setup tekton cicd

tekton/eventlistener.yaml

@@ -0,0 +1,41 @@
+apiVersion: triggers.tekton.dev/v1beta1
+kind: EventListener
+metadata:
+  name: gitea-pushes
+  namespace: sakal-us
+spec:
+  serviceAccountName: tekton-triggers-sakal-us
+  triggers:
+    # inline Trigger:
+    - name: build-and-deploy-sakal-us
+      bindings: # TriggerBindings to pluck data from EventListener and map it to named variables
+        - name: gitrevision
+          value: $(body.commits[0].id)
+        - name: gitrepositoryurl
+          value: $(body.repository.clone_url)
+      template: # TriggerTemplates to render various Tekton CRDs using plucked data
+        spec:
+          params:
+            - name: gitrevision
+              description: The git revision
+              default: main
+            - name: gitrepositoryurl
+              description: The git repository url
+              default: https://git.sakal.us/avraham/sakal.us.git
+          resourcetemplates:
+            - apiVersion: tekton.dev/v1beta1
+              kind: PipelineRun
+              metadata:
+                generateName: build-and-deploy-sakal-us-
+              spec:
+                pipelineRef:
+                  name: build-and-deploy-sakal-us
+                params:
+                - name: gitrevision
+                  value: $(tt.params.gitrevision)
+                - name: gitrepositoryurl
+                  value: $(tt.params.gitrepositoryurl)
+                workspaces:
+                - name: repo
+                  persistentVolumeClaim:
+                    claimName: sakal-us-cicd

tekton/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: sakal-us

tekton/pipeline.yaml

@@ -0,0 +1,76 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: build-and-deploy-sakal-us
+  namespace: sakal-us
+spec:
+  params:
+    - name: gitrevision
+      type: string
+    - name: gitrepositoryurl
+      type: string
+  workspaces:
+    - name: repo
+  tasks:
+    - name: git-clone
+      workspaces:
+        - name: repo
+          workspace: repo
+      params:
+        - name: gitrepositoryurl
+          value: "$(params.gitrepositoryurl)"
+        - name: gitrevision
+          value: "$(params.gitrevision)"
+      taskSpec:
+        workspaces:
+          - name: repo
+        params:
+          - name: gitrepositoryurl
+            type: string
+          - name: gitrevision
+            type: string
+        steps:
+          - name: git-clone
+            image: bitnami/git
+            script: git clone $(params.gitrepositoryurl) $(workspaces.repo.path) && cd $(workspaces.repo.path) && git checkout $(params.gitrevision)
+    - name: npm-build
+      runAfter:
+        - git-clone
+      workspaces:
+        - name: repo
+          workspace: repo
+      taskSpec:
+        workspaces:
+          - name: repo
+        steps:
+          - name: build
+            image: node:20
+            workingDir: $(workspaces.repo.path)
+            script: npm install && npm run build
+    - name: deploy-to-s3
+      runAfter:
+        - npm-build
+      workspaces:
+        - name: repo
+          workspace: repo
+      taskSpec:
+        workspaces:
+          - name: repo
+        steps:
+          - name: deploy-to-s3
+            image: bitnami/minio-client
+            workingDir: $(workspaces.repo.path)
+            env:
+              - name: MINIO_SERVER_HOST
+                value: minio.minio-dev.svc.cluster.local
+              - name: MINIO_SERVER_ACCESS_KEY
+                valueFrom:
+                  secretKeyRef:
+                    name: minio-dev
+                    key: accessKey
+              - name: MINIO_SERVER_SECRET_KEY
+                valueFrom:
+                  secretKeyRef:
+                    name: minio-dev
+                    key: secretKey
+            script: mc cp dist/ sakal-us/

tekton/pvc.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: sakal-us-cicd
+  namespace: sakal-us
+spec:
+  resources:
+    requests:
+      storage: 512Mi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce

tekton/rbac.yaml

@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: tekton-triggers-sakal-us
+  namespace: sakal-us
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: triggers-example-eventlistener-binding
+  namespace: sakal-us
+subjects:
+- kind: ServiceAccount
+  name: tekton-triggers-sakal-us
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: tekton-triggers-eventlistener-roles
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: triggers-example-eventlistener-clusterbinding
+  namespace: sakal-us
+subjects:
+- kind: ServiceAccount
+  name: tekton-triggers-sakal-us
+  namespace: default
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: tekton-triggers-eventlistener-clusterroles