initial commit
This commit is contained in:
root
103
template/estaTektonPipeline.yaml.jinja
Normal file
103
template/estaTektonPipeline.yaml.jinja
Normal file
@@ -0,0 +1,103 @@
|
||||
# yaml-language-server: $schema=https://clew-resources.sbb-cloud.net/tekton-schema.json
|
||||
productName: {{ name }}
|
||||
python:
|
||||
{{-"\n targetRepo: "~ pypi_repository if pypi_repository else ' {}'}}
|
||||
builder:
|
||||
python: "{{ python_version }}"
|
||||
{%- if docker_repository %}
|
||||
docker:
|
||||
artifactoryDockerRepo: {{ docker_repository }}
|
||||
caching: true
|
||||
{%- endif %}
|
||||
{%- if helm_repository %}
|
||||
helm:
|
||||
chartRepository: {{ helm_repository }}
|
||||
linting: true
|
||||
{%- endif %}
|
||||
pipelines:
|
||||
|
||||
# This is the continuous build pipeline which runs on every commit on a feature branch or if triggered in the tekton-ui.
|
||||
# It builds and tests artifacts but does not push them to artifactory.
|
||||
- name: continuous
|
||||
triggerType:
|
||||
- GITEVENT
|
||||
- USER
|
||||
branchNamePrefixes:
|
||||
- feature
|
||||
- renovate
|
||||
build:
|
||||
{%- if docker_repository %}
|
||||
buildDockerImage: true
|
||||
deployDockerImage: false
|
||||
{%- endif %}
|
||||
sonarScan:
|
||||
enabled: true
|
||||
owaspDependencyCheck:
|
||||
enabled: true
|
||||
additionalParams: "--suppression dependency-check-suppressions.xml --disablePyDist
|
||||
--disablePyPkg --failOnCVSS 9"
|
||||
failOnQualityGateFailure: true
|
||||
{%- if use_ggshield %}
|
||||
gitguardian:
|
||||
enabled: true
|
||||
reportmode: "FAILED"
|
||||
{%- endif %}
|
||||
|
||||
# This is the snapshot build pipeline which is triggered when pushing commits to master, if triggered in the tekton ui or through a cron job at 05:00 ervery morning.
|
||||
# It builds a snapshot-version of the product and pushes it to artifactory.
|
||||
- name: snapshot
|
||||
triggerType:
|
||||
- USER
|
||||
- GITEVENT
|
||||
- CRON
|
||||
branchNamePrefixes:
|
||||
- master
|
||||
cron: 30 3 * * * # Nightly Build triggers at 03:30 every day
|
||||
build:
|
||||
sonarScan:
|
||||
enabled: true
|
||||
owaspDependencyCheck:
|
||||
enabled: true
|
||||
additionalParams: "--suppression dependency-check-suppressions.xml --disablePyDist
|
||||
--disablePyPkg --failOnCVSS 9"
|
||||
failOnQualityGateFailure: true
|
||||
{%- if docker_repository %}
|
||||
buildDockerImage: true
|
||||
deployDockerImage: true
|
||||
deployArtifacts: false
|
||||
{%- endif %}
|
||||
{%- if use_ggshield %}
|
||||
gitguardian:
|
||||
enabled: true
|
||||
reportmode: "FAILED"
|
||||
{%- endif %}
|
||||
# This is the release build pipeline which is triggered by adding a valid version tag to a commit.
|
||||
# This can either be done using git or the esta-tekton ui.
|
||||
# This builds and deploys the artifacts using the git tag as version.
|
||||
- name: release
|
||||
triggerType:
|
||||
- GITEVENT
|
||||
versionTagEventPatterns:
|
||||
- "^(\\d+\\.)(\\d+\\.)(\\d+)$"
|
||||
build:
|
||||
{%- if docker_repository %}
|
||||
buildDockerImage: true
|
||||
deployArtifacts: true
|
||||
additionalDockerImageTags:
|
||||
- latest
|
||||
{%- endif %}
|
||||
{%- if helm_repository %}
|
||||
packageAndDeployHelmChart: true
|
||||
{%- endif %}
|
||||
sonarScan:
|
||||
enabled: true
|
||||
owaspDependencyCheck:
|
||||
enabled: true
|
||||
additionalParams: "--suppression dependency-check-suppressions.xml --disablePyDist
|
||||
--disablePyPkg --failOnCVSS 9"
|
||||
failOnQualityGateFailure: true
|
||||
{%- if use_ggshield %}
|
||||
gitguardian:
|
||||
enabled: true
|
||||
reportmode: "FAILED"
|
||||
{%- endif %}
|
||||
Reference in New Issue
Block a user