Skip to content

Commit

Permalink
change api version
Browse files Browse the repository at this point in the history
  • Loading branch information
akihikokuroda authored and tekton-robot committed Mar 26, 2020
1 parent 28e6565 commit 0fc59e0
Show file tree
Hide file tree
Showing 6 changed files with 108 additions and 111 deletions.
79 changes: 39 additions & 40 deletions docs/create-ingress.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: tekton.dev/v1alpha1
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: create-ingress
Expand All @@ -7,24 +7,23 @@ spec:
- name: work
emptyDir: {}

inputs:
params:
- name: CreateCertificate
description: "Enables/disables the creation of a self-signed certificate for $(inputs.params.ExternalDomain)"
default: "true"
- name: CertificateKeyPassphrase
description: "Phrase that protects private key. This must be provided when the self-signed certificate is created"
- name: CertificateSecretName
description: "Secret name for Ingress certificate. The Secret should not exist if the self-signed certificate creation is enabled"
- name: ExternalDomain
description: "The external domain for the EventListener e.g. `$(inputs.params.EventListenerName).PROXYIP.nip.io`"
- name: Service
description: "The name of the Service used in the Ingress. This will also be the name of the Ingress."
- name: ServicePort
description: "The service port that the ingress is being created on"
- name: ServiceUID
description: "The uid of the service. If set, this creates an owner reference on the service"
default: ""
params:
- name: CreateCertificate
description: "Enables/disables the creation of a self-signed certificate for $(params.ExternalDomain)"
default: "true"
- name: CertificateKeyPassphrase
description: "Phrase that protects private key. This must be provided when the self-signed certificate is created"
- name: CertificateSecretName
description: "Secret name for Ingress certificate. The Secret should not exist if the self-signed certificate creation is enabled"
- name: ExternalDomain
description: "The external domain for the EventListener e.g. `$(params.EventListenerName).PROXYIP.nip.io`"
- name: Service
description: "The name of the Service used in the Ingress. This will also be the name of the Ingress."
- name: ServicePort
description: "The service port that the ingress is being created on"
- name: ServiceUID
description: "The uid of the service. If set, this creates an owner reference on the service"
default: ""

steps:
- name: generate-certificate
Expand All @@ -40,13 +39,13 @@ spec:
set -e
cat <<EOF | sh
#!/bin/sh
if [ $(inputs.params.CreateCertificate) = "false" ];then
if [ $(params.CreateCertificate) = "false" ];then
exit 0
fi
mkdir /var/tmp/work/ingress
openssl genrsa -des3 -out /var/tmp/work/ingress/key.pem -passout pass:$(inputs.params.CertificateKeyPassphrase) 2048
openssl req -x509 -new -nodes -key /var/tmp/work/ingress/key.pem -sha256 -days 1825 -out /var/tmp/work/ingress/certificate.pem -passin pass:$(inputs.params.CertificateKeyPassphrase) -subj /CN=$(inputs.params.ExternalDomain)
openssl rsa -in /var/tmp/work/ingress/key.pem -out /var/tmp/work/ingress/key.pem -passin pass:$(inputs.params.CertificateKeyPassphrase)
openssl genrsa -des3 -out /var/tmp/work/ingress/key.pem -passout pass:$(params.CertificateKeyPassphrase) 2048
openssl req -x509 -new -nodes -key /var/tmp/work/ingress/key.pem -sha256 -days 1825 -out /var/tmp/work/ingress/certificate.pem -passin pass:$(params.CertificateKeyPassphrase) -subj /CN=$(params.ExternalDomain)
openssl rsa -in /var/tmp/work/ingress/key.pem -out /var/tmp/work/ingress/key.pem -passin pass:$(params.CertificateKeyPassphrase)
EOF
- name: create-certificate-secret
image: lachlanevenson/k8s-kubectl:latest
Expand All @@ -61,10 +60,10 @@ spec:
set -e
cat <<EOF | sh
#!/bin/sh
if [ $(inputs.params.CreateCertificate) = "false" ];then
if [ $(params.CreateCertificate) = "false" ];then
exit 0
fi
kubectl create secret tls $(inputs.params.CertificateSecretName) --cert=/var/tmp/work/ingress/certificate.pem --key=/var/tmp/work/ingress/key.pem || true
kubectl create secret tls $(params.CertificateSecretName) --cert=/var/tmp/work/ingress/certificate.pem --key=/var/tmp/work/ingress/key.pem || true
EOF
- name: create-ingress
image: lachlanevenson/k8s-kubectl:latest
Expand All @@ -74,47 +73,47 @@ spec:
- -ce
- |
set -e
if [ -n "$(inputs.params.ServiceUID)" ];then
if [ -n "$(params.ServiceUID)" ];then
cat <<EOF | kubectl create -f - || true
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: $(inputs.params.Service)
name: $(params.Service)
ownerReferences:
- name: $(inputs.params.Service)
- name: $(params.Service)
apiVersion: v1
kind: Service
uid: $(inputs.params.ServiceUID)
uid: $(params.ServiceUID)
spec:
tls:
- secretName: $(inputs.params.CertificateSecretName)
- secretName: $(params.CertificateSecretName)
hosts:
- $(inputs.params.ExternalDomain)
- $(params.ExternalDomain)
rules:
- host: $(inputs.params.ExternalDomain)
- host: $(params.ExternalDomain)
http:
paths:
- backend:
serviceName: $(inputs.params.Service)
servicePort: $(inputs.params.ServicePort)
serviceName: $(params.Service)
servicePort: $(params.ServicePort)
EOF
else
cat <<EOF | kubectl create -f - || true
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: $(inputs.params.Service)
name: $(params.Service)
spec:
tls:
- secretName: $(inputs.params.CertificateSecretName)
- secretName: $(params.CertificateSecretName)
hosts:
- $(inputs.params.ExternalDomain)
- $(params.ExternalDomain)
rules:
- host: $(inputs.params.ExternalDomain)
- host: $(params.ExternalDomain)
http:
paths:
- backend:
serviceName: $(inputs.params.Service)
servicePort: $(inputs.params.ServicePort)
serviceName: $(params.Service)
servicePort: $(params.ServicePort)
EOF
fi
53 changes: 26 additions & 27 deletions docs/create-webhook.yaml
Original file line number Diff line number Diff line change
@@ -1,35 +1,34 @@
apiVersion: tekton.dev/v1alpha1
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: create-webhook
spec:
volumes:
- name: github-secret
secret:
secretName: $(inputs.params.GitHubSecretName)
secretName: $(params.GitHubSecretName)

