{
"ref": "refs/heads/main",
"before": "0e7cb11c79d222b5c16d7b2c82c2f2774da86358",
"after": "0f02fdb0ac95302cf300d9419a697d057da1e2dd",
"repository": {
"id": 654172102,
"node_id": "R_kgDOJv3fxg",
"name": "blog",
"full_name": "mauricioscastro/blog",
"private": false,
"owner": {
"name": "mauricioscastro",
"email": "mauricioscastro@hotmail.com",
"login": "mauricioscastro",
"id": 4973770,
"node_id": "MDQ6VXNlcjQ5NzM3NzA=",
"avatar_url": "https://avatars.githubusercontent.com/u/4973770?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/mauricioscastro",
"html_url": "https://github.com/mauricioscastro",
"followers_url": "https://api.github.com/users/mauricioscastro/followers",
"following_url": "https://api.github.com/users/mauricioscastro/following{/other_user}",
"gists_url": "https://api.github.com/users/mauricioscastro/gists{/gist_id}",
"starred_url": "https://api.github.com/users/mauricioscastro/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/mauricioscastro/subscriptions",
"organizations_url": "https://api.github.com/users/mauricioscastro/orgs",
"repos_url": "https://api.github.com/users/mauricioscastro/repos",
"events_url": "https://api.github.com/users/mauricioscastro/events{/privacy}",
"received_events_url": "https://api.github.com/users/mauricioscastro/received_events",
"type": "User",
"user_view_type": "public",
"site_admin": false
},
"html_url": "https://github.com/mauricioscastro/blog",
"description": "general blogging",
"fork": false,
"url": "https://api.github.com/repos/mauricioscastro/blog",
"forks_url": "https://api.github.com/repos/mauricioscastro/blog/forks",
"keys_url": "https://api.github.com/repos/mauricioscastro/blog/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/mauricioscastro/blog/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/mauricioscastro/blog/teams",
"hooks_url": "https://api.github.com/repos/mauricioscastro/blog/hooks",
"issue_events_url": "https://api.github.com/repos/mauricioscastro/blog/issues/events{/number}",
"events_url": "https://api.github.com/repos/mauricioscastro/blog/events",
"assignees_url": "https://api.github.com/repos/mauricioscastro/blog/assignees{/user}",
"branches_url": "https://api.github.com/repos/mauricioscastro/blog/branches{/branch}",
"tags_url": "https://api.github.com/repos/mauricioscastro/blog/tags",
"blobs_url": "https://api.github.com/repos/mauricioscastro/blog/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/mauricioscastro/blog/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/mauricioscastro/blog/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/mauricioscastro/blog/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/mauricioscastro/blog/statuses/{sha}",
"languages_url": "https://api.github.com/repos/mauricioscastro/blog/languages",
"stargazers_url": "https://api.github.com/repos/mauricioscastro/blog/stargazers",
"contributors_url": "https://api.github.com/repos/mauricioscastro/blog/contributors",
"subscribers_url": "https://api.github.com/repos/mauricioscastro/blog/subscribers",
"subscription_url": "https://api.github.com/repos/mauricioscastro/blog/subscription",
"commits_url": "https://api.github.com/repos/mauricioscastro/blog/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/mauricioscastro/blog/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/mauricioscastro/blog/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/mauricioscastro/blog/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/mauricioscastro/blog/contents/{+path}",
"compare_url": "https://api.github.com/repos/mauricioscastro/blog/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/mauricioscastro/blog/merges",
"archive_url": "https://api.github.com/repos/mauricioscastro/blog/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/mauricioscastro/blog/downloads",
"issues_url": "https://api.github.com/repos/mauricioscastro/blog/issues{/number}",
"pulls_url": "https://api.github.com/repos/mauricioscastro/blog/pulls{/number}",
"milestones_url": "https://api.github.com/repos/mauricioscastro/blog/milestones{/number}",
"notifications_url": "https://api.github.com/repos/mauricioscastro/blog/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/mauricioscastro/blog/labels{/name}",
"releases_url": "https://api.github.com/repos/mauricioscastro/blog/releases{/id}",
"deployments_url": "https://api.github.com/repos/mauricioscastro/blog/deployments",
"created_at": 1686839569,
"updated_at": "2025-05-07T18:20:39Z",
"pushed_at": 1746642179,
