dev/tekton-demo
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
icurfer
2025-08-04 06:26:23 +00:00
parent 7dc67ca8ac
commit e6c919ec2f
13 changed files with 242 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
sample-build/01-serviceaccount.yaml Normal file
View File

@ -0,0 +1,64 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-triggers-sa
namespace: tekton-demo
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: tekton-build-role
namespace: tekton-demo
rules:
- apiGroups: ["", "apps", "tekton.dev", "triggers.tekton.dev"]
resources: ["pods", "pipelineruns", "tasks", "events"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: tekton-build-sa-binding
namespace: tekton-demo
subjects:
- kind: ServiceAccount
name: tekton-build-sa
roleRef:
kind: Role
name: tekton-build-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-build-sa
namespace: tekton-demo
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: tekton-triggers-role
rules:
- apiGroups: [""] # core API
resources: ["pods", "services", "endpoints", "configmaps", "secrets"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["triggers.tekton.dev"]
resources: ["eventlisteners", "triggerbindings", "triggertemplates", "triggers"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tekton-build-sa-binding
subjects:
- kind: ServiceAccount
name: tekton-build-sa
namespace: tekton-demo
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin

27
sample-build/02-task-build.yaml Normal file
View File

@ -0,0 +1,27 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: build-image
namespace: tekton-demo
spec:
params:
- name: IMAGE
type: string
description: Image name to build
steps:
- name: build-and-push
image: gcr.io/kaniko-project/executor:latest
args:
- "--dockerfile=/workspace/source/Dockerfile"
- "--context=/workspace/source/"
- "--destination=$(params.IMAGE)"
volumeMounts:
- name: docker-config
mountPath: /kaniko/.docker
workspaces:
- name: source
volumes:
- name: docker-config
secret:
secretName: harbor-dockerconfig

10
sample-build/03-secret-dockerconfig.yaml.sample Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: Secret
metadata:
name: harbor-dockerconfig
namespace: tekton-demo
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {base64} # harbor 로그인 정보
# cat config.json | base64 -w 0

39
sample-build/04-task-build.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: build-image
namespace: tekton-demo
spec:
params:
- name: IMAGE
type: string
description: Image name to build
- name: GIT_URL
type: string
- name: GIT_REVISION
type: string
default: main
steps:
- name: clone
image: alpine/git
script: |
#!/bin/sh
git clone $(params.GIT_URL) /workspace/source
cd /workspace/source
git checkout $(params.GIT_REVISION)
- name: build-and-push
image: gcr.io/kaniko-project/executor:latest
args:
- "--dockerfile=/workspace/source/Dockerfile"
- "--context=/workspace/source/"
- "--destination=$(params.IMAGE)"
volumeMounts:
- name: docker-config
mountPath: /kaniko/.docker
workspaces:
- name: source
volumes:
- name: docker-config
secret:
secretName: harbor-dockerconfig

31
sample-build/05-pipeline-build.yaml Normal file
View File

@ -0,0 +1,31 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: pipeline-build
namespace: tekton-demo
spec:
params:
- name: IMAGE
type: string
- name: GIT_URL
type: string
- name: GIT_REVISION
type: string
default: main
workspaces:
- name: shared-data
tasks:
- name: build
taskRef:
name: build-image
params:
- name: IMAGE
value: $(params.IMAGE)
- name: GIT_URL
value: $(params.GIT_URL)
- name: GIT_REVISION
value: $(params.GIT_REVISION)
workspaces:
- name: source
workspace: shared-data

12
sample-build/06-trigger-binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: gitea-trigger-binding
namespace: tekton-demo
spec:
params:
- name: git-url
value: $(body.repository.clone_url)
- name: git-revision
value: $(body.ref)

36
sample-build/07-trigger-template.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: gitea-trigger-template
namespace: tekton-demo
spec:
params:
- name: git-url
- name: git-revision
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: build-run-
spec:
serviceAccountName: tekton-build-sa
pipelineRef:
name: pipeline-build
params:
- name: IMAGE
value: harbor.icurfer.com/open/tekton-demo:latest
- name: GIT_URL
value: $(params.git-url)
- name: GIT_REVISION
value: $(params.git-revision)
workspaces:
- name: shared-data
volumeClaimTemplate:
metadata:
name: source-pvc
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi

14
sample-build/08-event-listener.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: gitea-event-listener
namespace: tekton-demo
spec:
serviceAccountName: tekton-build-sa
triggers:
- name: gitea-trigger
bindings:
- ref: gitea-trigger-binding
template:
ref: gitea-trigger-template

12
sample-build/09.ing-proxy.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: el-tekton-demo-proxy
namespace: tekton-pipelines
spec:
type: ExternalName
externalName: el-gitea-event-listener.tekton-demo.svc.cluster.local
ports:
- port: 8080
targetPort: 8080
protocol: TCP