A Tekton pipeline to build and deploy WildFly application

wildfly-tekton-pipeline.yaml

apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: wildfly-s2i-build-task
spec:
  description: >-
    WildFly s2i build task. This tasks operates an S2I build then generates a DockerFile to produce a runtime image
    containing the provision WildFly server and deployments (if any).
    This task creates a dockerFile result and a dockerBuildContext result to be consumed by following task in the pipeline
    in order to build the runtime image.
  params:
   - name: contextDir
     type: string
     default: ""
     description: "The sub-directory where the application source code exists."
   - name: MAVEN_OPTS
     type: string
     default: ""
     description: "JVM options passed to maven. Computed automatically at build time."
   - name: MAVEN_ARGS_APPEND
     type: string
     default: ""
     description: "Additional Maven arguments."
   - name: MAVEN_S2I_ARTIFACT_DIRS
     type: string
     default: ""
     description: "Relative paths of source directories to scan for build output. Defaults to **target**"
   - name: GALLEON_PROVISION_LAYERS
     type: string
     default: ""
     description: "Deprecated by the usage of the wildfly-maven-plugin. List of Galleon layers to provision."
   - name: GALLEON_PROVISION_FEATURE_PACKS
     type: string
     default: ""
     description: "Deprecated by the usage of the wildfly-maven-plugin. List of Galleon feature-packs to provision."
   - name: builderImageVersion
     type: string
     default: "latest"
     description: "WildFly s2i builder image version."
   - name: runtimeImageVersion
     type: string
     default: "latest"
     description: "WildFly runtime image version."
   - name: builderImage
     type: string
     default: "quay.io/wildfly/wildfly-s2i"
     description: "WildFly s2i builder image to use. Can reference a custom WildFly builder image."
   - name: runtimeImage
     type: string
     default: "quay.io/wildfly/wildfly-runtime"
     description: "WildFly s2i runtime image to use when generating the application image DockerFile"
   - name: buildBuilder
     type: string
     default: "false"
     description: >-
       When building a custom WildFly S2I builder image, set this to true.
   - name: deployOnlyRuntimeImageName
     type: string
     default: ""
     description: "WildFly s2i runtime image name that must already contain a WildFly server."
   - name: namespace
     default: "$(context.pipelineRun.namespace)"
     description: "The namespace where to push the image"
   - name: dockerRegistry
     default: "image-registry.openshift-image-registry.svc:5000"
     description: "The docker Registry URL"
  workspaces:
    - name: sources
      description: The directory containing the sources.
    - name: maven-cache
      description: The maven repository cache
  results:
    - name: dockerFile
      description: The runtime image generated docker file path.
    - name: builderDockerFile
      description: The builder image generated docker file path. When buildBuilder is set to true. 
    - name: dockerBuildContext
      description: The path of the build context.
  steps:
    - name: s2i-build
      securityContext:
        runAsUser: 0
      image: "$(params.builderImage):$(params.builderImageVersion)"
      workingDir: $(workspaces.sources.path)
      env:
        - name: MAVEN_ARGS_APPEND
          value: $(params.MAVEN_ARGS_APPEND)
        - name: MAVEN_OPTS
          value: $(params.MAVEN_OPTS)
        - name: MAVEN_LOCAL_REPO
          value: $(workspaces.maven-cache.path)
        - name: GALLEON_PROVISION_LAYERS
          value: $(params.GALLEON_PROVISION_LAYERS)
        - name: GALLEON_PROVISION_FEATURE_PACKS
          value: $(params.GALLEON_PROVISION_FEATURE_PACKS)
        - name: WILDFLY_RUNTIME_IMAGE
          value: $(params.runtimeImage)
        - name: WILDFLY_BUILDER_IMAGE
          value: $(params.builderImage)
        - name: WILDFLY_RUNTIME_IMAGE_VERSION
          value: $(params.runtimeImageVersion)
        - name: WILDFLY_BUILDER_IMAGE_VERSION
          value: $(params.builderImageVersion)
      script: |
        #!/usr/bin/env sh
        set -eu
        
