-bot
+  pipelineSpec:
+    params:
+      - name: image-name
+        description: The name for the built image
+        type: string
+      - name: target-name
+        description: The dockerfile target to build
+        type: string
+      - name: path-to-image-context
+        description: The path to the build context
+        type: string
+      - name: path-to-dockerfile
+        description: The path to the Dockerfile
+        type: string
+    tasks:
+      - name: get-git-commit-time
+        taskSpec:
+          metadata: {}
+          stepTemplate:
+            image: alpine:3.20
+            computeResources:
+              requests:
+                cpu: 10m
+                memory: 600Mi
+            workingDir: "$(workspaces.repo.path)"
+          results:
+            - name: unix-time
+              description: The time of the git commit in unix timestamp format.
+          steps:
+            - image: alpine/git:v2.34.2
+              name: detect-tag-step
+              script: |
+                #!/usr/bin/env sh
+                set -euo pipefail
+                echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
+        workspaces:
+          - name: repo
+            workspace: git-source
+        runAfter:
+          - fetch-repository
+      - name: detect-tag
+        taskSpec:
+          metadata: {}
+          stepTemplate:
+            image: alpine:3.20
+            computeResources:
+              requests:
+                cpu: 10m
+                memory: 600Mi
+            workingDir: "$(workspaces.repo.path)"
+          results:
+            - name: tag
+              description: The tag to use for the docker container.
+          steps:
+            - image: alpine/git:v2.34.2
+              name: detect-tag-step
+              script: |
+                #!/usr/bin/env sh
+                set -euo pipefail
+                git fetch --tags
+                current_tag=$(git tag --points-at HEAD --list 'v*.*.*')
+                if [ -z "$current_tag" ]; then
+                  echo "No tag at current commit"
+                  exit 1
+                else
+                  echo -n "${current_tag}" | tee $(results.tag.path)
+                fi
+        workspaces:
+          - name: repo
+            workspace: git-source
+        runAfter:
+          - fetch-repository
+      - name: report-pending
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/gitea-set-status/0.1/gitea-set-status.yaml
+        runAfter:
+          - fetch-repository
+        params:
+          - name: CONTEXT
+            value: "$(params.JOB_NAME)"
+          - name: REPO_FULL_NAME
+            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
+          - name: GITEA_HOST_URL
+            value: code.fizz.buzz
+          - name: SHA
+            value: "$(tasks.fetch-repository.results.commit)"
+          - name: DESCRIPTION
+            value: "Build $(params.JOB_NAME) has started"
+          - name: STATE
+            value: pending
+          - name: TARGET_URL
+            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
+      - name: fetch-repository
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/git-clone/0.9/git-clone.yaml
+        workspaces:
+          - name: output
+            workspace: git-source
+        params:
+          - name: url
+            value: $(params.REPO_URL)
+          - name: revision
+            value: $(params.PULL_BASE_SHA)
+          - name: deleteExisting
+            value: "true"
+      - name: build-image
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
+            - name: revision
+              value: 7ee31a185243ee6da13dcd26a592c585b64c80e5
+            - name: pathInRepo
+              value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
+        params:
+          - name: OUTPUT
+            value: >-
+              type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.detect-tag.results.tag)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
+          - name: CONTEXT
+            value: $(params.path-to-image-context)
+          - name: DOCKERFILE
+            value: $(params.path-to-dockerfile)
+          - name: EXTRA_ARGS
+            value:
+              - --import-cache
+              - "type=registry,ref=$(params.image-name):buildcache"
+              - --export-cache
+              - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
+              - --opt
+              - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
+          - name: BUILDKITD_TOML
+            value: |
+              debug = true
+              [registry."docker.io"]
+                mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
+              [registry."dockerhub.dockerhub.svc.cluster.local"]
+                http = true
+                insecure = true
+        workspaces:
+          - name: source
+            workspace: git-source
+          - name: dockerconfig
+            workspace: docker-credentials
+        runAfter:
+          - fetch-repository
+    finally:
+      - name: report-success
+        when:
+          - input: "$(tasks.status)"
+            operator: in
+            values: ["Succeeded", "Completed"]
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/gitea-set-status/0.1/gitea-set-status.yaml
+        params:
+          - name: CONTEXT
+            value: "$(params.JOB_NAME)"
+          - name: REPO_FULL_NAME
+            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
+          - name: GITEA_HOST_URL
+            value: code.fizz.buzz
+          - name: SHA
+            value: "$(tasks.fetch-repository.results.commit)"
+          - name: DESCRIPTION
+            value: "Build $(params.JOB_NAME) has succeeded"
+          - name: STATE
+            value: success
+          - name: TARGET_URL
+            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
+      - name: report-failure
+        when:
+          - input: "$(tasks.status)"
+            operator: in
+            values: ["Failed"]
+        taskRef:
+          resolver: git
+          params:
+            - name: url
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
+            - name: revision
+              value: df36b3853a5657fd883015cdbf07ad6466918acf
+            - name: pathInRepo
+              value: task/gitea-set-status/0.1/gitea-set-status.yaml
+        params:
+          - name: CONTEXT
+            value: "$(params.JOB_NAME)"
+          - name: REPO_FULL_NAME
+            value: "$(params.REPO_OWNER)/$(params.REPO_NAME)"
+          - name: GITEA_HOST_URL
+            value: code.fizz.buzz
+          - name: SHA
+            value: "$(tasks.fetch-repository.results.commit)"
+          - name: DESCRIPTION
+            value: "Build $(params.JOB_NAME) has failed"
+          - name: STATE
+            value: failure
+          - name: TARGET_URL
+            value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)"
+    workspaces:
+      - name: git-source
+      - name: docker-credentials
+  workspaces:
+    - name: git-source
+      volumeClaimTemplate:
+        spec:
+          storageClassName: "nfs-client"
+          accessModes:
+            - ReadWriteOnce
+          resources:
+            requests:
+              storage: 10Gi
+      subPath: rust-source
+    - name: docker-credentials
+      secret:
+        secretName: harbor-plain
+  params:
+    - name: image-name
+      value: "harbor.fizz.buzz/private/homepage"
+    - name: target-name
+      value: ""
+    - name: path-to-image-context
+      value: .
+    - name: path-to-dockerfile
+      value: docker/server

