From 4beaff91aaa9c98ed10f83a5780c75463e3152ee Mon Sep 17 00:00:00 2001 From: Jawed khelil Date: Tue, 16 May 2023 16:04:00 +0200 Subject: [PATCH] deploy shipwright triggers via operator --- README.md | 1 + controllers/shipwrightbuild_controller.go | 4 +- .../shipwrightbuild_controller_test.go | 1 + controllers/shipwrightbuild_rbac.go | 4 + kodata/triggers.yaml | 214 ++++++++++++++++++ 5 files changed, 221 insertions(+), 3 deletions(-) create mode 100644 kodata/triggers.yaml diff --git a/README.md b/README.md index 0f87413d..9ddedc51 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,7 @@ IMAGE_SHIPWRIGHT_GIT_CONTAINER_IMAGE: defines the Shipwright Git Container Image IMAGE_SHIPWRIGHT_MUTATE_IMAGE_CONTAINER_IMAGE: defines the Shipwright Mutate Image to use IMAGE_SHIPWRIGHT_BUNDLE_CONTAINER_IMAGE: defines the Shipwright Bundle Image to use IMAGE_SHIPWRIGHT_WAITER_CONTAINER_IMAGE: defines the Shipwright Waiter Image to use +IMAGE_SHIPWRIGHT_SHIPWRIGHT_TRIGGERS: defines the Shipwright Triggers Image to use ## Contributing diff --git a/controllers/shipwrightbuild_controller.go b/controllers/shipwrightbuild_controller.go index 98732c2f..ec2e47d9 100644 --- a/controllers/shipwrightbuild_controller.go +++ b/controllers/shipwrightbuild_controller.go @@ -7,7 +7,6 @@ package controllers import ( "context" "fmt" - "path/filepath" "github.com/go-logr/logr" mfc "github.com/manifestival/controller-runtime-client" @@ -219,10 +218,9 @@ func (r *ShipwrightBuildReconciler) setupManifestival(managerLogger logr.Logger) if err != nil { return err } - buildManifest := filepath.Join(dataPath, "release.yaml") r.Manifest, err = manifestival.NewManifest( - buildManifest, + dataPath, manifestival.UseClient(client), manifestival.UseLogger(logger), ) diff --git a/controllers/shipwrightbuild_controller_test.go b/controllers/shipwrightbuild_controller_test.go index 06c99484..95376375 100644 --- a/controllers/shipwrightbuild_controller_test.go +++ b/controllers/shipwrightbuild_controller_test.go @@ -146,6 +146,7 @@ func testShipwrightBuildReconcilerReconcile(t *testing.T, targetNamespace string {"IMAGE_SHIPWRIGHT_WAITER_CONTAINER_IMAGE", "ghcr.io/shipwright-io/build/waiter:nightly-2023-05-05-1683263383"}, {"IMAGE_SHIPWRIGHT_MUTATE_IMAGE_CONTAINER_IMAGE", "ghcr.io/shipwright-io/build/mutate-image:nightly-2023-04-18-1681794585"}, {"IMAGE_SHIPWRIGHT_BUNDLE_CONTAINER_IMAGE", "ghcr.io/shipwright-io/build/bundle:nightly-2023-05-05-1683263383"}, + {"IMAGE_SHIPWRIGHT_SHIPWRIGHT_TRIGGERS", "quay.io/jkhelil/openshift-builds-triggers"}, } t.Logf("Deploying Shipwright Controller against '%s' namespace", targetNamespace) diff --git a/controllers/shipwrightbuild_rbac.go b/controllers/shipwrightbuild_rbac.go index b0215530..e6980406 100644 --- a/controllers/shipwrightbuild_rbac.go +++ b/controllers/shipwrightbuild_rbac.go @@ -26,3 +26,7 @@ package controllers // +kubebuilder:rbac:groups=operator.shipwright.io,resources=shipwrightbuilds/finalizers,verbs=update // +kubebuilder:rbac:groups=operator.shipwright.io,resources=shipwrightbuilds/status,verbs=get;update;patch // +kubebuilder:rbac:groups=operator.tekton.dev,resources=tektonconfigs,verbs=get;list;create +// +kubebuilder:rbac:groups=operator.tekton.dev,resources=customruns,verbs=get;list;watch +// +kubebuilder:rbac:groups=operator.tekton.dev,resources=customruns/finalizers,verbs=patch;update +// +kubebuilder:rbac:groups=operator.tekton.dev,resources=customruns/status,verbs=patch;update +// +kubebuilder:rbac:groups=operator.tekton.dev,resources=pipelineruns,verbs=get;list;patch;update;watch