-
Notifications
You must be signed in to change notification settings - Fork 90
Expand file tree
/
Copy pathstep.yaml
More file actions
233 lines (228 loc) · 9.3 KB
/
step.yaml
File metadata and controls
233 lines (228 loc) · 9.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
kind: step-type
version: '1.0'
metadata:
name: git-commit
version: 0.2.0
isPublic: true
description: Commit and push changes to repository
icon:
type: svg
url: https://cdn.jsdelivr.net/gh/codefresh-io/steps/incubating/git-commit/icon.svg
background: "#0B3E49"
sources:
- https://github.com/codefresh-io/steps/tree/master/incubating/git-commit
stage: incubating
maintainers:
- name: Dima Golomozy
- name: Oleh Zahnitko
categories:
- featured
- git
official: true
tags: []
examples:
- workflow:
commit_and_push:
title: Commit changes and push
type: git-commit
arguments:
repo: '${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}'
git: 'github'
working_directory: '/codefresh/volume/${{CF_REPO_NAME}}'
commit_message: 'Some commit message'
git_user_name: 'git-user-name'
git_user_email: 'git-user@email.com'
allow_empty: false
rebase: true
base_branch: 'feature'
add:
- file1.txt
- file2.txt
- ./dir3
- workflow:
gpg_signed_commit:
title: Sign commit with GPG and push
type: git-commit
arguments:
repo: '${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}'
git: 'github'
working_directory: '/codefresh/volume/${{CF_REPO_NAME}}'
commit_message: 'Some commit message'
git_user_name: 'git-user-name'
git_user_email: 'git-user@email.com'
allow_empty: false
gpg_key_id: '${{GPG_KEY_ID}}'
gpg_secret_key: '${{GPG_SECRET_KEY}}'
add:
- file1.txt
- file2.txt
- ./dir3
spec:
arguments: |
{
"definitions": {},
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"additionalProperties": false,
"patterns": [],
"required": [
"repo",
"git"
],
"properties": {
"repo": {
"type": "string",
"description": "path of the repository without the domain name in the form of my_username/my_repo"
},
"git": {
"type": "string",
"description": "The name of the git integration you want to use. If left empty, Codefresh will attempt to use the git provider that was used during account sign-up. Note that this might have unexpected results if you are changing your Git integrations."
},
"commit_message": {
"type": "string",
"description": "Text body of the comment to be created"
},
"working_directory": {
"type": "string",
"description": "The directory to which the repository is cloned. It can be an explicit path in the container’s file system, or a variable that references another step. The default value is '/codefresh/volume/${{CF_REPO_NAME}}'",
"default": "/codefresh/volume/${{CF_REPO_NAME}}"
},
"git_user_name": {
"type": "string",
"description":"The username the commit comes from"
},
"git_user_email": {
"type": "string",
"description": "Git user email"
},
"allow_empty": {
"type": "boolean",
"description": "Allow empty commit",
"default": false
},
"add": {
"type": ["string","array"],
"items": {
"type": "string"
},
"description": "Add file contents to the git index",
"default": "."
},
"gpg_key_id": {
"type": "string",
"description": "GPG key ID (for example `3AA5C34371567BD2`)",
"default": ""
},
"gpg_secret_key": {
"type": "string",
"description": "GPG secret key (base64 encoded; for example `gpg -a --export-secret-keys 3AA5C34371567BD2 | base64 -w0`) ",
"default": ""
},
"force_push": {
"type": "boolean",
"description": "force git push (false by default)",
"default": false
},
"rebase": {
"type": "boolean",
"description": "pull remote changes with rebase flag before push",
"default": false
},
"use_ssh": {
"type": "boolean",
"description": "Is use ssh or https (ssh key will be taken from git integration defined in git argument)",
"default": false
},
"base_branch": {
"type": "string",
"description": "Changes the base branch git-commit interacts with",