.webhook_bridge/pipeline-semver.yaml

@@ -1,8 +1,14 @@
-apiVersion: tekton.dev/v1beta1
+apiVersion: tekton.dev/v1
 kind: PipelineRun
 metadata:
   name: semver
 spec:
+  timeouts:
+    pipeline: "2h0m0s"
+    tasks: "1h0m0s"
+    finally: "0h30m0s"
+  taskRunTemplate:
+    serviceAccountName: build-bot
   pipelineSpec:
     params:
       - name: REPO_OWNER
@@ -20,16 +26,15 @@ spec:
     tasks:
       - name: calculate-tag
         runAfter:
-          - report-pending
+          - fetch-repository
         workspaces:
           - name: source
             workspace: git-source
         taskSpec:
           metadata: {}
           stepTemplate:
-            image: alpine:3.19
-            name: ""
-            resources:
+            image: alpine:3.20
+            computeResources:
               requests:
                 cpu: 10m
                 memory: 600Mi
@@ -67,13 +72,11 @@ spec:
           resolver: git
           params:
             - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
             - name: revision
               value: df36b3853a5657fd883015cdbf07ad6466918acf
             - name: pathInRepo
               value: task/gitea-set-status/0.1/gitea-set-status.yaml
-        runAfter:
-          - fetch-repository
         params:
           - name: CONTEXT
             value: "$(params.JOB_NAME)"
@@ -94,7 +97,7 @@ spec:
           resolver: git
           params:
             - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
             - name: revision
               value: df36b3853a5657fd883015cdbf07ad6466918acf
             - name: pathInRepo
@@ -119,7 +122,7 @@ spec:
           resolver: git
           params:
             - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
             - name: revision
               value: df36b3853a5657fd883015cdbf07ad6466918acf
             - name: pathInRepo
@@ -148,7 +151,7 @@ spec:
           resolver: git
           params:
             - name: url
-              value: https://github.com/tektoncd/catalog.git
+              value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
             - name: revision
               value: df36b3853a5657fd883015cdbf07ad6466918acf
             - name: pathInRepo
@@ -181,6 +184,4 @@ spec:
             requests:
               storage: 10Gi
       subPath: source
-  serviceAccountName: build-bot
-  timeout: 240h0m0s
   params: []

