diff --git a/apps/dev/kustomization.yaml b/apps/dev/kustomization.yaml index 200b63329..b3183d8cc 100644 --- a/apps/dev/kustomization.yaml +++ b/apps/dev/kustomization.yaml @@ -5,4 +5,4 @@ resources: - namespace.yaml - prow-crd.yaml - prow - # - tekton \ No newline at end of file + - tekton \ No newline at end of file diff --git a/apps/dev/tekton/configs.yaml b/apps/dev/tekton/configs.yaml index 521af0df4..d156ebfdd 100644 --- a/apps/dev/tekton/configs.yaml +++ b/apps/dev/tekton/configs.yaml @@ -10,7 +10,7 @@ spec: kind: GitRepository name: flux-system namespace: flux-system - path: ./apps/staging/tekton/configs + path: ./apps/dev/tekton/configs dependsOn: - name: tekton-setup namespace: apps diff --git a/apps/dev/tekton/ingress.yaml b/apps/dev/tekton/ingress.yaml new file mode 100644 index 000000000..46a747d83 --- /dev/null +++ b/apps/dev/tekton/ingress.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: tekton-ingress + namespace: apps +spec: + interval: 1m0s + sourceRef: + kind: GitRepository + name: flux-system + namespace: flux-system + path: ./apps/dev/tekton/ingress + dependsOn: + - name: tekton-setup + namespace: apps + - name: tekton-configs + namespace: apps + prune: true + postBuild: + substituteFrom: + - kind: Secret + name: tekton-ingress # should manual created in namespace `apps` + optional: true diff --git a/apps/dev/tekton/setup/ingress-dashboard.yaml b/apps/dev/tekton/ingress/ingress-dashboard.yaml similarity index 99% rename from apps/dev/tekton/setup/ingress-dashboard.yaml rename to apps/dev/tekton/ingress/ingress-dashboard.yaml index e0096cfd4..2f6a5a113 100644 --- a/apps/dev/tekton/setup/ingress-dashboard.yaml +++ b/apps/dev/tekton/ingress/ingress-dashboard.yaml @@ -25,3 +25,4 @@ spec: name: tekton-dashboard port: name: http + diff --git a/apps/dev/tekton/ingress/ingress-event-listener.yaml b/apps/dev/tekton/ingress/ingress-event-listener.yaml new file mode 100644 index 000000000..1e9b0480f --- /dev/null +++ b/apps/dev/tekton/ingress/ingress-event-listener.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: trigger-groups-listener + namespace: ee-cd + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /$2 +spec: + ingressClassName: nginx + rules: + - host: "${domain}" + http: + paths: + - pathType: Prefix + path: "${path_for_hook}(/|$)(.*)" + backend: + service: + name: el-trigger-groups-listener + port: + name: http-listener diff --git a/apps/dev/tekton/ingress/kustomization.yaml b/apps/dev/tekton/ingress/kustomization.yaml new file mode 100644 index 000000000..a26cdd164 --- /dev/null +++ b/apps/dev/tekton/ingress/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ingress-dashboard.yaml +- ingress-event-listener.yaml diff --git a/apps/dev/tekton/kustomization.yaml b/apps/dev/tekton/kustomization.yaml index df620cd43..391662efe 100644 --- a/apps/dev/tekton/kustomization.yaml +++ b/apps/dev/tekton/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - setup.yaml - configs.yaml + # - ingress.yaml \ No newline at end of file diff --git a/apps/dev/tekton/setup.yaml b/apps/dev/tekton/setup.yaml index fd0e3a1ef..eee43b28b 100644 --- a/apps/dev/tekton/setup.yaml +++ b/apps/dev/tekton/setup.yaml @@ -10,8 +10,9 @@ spec: kind: GitRepository name: flux-system namespace: flux-system - path: ./apps/staging/tekton/setup + path: ./apps/dev/tekton/setup prune: true + wait: true healthChecks: - apiVersion: apps/v1 kind: Deployment @@ -51,3 +52,33 @@ spec: name: tekton-ingress # should manual created in namespace `apps` optional: true timeout: 5m0s + images: + - name: gcr.io/tekton-nightly/github.com/tektoncd/experimental/pipelines-in-pipelines/cmd/controller + newTag: v20230909-ee13de632e + patches: + # replace namespace + - target: + kind: Namespace + labelSelector: app.kubernetes.io/part-of=tekton-pip-run + patch: | + - op: replace + path: /metadata/name + value: tekton-pipelines + - target: + labelSelector: app.kubernetes.io/part-of=tekton-pip-run + namespace: tekton-pip-run + patch: | + - op: replace + path: /metadata/namespace + value: tekton-pip-run + # add container resources + - target: + kind: Deployment + labelSelector: app.kubernetes.io/part-of=tekton-pip-run + patch: | + - op: add + path: /spec/template/spec/containers/0/resources + value: + requests: + cpu: "100m" + memory: 200Mi diff --git a/apps/dev/tekton/setup/kustomization.yaml b/apps/dev/tekton/setup/kustomization.yaml index 47e4393e6..9add2ad16 100644 --- a/apps/dev/tekton/setup/kustomization.yaml +++ b/apps/dev/tekton/setup/kustomization.yaml @@ -5,5 +5,4 @@ resources: # renovate: datasource=github-releases depName=tektoncd/operator versioning=semver - https://github.com/tektoncd/operator/releases/download/v0.65.1/release.yaml - operator-config.yaml - - ingress-dashboard.yaml - - pip-release.yaml \ No newline at end of file + - https://storage.googleapis.com/tekton-releases-nightly/pipelines-in-pipelines/latest/release.yaml diff --git