From 60d7bd335ac9fa032476a25d8b5a083d1c650640 Mon Sep 17 00:00:00 2001
From: matthewchungcodefresh
<106268971+matthewchungcodefresh@users.noreply.github.com>
Date: Thu, 18 Aug 2022 11:21:42 -0400
Subject: [PATCH 1/3] Heroku (#420)
* Datree
* Aqua
* Aqua
* Aqua update
* Update workflowTemplate.yaml
* change name
* Update Dockerfile
* Update workflowTemplate.yaml
* Datree
* Update workflowTemplate.yaml
* Update workflowTemplate.yaml
* Update workflowTemplate.yaml
* Codecov
* Update workflowTemplate.yaml
* Update workflowTemplate.yaml
* Update workflowTemplate.yaml
* Update workflowTemplate.yaml
* Update workflowTemplate.yaml
* Heroku
* heroku update
* Aqua
* Delete workflows/aqua directory
* Delete workflows/codecov directory
* Delete workflows/datree directory
---
workflows/heroku/CHANGELOG.md | 9 ++
workflows/heroku/assets/icon.svg | 5 ++
workflows/heroku/versions/0.0.1/README.md | 17 ++++
.../versions/0.0.1/docs/heroku-deployer.md | 87 +++++++++++++++++++
.../0.0.1/images/heroku-manager/Dockerfile | 4 +
workflows/heroku/versions/0.0.1/rbac.yaml | 43 +++++++++
.../versions/0.0.1/workflowTemplate.yaml | 73 ++++++++++++++++
7 files changed, 238 insertions(+)
create mode 100644 workflows/heroku/CHANGELOG.md
create mode 100644 workflows/heroku/assets/icon.svg
create mode 100644 workflows/heroku/versions/0.0.1/README.md
create mode 100644 workflows/heroku/versions/0.0.1/docs/heroku-deployer.md
create mode 100644 workflows/heroku/versions/0.0.1/images/heroku-manager/Dockerfile
create mode 100644 workflows/heroku/versions/0.0.1/rbac.yaml
create mode 100644 workflows/heroku/versions/0.0.1/workflowTemplate.yaml
diff --git a/workflows/heroku/CHANGELOG.md b/workflows/heroku/CHANGELOG.md
new file mode 100644
index 00000000..ceb7ebd3
--- /dev/null
+++ b/workflows/heroku/CHANGELOG.md
@@ -0,0 +1,9 @@
+# Changelog
+
+## v0.0.1 8/10/2022
+
+Initial Codecov template that sends a code scan report to codecov
+
+Template includes:
+
+* codecov-report
diff --git a/workflows/heroku/assets/icon.svg b/workflows/heroku/assets/icon.svg
new file mode 100644
index 00000000..744f0198
--- /dev/null
+++ b/workflows/heroku/assets/icon.svg
@@ -0,0 +1,5 @@
+
\ No newline at end of file
diff --git a/workflows/heroku/versions/0.0.1/README.md b/workflows/heroku/versions/0.0.1/README.md
new file mode 100644
index 00000000..012a6fa7
--- /dev/null
+++ b/workflows/heroku/versions/0.0.1/README.md
@@ -0,0 +1,17 @@
+# Starting-Template
+
+## Summary
+
+A template that deploys to heroku via codefresh pipeline
+
+## Templates
+
+
+1. [heroku-deployer](https://github.com/codefresh-io/argo-hub/blob/main/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md)
+
+
+## Security
+
+Minimal required permissions
+
+[Full rbac permissions list](https://github.com/codefresh-io/argo-hub/blob/main/workflows/heroku/versions/0.0.1/rbac.yaml)
diff --git a/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md b/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md
new file mode 100644
index 00000000..4095292e
--- /dev/null
+++ b/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md
@@ -0,0 +1,87 @@
+# heroku-deployer
+
+## Summary
+Sends a code scan report to codecov
+
+## Inputs/Outputs
+
+### Inputs
+* HEROKU_SECRET (required) - The Kubernetes secret with the Heroku login details
+* HEROKY_API_TOKEN_SECRET_KEY (optional) - The key in the Kubernetes secret with the Heroku api token. Default is 'token'
+* HEROKY_EMAIL_SECRET_KEY (optional) - The key in the Kubernetes secret with the Heroku login email. Default is 'email'
+* APP_NAME (required) - Name of application
+* WORKING_DIRECTORY (optional) - Path to working directory within cloned repository. Default is '.'.
+* REPO_URL (required) - Git repo to be run containing sonar-project.properties. Key defaults to token.