inputs:
params:
- name: ExternalDomain
description: "The external domain for the EventListener e.g. `$(inputs.params.EventListenerName).<PROXYIP>.nip.io`"
- name: GitHubUser
description: "The GitHub user"
- name: GitHubRepo
description: "The GitHub repo where the webhook will be created"
- name: GitHubOrg
description: "The GitHub organization where the webhook will be created"
- name: GitHubSecretName
description: "The Secret name for GitHub access token. This is always mounted and must exist"
- name: GitHubAccessTokenKey
description: "The GitHub access token key name"
- name: GitHubSecretStringKey
description: "The GitHub secret string key name"
- name: GitHubDomain
description: "The GitHub domain. Override for GitHub Enterprise"
default: "github.com"
- name: WebhookEvents
description: "List of events the webhook will send notifications for"
default: '[\"push\",\"pull_request\"]'
params:
- name: ExternalDomain
description: "The external domain for the EventListener e.g. `$(params.EventListenerName).<PROXYIP>.nip.io`"
- name: GitHubUser
description: "The GitHub user"
- name: GitHubRepo
description: "The GitHub repo where the webhook will be created"
- name: GitHubOrg
description: "The GitHub organization where the webhook will be created"
- name: GitHubSecretName
description: "The Secret name for GitHub access token. This is always mounted and must exist"
- name: GitHubAccessTokenKey
description: "The GitHub access token key name"
- name: GitHubSecretStringKey
description: "The GitHub secret string key name"
- name: GitHubDomain
description: "The GitHub domain. Override for GitHub Enterprise"
default: "github.com"
- name: WebhookEvents
description: "List of events the webhook will send notifications for"
default: '[\"push\",\"pull_request\"]'
steps:
- name: create-webhook
image: pstauffer/curl:latest
Expand All @@ -43,8 +42,8 @@ spec:
- |
set -e
echo "Create Webhook"
if [ $(inputs.params.GitHubDomain) = "github.com" ];then
curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"https://$(inputs.params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
if [ $(params.GitHubDomain) = "github.com" ];then
curl -v -d "{\"name\": \"web\",\"active\": true,\"events\": $(params.WebhookEvents),\"config\": {\"url\": \"https://$(params.ExternalDomain)\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(params.GitHubSecretStringKey))\"}}" -X POST -u $(params.GitHubUser):$(cat /var/secret/$(params.GitHubAccessTokenKey)) -L https://api.github.com/repos/$(params.GitHubOrg)/$(params.GitHubRepo)/hooks
else
curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(inputs.params.WebhookEvents),\"config\": {\"url\": \"https://$(inputs.params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(inputs.params.GitHubSecretStringKey))\"}}" -X POST -u $(inputs.params.GitHubUser):$(cat /var/secret/$(inputs.params.GitHubAccessTokenKey)) -L https://$(inputs.params.GitHubDomain)/api/v3/repos/$(inputs.params.GitHubOrg)/$(inputs.params.GitHubRepo)/hooks
curl -d "{\"name\": \"web\",\"active\": true,\"events\": $(params.WebhookEvents),\"config\": {\"url\": \"https://$(params.ExternalDomain)/\",\"content_type\": \"json\",\"insecure_ssl\": \"1\" ,\"secret\": \"$(cat /var/secret/$(params.GitHubSecretStringKey))\"}}" -X POST -u $(params.GitHubUser):$(cat /var/secret/$(params.GitHubAccessTokenKey)) -L https://$(params.GitHubDomain)/api/v3/repos/$(params.GitHubOrg)/$(params.GitHubRepo)/hooks