"git_url": "git://github.com/mauricioscastro/blog.git",
"ssh_url": "git@github.com:mauricioscastro/blog.git",
"clone_url": "https://github.com/mauricioscastro/blog.git",
"svn_url": "https://github.com/mauricioscastro/blog",
"homepage": null,
"size": 1299,
"stargazers_count": 0,
"watchers_count": 0,
"language": "HTML",
"has_issues": true,
"has_projects": true,
"has_downloads": true,
"has_wiki": true,
"has_pages": true,
"has_discussions": false,
"forks_count": 1,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 0,
"license": null,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
],
"visibility": "public",
"forks": 1,
"open_issues": 0,
"watchers": 0,
"default_branch": "main",
"stargazers": 0,
"master_branch": "main"
},
"pusher": {
"name": "mauricioscastro",
"email": "mauricioscastro@hotmail.com"
},
"sender": {
"login": "mauricioscastro",
"id": 4973770,
"node_id": "MDQ6VXNlcjQ5NzM3NzA=",
"avatar_url": "https://avatars.githubusercontent.com/u/4973770?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/mauricioscastro",
"html_url": "https://github.com/mauricioscastro",
"followers_url": "https://api.github.com/users/mauricioscastro/followers",
"following_url": "https://api.github.com/users/mauricioscastro/following{/other_user}",
"gists_url": "https://api.github.com/users/mauricioscastro/gists{/gist_id}",
"starred_url": "https://api.github.com/users/mauricioscastro/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/mauricioscastro/subscriptions",
"organizations_url": "https://api.github.com/users/mauricioscastro/orgs",
"repos_url": "https://api.github.com/users/mauricioscastro/repos",
"events_url": "https://api.github.com/users/mauricioscastro/events{/privacy}",
"received_events_url": "https://api.github.com/users/mauricioscastro/received_events",
"type": "User",
"user_view_type": "public",
"site_admin": false
},
"created": false,
"deleted": false,
"forced": false,
"base_ref": null,
"compare": "https://github.com/mauricioscastro/blog/compare/0e7cb11c79d2...0f02fdb0ac95",
"commits": [
{
"id": "3fb1cf0c9d35b2a313c9da0b51146bb8a7e6bc90",
"tree_id": "32ea9279a9cad4f44334a44438790aacdba2bcac",
"distinct": true,
"message": "trigger back to gitlab",
"timestamp": "2025-05-07T15:22:54-03:00",
"url": "https://github.com/mauricioscastro/blog/commit/3fb1cf0c9d35b2a313c9da0b51146bb8a7e6bc90",
"author": {
"name": "tekton",
"email": "tekton@openshift"
},
"committer": {
"name": "tekton",
"email": "tekton@openshift"
},
"added": [
],
"removed": [
],
"modified": [
"cicd/tekton/triggertp+eventlstnrl.yaml"
]
},
{
"id": "0f02fdb0ac95302cf300d9419a697d057da1e2dd",
"tree_id": "ccd6453a6212e010d6f851367780e836cfe4a569",
"distinct": true,
"message": "Merge branch 'main' of https://github.com/mauricioscastro/blog",
"timestamp": "2025-05-07T15:22:58-03:00",
"url": "https://github.com/mauricioscastro/blog/commit/0f02fdb0ac95302cf300d9419a697d057da1e2dd",
"author": {
"name": "tekton",
"email": "tekton@openshift"
},
"committer": {
"name": "tekton",
"email": "tekton@openshift"
},
"added": [
],
"removed": [
],
"modified": [
"cicd/argo/deployment.yaml"
]
}
],
"head_commit": {
"id": "0f02fdb0ac95302cf300d9419a697d057da1e2dd",
"tree_id": "ccd6453a6212e010d6f851367780e836cfe4a569",
"distinct": true,
"message": "Merge branch 'main' of https://github.com/mauricioscastro/blog",
"timestamp": "2025-05-07T15:22:58-03:00",
"url": "https://github.com/mauricioscastro/blog/commit/0f02fdb0ac95302cf300d9419a697d057da1e2dd",
"author": {
"name": "tekton",
"email": "tekton@openshift"
},
"committer": {
"name": "tekton",
"email": "tekton@openshift"
},
"added": [
],
"removed": [
],
"modified": [
"cicd/argo/deployment.yaml"
]
}
}{
"object_kind": "push",
"event_name": "push",
"before": "1a1736ec3d7b03349b31218a2f2c572c7c7206d6",
"after": "1a1736ec3d7b03349b31218a2f2c572c7c7206d6",
"ref": "refs/heads/main",
"checkout_sha": "1a1736ec3d7b03349b31218a2f2c572c7c7206d6",
"message": null,
"user_id": 111448,
"user_name": "Tekton CI",
"user_username": "tekton",
"user_email": "",
"user_avatar": "https://secure.gravatar.com/avatar/xx56773f447d86b8ffa33efb7a5d0cb5?s=80&d=identicon",
"project_id": 16507311,
"project": {
"id": 16507326,
"name": "triggers",
"description": "",
"web_url": "https://gitlab.com/tekton/triggers",
"avatar_url": null,
"git_ssh_url": "git@gitlab.com:tekton/triggers.git",
"git_http_url": "https://gitlab.com/tekton/triggers.git",
"namespace": "Tekton NS",
"visibility_level": 20,
"path_with_namespace": "tekton/triggers",