"default": ""
}
}
}
steps:
export_access_token:
title: "Export git access token"
image: quay.io/codefresh/cli:0.87.2
environment:
- GIT_INTEGRATION_NAME=${{git}}
- ALLOW_EMPTY_BOOL=${{allow_empty}}
- GIT_USER_NAME=${{git_user_name}}
commands:
- export GIT_ACCESS_TOKEN=$(codefresh get context $GIT_INTEGRATION_NAME --decrypt --prepare -o yaml | yq -r -c .spec.data.auth.password)
- echo GIT_ACCESS_TOKEN=$GIT_ACCESS_TOKEN >> /meta/env_vars_to_export
- export GIT_ACCESS_TOKEN_USER=$(codefresh get context $GIT_INTEGRATION_NAME --decrypt --prepare -o yaml | yq -r -c .spec.data.auth.username)
- export PRIVATE_KEY=$(codefresh get context $GIT_INTEGRATION_NAME --decrypt --prepare -o yaml | yq .spec.data.auth.sshPrivateKey)
- echo PRIVATE_KEY=$PRIVATE_KEY >> /meta/env_vars_to_export
# For Bitbucket Cloud integration with API Token, replace username by 'x-bitbucket-api-token-auth'
- export GIT_INTEGRATION_TYPE=$(codefresh get context "$GIT_INTEGRATION_NAME" --decrypt --prepare -o yaml | yq -r -c .spec.type)
- if [ "$GIT_INTEGRATION_TYPE" = "git.bitbucket" ] && [ "${GIT_ACCESS_TOKEN#ATAT}" != "$GIT_ACCESS_TOKEN" ]; then export GIT_ACCESS_TOKEN_USER="x-bitbucket-api-token-auth"; fi
# If the git integration does not include the auth username, then default to the git_user_name argument
- if [ "$GIT_ACCESS_TOKEN_USER" = "null" ]; then export GIT_ACCESS_TOKEN_USER=$GIT_USER_NAME; fi
- echo GIT_ACCESS_TOKEN_USER=$GIT_ACCESS_TOKEN_USER >> /meta/env_vars_to_export
- export ALLOW_EMPTY=$(if [[ $ALLOW_EMPTY_BOOL == true ]]; then echo '--allow-empty';fi)
- echo ALLOW_EMPTY=$ALLOW_EMPTY >> /meta/env_vars_to_export
- export ADD_FILES=$(echo ${{add}} | tr "," " ")
- echo ADD_FILES=$ADD_FILES >> /meta/env_vars_to_export
commit_and_push:
title: "Commit and push"
image: codefreshplugins/git-commit:0.1.4
shell: bash
environment:
- REPO=${{repo}}
- COMMIT_MESSAGE=${{commit_message}}
- WORKING_DIRECTORY=${{working_directory}}
- GIT_USER_NAME=${{git_user_name}}
- GIT_USER_EMAIL=${{git_user_email}}
- GPG_KEY_ID=${{gpg_key_id}}
- GPG_SECRET_KEY=${{gpg_secret_key}}
- FORCE_PUSH=${{force_push}}
- REBASE=${{rebase}}
- BASE_BRANCH=${{base_branch}}
- USE_SSH=${{use_ssh}}
- GIT_INTEGRATION_NAME=${{git}}
commands:
- |-
if [[ -n ${GPG_KEY_ID} && -n ${GPG_SECRET_KEY} ]]; then
apt-get update && apt install -y gnupg
echo ${GPG_SECRET_KEY} | base64 -d > /tmp/private.key
gpg --import /tmp/private.key
git config --global user.signingkey ${GPG_KEY_ID}
git config --global commit.gpgsign true
fi
- cd ${WORKING_DIRECTORY}
- export GIT_FQDN=$(git remote get-url --push origin | awk -F[/:] '{print $4}')
- echo GIT_USER_NAME=$GIT_USER_NAME GIT_USER_EMAIL=$GIT_USER_EMAIL
- git config --global user.name "${GIT_USER_NAME}"
- git config --global user.email ${GIT_USER_EMAIL}
- git add ${ADD_FILES}
- git commit ${ALLOW_EMPTY} -m "${COMMIT_MESSAGE}"
- git status
- |-
ENCODED_GIT_ACCESS_TOKEN=$(echo -n "${GIT_ACCESS_TOKEN}" | jq -sRr @uri)
REPO_URL="https://$GIT_ACCESS_TOKEN_USER:$ENCODED_GIT_ACCESS_TOKEN@$GIT_FQDN/$REPO.git"
if [ "$USE_SSH" = "true" ]; then
[ -z "$PRIVATE_KEY" ] && (echo "missing PRIVATE_KEY var" | tee /dev/stderr) && exit 1
echo ${PRIVATE_KEY:1:-1} | sed 's/\\n/\n/g' > ~/.ssh/codefresh
chmod 0600 ~/.ssh/*
chmod 0700 ~/.ssh/
# ssh://git@github.com:username/repo.git
# match "github.com" from ssh uri
REPO=${REPO#"ssh://"}
SSH_HOST=$(echo "$REPO" | cut -d ":" -f 1 | cut -d "@" -f 2)
echo "Adding "$SSH_HOST" to known_hosts"
# removes all keys belonging to hostname from a known_hosts file
ssh-keygen -R $SSH_HOST 2>/dev/null
ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts 2> >(grep -v '^#' >&2)
REPO_URL=$REPO
fi
- |-
if [ "$REBASE" = true ]; then
git pull --rebase $REPO_URL $BASE_BRANCH
fi
- |-
if [ "$FORCE_PUSH" = true ]; then
git push --force $REPO_URL $BASE_BRANCH
else
git push $REPO_URL $BASE_BRANCH
fi