fi
26 changes: 13 additions & 13 deletions docs/getting-started/ingress-run.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,18 @@ metadata:
spec:
taskRef:
name: create-ingress
params:
- name: CreateCertificate
value: "true"
- name: CertificateKeyPassphrase
value: asecretphrase
- name: CertificateSecretName
value: ingresssecret
- name: ExternalDomain
value: getting-started.iancoffey.com
- name: Service
value: getting-started
- name: ServicePort
value: "8080"
params:
- name: CreateCertificate
value: "true"
- name: CertificateKeyPassphrase
value: asecretphrase
- name: CertificateSecretName
value: ingresssecret
- name: ExternalDomain
value: getting-started.iancoffey.com
- name: Service
value: getting-started
- name: ServicePort
value: "8080"
timeout: 1000s
serviceAccountName: tekton-triggers-createwebhook
30 changes: 15 additions & 15 deletions docs/getting-started/webhook-run.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,20 +6,20 @@ metadata:
spec:
taskRef:
name: create-webhook
params:
- name: GitHubOrg
value: "iancoffey"
- name: GitHubUser
value: "iancoffey"
- name: GitHubRepo
value: "ulmaceae"
- name: GitHubSecretName
value: webhook-secret
- name: GitHubAccessTokenKey
value: token
- name: GitHubSecretStringKey
value: secret
- name: ExternalDomain
value: demo.iancoffey.com
params:
- name: GitHubOrg
value: "iancoffey"
- name: GitHubUser
value: "iancoffey"
- name: GitHubRepo
value: "ulmaceae"
- name: GitHubSecretName
value: webhook-secret
- name: GitHubAccessTokenKey
value: token
- name: GitHubSecretStringKey
value: secret
- name: ExternalDomain
value: demo.iancoffey.com
timeout: 1000s
serviceAccountName: tekton-triggers-createwebhook
2 changes: 1 addition & 1 deletion pkg/apis/triggers/v1alpha1/event_listener_validation.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ func (t *EventListenerTrigger) validate(ctx context.Context) *apis.FieldError {
}
}
if t.Template.Name == "" {
return apis.ErrMissingField(fmt.Sprintf("template.name"))
return apis.ErrMissingField("template.name")
}
for i, interceptor := range t.Interceptors {
if err := interceptor.validate(ctx).ViaField(fmt.Sprintf("interceptors[%d]", i)); err != nil {
Expand Down
29 changes: 14 additions & 15 deletions test/e2e-tests-ingress.sh
Original file line number Diff line number Diff line change
Expand Up @@ -140,27 +140,26 @@ EXTERNAL_DOMAIN="${SERVICE_NAME}.192.168.0.1.nip.io"

# Create Ingress using Ingress Task
cat << DONE | kubectl apply -f -
apiVersion: tekton.dev/v1alpha1
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: ${INGRESS_TASKRUN_NAME}
spec:
taskRef:
name: create-ingress
inputs:
params:
- name: CertificateKeyPassphrase
value: ${CERTIFICATE_KEY_PASSPHRASE}
- name: CertificateSecretName
value: ${CERTIFICATE_SECRET_NAME}
- name: ExternalDomain
value: ${EXTERNAL_DOMAIN}
- name: Service
value: ${SERVICE_NAME}
- name: ServicePort
value: "8080"
- name: ServiceUID
value: ${SERVICE_UID}
params:
- name: CertificateKeyPassphrase
value: ${CERTIFICATE_KEY_PASSPHRASE}
- name: CertificateSecretName
value: ${CERTIFICATE_SECRET_NAME}
- name: ExternalDomain
value: ${EXTERNAL_DOMAIN}
- name: Service
value: ${SERVICE_NAME}
- name: ServicePort
value: "8080"
- name: ServiceUID
value: ${SERVICE_UID}
timeout: 1000s
serviceAccountName: default
DONE
Expand Down

0 comments on commit 0fc59e0

Please sign in to comment.