fb2edcac9e
- apps/ci/tekton.yaml: installs Tekton v0.65.1 via kustomize remote ref - apps/ci/pipeline.yaml: deploys pipeline resources via ArgoCD - manifests/ci/tekton/kustomization.yaml: points to upstream release - manifests/ci/pipeline/serviceaccount.yaml: pipeline-runner SA - manifests/ci/pipeline/pipeline.yaml: 4-task Pipeline (clone, validate, bump, push) - manifests/ci/pipeline/pipelinerun.yaml: bumps podinfo 6.6.2 → 6.7.0 - scripts/set-git-credentials.sh: creates git-credentials Secret (not in git) - docs/04-tekton-pipeline.md: Exercise 04 participant guide
38 lines
1.1 KiB
Bash
Executable file
38 lines
1.1 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# set-git-credentials.sh — Create the git-credentials Secret for the Tekton pipeline.
|
|
#
|
|
# Usage:
|
|
# ./scripts/set-git-credentials.sh <github-username> <github-pat>
|
|
#
|
|
# The PAT needs: repo (read + write) scope.
|
|
# The Secret is NOT stored in git — it lives only in the cluster.
|
|
#
|
|
# Run this once before triggering the PipelineRun.
|
|
|
|
set -euo pipefail
|
|
|
|
if [[ $# -ne 2 ]]; then
|
|
echo "Usage: $0 <github-username> <github-personal-access-token>"
|
|
exit 1
|
|
fi
|
|
|
|
GITHUB_USER="$1"
|
|
GITHUB_PAT="$2"
|
|
NAMESPACE="tekton-pipelines"
|
|
|
|
echo "→ Creating git-credentials Secret in namespace ${NAMESPACE}"
|
|
|
|
kubectl create secret generic git-credentials \
|
|
--namespace "${NAMESPACE}" \
|
|
--from-literal=username="${GITHUB_USER}" \
|
|
--from-literal=password="${GITHUB_PAT}" \
|
|
--dry-run=client -o yaml | kubectl apply -f -
|
|
|
|
echo "✓ Secret created. The pipeline is ready to run."
|
|
echo ""
|
|
echo " Trigger the pipeline:"
|
|
echo " kubectl apply -f manifests/ci/pipeline/pipelinerun.yaml"
|
|
echo ""
|
|
echo " Watch progress:"
|
|
echo " kubectl get pipelinerun -n tekton-pipelines -w"
|
|
echo " # or use: tkn pipelinerun logs -f -n tekton-pipelines bump-podinfo-to-670"
|