-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial release bitbucket pipeline (#1)
* Initial release bitbucket pipeline
- Loading branch information
Showing
11 changed files
with
300 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
{ | ||
"type": "minor", | ||
"description": "Initial release" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
root = true | ||
|
||
[*] | ||
indent_style = space | ||
indent_size = 2 | ||
end_of_line = lf | ||
insert_final_newline = true | ||
charset = utf-8 | ||
|
||
[*.md] | ||
trim_trailing_whitespace = false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: Push Docker Images | ||
|
||
on: | ||
release: | ||
types: [created] | ||
|
||
jobs: | ||
build: | ||
|
||
runs-on: ubuntu-latest | ||
env: | ||
VERSION: ${{ github.event.release.tag_name }} | ||
steps: | ||
- uses: actions/checkout@v2 | ||
|
||
- name: docker build | ||
run: | | ||
docker build -t terrakube-pipe:latest . | ||
- name: docker login | ||
env: | ||
DOCKER_USER: ${{secrets.DOCKER_USER}} | ||
DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} | ||
run: | | ||
docker login -u $DOCKER_USER -p $DOCKER_PASSWORD | ||
- name: Docker tag Pipe Image | ||
run: docker tag $(docker images terrakube-pipe -q) azbuilder/terrakube-pipe:$VERSION | ||
|
||
- name: Docker tag Pipe Image latest | ||
run: docker tag $(docker images terrakube-pipe -q) azbuilder/terrakube-pipe:latest | ||
|
||
- name: Docker Push Pipe | ||
run: docker push azbuilder/terrakube-pipe:$VERSION | ||
|
||
- name: Docker Push Pipe latest | ||
run: docker push azbuilder/terrakube-pipe:latest | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
docker-compose.yaml | ||
bitbucket-pipelines.yml | ||
RELEASING.md |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
.idea | ||
*.iml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
FROM alpine:3.15.0 | ||
|
||
RUN apk add --update --no-cache bash &&\ | ||
apk add --no-cache curl &&\ | ||
apk add --no-cache jq | ||
|
||
COPY pipe / | ||
COPY LICENSE.txt pipe.yml README.md / | ||
RUN wget -P / https://bitbucket.org/bitbucketpipelines/bitbucket-pipes-toolkit-bash/raw/0.4.0/common.sh | ||
|
||
RUN chmod a+x /*.sh | ||
|
||
ENTRYPOINT ["/pipe.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,110 @@ | ||
# terrakube-pipe-bitbucket | ||
Custom bitbucket pipe that allows to run Terrakube jobs inside Bitbuckets pipelines | ||
# Bitbucket Pipelines Pipe: Terrakube Integration | ||
|
||
This pipe is an example to show how easy is to create pipes for Bitbucket Pipelines. | ||
|
||
## YAML Definition | ||
|
||
Add the following snippet to the script section of your `bitbucket-pipelines.yml` file: | ||
|
||
```yaml | ||
script: | ||
- pipe: azbuilder/terrakube-pipe:1.0.0 | ||
variables: | ||
LOGIN_ENDPOINT: "<string>" #optional Default: https://login.microsoftonline.com | ||
TERRAKUBE_TENANT_ID: "<string>" | ||
TERRAKUBE_APPLICATION_ID: "<string>" | ||
TERRAKUBE_APPLICATION_SECRET: "<string>" | ||
TERRAKUBE_APPLICATION_SCOPE: "<string>" #optional Default: api://Terrakube/.default | ||
TERRAKUBE_ORGANIZATION: "<string>" | ||
TERRAKUBE_WORKSPACE: "<string>" | ||
TERRAKUBE_TEMPLATE: "<string>" | ||
TERRAKUBE_ENDPOINT: "<string>" | ||
DEBUG: "<boolean>" # Optional Default: false | ||
``` | ||
## Variables | ||
| Variable | Usage | | ||
| -------------------------------- | -------------------------------------------------- | | ||
| LOGIN_ENDPOINT | Default values: https://login.microsoftonline.com | | ||
| TERRAKUBE_TENANT_ID (*) | Azure AD Application tenant ID | | ||
| TERRAKUBE_APPLICATION_ID (*) | Azure AD Application tenant ID | | ||