diff --git a/kodata/triggers.yaml b/kodata/triggers.yaml new file mode 100644 index 00000000..e9d6abca --- /dev/null +++ b/kodata/triggers.yaml @@ -0,0 +1,214 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + namespace: shipwright-build + name: shipwright-triggers + labels: + app.kubernetes.io/name: shipwright-triggers +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: shipwright-triggers + name: shipwright-triggers +rules: + - apiGroups: + - shipwright.io + resources: + - buildruns + verbs: + - create + - get + - list + - update + - watch + - apiGroups: + - shipwright.io + resources: + - builds + verbs: + - get + - list + - watch + - apiGroups: + - tekton.dev + resources: + - customruns + verbs: + - get + - list + - watch + - apiGroups: + - tekton.dev + resources: + - customruns/finalizers + verbs: + - patch + - update + - apiGroups: + - tekton.dev + resources: + - customruns/status + verbs: + - patch + - update + - apiGroups: + - tekton.dev + resources: + - pipelineruns + verbs: + - get + - list + - patch + - update + - watch +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: shipwright-triggers + labels: + app.kubernetes.io/name: shipwright-triggers +subjects: + - kind: ServiceAccount + namespace: shipwright-build + name: shipwright-triggers +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: shipwright-triggers +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: shipwright-build + labels: + app.kubernetes.io/name: shipwright-triggers + name: shipwright-triggers +rules: + - apiGroups: + - shipwright.io + resources: + - buildruns + verbs: + - create + - get + - list + - update + - watch + - apiGroups: + - shipwright.io + resources: + - builds + verbs: + - get + - list + - watch + - apiGroups: + - tekton.dev + resources: + - customruns + verbs: + - get + - list + - watch + - apiGroups: + - tekton.dev + resources: + - customruns/finalizers + verbs: + - patch + - update + - apiGroups: + - tekton.dev + resources: + - customruns/status + verbs: + - patch + - update + - apiGroups: + - tekton.dev + resources: + - pipelineruns + verbs: + - get + - list + - patch + - update + - watch +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + namespace: shipwright-build + name: shipwright-triggers + labels: + app.kubernetes.io/name: shipwright-triggers +subjects: + - kind: ServiceAccount + namespace: shipwright-build + name: shipwright-triggers +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: shipwright-triggers +--- +apiVersion: v1 +kind: Service +metadata: + namespace: shipwright-build + name: shipwright-triggers + labels: + app.kubernetes.io/name: shipwright-triggers +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: shipwright-triggers +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: shipwright-build + name: shipwright-triggers + labels: + app.kubernetes.io/name: shipwright-triggers +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: shipwright-triggers + template: + metadata: + labels: + app.kubernetes.io/name: shipwright-triggers + spec: + serviceAccountName: shipwright-triggers + containers: + - name: shipwright-triggers + image: "quay.io/jkhelil/openshift-builds-triggers:latest" + args: + - --health-probe-bind-address + - ":8081" + imagePullPolicy: IfNotPresent + ports: + - name: webhook + containerPort: 80 + protocol: TCP + - name: probe + containerPort: 8081 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: probe + readinessProbe: + httpGet: + path: /readyz + port: probe