AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
allard
2025-11-23 18:58:51 +01:00
commit 376a944abc
1553 changed files with 314731 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dev/tekton/tasks/sbom/Dockerfile/Dockerfile Executable file
View File

@@ -0,0 +1,3 @@
FROM ubuntu
RUN apt update && apt upgrade -y
RUN apt install curl -y

1
dev/tekton/tasks/sbom/olproperties.sbom.json Normal file
View File

File diff suppressed because one or more lines are too long

50
dev/tekton/tasks/sbom/push-sbom.bak Normal file
View File

@@ -0,0 +1,50 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: push-sbom
namespace: default
spec:
params:
- description: The name of sbom
name: sbom
type: string
- description: The deptrack-authorisation-key to upload the sbom, put in secret
name: deptrack-apiKey
type: string
- description: The name of the deptrack-project
name: deptrack-projectName
type: string
- description: The version of the deptrack-project
name: deptrack-projectVersion
type: string
steps:
- computeResources: {}
image: allardkrings/ubuntu-curl:1.0
name: push-sbom
script: |
#!/usr/bin/env bash
if
curl -X POST \
-H 'Content-Type: multipart/form-data; boundary=__X_BOM__' \
-H "X-API-Key: odt_UPC8l0R9vzQILZIphSoK15J4u4Ns3HEy" \
-F "autoCreate=true" \
-F "projectName=olproperties" \
-F "projectVersion=1.1" \
-F "bom=@olproperties.sbom.json" \
"https://deptracka-dev.allarddcs.nl/api/v1/bom" \
| grep "token"
then
echo "sbom uploaded succesfully"
else
echo odt_UPC8l0R9vzQILZIphSoK15J4u4Ns3HEy
echo olproperties
echo 1.1
echo olproperties.sbom.json
ls
echo "upload sbom failed"
exit -1
fi
workingDir: $(workspaces.source-dir.path)
workspaces:
- name: source-dir
optional: true

56
dev/tekton/tasks/sbom/push-sbom.new Normal file
View File

@@ -0,0 +1,56 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: push-sbom
namespace: default
spec:
params:
- description: The name of sbom
name: sbom
type: string
- description: The deptrack-authorisation-key to upload the sbom, put in secret
name: deptrack-apiKey
type: string
- description: The name of the deptrack-project
name: deptrack-projectName
type: string
- description: The version of the deptrack-project
name: deptrack-projectVersion
type: string
- description: The URL of the DepTrack API
name: deptrack-url
type: string
steps:
- computeResources: {}
image: harbor-dev.allarddcs.nl/allard/curl:1.0
name: push-sbom
script: |
#!/usr/bin/env bash
# Run curl command and capture the output and error messages
response=$(curl -v -k -X POST \
-H 'Content-Type: multipart/form-data; boundary=__X_BOM__' \
-H "X-API-Key: $(params.deptrack-apiKey)" \
-F "autoCreate=true" \
-F "projectName=$(params.deptrack-projectName)" \
-F "projectVersion=$(params.deptrack-projectVersion)" \
-F "bom=@$(params.sbom)" \
"$(params.deptrack-url)/api/v1/bom" 2>&1)
# Check the response for a specific token or success message
if echo "$response" | grep -q "token"; then
echo "SBOM uploaded successfully"
else
# Print the error response from curl to diagnose the failure
echo $(params.deptrack-url)
echo $(params.deptrack-apiKey)
echo $(params.deptrack-projectName)
echo $(params.deptrack-projectVersion)
echo $(params.sbom)
echo "Failed to upload SBOM. Response from curl:"
echo "$response"
exit 1
fi
workingDir: $(workspaces.source-dir.path)
workspaces:
- name: source-dir
optional: true

