forked from rcarrata/devsecops-demo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
task-dependency-report.yaml.j2
144 lines (131 loc) · 4.68 KB
/
task-dependency-report.yaml.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: dependency-report
namespace: cicd
annotations:
tekton.dev/pipelines.minVersion: 0.12.1
spec:
params:
- name: SOURCE_DIR
description: The directory within the workspace where application source is located
default: "."
- name: REPORTS_REPO_HOST
description: The reports repository host based on https://github.com/chmouel/openshift-django-uploader
default: http://reports-repo:8080
- name: REPORTS_REPO_USERNAME
description: The reports repository username
default: reports
- name: REPORTS_REPO_PASSWORD
description: The reports repository password
default: reports
- default: ''
description: The Maven repository mirror url
name: MAVEN_MIRROR_URL
type: string
- default: ''
description: The username for the proxy server
name: PROXY_USER
type: string
- default: ''
description: The password for the proxy server
name: PROXY_PASSWORD
type: string
- default: ''
description: Port number for the proxy server
name: PROXY_PORT
type: string
- default: ''
description: Proxy server Host
name: PROXY_HOST
type: string
- default: ''
description: Non proxy server host
name: PROXY_NON_PROXY_HOSTS
type: string
- default: http
description: Protocol for the proxy ie http or https
name: PROXY_PROTOCOL
type: string
workspaces:
- description: The workspace consisting of maven project.
name: source
- description: The workspace consisting of the custom maven settings provided by the user.
name: maven-settings
steps:
- image: 'registry.access.redhat.com/ubi8/ubi-minimal:latest'
name: mvn-settings
resources: {}
script: >
#!/usr/bin/env bash
[[ -f $(workspaces.maven-settings.path)/settings.xml ]] && \
echo 'using existing $(workspaces.maven-settings.path)/settings.xml' &&
exit 0
cat > $(workspaces.maven-settings.path)/settings.xml <<EOF
<settings>
<mirrors>
<!-- The mirrors added here are generated from environment variables. Don't change. -->
<!-- ### mirrors from ENV ### -->
</mirrors>
<proxies>
<!-- The proxies added here are generated from environment variables. Don't change. -->
<!-- ### HTTP proxy from ENV ### -->
</proxies>
</settings>
EOF
xml=""
if [ -n "$(params.PROXY_HOST)" -a -n "$(params.PROXY_PORT)" ]; then
xml="<proxy>\
<id>genproxy</id>\
<active>true</active>\
<protocol>$(params.PROXY_PROTOCOL)</protocol>\
<host>$(params.PROXY_HOST)</host>\
<port>$(params.PROXY_PORT)</port>"
if [ -n "$(params.PROXY_USER)" -a -n "$(params.PROXY_PASSWORD)" ]; then
xml="$xml\
<username>$(params.PROXY_USER)</username>\
<password>$(params.PROXY_PASSWORD)</password>"
fi
if [ -n "$(params.PROXY_NON_PROXY_HOSTS)" ]; then
xml="$xml\
<nonProxyHosts>$(params.PROXY_NON_PROXY_HOSTS)</nonProxyHosts>"
fi
xml="$xml\
</proxy>"
sed -i "s|<!-- ### HTTP proxy from ENV ### -->|$xml|" $(workspaces.maven-settings.path)/settings.xml
fi
if [ -n "$(params.MAVEN_MIRROR_URL)" ]; then
xml=" <mirror>\
<id>mirror.default</id>\
<url>$(params.MAVEN_MIRROR_URL)</url>\
<mirrorOf>central</mirrorOf>\
</mirror>"
sed -i "s|<!-- ### mirrors from ENV ### -->|$xml|" $(workspaces.maven-settings.path)/settings.xml
fi
- args:
- -Dmaven.repo.local=$(workspaces.source.path)/.m2
- -f
- $(params.SOURCE_DIR)
- -s
- $(workspaces.maven-settings.path)/settings.xml
- site
- -DskipTests=true
command:
- /usr/bin/mvn
image: gcr.io/cloud-builders/mvn
name: mvn-goals
resources: {}
workingDir: $(workspaces.source.path)
- name: archive-site
workingDir: $(workspaces.source.path)
image: registry.access.redhat.com/ubi8/ubi:latest
env:
- name: PIPELINERUN_NAME
valueFrom:
fieldRef:
fieldPath: metadata.labels['tekton.dev/pipelineRun']
script: |
#!/usr/bin/env bash
for f in $(find $(params.SOURCE_DIR)/target/site -type f); do
curl -u $(params.REPORTS_REPO_USERNAME):$(params.REPORTS_REPO_PASSWORD) -F path=$PIPELINERUN_NAME/${f} -X POST -F file=@${f} $(params.REPORTS_REPO_HOST)/upload; echo ""
done