"default_branch": "main",
"ci_config_path": null,
"homepage": "https://gitlab.com/tekton/triggers",
"url": "git@gitlab.com:tekton/triggers.git",
"ssh_url": "git@gitlab.com:tekton/triggers.git",
"http_url": "https://gitlab.com/tekton/triggers.git"
},
"commits": [
{
"id": "1a1736ec3d7b03349b31218a2f2c572c7c7206d6",
"message": "Add new file",
"timestamp": "2020-01-24T17:05:48+00:00",
"url": "https://gitlab.com/tekton/triggers/-/commit/1a1736ec3d7b03349b31218a2f2c572c7c7206d6",
"author": {
"name": "Tekton CI",
"email": "foo@bar.com"
},
"added": ["Readme.md"],
"modified": [],
"removed": []
}
],
"total_commits_count": 1,
"push_options": {},
"repository": {
"name": "triggers",
"url": "git@gitlab.com:tekton/triggers.git",
"description": "",
"homepage": "https://gitlab.com/tekton/triggers",
"git_http_url": "https://gitlab.com/tekton/triggers.git",
"git_ssh_url": "git@gitlab.com:tekton/triggers.git",
"visibility_level": 20
}
}apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: kanikod
namespace: blog
spec:
workspaces:
- name: dockerconfig
mountPath: /kaniko/.docker
- name: source
params:
- name: image
default: quay.io/mauriciosantiagodecastro/blogrunner
- name: commit
steps:
- name: build-and-push
image: gcr.io/kaniko-project/executor:debug
securityContext:
runAsUser: 0
script: |-
short=`echo $(params.commit) | cut -c 1-7`
build_date=`date +'%Y%m%d%H%M%S'`
/kaniko/executor --skip-tls-verify \
-f Containerfile \
-d $(params.image):$short.$build_date \
-c $(workspaces.source.path)apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: new-pipeline
namespace: blog
spec:
workspaces:
- name: git-source
- name: registry-credentials
- name: git-credentials
params:
- name: git-repo
type: string
default: https://github.com/mauricioscastro/blog
- name: pdf-dest-dir
type: string
default: /tmp/mscastro-blog
- name: target-image
type: string
default: quay.io/mauriciosantiagodecastro/blogrunner
- name: cd-git-repo
type: string
default: git@github.com:mauricioscastro/blog.git
tasks:
#
# clone repo with git-clone
#
- name: git-clone
taskRef:
resolver: hub
params:
- name: name
value: git-clone
- name: version
value: "0.9"
workspaces:
- workspace: git-source
name: output
params:
- name: url
value: $(params.git-repo)
- name: subdirectory
value: ""
- name: deleteExisting
value: 'true'
#
# test build with jekyll
#
- name: build-site
runAfter:
- git-clone
workspaces:
- workspace: git-source
name: output
taskSpec:
workspaces:
- name: output
steps:
- name: build
image: docker.io/jekyll/builder
script: |-
chmod -R 777 $(workspaces.output.path)
cd $(workspaces.output.path)
bundle config set path /tmp/bundle
bundle install
bundler exec jekyll build -d /tmp/site --incremental
#
# test md conversion to pdf
#
- name: add-pdf
runAfter:
- build-site
workspaces:
- workspace: git-source
name: output
params:
- name: pdf-dest-dir
value: $(params.pdf-dest-dir)
taskSpec:
workspaces:
- name: output
params:
- name: pdf-dest-dir
steps:
- name: md-to-pdf
image: quay.io/mauriciosantiagodecastro/md2pdf
script: |-
mkdir -p $(params.pdf-dest-dir)
cp -r $(workspaces.output.path)/* $(params.pdf-dest-dir)
for md in `find $(params.pdf-dest-dir) -name "*.md" -size +10c | grep -v 404`; do
m2f $md pdf \
footerTemplate="<div style=\"font-size: 9px; margin: 0 auto;\"> <span class="pageNumber"></span> / <span class="totalPages"></span></div>" \
headerTemplate="<span/>" margin.top="0.8cm"
done
pdf_count=`find $(params.pdf-dest-dir) -name "*.pdf" | wc -l`
echo "number of converted pdfs: $pdf_count"
test $pdf_count -gt 0
#
# use podman to push
#
- name: podman
runAfter:
- add-pdf
workspaces:
- workspace: git-source
name: output
- workspace: registry-credentials
name: dockerconfig
params:
- name: image
value: $(params.target-image)
- name: commit
value: $(tasks.git-clone.results.commit)
taskRef:
name: podman
#
# update deployment so argo can sense and flag out-of-sync
#
- name: cd-update
runAfter:
- podman
workspaces:
- workspace: git-credentials
name: gitssh
params:
- name: version
value: $(tasks.podman.results.image-tag)
- name: cd-git-repo
value: $(params.cd-git-repo)
taskSpec:
workspaces:
- name: gitssh
params:
- name: version
- name: cd-git-repo
steps:
- name: update-deployment
image: docker.io/governmentpaas/git-ssh
env:
- name: "HOME"
value: "/tmp"
script: |-
cd /tmp
export VERSION=$(params.version)
export GIT_SSH_COMMAND="ssh -i /tmp/gitkey -o IdentitiesOnly=yes -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
cp $(workspaces.gitssh.path)/gitkey .
