vrabbi · April 20, 2023 11:47
diff --git a/TEMP.yaml b/TEMP.yaml
 apiVersion: tekton.dev/v1beta1
 kind: ClusterTask
 metadata:
  name: git-writer
 spec:
  description: |-
    A task that writes a given set of files (provided as a json base64-encoded)
    to git repository under a specified directory.
  params:
  - description: The repository path
    name: git_repository
    type: string
  - default: main
    description: The git branch to read and write
    name: git_branch
    type: string
  - default: [email protected]
    description: User email address
    name: git_user_email
    type: string
  - default: Example
    description: User name
    name: git_user_name
    type: string
  - default: New Commit
    description: Message for the git commit
    name: git_commit_message
    type: string
  - default: config
    description: Sub directory in which to write
    name: sub_path
    type: string
  - description: |
      Base64-encoded json map of files to write to registry, for example - eyAiUkVBRE1FLm1kIjogIiMgUmVhZG1lIiB9
    name: git_files
    type: string
  - default: ""
    description: |
      PEM encoded certificate data for the image registry where the files will be pushed to.
    name: ca_cert_data
    type: string
  steps:
  - env:
    - name: HOME
      value: /tekton/home/
    image: harbor.vrabbi.cloud/tap/tap-packages@sha256:f325a8d83abd2f1a7741045472ab96e6929f52fd330e432777e54f8e6f459c7e
    name: git-clone-and-push
    resources: {}
    script: |
      #!/usr/bin/env bash

      set -o errexit
      set -o xtrace
      
      if [[ ! -z "$(params.ca_cert_data)" ]]; then
        certs_dir=$(mktemp -d)
        echo "$(params.ca_cert_data)" > $certs_dir/cert.pem
        git config --global http.sslCAInfo $certs_dir/cert.pem
      fi

      ssh_config_file=$(mktemp)
      
      echo "
      UserKnownHostsFile /tekton/creds/.ssh/known_hosts
      Include $(credentials.path)/.ssh/config
      " > $ssh_config_file

      export GIT_SSH_COMMAND="ssh -F $ssh_config_file"

      cd `mktemp -d`

      if git clone --depth 1 -b "$(params.git_branch)" "$(params.git_repository)" ./repo; then
        cd ./repo
      else
        git clone --depth 1 "$(params.git_repository)" ./repo
        cd ./repo
        git checkout -b "$(params.git_branch)"
      fi

      git config user.email "$(params.git_user_email)"
      git config user.name "$(params.git_user_name)"

      mkdir -p $(params.sub_path) && rm -rf $(params.sub_path)/*
      cd $(params.sub_path)

      echo '$(params.git_files)' | base64 --decode > files.json
      eval "$(cat files.json | jq -r 'to_entries | .[] | @sh "mkdir -p $(dirname \(.key)) && echo \(.value) > \(.key) && git add \(.key)"')"

      git commit -m "$(params.git_commit_message)" --allow-empty
      git push origin $(params.git_branch)
	apiVersion: tekton.dev/v1beta1
	kind: ClusterTask
	metadata:
	name: git-writer
	spec:
	description: \|-
	A task that writes a given set of files (provided as a json base64-encoded)
	to git repository under a specified directory.
	params:
	- description: The repository path
	name: git_repository
	type: string
	- default: main
	description: The git branch to read and write
	name: git_branch
	type: string
	- default: [email protected]
	description: User email address
	name: git_user_email
	type: string
	- default: Example
	description: User name
	name: git_user_name
	type: string
	- default: New Commit
	description: Message for the git commit
	name: git_commit_message
	type: string
	- default: config
	description: Sub directory in which to write
	name: sub_path
	type: string
	- description: \|
	Base64-encoded json map of files to write to registry, for example - eyAiUkVBRE1FLm1kIjogIiMgUmVhZG1lIiB9
	name: git_files
	type: string
	- default: ""
	description: \|
	PEM encoded certificate data for the image registry where the files will be pushed to.
	name: ca_cert_data
	type: string
	steps:
	- env:
	- name: HOME
	value: /tekton/home/
	image: harbor.vrabbi.cloud/tap/tap-packages@sha256:f325a8d83abd2f1a7741045472ab96e6929f52fd330e432777e54f8e6f459c7e
	name: git-clone-and-push
	resources: {}
	script: \|
	#!/usr/bin/env bash

	set -o errexit
	set -o xtrace

	if [[ ! -z "$(params.ca_cert_data)" ]]; then
	certs_dir=$(mktemp -d)
	echo "$(params.ca_cert_data)" > $certs_dir/cert.pem
	git config --global http.sslCAInfo $certs_dir/cert.pem
	fi

	ssh_config_file=$(mktemp)

	echo "
	UserKnownHostsFile /tekton/creds/.ssh/known_hosts
	Include $(credentials.path)/.ssh/config
	" > $ssh_config_file

	export GIT_SSH_COMMAND="ssh -F $ssh_config_file"

	cd `mktemp -d`

	if git clone --depth 1 -b "$(params.git_branch)" "$(params.git_repository)" ./repo; then
	cd ./repo
	else
	git clone --depth 1 "$(params.git_repository)" ./repo
	cd ./repo
	git checkout -b "$(params.git_branch)"
	fi

	git config user.email "$(params.git_user_email)"
	git config user.name "$(params.git_user_name)"

	mkdir -p $(params.sub_path) && rm -rf $(params.sub_path)/*
	cd $(params.sub_path)

	echo '$(params.git_files)' \| base64 --decode > files.json
	eval "$(cat files.json \| jq -r 'to_entries \| .[] \| @sh "mkdir -p $(dirname \(.key)) && echo \(.value) > \(.key) && git add \(.key)"')"

	git commit -m "$(params.git_commit_message)" --allow-empty
	git push origin $(params.git_branch)
No results found