        #Assembly expects source to be in src sub directory of S2I_DESTINATION_DIR
        srcDir="$(workspaces.sources.path)"

        s2iDestinationDir="$srcDir/s2i_destination_dir"
        rm -rf "$s2iDestinationDir"
        export S2I_DESTINATION_DIR="$s2iDestinationDir"
        echo "source content"
        ls -al  $srcDir
        buildBuilder=$(params.buildBuilder)
        if [ "$buildBuilder" == "false" ]; then
          contextDir="$(params.contextDir)"
          if [ ! -z "$contextDir" ]; then
            srcDir="$srcDir/$contextDir"
          fi
          s2iSourceDir="$s2iDestinationDir/src"
          mkdir -p "$s2iSourceDir"
          mv "$srcDir"/* "$s2iSourceDir"
        else
          echo "No sources to build"
          mkdir -p "$s2iDestinationDir"
        fi
        artifactDir="$(params.MAVEN_S2I_ARTIFACT_DIRS)"
        if [ ! -z "$artifactDir" ]; then
          export MAVEN_S2I_ARTIFACT_DIRS="$artifactDir"
        fi
        
        if [ ! -z "$GALLEON_PROVISION_FEATURE_PACKS" ]; then
          echo "Provisioning Galleon feature-packs: $GALLEON_PROVISION_FEATURE_PACKS"
        fi
        if [ ! -z "$GALLEON_PROVISION_LAYERS" ]; then
          echo "Provisioning Galleon layers: $GALLEON_PROVISION_LAYERS"
        fi
        /usr/local/s2i/assemble
        
        # Generate Dockerfile file and create docker build context
        # To be consumed by task that does docker build (kaniko, buildah,...)
        dockerDirName="wf-docker-build"
        dockerFileName="Dockerfile"
        dockerBuildContext="$s2iDestinationDir/$dockerDirName"
        dockerFile="$dockerBuildContext/$dockerFileName"
        mkdir -p "$dockerBuildContext"
        
        deployOnlyRuntimeImageName=$(params.deployOnlyRuntimeImageName)
        if [ -z "$deployOnlyRuntimeImageName" ]; then
        echo "Building runtime image from $WILDFLY_RUNTIME_IMAGE:$WILDFLY_RUNTIME_IMAGE_VERSION image, copying server and deployment (if any) to it."
        mv "$JBOSS_HOME" "$dockerBuildContext"
         cat <<EOF > "$dockerFile"
        FROM $WILDFLY_RUNTIME_IMAGE:$WILDFLY_RUNTIME_IMAGE_VERSION
        COPY server \$JBOSS_HOME
        USER root
        RUN chown -R jboss:root \$JBOSS_HOME && chmod -R ug+rwX \$JBOSS_HOME
        USER jboss
        EOF
        else
        deployOnlyRuntimeImage=$(params.dockerRegistry)/$(params.namespace)/$(params.deployOnlyRuntimeImageName)
        echo "Building runtime image from $deployOnlyRuntimeImage:$WILDFLY_RUNTIME_IMAGE_VERSION image, copying deployment to it."
        cp -r "$JBOSS_HOME/standalone/deployments" "$dockerBuildContext/"
         cat <<EOF > "$dockerFile"
        FROM $deployOnlyRuntimeImage:$WILDFLY_RUNTIME_IMAGE_VERSION
        COPY deployments/* \$JBOSS_HOME/standalone/deployments
        EOF
        fi
        # If we are building a builder, generate the Docker file for it too.
        if [ "$buildBuilder" == "true" ]; then
          echo "Building custom WildFly builder image from $WILDFLY_BUILDER_IMAGE:$WILDFLY_BUILDER_IMAGE_VERSION image, copying server to it."
          builderDockerFileName="BuilderDockerfile"
          builderDockerFile="$dockerBuildContext/$builderDockerFileName"
           cat <<EOF > "$builderDockerFile"
        FROM $WILDFLY_BUILDER_IMAGE:$WILDFLY_BUILDER_IMAGE_VERSION
        COPY server \$JBOSS_HOME
        USER root
        RUN chown -R jboss:root \$JBOSS_HOME && chmod -R ug+rwX \$JBOSS_HOME
        USER jboss
        EOF
          echo -n "s2i_destination_dir/$dockerDirName/$builderDockerFileName" > $(results.builderDockerFile.path)
        fi
        # The paths are relative to the shared workspace.
        echo -n "s2i_destination_dir/$dockerDirName/$dockerFileName" > $(results.dockerFile.path)
        echo -n "s2i_destination_dir/$dockerDirName" > $(results.dockerBuildContext.path)