.webhook_bridge/webhook_bridge.toml

@@ -0,0 +1,19 @@
+version = "0.0.1"
+
+[[push]]
+  name = "build"
+  source = "pipeline-build-homepage.yaml"
+  clone_uri = "git@code.fizz.buzz:talexander/homepage.git"
+  branches = [ "^v[0-9]+\\.[0-9]+\\.[0-9]+$" ]
+
+[[push]]
+  name = "build-staging"
+  source = "pipeline-build-homepage-staging.yaml"
+  clone_uri = "git@code.fizz.buzz:talexander/homepage.git"
+  skip_branches = [ "^v[0-9]+\\.[0-9]+\\.[0-9]+$" ]
+
+[[push]]
+  name = "semver"
+  source = "pipeline-semver.yaml"
+  clone_uri = "git@code.fizz.buzz:talexander/homepage.git"
+  branches = [ "^main$", "^master$" ]

docker/organic/Dockerfile

@@ -1,7 +0,0 @@
-FROM rustlang/rust:nightly-alpine3.19
-
-RUN apk add --no-cache musl-dev make bash
-RUN rustup target add wasm32-unknown-unknown
-RUN cargo install wasm-bindgen-cli
-
-CMD ["make", "wasm"]

docker/organic/Makefile

@@ -1,52 +0,0 @@
-SHELL := bash
-.ONESHELL:
-.SHELLFLAGS := -eu -o pipefail -c
-.DELETE_ON_ERROR:
-MAKEFLAGS += --warn-undefined-variables
-MAKEFLAGS += --no-builtin-rules
-OS:=$(shell uname -s)
-
-ifeq ($(origin .RECIPEPREFIX), undefined)
-  $(error This Make does not support .RECIPEPREFIX. Please use GNU Make 4.0 or later)
-endif
-.RECIPEPREFIX = >
-
-IMAGE_NAME:=homepage-build-organic
-# REMOTE_REPO:=harbor.fizz.buzz/private
-TARGET :=
-
-.PHONY: help
-help:
-> @grep -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -E 's/^([^:]*): *## */\1:  /'
-
-.PHONY: build
-build: ## Build the docker image.
-> docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../
-
-.PHONY: push
-push: ## Push the docker image to a remote repository.
-ifdef REMOTE_REPO
-> docker tag $(IMAGE_NAME) $(REMOTE_REPO)/$(IMAGE_NAME)
-> docker push $(REMOTE_REPO)/$(IMAGE_NAME)
-else
-> @echo "REMOTE_REPO not defined, not pushing to a remote repo."
-endif
-
-.PHONY: clean
-clean:
-> docker rmi $(IMAGE_NAME)
-ifdef REMOTE_REPO
-> docker rmi $(REMOTE_REPO)/$(IMAGE_NAME)
-else
-> @echo "REMOTE_REPO not defined, not removing from remote repo."
-endif
-
-.PHONY: run
-run: build
-run: ## Launch the docker image
-> docker run --rm -i -t $(IMAGE_NAME)
-
-.PHONY: shell
-shell: ## Launch an interactive shell inside the docker image.
-shell: build
-> docker run --rm -i -t --entrypoint /bin/bash --mount type=tmpfs,destination=/tmp $(IMAGE_NAME)

docker/server/Dockerfile

@@ -1,10 +1,62 @@
-FROM harbor.fizz.buzz/private/natter:latest AS builder
+# syntax=docker/dockerfile:1
+ARG ALPINE_VERSION="3.20"
 
