nicolas
/
demo-appdev
mirror of https://github.com/nmasse-itix/demo-appdev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Demo of Application Development with OpenShift
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13 Commits
2 Branches
0 Tags
88 KiB
 
 
Tree: e22f8c9a98
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e22f8c9a98'
${ noResults }
demo-appdev/k8s/triggers.yaml

158 lines
3.6 KiB
Raw Blame History

apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-listener
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: tekton-listener
rules:
# EventListeners need to be able to fetch all namespaced resources
- apiGroups: ["triggers.tekton.dev"]
resources: ["eventlisteners", "triggerbindings", "triggertemplates", "triggers", "clusterinterceptors"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
# secrets are only needed for GitHub/GitLab interceptors
# configmaps is needed for updating logging config
resources: ["configmaps", "secrets"]
verbs: ["get", "list", "watch"]
# Permissions to create resources in associated TriggerTemplates
- apiGroups: ["tekton.dev"]
resources: ["pipelineruns", "pipelineresources", "taskruns"]
verbs: ["create"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["impersonate"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tekton-listener
subjects:
- kind: ServiceAccount
name: tekton-listener
namespace: demo-appdev
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-triggers-eventlistener-clusterroles
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: tekton-listener
subjects:
- kind: ServiceAccount
name: tekton-listener
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: tekton-listener
---
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: demo-appdev
spec:
params:
- name: gitRepositoryURL
description: The git repository url
- name: gitRevision
description: The git revision to checkout
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: demo-appdev-
spec:
serviceAccountName: tekton-robot
pipelineRef:
name: demo-appdev
params:
- name: gitRepositoryURL
value: $(tt.params.gitRepositoryURL)
- name: outputContainerImage
value: image-registry.openshift-image-registry.svc:5000/demo-appdev/function
workspaces:
- name: scratch
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: demo-appdev
spec:
params:
- name: gitRepositoryURL
value: $(body.repository.url)
- name: gitRevision
value: $(body.head_commit.id)
---
apiVersion: v1
kind: Secret
metadata:
name: github-secret
type: Opaque
stringData:
sharedSecret: "secret"
---
apiVersion: triggers.tekton.dev/v1beta1
kind: Trigger
metadata:
name: demo-appdev
spec:
serviceAccountName: tekton-listener
interceptors:
- ref:
name: "github"
kind: ClusterInterceptor
apiVersion: triggers.tekton.dev
params:
- name: "secretRef"
value:
secretName: github-secret
secretKey: sharedSecret
- name: "eventTypes"
value: ["push"]
- ref:
name: "cel"
kind: ClusterInterceptor
apiVersion: triggers.tekton.dev
params:
- name: "filter"
value: "body.ref == 'refs/heads/main'"
bindings:
- ref: demo-appdev
template:
ref: demo-appdev
---
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: demo-appdev
spec:
serviceAccountName: tekton-listener
triggers:
- triggerRef: demo-appdev
---
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: el-demo-appdev
spec:
port:
targetPort: 8080
tls:
insecureEdgeTerminationPolicy: Redirect
termination: Edge
to:
kind: Service
name: el-demo-appdev
weight: 100