AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4b6f071349a2ca5d8268c47de4610b99fac38ce3
kubernetes/dev/tekton/openliberty/openliberty-pipeline.yaml
allard 376a944abc initial commit
2025-11-23 18:58:51 +01:00

187 lines
4.2 KiB
YAML
Executable File
Raw Blame History

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: openliberty-pipeline
spec:
description: |
This pipeline clones a git repo, builds a Docker image with Kaniko and
pushes it to a registry
params:
- name: repo-url
type: string
- name: git-revision
type: string
- name: maven-mirror-url
type: string
- name: sonar-organization
type: string
- name: sonar-project-key
type: string
- name: sonar-token
type: string
- name: sonar-host-url
type: string
- name: source-to-scan
type: string
- name: registry
type: string
- name: project
type: string
- name: image-name
type: string
- name: cosign-image-url
type: string
- name: deptrack-projectName
type: string
- name: deptrack-projectVersion
type: string
- name: deptrack-apiKey
type: string
- name: deptrack-url
type: string
workspaces:
- name: shared-data
- name: registry-credentials
- name: maven-settings
- name: sonar-settings
tasks:
- name: fetch-source
taskRef:
name: git-clone
workspaces:
- name: output
workspace: shared-data
params:
- name: url
value: $(params.repo-url)
- name: compile-java
runAfter: ["fetch-source"]
taskRef:
name: maven
workspaces:
- name: source
workspace: shared-data
- name: maven-settings
workspace: shared-data
params:
- name: MAVEN_IMAGE
value: maven
- name: CONTEXT_DIR
value: "."
- name: MAVEN_MIRROR_URL
value: $(params.maven-mirror-url)
- name: GOALS
value:
- clean
- package
- name: sonarqube
runAfter: ["compile-java"]
taskRef:
kind: Task
name: sonarqube-scanner
workspaces:
- name: source
workspace: shared-data
- name: sonar-settings
workspace: sonar-settings
params:
- name: SONAR_ORGANIZATION
value: $(params.sonar-organization)
- name: SONAR_PROJECT_KEY
value: $(params.sonar-project-key)
- name: SONAR_TOKEN
value: $(params.sonar-token)
- name: SOURCE_TO_SCAN
value: $(params.source-to-scan)
- name: SONAR_HOST_URL
value: $(params.sonar-host-url)
- name: SONAR_SCANNER_IMAGE
value: noenv/sonar-scanner:7.0.2
- name: build-push
runAfter: ["compile-java"]
taskRef:
name: buildah
workspaces:
- name: source
workspace: shared-data
- name: dockerconfig
workspace: registry-credentials
params:
- name: IMAGE
value: $(params.registry)/$(params.project)/$(params.image-name):$(params.git-revision)
- name: cosign-sign
runAfter: ["build-push"]
taskRef:
name: cosign-sign
params:
- name: cosign-image-url
value: $(params.registry)/$(params.project)/$(params.image-name):$(params.git-revision)
- name: cosign-image-digest
value: $(tasks.build-push.results.IMAGE_DIGEST)
- name: syft
runAfter: ["build-push"]
taskRef:
name: syft
params:
- name: ARGS
value:
- $(params.registry)/$(params.project)/$(params.image-name):$(params.git-revision)
- --output
- cyclonedx-json=./$(params.sonar-project-key).sbom.json
workspaces:
- name: source-dir
workspace: shared-data
- name: push-sbom
runAfter: ["syft"]
taskref:
name: push-sbom
params:
- name: deptrack-url
value: $(params.deptrack-url)
- name: deptrack-apiKey
value: $(params.deptrack-apiKey)
- name: deptrack-projectName
value: $(params.deptrack-projectName)
- name: deptrack-projectVersion
value: $(params.deptrack-projectVersion)
- name: sbom
value: $(params.deptrack-projectName).sbom.json
workspaces:
- name: source-dir
workspace: shared-data
- name: register-change
runAfter: ["build-push"]
taskref:
name: register-change
params:
- name: project
value: $(params.sonar-project-key)
- name: git-revision
value: $(params.git-revision)
workspaces:
- name: source-dir
workspace: shared-data
- name: deploy-with-argocd
runAfter: ["build-push"]
taskref:
name: argocd-task-sync-and-wait
params:
- name: application-name
value: $(params.sonar-project-key)
Reference in New Issue View Git Blame Copy Permalink