| TERRAKUBE_APPLICATION_SECRET (*) | Azure AD Application tenant ID | | ||
| TERRAKUBE_APPLICATION_SCOPE | Default value: api://Terrakube/.default | | ||
| TERRAKUBE_ORGANIZATION (*) | Terrakube organization name | | ||
| TERRAKUBE_WORKSPACE (*) | Terrakube workspace name | | ||
| TERRAKUBE_TEMPLATE (*) | Terrakube template name | | ||
| TERRAKUBE_ENDPOINT (*) | Terrakbue api endpoint | | ||
_(*) = required variable._ | ||
## Prerequisites | ||
## Examples | ||
Basic example: | ||
```yaml | ||
script: | ||
- pipe: azbuilder/terrakube-pipe:1.0.0 | ||
variables: | ||
TERRAKUBE_TENANT_ID: "36857254-c824-409f-96f5-d3f2de37b016" | ||
TERRAKUBE_APPLICATION_ID: "36857254-c824-409f-96f5-d3f2de37b016" | ||
TERRAKUBE_APPLICATION_SECRET: "SuperSecret" | ||
TERRAKUBE_ORGANIZATION: "terrakube" | ||
TERRAKUBE_WORKSPACE: "bitbucket" | ||
TERRAKUBE_TEMPLATE: "vulnerability-snyk" | ||
TERRAKUBE_ENDPOINT: "https://terrakube.interal/service" | ||
``` | ||
Advanced example: | ||
```yaml | ||
script: | ||
- pipe: azbuilder/terrakube-pipe:1.0.0 | ||
variables: | ||
LOGIN_ENDPOINT: "https://login.microsoftonline.com" | ||
TERRAKUBE_TENANT_ID: "36857254-c824-409f-96f5-d3f2de37b016" | ||
TERRAKUBE_APPLICATION_ID: "36857254-c824-409f-96f5-d3f2de37b016" | ||
TERRAKUBE_APPLICATION_SECRET: "SuperSecret" | ||
TERRAKUBE_APPLICATION_SCOPE: "api://TerrakubeApp/.default" | ||
TERRAKUBE_ORGANIZATION: "terrakube" | ||
TERRAKUBE_WORKSPACE: "bitbucket" | ||
TERRAKUBE_TEMPLATE: "vulnerability-snyk" | ||
TERRAKUBE_ENDPOINT: "https://terrakube.interal/service" | ||
DEBUG: "true" | ||
``` | ||
## Docker Compose Example | ||
This can be used to test the bitbucket pipeline in your local machine. | ||
Build the image: | ||
```bash | ||
docker build -t terrakube-pipe:latest . | ||
``` | ||
|
||
Run the bitbucket pipe locally: | ||
```yaml | ||
version: "3.8" | ||
services: | ||
api-server: | ||
image: terrakube-pipe:latest | ||
container_name: terrakube-pipe | ||
environment: | ||
- TERRAKUBE_TENANT_ID=XXXXX | ||
- TERRAKUBE_APPLICATION_ID=XXXX | ||
- TERRAKUBE_APPLICATION_SECRET=XXXX | ||
- TERRAKUBE_ORGANIZATION=XXX | ||
- TERRAKUBE_WORKSPACE=XXX | ||
- TERRAKUBE_TEMPLATE=XXX | ||
- TERRAKUBE_ENDPOINT=XXX | ||
- TERRAKUBE_APPLICATION_SCOPE=XXX | ||
``` | ||
## Support | ||
If you’d like help with this pipe, or you have an issue or feature request, let us know. | ||
If you’re reporting an issue, please include: | ||
- the version of the pipe | ||
- relevant logs and error messages | ||
- steps to reproduce |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
name: Terrakube pipe | ||
image: azbuilder/terrakube-pipe:0.0.1 | ||
description: This pipe will trigger a Terrakube job. | ||
repository: https://github.com/AzBuilder/terrakube-pipe-bitbucket | ||
maintainer: [email protected] | ||
tags: | ||
- terrakube | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
#!/usr/bin/env bash | ||
# | ||
# This pipe is an example to show how easy is to create pipes for Bitbucket Pipelines. | ||
# | ||
|
||
source "$(dirname "$0")/common.sh" | ||
|
||
generate_job_data() | ||
{ | ||
cat <<EOF | ||
{ | ||
"data": { | ||
"type": "job", | ||
"attributes": { | ||
"templateReference": "$TERRAKUBE_TEMPLATE_ID" | ||
}, | ||
"relationships":{ | ||
"workspace":{ | ||
"data":{ | ||
"type": "workspace", | ||
"id": "$TERRAKUBE_WORKSPACE_ID" | ||
} | ||
} | ||
} | ||
} | ||
} | ||
EOF | ||
} | ||
|
||
info "Loading default variables..." | ||
|
||
# Required parameters | ||
LOGIN_ENDPOINT=${LOGIN_ENDPOINT:="https://login.microsoftonline.com"} | ||
TERRAKUBE_TENANT_ID=${TERRAKUBE_TENANT_ID:?'TERRAKUBE_TENANT_ID variable missing.'} | ||
