commit 1bb0bb12c7181296078c1b7b32880076c9efe8bf Author: dvirlabs Date: Wed Jun 18 05:03:51 2025 +0300 Inital commit diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..c4f876c --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,19 @@ +steps: + build-and-push-plugin: + name: Build & Push wp-kaniko-sync + image: woodpeckerci/plugin-kaniko + settings: + registry: harbor.dvirlabs.com + repo: devtools/wp-kaniko-sync + dockerfile: Dockerfile + context: . + tags: + - latest + - ${CI_COMMIT_BRANCH}-${CI_COMMIT_SHA:0:7} + username: + from_secret: DOCKER_USERNAME + password: + from_secret: DOCKER_PASSWORD + when: + branch: [ master, develop ] + event: [ push, tag ] diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..4b9b4c0 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:3.19 + +# כלים: git, yq, curl לבניית Kaniko +RUN apk add --no-cache bash git yq curl + +# התקנת Kaniko +RUN mkdir -p /kaniko && \ + curl -sSL -o /kaniko/executor https://github.com/GoogleContainerTools/kaniko/releases/download/v1.21.0/executor && \ + chmod +x /kaniko/executor + +ENV PATH="/kaniko:$PATH" + +COPY entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..8fbd2ac --- /dev/null +++ b/README.md @@ -0,0 +1,40 @@ +# wp-kaniko-sync + +Woodpecker CI plugin to: +- Build and push Docker images using Kaniko +- Update GitOps values.yaml with the new tag + +## 🔧 Settings + +| Variable | Description | Required | +|----------------------|-------------------------------------|----------| +| `PLUGIN_CONTEXT` | Build context path (`frontend/`) | ✅ | +| `PLUGIN_DOCKERFILE` | Path to Dockerfile | ✅ | +| `PLUGIN_REPO` | Docker repo (e.g. `my-apps/web`) | ✅ | +| `PLUGIN_REGISTRY` | Docker registry (e.g. `harbor...`) | ✅ | +| `PLUGIN_NAME` | Logical name (frontend/backend) | ✅ | +| `PLUGIN_GIT_REPO` | GitOps repo (e.g. `.../my-apps.git`)| ✅ | +| `PLUGIN_VALUES_FILE` | Path to `values.yaml` | ✅ | +| `PLUGIN_VALUES_PATH` | yq path (e.g. `frontend.tag`) | ✅ | +| `PLUGIN_GIT_USERNAME`| Git user | ✅ | +| `PLUGIN_GIT_TOKEN` | Git token (used in clone/push) | ✅ | + +## 🧪 Example + +```yaml +steps: + build-frontend: + image: harbor.dvirlabs.com/devtools/wp-kaniko-sync:latest + settings: + PLUGIN_CONTEXT: frontend + PLUGIN_DOCKERFILE: frontend/Dockerfile + PLUGIN_REPO: my-apps/labmap-frontend + PLUGIN_REGISTRY: harbor.dvirlabs.com + PLUGIN_NAME: frontend + PLUGIN_GIT_REPO: git.dvirlabs.com/dvirlabs/my-apps.git + PLUGIN_VALUES_FILE: manifests/labmap/values.yaml + PLUGIN_VALUES_PATH: frontend.tag + PLUGIN_GIT_USERNAME: + from_secret: GIT_USERNAME + PLUGIN_GIT_TOKEN: + from_secret: GIT_TOKEN diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..6ea12e4 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/bash +set -e + +echo "🚀 Starting wp-kaniko-sync" + +TAG="${CI_COMMIT_BRANCH}-${CI_COMMIT_SHA:0:7}" +echo "🧩 Using tag: $TAG" + +echo "🔨 Building Docker image for ${PLUGIN_CONTEXT}" +/kaniko/executor \ + --dockerfile="${PLUGIN_DOCKERFILE}" \ + --context="${PLUGIN_CONTEXT}" \ + --destination="${PLUGIN_REGISTRY}/${PLUGIN_REPO}:${TAG}" \ + --destination="${PLUGIN_REGISTRY}/${PLUGIN_REPO}:latest" \ + --insecure-push=true \ + --skip-tls-verify=true \ + --cleanup + +echo "✅ Image pushed successfully" + +if [[ -n "$PLUGIN_GIT_REPO" ]]; then + echo "📡 Cloning GitOps repo" + + git config --global user.name "woodpecker-bot" + git config --global user.email "ci@dvirlabs.com" + + git clone "https://${PLUGIN_GIT_USERNAME}:${PLUGIN_GIT_TOKEN}@${PLUGIN_GIT_REPO}" + cd $(basename "$PLUGIN_GIT_REPO" .git) + + echo "📝 Updating tag in ${PLUGIN_VALUES_FILE}" + yq -i ".$PLUGIN_VALUES_PATH = \"$TAG\"" "$PLUGIN_VALUES_FILE" + + git add "$PLUGIN_VALUES_FILE" + git commit -m "${PLUGIN_NAME}: update tag to $TAG" || echo "⚠️ No changes" + git push origin HEAD +fi + +echo "🎉 Done"