+* GIT_TOKEN (optional) - the k8s secret name that contains a key named token with the git secret inside it
+* REPO (required) - Path to artifact where repository is to be cloned.
+
+### Secrets
+* Heroku Secret - in order for this template to work a secret named `heroku-secret` must exist with heroku login details.
+```
+ apiVersion: v1
+ kind: Secret
+ metadata:
+ name: heroku-secret
+ type: Opaque
+ data:
+ token: echo -n 'heroku api token' | base64
+ email: echo -n 'heroku email' | base64
+```
+
+* Github Secret - in order for this template to work a secret named `github-token` must exist with a github token.
+```
+ apiVersion: v1
+ kind: Secret
+ metadata:
+ name: github-token
+ type: Opaque
+ data:
+ token: echo -n 'github token' | base64
+```
+
+### Outputs
+no outputs
+
+## Examples
+
+### task Example
+```
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+ generateName: heroku-deployer-
+spec:
+ entrypoint: main
+ templates:
+ - name: main
+ dag:
+ tasks:
+ - name: clone-step
+ templateRef:
+ name: argo-hub.git.0.0.2
+ template: clone
+ arguments:
+ parameters:
+ - name: REPO_URL
+ value: 'https://github.com/codefresh-io/argo-hub'
+ - name: GIT_TOKEN_SECRET
+ value: 'git-token-name'
+ outputs:
+ artifacts:
+ - name: REPO
+ path: '/tmp/repo'
+ - name: heroku-deployer
+ dependencies: [clone-step]
+ templateref:
+ name: argo-hub.heroku.0.0.1
+ template: heroku-deployer
+ arguments:
+ artifacts:
+ - name: REPO
+ from: "{{tasks.clone-step.outputs.artifacts.repo}}"
+ parameters:
+ - name: HEROKU_SECRET
+ value: heroku-secret
+ - name: APP_NAME
+ value: codefresh-test
+```
diff --git a/workflows/heroku/versions/0.0.1/images/heroku-manager/Dockerfile b/workflows/heroku/versions/0.0.1/images/heroku-manager/Dockerfile
new file mode 100644
index 00000000..70a5c0dc
--- /dev/null
+++ b/workflows/heroku/versions/0.0.1/images/heroku-manager/Dockerfile
@@ -0,0 +1,4 @@
+FROM alpine:latest
+RUN apk --update add curl bash nodejs npm git
+RUN curl https://cli-assets.heroku.com/install.sh | sh
+ENTRYPOINT heroku
\ No newline at end of file
diff --git a/workflows/heroku/versions/0.0.1/rbac.yaml b/workflows/heroku/versions/0.0.1/rbac.yaml
new file mode 100644
index 00000000..d1329f27
--- /dev/null
+++ b/workflows/heroku/versions/0.0.1/rbac.yaml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: argo-hub.heroku.0.0.1
+ annotations:
+ argo-hub/version: '0.0.1'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: argo-hub.heroku.0.0.1
+ annotations:
+ argo-hub/version: '0.0.1'
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - get
+ - watch
+ - patch
+ - apiGroups:
+ - ""
+ resources:
+ - pods/log
+ verbs:
+ - get
+ - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: argo-hub.heroku.0.0.1
+ annotations:
+ argo-hub/version: '0.0.1'
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: argo-hub.heroku.0.0.1
+subjects:
+ - kind: ServiceAccount
+ name: argo-hub.heroku.0.0.1
diff --git a/workflows/heroku/versions/0.0.1/workflowTemplate.yaml b/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
new file mode 100644
index 00000000..c9d004bb
--- /dev/null
+++ b/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
@@ -0,0 +1,73 @@
+apiVersion: argoproj.io/v1alpha1
+kind: WorkflowTemplate
+metadata:
+ name: argo-hub.heroku.0.0.1
+ annotations:
+ argo-hub/version: '0.0.1'
+ argo-hub/description: 'Heroku template'
+ argo-hub/categories: 'argo'
+ argo-hub/license: 'MIT'
+ argo-hub/owner_name: 'Matthew Chung'
+ argo-hub/owner_email: 'matthew.chung@codefresh.io'
+ argo-hub/owner_avatar: 'https://github.com/matthewchungcodefresh.png'
+ argo-hub/owner_url: 'https://github.com/matthewchungcodefresh'
+ argo-hub/icon_url: "https://cdn.jsdelivr.net/gh/codefresh-io/argo-hub@main/workflows/heroku/assets/icon.svg"
+ argo-hub/icon-background: "#f4f4f4"
+spec:
+ templates:
+ - name: heroku-deployer
+ serviceAccountName: argo-hub.heroku.0.0.1
+ metadata:
+ annotations:
+ argo-hub-template/description: 'Deploy to heroku via codefresh pipeline'
+ argo-hub-template/icon_url: "https://cdn.jsdelivr.net/gh/codefresh-io/argo-hub@main/workflows/heroku/assets/icon.svg"
+ argo-hub-template/icon_background: "#f4f4f4"
+ retryStrategy:
+ limit: "3"
+ retryPolicy: "Always"
+ backoff:
+ duration: "5s"
+ inputs:
+ artifacts:
+ - name: REPO
+ path: /tmp/repo
+ parameters:
+ # required
+ - name: HEROKU_SECRET
+ default: heroku-secret
+ - name: HEROKY_API_TOKEN_SECRET_KEY
+ default: token
+ - name: HEROKY_EMAIL_SECRET_KEY
+ default: email
+ - name: APP_NAME
+ # optional
+ - name: WORKING_DIRECTORY
+ default: "."
