Enable webhook for building bashtard

author: Patrick Spek <p.spek@tyil.nl> 2023-08-24 13:52:05 +0200
committer: Patrick Spek <p.spek@tyil.nl> 2023-08-24 13:52:05 +0200
commit: 5ac5fa6c4e73c5abbb4e2c805defa3569b111289 (patch)
tree: 2d292fc74e392de678f8b6e75501f41d0e13b5cb
parent: 9650740fd19ce89f4fa296bad2c3baf8836b6564 (diff)
8 files changed, 195 insertions, 19 deletions
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml
index 65d7253..3acd2cd 100644
--- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml
@@ -11,4 +11,6 @@ spec:
     controller:
       rbac:
         namespaced: true
+      serviceAccount:
+        name: argo-events
 ...
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/rbac.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/rbac.yaml
new file mode 100644
index 0000000..a646f66
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/rbac.yaml
@@ -0,0 +1,97 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: argo-events-webhook
+  namespace: cicd-system
+automountServiceAccountToken: true
+...
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: argo-events-webhook
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - delete
+  - patch
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - validatingwebhookconfigurations
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - delete
+  - patch
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - argoproj.io
+  resources:
+  - eventbus
+  - eventsources
+  - sensors
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - argoproj.io
+  resources:
+  - workflows
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - patch
+  - watch
+...
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: argo-events-webhook
+  namespace: cicd-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: argo-events-webhook
+subjects:
+- kind: ServiceAccount
+  name: argo-events-webhook
+  namespace: cicd-system
+...
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml
index 3627b53..cd9aeb9 100644
--- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml
@@ -12,18 +12,4 @@ spec:
     envFrom:
       secretRef:
       - name: auth-proxy-ci
-    ingress:
-      enabled: true
-      ingressClassName: traefik
-      annotations:
-        cert-manager.io/cluster-issuer: "letsencrypt-production"
-        traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd
-      tls:
-      - secretName: tls-nl.tyil.ci
-        hosts:
-        - ci.tyil.nl
-      hosts:
-      - host: ci.tyil.nl
-        paths:
-        - path: /
-          pathType: Prefix
+...
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml
new file mode 100644
index 0000000..b97af7c
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/ingress.yaml
@@ -0,0 +1,39 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ci
+  namespace: cicd-system
+  labels:
+    app.kubernetes.io/created-by: tyil
+    app.kubernetes.io/managed-by: manual
+    app.kubernetes.io/name: trigger-bashtard
+    app.kubernetes.io/part-of: cicd-system
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-production"
+    traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd
+spec:
+  ingressClassName: traefik
+  tls:
+  - hosts:
+    - ci.tyil.nl
+    secretName: tls-nl.tyil.ci
+  rules:
+  - host: ci.tyil.nl
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: auth-proxy-ci-oauth2-proxy
+            port:
+              number: 4180
+      - path: /trigger
+        pathType: Prefix
+        backend:
+          service:
+            name: webhook-eventsource-svc
+            port:
+              number: 12000
+...
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml
index cc46d43..5796540 100644
--- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml
@@ -10,8 +10,8 @@ spec:
     - port: 12000
       targetPort: 12000
   webhook:
-    example:
-      endpoint: /example
+    project-bashtard:
+      endpoint: /trigger/project-bashtard
       method: POST
       port: "12000"
       url: https://ci.tyil.nl
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/project-bashtard.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/project-bashtard.yaml
new file mode 100644
index 0000000..4f83959
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/sensors/project-bashtard.yaml
@@ -0,0 +1,52 @@
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Sensor
+metadata:
+  name: project-bashtard
+  namespace: cicd-system
+spec:
+  template:
+    serviceAccountName: argo-events-webhook
+  dependencies:
+  - name: webhook
+    eventSourceName: webhook
+    eventName: project-bashtard
+  triggers:
+  - template:
+      name: webhook-workflow-trigger
+      k8s:
+        operation: create
+        source:
+          resource:
+            apiVersion: argoproj.io/v1alpha1
+            kind: Workflow
+            metadata:
+              generateName: project-bashtard-
+            spec:
+              entrypoint: main
+              arguments:
+                parameters:
+                - name: ref
+                  value: ""
+              templates:
+              - name: main
+                inputs:
+                  parameters:
+                  - name: ref
+                    value: "{{workflows.parameters.ref}}"
+                steps:
+                - - name: main
+                    templateRef:
+                      name: project-bashtard
+                      template: main
+                    arguments:
+                      parameters:
+                      - name: ref
+                        value: "{{inputs.parameters.ref}}"
+        parameters:
+        - src:
+            dependencyName: webhook
+            dataKey: body.commit
+            value: "master"
+          dest: spec.arguments.parameters.0.value
+...
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml
index 785028d..0742e79 100644
--- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml
@@ -42,5 +42,5 @@ spec:
         git init
         git remote add origin "{{inputs.parameters.repo}}"
         git fetch origin -a
-        git reset --hard "origin/{{inputs.parameters.ref}}"
+        git reset --hard "{{inputs.parameters.ref}}"
 ...
diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml
index e2b399d..b59e5b7 100644
--- a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml
+++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml
@@ -10,7 +10,7 @@ spec:
   arguments:
     parameters:
     - name: ref
-      value: master
+      value: origin/master
   templates:
   - name: main
     steps:
author	Patrick Spek <p.spek@tyil.nl>	2023-08-24 13:52:05 +0200
committer	Patrick Spek <p.spek@tyil.nl>	2023-08-24 13:52:05 +0200
commit	5ac5fa6c4e73c5abbb4e2c805defa3569b111289 (patch)
tree	2d292fc74e392de678f8b6e75501f41d0e13b5cb
parent	9650740fd19ce89f4fa296bad2c3baf8836b6564 (diff)