---

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: wildfly-pipeline-workspace
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

---

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: wildfly-s2i-builder-pipeline
spec:
  params:
    - name: builderName
      description: "The name of the generated WildFly S2I builder. This name is used to produce the builder ImageStream."
    - name: layers
      description: "The set of Galleon layers to use when provisioning the WildFly server."
    - name: extraFeaturePacks
      default: ""
      description: "Any extra Galleon feature-packs GAV to use in addition to the WildFly Galleon feature-pack."
    - name: wildflyFeaturePack
      default: "org.wildfly:wildfly-galleon-pack"
      description: "GroupId:ArtifactId of the WildFly feature-pack used to provision the WildFly server."
    - name: wildflyCloudFeaturePack
      default: "org.wildfly.cloud:wildfly-cloud-galleon-pack"
      description: "GroupId:ArtifactId of the WildFly Cloud feature-pack used to provision the WildFly server."
    - name: wildflyVersion
      default: "27.0.1.Final"
      description: "WildFly version used to provision the server"
    - name: wildflyCloudVersion
      default: "2.0.0.Final"
      description: "WildFly version used to provision the server"
    - name: namespace
      default: "$(context.pipelineRun.namespace)"
      description: "The namespace where to push the image"
    - name: dockerRegistry
      default: "image-registry.openshift-image-registry.svc:5000"
      description: "The docker Registry URL"
    - name: imageVersion
      default: "latest"
      description: "WildFly s2i builder image version. Can be latest, latest-jdk11 or latest-jdk17"
  workspaces:
    - name: shared-data
    - name: maven-cache
  tasks:
    - name: wildfly-s2i-build-builder
      taskRef:
        name: wildfly-s2i-build-task
      params:
        - name: GALLEON_PROVISION_LAYERS
          value: "$(params.layers)"
        - name: GALLEON_PROVISION_FEATURE_PACKS
          value: "$(params.wildflyFeaturePack):$(params.wildflyVersion),$(params.wildflyCloudFeaturePack):$(params.wildflyCloudVersion),$(params.extraFeaturePacks)"
        - name: builderImageVersion
          value: "$(params.imageVersion)"
        - name: runtimeImageVersion
          value: "$(params.imageVersion)"
        - name: buildBuilder
          value: "true"
      workspaces:
        - name: sources
          workspace: shared-data
        - name: maven-cache
          workspace: maven-cache
    - name: buildah-build-push-builder-image
      taskRef:
        name: buildah
        kind: ClusterTask
      params:
        - name: IMAGE
          value: "$(params.dockerRegistry)/$(params.namespace)/$(params.builderName)-builder:$(params.imageVersion)"
        - name: DOCKERFILE
          value: "$(tasks.wildfly-s2i-build-builder.results.builderDockerFile)"
        - name: CONTEXT
          value: "$(tasks.wildfly-s2i-build-builder.results.dockerBuildContext)"
        - name: TLSVERIFY
          value: "false" 
      runAfter: 
        - wildfly-s2i-build-builder
      workspaces:
        - name: source
          workspace: shared-data
    - name: buildah-build-push-runtime-image
      taskRef:
        name: buildah
        kind: ClusterTask
      params:
        - name: IMAGE
          value: "$(params.dockerRegistry)/$(params.namespace)/$(params.builderName):$(params.imageVersion)"
        - name: DOCKERFILE
          value: "$(tasks.wildfly-s2i-build-builder.results.dockerFile)"
        - name: CONTEXT
          value: "$(tasks.wildfly-s2i-build-builder.results.dockerBuildContext)"
        - name: TLSVERIFY
          value: "false" 
      runAfter: 
        - wildfly-s2i-build-builder
      workspaces:
        - name: source
          workspace: shared-data