-COPY . /source
-RUN ls /source/
-RUN natter build --config /source/natter.toml
 
-FROM alpine:3.19 AS server
+
+FROM scratch AS private
+ADD git@code.fizz.buzz:talexander/homepage_private.git /homepage_private
+
+
+
+FROM scratch AS explorer
+ADD https://code.fizz.buzz/talexander/organic_ast_explorer.git /organic_ast_explorer
+
+
+
+FROM scratch AS organic
+ADD git@code.fizz.buzz:talexander/organic.git /organic
+
+
+
+FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS organic-build
+RUN apk add --no-cache musl-dev make bash
+RUN rustup target add wasm32-unknown-unknown
+RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install wasm-bindgen-cli
+COPY --link --from=organic /organic /organic
+WORKDIR /organic
+RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked make wasm
+
+
+
+FROM node:lts-alpine$ALPINE_VERSION AS explorer-build
+COPY --link --from=explorer /organic_ast_explorer /organic_ast_explorer
+COPY --link --from=organic-build /organic /organic
+WORKDIR /organic_ast_explorer
+RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/npmcache,sharing=locked npm set cache /npmcache && npm install
+RUN npm run release
+
+
+
+
+FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS natter-build
+RUN apk add --no-cache musl-dev
+ADD git@code.fizz.buzz:talexander/natter.git /natter
+WORKDIR /natter
+RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked CARGO_TARGET_DIR=/target cargo build --profile release-lto
+
+
+
+FROM alpine:$ALPINE_VERSION AS natter
+COPY --link --from=natter-build /target/release-lto/natter /usr/bin/
+COPY --link . /source
+COPY --link --from=private /homepage_private/static/* /source/static/
+COPY --link --from=explorer-build /organic_ast_explorer/dist/* /source/static/organic/ast_explorer/
+RUN --network=none --mount=type=tmpfs,target=/tmp natter build --config /source/natter.toml
+
+
+
+
+FROM alpine:$ALPINE_VERSION AS server
 
 RUN apk add --no-cache bash nginx
 RUN addgroup web && adduser -D -G web web && install -d -D -o web -g web -m 700 /srv/http/public
@@ -12,6 +64,6 @@ RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/
 
 COPY --chown=web:web docker/server/nginx.conf /srv/http
 COPY --chown=web:web docker/server/headers.include /srv/http
-COPY --from=builder --chown=web:web /source/output/ /srv/http/public/
+COPY --from=natter --chown=web:web /source/output/ /srv/http/public/
 
 ENTRYPOINT ["/usr/sbin/nginx", "-c", "/srv/http/nginx.conf", "-e", "stderr", "-g", "daemon off;"]

docker/server/Makefile

@@ -21,7 +21,7 @@ help:
 
 .PHONY: build
 build: ## Build the docker image.
-> docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../
+> docker build --ssh default --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../
 
 .PHONY: push
 push: ## Push the docker image to a remote repository.

docker/server/nginx.conf

@@ -31,6 +31,9 @@ http {
         root /srv/http/public;
 
         location / {
+            try_files $uri $uri/ =404;
+            autoindex on;
+
             index index.html index.htm;
             if (-d $request_filename) {
                 rewrite [^/]$ $http_x_forwarded_proto://$http_host$uri/ redirect;

pages/index.org

@@ -12,7 +12,7 @@ Links:
 - My personal repos: [[https://code.fizz.buzz/explore/repos][code.fizz.buzz]]
 - LinkedIn: https://www.linkedin.com/in/tom-alexander-b6a18216/
 - GitHub: https://github.com/tomalexander
-- Resume: https://fizz.buzz/resume.pdf
+- Resume: https://fizz.buzz/tom_alexander_resume.pdf
 - PGP Key: https://fizz.buzz/pgp.asc
 
 * Why is your website the way it is?