TERRAKUBE_APPLICATION_ID=${TERRAKUBE_APPLICATION_ID:?'TERRAKUBE_APPLICATION_ID variable missing.'} | ||
TERRAKUBE_APPLICATION_SECRET=${TERRAKUBE_APPLICATION_SECRET:?'TERRAKUBE_APPLICATION_SECRET variable missing.'} | ||
TERRAKUBE_APPLICATION_SCOPE=${TERRAKUBE_APPLICATION_SCOPE:="api://Terrakube/.default"} | ||
TERRAKUBE_ORGANIZATION=${TERRAKUBE_ORGANIZATION:?'TERRAKUBE_ORGANIZATION variable missing.'} | ||
TERRAKUBE_WORKSPACE=${TERRAKUBE_WORKSPACE:?'TERRAKUBE_WORKSPACE variable missing.'} | ||
TERRAKUBE_TEMPLATE=${TERRAKUBE_TEMPLATE:?'TERRAKUBE_TEMPLATE variable missing.'} | ||
TERRAKUBE_ENDPOINT=${TERRAKUBE_ENDPOINT:?'TERRAKUBE_ENDPOINT variable missing.'} | ||
|
||
# Default parameters | ||
DEBUG=${DEBUG:="false"} | ||
|
||
info "Showing variables..." | ||
echo "Running the Terrakube pipe using the following variables:" | ||
echo "Microsoft Endpoint: ${LOGIN_ENDPOINT}" | ||
echo "Terrakube Tenant Id: ${TERRAKUBE_TENANT_ID}" | ||
echo "Terrakube Application Id: ${TERRAKUBE_APPLICATION_ID}" | ||
echo "Terrakube Application Scope: ${TERRAKUBE_APPLICATION_SCOPE}" | ||
echo "Terrakube Organization: ${TERRAKUBE_ORGANIZATION}" | ||
echo "Terrakube Workspace: ${TERRAKUBE_WORKSPACE}" | ||
echo "Terrakube Template: ${TERRAKUBE_TEMPLATE}" | ||
echo "Terrakube Endpoint: ${TERRAKUBE_ENDPOINT}" | ||
|
||
info "Get Terrakube Access Token:" | ||
TERRAKUBE_TOKEN=$(curl -d "tenantId=${TERRAKUBE_TENANT_ID}&grant_type=client_credentials&client_id=${TERRAKUBE_APPLICATION_ID}&scope=${TERRAKUBE_APPLICATION_SCOPE}&client_secret=${TERRAKUBE_APPLICATION_SECRET}" -H "Content-Type: application/x-www-form-urlencoded" -X POST "https://login.microsoftonline.com/${TERRAKUBE_TENANT_ID}/oauth2/v2.0/token" | jq -r '.access_token') | ||
|
||
info "Searching Terrakube Organization:" | ||
TERRAKUBE_ORGANIZATION_ID=$(curl -g -H "Authorization: Bearer $TERRAKUBE_TOKEN" -X GET "${TERRAKUBE_ENDPOINT}/api/v1/organization?filter[organization]=name==${TERRAKUBE_ORGANIZATION}" | jq -r '.data[0].id') | ||
|
||
echo "Organization Id: $TERRAKUBE_ORGANIZATION_ID" | ||
|
||
info "Searchving Terrakube Workspace:" | ||
|
||
TERRAKUBE_WORKSPACE_ID=$(curl -g -H "Authorization: Bearer $TERRAKUBE_TOKEN" -X GET "${TERRAKUBE_ENDPOINT}/api/v1/organization/$TERRAKUBE_ORGANIZATION_ID/workspace?filter[workspace]=name==${TERRAKUBE_WORKSPACE}" | jq -r '.data[0].id') | ||
|
||
echo $TERRAKUBE_WORKSPACE_ID | ||
|
||
TERRAKUBE_TEMPLATE_ID=$(curl -g -H "Authorization: Bearer $TERRAKUBE_TOKEN" -X GET "${TERRAKUBE_ENDPOINT}/api/v1/organization/$TERRAKUBE_ORGANIZATION_ID/template?filter[template]=name==${TERRAKUBE_TEMPLATE}" | jq -r '.data[0].id') | ||
|
||
echo "Template Id: $TERRAKUBE_TEMPLATE_ID" | ||
|
||
info "Creating Terrakube Job:" | ||
|
||
TERRAKUBE_JOB_ID=$(curl -v -g -H "Authorization: Bearer $TERRAKUBE_TOKEN" -H "Content-Type: application/vnd.api+json" -X POST "${TERRAKUBE_ENDPOINT}/api/v1/organization/$TERRAKUBE_ORGANIZATION_ID/job" --data "$(generate_job_data)" ) | ||
|
||
info "Job Id: $TERRAKUBE_JOB_ID" | ||
|
||
run echo $TERRAKUBE_JOB_ID | ||
|
||
if [[ "${status}" == "0" ]]; then | ||
success "Success!" | ||
else | ||
fail "Error!" | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
#!/usr/bin/env bats | ||
|
||
setup() { | ||
DOCKER_IMAGE=${DOCKER_IMAGE:="test/demo-pipe"} | ||
|
||
echo "Building image..." | ||
docker build -t ${DOCKER_IMAGE}:test . | ||
} | ||
|
||
@test "Dummy test" { | ||
run docker run \ | ||
-e NAME="baz" \ | ||
-v $(pwd):$(pwd) \ | ||
-w $(pwd) \ | ||
${DOCKER_IMAGE}:test | ||
|
||
echo "Status: $status" | ||
echo "Output: $output" | ||
|
||
[ "$status" -eq 0 ] | ||
} | ||
|