---

apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: wildfly-s2i-build-app-pipeline
spec:
  params:
    - name: gitUrl
      description: "URL of the git repository"
    - name: revision
      default: "main"
      description: "Revision of the git repository"
    - name: contextDir
      default: ""
      description: "The sub-directory where the application source code exists."
    - name: builderImageStream
      description: "The Image Stream of the custom WildFly s2i builder to use. This builder ImageStream must have been previously generated."
    - name: namespace
      default: "$(context.pipelineRun.namespace)"
      description: "The namespace where to push the image"
    - name: dockerRegistry
      default: "image-registry.openshift-image-registry.svc:5000"
      description: "The docker Registry URL"
    - name: deploy
      default: "false"
      description: "Create a deployment from the generated image and expose the service."
    - name: imageName
      description: "The image name, also used for deployment name."
    - name: MAVEN_ARGS_APPEND
      default: ""
      description: "Additional Maven arguments."
    - name: MAVEN_OPTS
      default: ""
      description: "JVM options passed to maven. Computed automatically at build time."
    - name: MAVEN_S2I_ARTIFACT_DIRS
      default: ""
      description: "Relative paths of source directories to scan for build output. Defaults to **target**"
    - name: imageVersion
      default: "latest"
      description: "Custom WildFly s2i builder and WildFly runtime images version. Can be latest, latest-jdk11 or latest-jdk17"
    - name: runtimeImageStream
      type: string
      default: ""
      description: >-
       To avoid copying the provision server to a naked WildFly runtime image, set this parameter to reference a runtime image ImageStream that already contains 
       a WildFly server.  Only the deployments will get copied to this runtime imager.
  workspaces:
    - name: shared-data
    - name: maven-cache
  tasks:
    - name: git-clone-repo
      taskRef:
        name: git-clone
        kind: ClusterTask
      workspaces:
        - name: output
          workspace: shared-data
      params:
        - name: url
          value: "$(params.gitUrl)"
        - name: revision
          value: "$(params.revision)"
        - name: deleteExisting
          value: "true"
        - name: depth
          value: "1"
    - name: wildfly-s2i-build-app
      taskRef:
        name: wildfly-s2i-build-task
      params:
        - name: contextDir
          value: "$(params.contextDir)"
        - name: MAVEN_ARGS_APPEND
          value: "$(params.MAVEN_ARGS_APPEND) -Dwildfly.package.skip=true"
        - name: MAVEN_OPTS
          value: "$(params.MAVEN_OPTS)"
        - name: MAVEN_S2I_ARTIFACT_DIRS
          value: "$(params.MAVEN_S2I_ARTIFACT_DIRS)"
        - name: builderImageVersion
          value: "$(params.imageVersion)"
        - name: runtimeImageVersion
          value: "$(params.imageVersion)"
        - name: builderImage
          value: "$(params.dockerRegistry)/$(params.namespace)/$(params.builderImageStream)"
        - name: deployOnlyRuntimeImageName
          value: "$(params.runtimeImageStream)"
        - name: namespace
          value: "$(params.namespace)"
        - name: dockerRegistry
          value: "$(params.dockerRegistry)"
      runAfter: 
        - git-clone-repo
      workspaces:
        - name: sources
          workspace: shared-data
        - name: maven-cache
          workspace: maven-cache
    - name: buildah-build-push-runtime-app
      taskRef:
        name: buildah
        kind: ClusterTask
      params:
        - name: IMAGE
          value: "$(params.dockerRegistry)/$(params.namespace)/$(params.imageName)"
        - name: DOCKERFILE
          value: "$(tasks.wildfly-s2i-build-app.results.dockerFile)"
        - name: CONTEXT
          value: "$(tasks.wildfly-s2i-build-app.results.dockerBuildContext)"
        - name: TLSVERIFY
          value: "false" 
      runAfter: 
        - wildfly-s2i-build-app
      workspaces:
        - name: source
          workspace: shared-data
    - name: enable-image-lookup
      taskRef:
        name: openshift-client
        kind: ClusterTask
      runAfter:
        - buildah-build-push-runtime-app
      when:
      - input: "$(params.deploy)"
        operator: in
        values: ["true"]
      params:
      - name: SCRIPT
        value: |
          oc set image-lookup $(params.imageName)
    - name: helm-install
      taskRef:
        name: helm-upgrade-from-repo
        kind: ClusterTask
      runAfter:
        - enable-image-lookup
      when:
      - input: "$(params.deploy)"
        operator: in
        values: ["true"]
      params:
      - name: helm_repo
        value: "https://docs.wildfly.org/wildfly-charts/"
      - name: chart_name
        value: "wildfly/wildfly"
      - name: release_name
        value: "$(params.imageName)"
      - name: overwrite_values
        value: "image.name=$(params.imageName),build.enabled=false"