You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/modules/SDDs/pages/0032-compile-pipeline.adoc
+8-6Lines changed: 8 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
3
3
:sdd_author: Aline Abler
4
4
:sdd_owner: Project Syn IG
5
-
:sdd_reviewers: Simon Gerber
5
+
:sdd_reviewers: Simon Gerber, Tobias Brunner
6
6
:sdd_date: 2024-06-13
7
7
:sdd_status: draft
8
8
@@ -62,8 +62,10 @@ The `accessTokenSecretName` field contains a reference to a secret.
62
62
If it is set, the Lieutenant operator will store an access token into this secret, which can be used to access the Git repository.
63
63
In the case of GitLab, this would be a Project Access Token with read-write access to the repository.
64
64
65
-
The `ciVariables` field contains a dictionary describing variable names and corresponding values.
66
-
These variables are added to the git repository as CI/CD variables.
65
+
The `ciVariables` field contains a list of objects describing variable names and corresponding values.
66
+
Each object in the list has a type that's modeled after a Kubernetes container's `env` field.
67
+
In contrast to container environment variables, our variables only support specifying values directly (via field `value`) or by referencing a `Secret` resource (via field `valueFrom.secretKeyRef`).
68
+
These variables are added to the Git repository as CI/CD variables.
67
69
68
70
[source,yaml]
69
71
----
@@ -130,7 +132,7 @@ spec:
130
132
131
133
Configuring the CI pipeline usually happens through files committed to the corresponding repository.
132
134
For a Lieutenant-managed pipeline configuration, these files should be managed by Lieutenant.
133
-
To achieve this, we can leverage the existing mechanism to commit template files to git repositories:
135
+
To achieve this, we can leverage the existing mechanism to commit template files to Git repositories:
134
136
135
137
[source,yaml]
136
138
----
@@ -152,7 +154,7 @@ spec:
152
154
153
155
=== Operator
154
156
155
-
The Lieutenant Operator will be extended to automatically manage the compile pipeline for repositories where this is enabled (by way of configuring the `compilePipeline` field on the tenant and the `enableCompilePipeline` field on the cluster).
157
+
The Lieutenant Operator will be extended to automatically manage the compile pipeline for repositories where this is enabled (by way of deploying the CI config file in the tenant and the `enableCompilePipeline` field on the cluster).
156
158
157
159
Since the compile pipeline has to interact with both the tenant repository as well as the cluster catalog repositories, it must be enabled on both corresponding resources for the configuration to be functional.
158
160
This way, it is possible to enable auto-compilation for some, but not all clusters on a tenant.
@@ -162,7 +164,7 @@ The operator will reconcile *GitRepos* as follows:
162
164
* When `spec.accessTokenSecretName` is set, the operator generates an access token for the corresponding repository (via the repository host's API, using the API secret in `.spec.apiSecretRef`), and writes this token into a secret with the given name.
163
165
In the case of GitLab, this is a Project Access Token.
164
166
The operator also runs a scheduled job which refreshes these tokens when they are close to expiring, or when they no longer exist on the repository host.
165
-
* The content of `.spec.ciVariables` is written to the repository's configuration on the git host.
167
+
* The content of `.spec.ciVariables` is written to the repository's configuration on the Git host.
166
168
In the case of GitLab, it is written as CI/CD variables.
167
169
168
170
NOTE: If the GitRepo is of type `unmanaged`, none of these steps will be executed.
0 commit comments