chmod 0400 gitkey
git clone $(params.cd-git-repo)
cd `echo $(params.cd-git-repo) | sed -e 's/.git//g' -e 's;.*/;;g'`
git config --global user.email "tekton@openshift"
git config --global user.name "tekton"
sed -i -e "s;app.kubernetes.io/version:.*;app.kubernetes.io/version: '$VERSION';g" cicd/argo/deployment.yaml
git add -A
git commit -m "updating deployments with version $VERSION"
git push 2> /dev/null
- name: clean
runAfter:
- cd-update
taskSpec:
steps:
- name: clean
image: docker.io/alpine
script: |-
echo "nothing to clean" apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
generateName: new-pipeline-run-
namespace: blog
spec:
pipelineRef:
name: new-pipeline
taskRunTemplate:
serviceAccountName: pipeline
workspaces:
- name: git-source
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: registry-credentials
secret:
secretName: quayio-robot-credentials
- name: git-credentials
secret:
secretName: git-credentials curl -v -H 'X-GitLab-Token: 1234567' -H 'X-Gitlab-Event: Push Hook' -H 'Content-Type: application/json' --data-binary "@gitlab-body.json"apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: podman
namespace: blog
spec:
workspaces:
- name: output
- name: dockerconfig
params:
- name: image
- name: commit
results:
- name: image-tag
steps:
- name: build-and-push
image: quay.io/podman/stable
securityContext:
privileged: true
env:
- name: "HOME"
value: "/tmp"
script: |-
export REGISTRY_AUTH_FILE=$(workspaces.dockerconfig.path)/config.json
build_date=`date +'%Y%m%d%H%M%S'`
short=`echo $(params.commit) | cut -c 1-7`
cd $(workspaces.output.path)
podman build . -t $(params.image):$short.$build_date
podman push $(params.image):$short.$build_date
podman push $(params.image):$short.$build_date $(params.image):latest
echo "$short.$build_date" > $(results.image-tag.path)apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: new-trigger-template
namespace: blog
spec:
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: new-pipeline-run-hook-
spec:
podTemplate:
securityContext:
runAsNonRoot: true
runAsUser: 1000 # this is the podman user from podman build task
runAsGroup: 1000
fsGroup: 1000
serviceAccountName: pipeline
pipelineRef:
name: new-pipeline
workspaces:
- name: git-source
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
- name: registry-credentials
secret:
secretName: quayio-robot-credentials
- name: git-credentials
secret:
secretName: git-credentials
---
apiVersion: triggers.tekton.dev/v1alpha1
kind: TriggerBinding
metadata:
name: new-trigger-binding
namespace: blog
spec:
params:
# gitlab
- name: gitrevision
value: $(body.checkout_sha)
- name: gitrepositoryurl
value: $(body.repository.git_http_url)
#
# github
# - name: gitrevision
# value: $(body.head_commit.id)
# - name: gitrepositoryurl
# value: $(body.html_url)
---
apiVersion: v1
kind: Secret
metadata:
name: git-secret
namespace: blog
type: Opaque
stringData:
secretToken: "1234567"
---
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: gitlab-listener-new
namespace: blog
spec:
serviceAccountName: pipeline
triggers:
- name: gitlab-push-events-trigger
interceptors:
- name: verify-gitlab-payload
ref:
name: gitlab
kind: ClusterInterceptor
params:
- name: secretRef
value:
secretName: git-secret
secretKey: secretToken
- name: eventTypes
value:
- "Push Hook"
# - name: verify-github-payload
# ref:
# name: "github"
# kind: ClusterInterceptor
# params:
# - name: "secretRef"
# value:
# secretName: git-secret
# secretKey: secretToken
# - name: "eventTypes"
# value:
# - "pull_request"
bindings:
- ref: new-trigger-binding
template:
ref: new-trigger-template