a/apps/dev/tekton/setup/pip-release.yaml b/apps/dev/tekton/setup/pip-release.yaml deleted file mode 100644 index 19d22356e..000000000 --- a/apps/dev/tekton/setup/pip-release.yaml +++ /dev/null @@ -1,357 +0,0 @@ -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# apiVersion: v1 -# kind: Namespace -# metadata: -# name: tekton-pip-run -# labels: -# app.kubernetes.io/instance: default -# app.kubernetes.io/part-of: tekton-pip-run - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: pip-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: pip-controller-cluster-access - labels: - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run -rules: - # Controller needs cluster access to all CustomRun CRs. - - apiGroups: ["tekton.dev"] - resources: ["customruns", "pipelineruns"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["tekton.dev"] - resources: ["customruns/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["tekton.dev"] - resources: ["customruns/status", "pipelineruns/status"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - # Controller needs cluster access to leases for leader election. - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - # Controller needs permission to emit events associated with CustomRun CRs. - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: pip-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run -rules: - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["list", "watch"] - # The controller needs access to these configmaps for logging information and runtime configuration. - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get"] - resourceNames: ["config-logging-pip", "config-observability", "config-leader-election"] - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pip-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run -subjects: - - kind: ServiceAccount - name: pip-controller - namespace: tekton-pipelines -roleRef: - kind: Role - name: pip-controller - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: pip-controller-cluster-access - labels: - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run -subjects: - - kind: ServiceAccount - name: pip-controller - namespace: tekton-pipelines -roleRef: - kind: ClusterRole - name: pip-controller-cluster-access - apiGroup: rbac.authorization.k8s.io - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/name: pip-controller - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/version: devel - app.kubernetes.io/part-of: tekton-pip-run - # tekton.dev/release value replaced with inputs.params.versionTag in pipeline/tekton/publish.yaml - pipeline.tekton.dev/release: "v20220126-2d431237c6" - # labels below are related to istio and should not be used for resource lookup - app: pip-controller - version: "v20220126-2d431237c6" - name: pip-controller - namespace: tekton-pipelines -spec: - ports: - - name: http-metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app.kubernetes.io/name: pip-controller - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pip-controller - namespace: tekton-pipelines - labels: - app.kubernetes.io/name: pip-controller - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/version: devel - app.kubernetes.io/part-of: tekton-pip-run -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: pip-controller - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: pip - template: - metadata: - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - labels: - app.kubernetes.io/name: pip-controller - app.kubernetes.io/component: pip-controller - app.kubernetes.io/instance: default - app.kubernetes.io/version: devel - app.kubernetes.io/part-of: pip - app: pip-controller - spec: - serviceAccountName: pip-controller - containers: - - name: pip-controller - image: gcr.io/tekton-nightly/github.com/tektoncd/experimental/pipelines-in-pipelines/cmd/controller:v20220126-2d431237c6 - volumeMounts: - - name: config-logging - mountPath: /etc/config-logging - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - # If you are changing these names, you will also need to update - # the controller's Role in 200-role.yaml to include the new - # values in the "configmaps" "get" rule. - - name: CONFIG_LOGGING_NAME - value: config-logging-pip - - name: METRICS_DOMAIN - value: experimental.tekton.dev/pipelines-in-pipelines - volumes: - - name: config-logging - configMap: - name: config-logging-pip - ---- -# Copyright 2021 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-logging-pip - namespace: tekton-pipelines - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pip-run -data: - # Common configuration for all knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "sampling": { - "initial": 100, - "thereafter": 100 - }, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "", - "durationEncoder": "", - "callerEncoder": "" - } - } - # Log level overrides - loglevel.controller: "info" - loglevel.webhook: "info" - ----