50
dev/tekton/tasks/sbom/push-sbom.yaml Normal file
View File

@@ -0,0 +1,50 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: push-sbom
namespace: default
spec:
params:
- description: name of the image
name: image-reference
type: string
- description: The name of sbom
name: sbom
type: string
- description: The deptrack-authorisation-key to upload the sbom, put in secret
name: deptrack-apiKey
type: string
- description: The name of the deptrack-project
name: deptrack-projectName
type: string
- description: The version of the deptrack-project
name: deptrack-projectVersion
type: string
- description: The URL of the DepTrack API
name: deptrack-url
type: string
steps:
- computeResources: {}
image: harbor-dev.allarddcs.nl/allard/curl:1.0
name: push-sbom
script: |
#!/usr/bin/env bash
if curl -k -X POST \
-H 'Content-Type: multipart/form-data; boundary=__X_BOM__' \
-H "X-API-Key: $(params.deptrack-apiKey)" \
-F "autoCreate=true" \
-F "projectName=$(params.deptrack-projectName)" \
-F "projectVersion=$(params.deptrack-projectVersion)" \
-F "bom=@$(params.sbom)" \
"$(params.deptrack-url)/api/v1/bom" \
| grep "token"
then
echo "sbom uploaded successfully"
else
echo "Failed to upload sbom"
exit -1
fi
workingDir: $(workspaces.source-dir.path)
workspaces:
- name: source-dir
optional: true

30
dev/tekton/tasks/sbom/syft-push-pipeline-run.yaml Executable file
View File

@@ -0,0 +1,30 @@
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: syft-push-pipeline-run-
spec:
pipelineRef:
name: generate-and-push-sbom
params:
- name: image-reference
value: harbor-dev.allarddcs.nl/allard/olproperties:1.0
- name: deptrack-url
value: http://deptrack-apiserver.deptrack.svc.cluster.local:8080
- name: deptrack-projectName
value: olproperties
- name: deptrack-projectVersion
value: 1.1
- name: deptrack-apiKey
value: odt_BRpq4el8T0XqdeunYMnefniaS0n8Yxd8
- name: deptrack-options
value:
- ""
workspaces:
- name: shared-data
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi

55
dev/tekton/tasks/sbom/syft-push-pipeline.yaml Executable file
View File

@@ -0,0 +1,55 @@
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: generate-and-push-sbom
spec:
description: |
This pipeline generates an sbom with syft and pushes the sbom to deptrack
params:
- name: image-reference
type: string
- name: deptrack-url
type: string
- name: deptrack-projectName
type: string
- name: deptrack-projectVersion
type: string
- name: deptrack-options
type: array
- name: deptrack-apiKey
type: string
workspaces:
- name: shared-data
tasks:
- name: syft
taskRef:
name: syft
params:
- name: ARGS
value:
- $(params.image-reference)
- --output
- cyclonedx-json=./$(params.deptrack-projectName).sbom.json
workspaces:
- name: source-dir
workspace: shared-data
- name: push-sbom
runAfter: ["syft"]
taskref:
name: push-sbom
params:
- name: deptrack-url
value: $(params.deptrack-url)
- name: deptrack-apiKey
value: $(params.deptrack-apiKey)
- name: deptrack-projectName
value: $(params.deptrack-projectName)
- name: deptrack-projectVersion
value: $(params.deptrack-projectVersion)
- name: sbom
value: $(params.deptrack-projectName).sbom.json
workspaces:
- name: source-dir
workspace: shared-data

24
dev/tekton/tasks/sbom/upload-sbom.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/usr/bin/env bash
export deptrackapiKey=odt_BRpq4el8T0XqdeunYMnefniaS0n8Yxd8
export deptrackprojectName=olproperties
export deptrackprojectVersion=1.1
export sbom=olproperties.sbom.json
if
curl -X POST "https://deptracka-dev.allarddcs.nl/api/v1/bom" \
-H 'Content-Type: multipart/form-data; boundary=__X_BOM__' \
-H "X-API-Key: $deptrackapiKey" \
-F "autoCreate=true" \
-F "projectName=$deptrackprojectName" \
-F "projectVersion=$deptrackprojectVersion" \
-F "bom=@olproperties.sbom.json" \
| grep "token"
then
echo "sbom uploaded succesfully"
else
echo $deptrackapiKey
echo $deptrackprojectName
echo $deptrackprojectVersion
echo $sbom
echo "upload sbom failed"
exit -1
fi