+ script:
+ imagePullPolicy: Always
+ image: quay.io/codefreshplugins/argo-hub-workflows-heroku-versions-0.0.1-images-heroku-manager:main
+ workingDir: /tmp/repo
+ env:
+ - name: HEROKU_API_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: '{{ inputs.parameters.HEROKU_SECRET }}'
+ key: '{{ inputs.parameters.HEROKY_API_TOKEN_SECRET_KEY }}'
+ - name: HEROKU_EMAIL
+ valueFrom:
+ secretKeyRef:
+ name: '{{ inputs.parameters.HEROKU_SECRET }}'
+ key: '{{ inputs.parameters.HEROKY_EMAIL_SECRET_KEY }}'
+ - name: APP_NAME
+ value: '{{ inputs.parameters.APP_NAME }}'
+ - name: WORKING_DIRECTORY
+ value: '{{ inputs.parameters.WORKING_DIRECTORY }}'
+ command: [sh]
+ source: |
+ printf "machine api.heroku.com\n login $HEROKU_EMAIL\n password $HEROKU_API_TOKEN\nmachine git.heroku.com\n login $HEROKU_EMAIL\n password $HEROKU_API_TOKEN\n" > ~/.netrc
+ cd $WORKING_DIRECTORY
+ heroku create $APP_NAME || true
+ heroku git:remote --app $APP_NAME
+ git push heroku master --force
+
+
\ No newline at end of file
From 71e52a9ea9edbedd250876a8a6280e0f76ddc8f1 Mon Sep 17 00:00:00 2001
From: Laurent
Date: Wed, 31 Aug 2022 17:09:04 -0700
Subject: [PATCH 2/3] Cahnge to private image
Signed-off-by: Laurent
---
workflows/heroku/CHANGELOG.md | 6 +++---
workflows/heroku/versions/0.0.1/README.md | 2 +-
.../heroku/versions/0.0.1/docs/heroku-deployer.md | 8 ++++----
.../heroku/versions/0.0.1/workflowTemplate.yaml | 14 +++++++-------
4 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/workflows/heroku/CHANGELOG.md b/workflows/heroku/CHANGELOG.md
index ceb7ebd3..c2ddae34 100644
--- a/workflows/heroku/CHANGELOG.md
+++ b/workflows/heroku/CHANGELOG.md
@@ -2,8 +2,8 @@
## v0.0.1 8/10/2022
-Initial Codecov template that sends a code scan report to codecov
+Initial Heroku template to deploy
-Template includes:
+Template includes:
-* codecov-report
+* heroku-deployer
diff --git a/workflows/heroku/versions/0.0.1/README.md b/workflows/heroku/versions/0.0.1/README.md
index 012a6fa7..5d0028bd 100644
--- a/workflows/heroku/versions/0.0.1/README.md
+++ b/workflows/heroku/versions/0.0.1/README.md
@@ -2,7 +2,7 @@
## Summary
-A template that deploys to heroku via codefresh pipeline
+A template that deploys to Heroku via Codefresh GitOps Workflow
## Templates
diff --git a/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md b/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md
index 4095292e..e6570428 100644
--- a/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md
+++ b/workflows/heroku/versions/0.0.1/docs/heroku-deployer.md
@@ -7,13 +7,13 @@ Sends a code scan report to codecov
### Inputs
* HEROKU_SECRET (required) - The Kubernetes secret with the Heroku login details
-* HEROKY_API_TOKEN_SECRET_KEY (optional) - The key in the Kubernetes secret with the Heroku api token. Default is 'token'
-* HEROKY_EMAIL_SECRET_KEY (optional) - The key in the Kubernetes secret with the Heroku login email. Default is 'email'
+* HEROKU_API_TOKEN_SECRET_KEY (optional) - The key in the Kubernetes secret with the Heroku api token. Default is 'token'
+* HEROKU_EMAIL_SECRET_KEY (optional) - The key in the Kubernetes secret with the Heroku login email. Default is 'email'
* APP_NAME (required) - Name of application
* WORKING_DIRECTORY (optional) - Path to working directory within cloned repository. Default is '.'.
