Add Tekton pipeline definition for OpenShift CI

galafis · galafis · commit d23fe4a170aa · 2025-05-07T12:56:40.000-04:00
diff --git a/.tekton/pipeline.yml b/.tekton/pipeline.yml
@@ -0,0 +1,105 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: cicd-final-project-pipeline
+spec:
+  description: "CI/CD Pipeline for the Final Project. It lints, tests, builds, and (later) deploys the application."
+  workspaces:
+    - name: shared-workspace
+      description: "This workspace will be shared by all tasks for source code, etc."
+    # Potentially a workspace for Docker config if pushing to a secured external registry
+    # - name: docker-config
+    #   description: "Optional: Docker config for pushing to a secured registry"
+    #   optional: true
+
+  params:
+    - name: repo-url
+      type: string
+      description: The URL of the git repository to clone.
+      default: "https://github.com/galafis/cicd-final-project.git" # Default to the user's repo
+    - name: repo-revision
+      type: string
+      description: The git revision (branch, tag, commit SHA) to checkout.
+      default: "main"
+    - name: image-name
+      type: string
+      description: Name of the image to be built.
+      default: "app-image" # This will be prefixed by namespace in OpenShift usually
+    - name: image-tag
+      type: string
+      description: Tag for the image to be built.
+      default: "latest"
+    - name: openshift-image-registry-url
+      type: string
+      description: "OpenShift internal image registry URL (e.g., image-registry.openshift-image-registry.svc:5000/your-project)"
+      # This will likely need to be set by the user or discovered when running in OpenShift
+      default: "image-registry.openshift-image-registry.svc:5000/your-project-name" # Placeholder
+
+  tasks:
+    - name: fetch-repository
+      taskRef:
+        name: git-clone
+        kind: ClusterTask # Assuming git-clone ClusterTask is available
+      workspaces:
+        - name: output
+          workspace: shared-workspace
+      params:
+        - name: url
+          value: $(params.repo-url)
+        - name: revision
+          value: $(params.repo-revision)
+        # - name: sslVerify
+        #   value: "false" # If using self-signed certs for Git
+        # - name: deleteExisting
+        #   value: "true"
+
+    - name: cleanup-workspace # Optional, run before tests if needed
+      taskRef:
+        name: cleanup
+      runAfter: [fetch-repository] # Ensure it runs after fetching
+      workspaces:
+        - name: source
+          workspace: shared-workspace
+
+    - name: lint-code
+      taskRef:
+        name: lint-code
+      runAfter: [fetch-repository] # Or cleanup-workspace if that runs first
+      workspaces:
+        - name: source
+          workspace: shared-workspace
+      params:
+        - name: python-image
+          value: python:3.11-slim
+
+    - name: run-tests
+      taskRef:
+        name: nose-tests # Using the name as required by Task 5
+      runAfter: [lint-code]
+      workspaces:
+        - name: source
+          workspace: shared-workspace
+      params:
+        - name: python-image
+          value: python:3.11-slim
+
+    - name: build-image
+      taskRef:
+        name: build-image
+      runAfter: [run-tests]
+      workspaces:
+        - name: source
+          workspace: shared-workspace
+      params:
+        - name: image-url
+          value: "$(params.openshift-image-registry-url)/$(params.image-name)"
+        - name: image-tag
+          value: "$(params.image-tag)"
+        - name: dockerfile
+          value: "./Dockerfile" # Assuming Dockerfile is in root of repo
+        - name: context
+          value: "." # Context is the root of the repo
+      # If pushing to OpenShift internal registry and Kaniko needs service account with push rights:
+      # This might require a specific serviceAccountName for the PipelineRun
+      # or specific credentials mounted if Kaniko task doesn't handle it automatically.
+