* REPO_URL (required) - Git repo to be run containing sonar-project.properties. Key defaults to token.
* GIT_TOKEN (optional) - the k8s secret name that contains a key named token with the git secret inside it
-* REPO (required) - Path to artifact where repository is to be cloned.
+* REPO (required) - Path to artifact where repository is to be cloned.
### Secrets
* Heroku Secret - in order for this template to work a secret named `heroku-secret` must exist with heroku login details.
@@ -71,7 +71,7 @@ spec:
- name: REPO
path: '/tmp/repo'
- name: heroku-deployer
- dependencies: [clone-step]
+ depends: clone-step
templateref:
name: argo-hub.heroku.0.0.1
template: heroku-deployer
diff --git a/workflows/heroku/versions/0.0.1/workflowTemplate.yaml b/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
index c9d004bb..13701e7e 100644
--- a/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
+++ b/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
@@ -35,9 +35,9 @@ spec:
# required
- name: HEROKU_SECRET
default: heroku-secret
- - name: HEROKY_API_TOKEN_SECRET_KEY
+ - name: HEROKU_API_TOKEN_SECRET_KEY
default: token
- - name: HEROKY_EMAIL_SECRET_KEY
+ - name: HEROKU_EMAIL_SECRET_KEY
default: email
- name: APP_NAME
# optional
@@ -45,19 +45,21 @@ spec:
default: "."
script:
imagePullPolicy: Always
- image: quay.io/codefreshplugins/argo-hub-workflows-heroku-versions-0.0.1-images-heroku-manager:main
+ # image: quay.io/codefreshplugins/argo-hub-workflows-heroku-versions-0.0.1-images-heroku-manager:main
+ image: quay.io/lrochette/argo-hub-heroku-heroku-manager:0.0.1-main
+
workingDir: /tmp/repo
env:
- name: HEROKU_API_TOKEN
valueFrom:
secretKeyRef:
name: '{{ inputs.parameters.HEROKU_SECRET }}'
- key: '{{ inputs.parameters.HEROKY_API_TOKEN_SECRET_KEY }}'
+ key: '{{ inputs.parameters.HEROKU_API_TOKEN_SECRET_KEY }}'
- name: HEROKU_EMAIL
valueFrom:
secretKeyRef:
name: '{{ inputs.parameters.HEROKU_SECRET }}'
- key: '{{ inputs.parameters.HEROKY_EMAIL_SECRET_KEY }}'
+ key: '{{ inputs.parameters.HEROKU_EMAIL_SECRET_KEY }}'
- name: APP_NAME
value: '{{ inputs.parameters.APP_NAME }}'
- name: WORKING_DIRECTORY
@@ -69,5 +71,3 @@ spec:
heroku create $APP_NAME || true
heroku git:remote --app $APP_NAME
git push heroku master --force
-
-
\ No newline at end of file
From 5a4428bb644891dd0fc9cb71681bb36d9f9bea1a Mon Sep 17 00:00:00 2001
From: Laurent
Date: Thu, 1 Sep 2022 14:09:53 -0700
Subject: [PATCH 3/3] Revert to official image created by pipeline
Signed-off-by: Laurent
---
workflows/heroku/versions/0.0.1/workflowTemplate.yaml | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/workflows/heroku/versions/0.0.1/workflowTemplate.yaml b/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
index 13701e7e..b6784b81 100644
--- a/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
+++ b/workflows/heroku/versions/0.0.1/workflowTemplate.yaml
@@ -45,8 +45,7 @@ spec:
default: "."
script:
imagePullPolicy: Always
- # image: quay.io/codefreshplugins/argo-hub-workflows-heroku-versions-0.0.1-images-heroku-manager:main
- image: quay.io/lrochette/argo-hub-heroku-heroku-manager:0.0.1-main
+ image: quay.io/codefreshplugins/argo-hub-heroku-heroku-manager:0.0.1-main
workingDir: /tmp/repo
env: