From 22eeafa7765dbbe0ad86379e4993ceb4d0c2e604 Mon Sep 17 00:00:00 2001 From: sarthakpurohit Date: Sat, 27 Sep 2025 03:55:31 +0530 Subject: [PATCH] Automate OKD release promotions with weekly cron schedule - Add Tekton automation for release-next and release-stable pipelines - Schedule for Monday 10:30 AM IST (5:00 AM UTC) to avoid cleanup conflicts --- release-promotions/apply.sh | 9 +++++++++ release-promotions/cleanup.sh | 9 +++++++++ release-promotions/cluster-role.yaml | 11 +++++++++++ release-promotions/crb.yaml | 12 ++++++++++++ release-promotions/cronjob.yaml | 25 ++++++++++++++++++++++++ release-promotions/event-listener.yaml | 13 ++++++++++++ release-promotions/pipeline.yaml | 10 ++++++++++ release-promotions/sa.yaml | 5 +++++ release-promotions/task.yaml | 25 ++++++++++++++++++++++++ release-promotions/trigger-binding.yaml | 9 +++++++++ release-promotions/trigger-template.yaml | 17 ++++++++++++++++ 11 files changed, 145 insertions(+) create mode 100755 release-promotions/apply.sh create mode 100755 release-promotions/cleanup.sh create mode 100644 release-promotions/cluster-role.yaml create mode 100644 release-promotions/crb.yaml create mode 100644 release-promotions/cronjob.yaml create mode 100644 release-promotions/event-listener.yaml create mode 100644 release-promotions/pipeline.yaml create mode 100644 release-promotions/sa.yaml create mode 100644 release-promotions/task.yaml create mode 100644 release-promotions/trigger-binding.yaml create mode 100644 release-promotions/trigger-template.yaml diff --git a/release-promotions/apply.sh b/release-promotions/apply.sh new file mode 100755 index 0000000..284c4a3 --- /dev/null +++ b/release-promotions/apply.sh @@ -0,0 +1,9 @@ +oc apply -f sa.yaml +oc apply -f cluster-role.yaml +oc apply -f crb.yaml +oc apply -f task.yaml +oc apply -f pipeline.yaml +oc apply -f trigger-template.yaml +oc apply -f trigger-binding.yaml +oc apply -f event-listener.yaml +oc apply -f cronjob.yaml \ No newline at end of file diff --git a/release-promotions/cleanup.sh b/release-promotions/cleanup.sh new file mode 100755 index 0000000..f0ad6f2 --- /dev/null +++ b/release-promotions/cleanup.sh @@ -0,0 +1,9 @@ +oc delete -f cronjob.yaml +oc delete -f event-listener.yaml +oc delete -f trigger-binding.yaml +oc delete -f trigger-template.yaml +oc delete -f pipeline.yaml +oc delete -f task.yaml +oc delete -f crb.yaml +oc delete -f cluster-role.yaml +oc delete -f sa.yaml diff --git a/release-promotions/cluster-role.yaml b/release-promotions/cluster-role.yaml new file mode 100644 index 0000000..77e18c8 --- /dev/null +++ b/release-promotions/cluster-role.yaml @@ -0,0 +1,11 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: tekton-pipelinerun-creator +rules: +- apiGroups: ["tekton.dev"] + resources: ["pipelineruns"] + verbs: ["create"] +- apiGroups: ["triggers.tekton.dev"] + resources: ["eventlisteners", "triggertemplates", "triggerbindings", "triggers", "interceptors", "clusterinterceptors"] + verbs: ["get", "list", "watch"] \ No newline at end of file diff --git a/release-promotions/crb.yaml b/release-promotions/crb.yaml new file mode 100644 index 0000000..b7c0814 --- /dev/null +++ b/release-promotions/crb.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: tekton-oc-create-binding +subjects: +- kind: ServiceAccount + name: tekton-cluster-access + namespace: okd-coreos +roleRef: + kind: ClusterRole + name: tekton-pipelinerun-creator + apiGroup: rbac.authorization.k8s.io diff --git a/release-promotions/cronjob.yaml b/release-promotions/cronjob.yaml new file mode 100644 index 0000000..d04515a --- /dev/null +++ b/release-promotions/cronjob.yaml @@ -0,0 +1,25 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: cron-trigger-cluster-command + namespace: okd-coreos +spec: + suspend: false + schedule: "0 5 * * 1" + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: curl-trigger + image: curlimages/curl:latest + command: ["/bin/sh"] + args: + - "-c" + - | + echo "[INFO] Triggering EventListener..." + curl -X POST \ + http://el-cluster-command-listener.okd-coreos.svc.cluster.local:8080 \ + -H 'Content-Type: application/json' \ + -d '{"message":"trigger"}' diff --git a/release-promotions/event-listener.yaml b/release-promotions/event-listener.yaml new file mode 100644 index 0000000..2687af4 --- /dev/null +++ b/release-promotions/event-listener.yaml @@ -0,0 +1,13 @@ +apiVersion: triggers.tekton.dev/v1beta1 +kind: EventListener +metadata: + name: cluster-command-listener + namespace: okd-coreos +spec: + serviceAccountName: tekton-cluster-access + triggers: + - name: trigger-on-cron + bindings: + - ref: cluster-command-binding + template: + ref: cluster-command-template \ No newline at end of file diff --git a/release-promotions/pipeline.yaml b/release-promotions/pipeline.yaml new file mode 100644 index 0000000..5c89fbd --- /dev/null +++ b/release-promotions/pipeline.yaml @@ -0,0 +1,10 @@ +apiVersion: tekton.dev/v1 +kind: Pipeline +metadata: + name: cluster-command-pipeline + namespace: okd-coreos +spec: + tasks: + - name: run-command + taskRef: + name: cluster-command-task \ No newline at end of file diff --git a/release-promotions/sa.yaml b/release-promotions/sa.yaml new file mode 100644 index 0000000..9deca11 --- /dev/null +++ b/release-promotions/sa.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: tekton-cluster-access + namespace: okd-coreos \ No newline at end of file diff --git a/release-promotions/task.yaml b/release-promotions/task.yaml new file mode 100644 index 0000000..4159bd3 --- /dev/null +++ b/release-promotions/task.yaml @@ -0,0 +1,25 @@ +apiVersion: tekton.dev/v1 +kind: Task +metadata: + name: cluster-command-task + namespace: okd-coreos +spec: + steps: + - name: run-cluster-command + image: quay.io/openshift/origin-cli:latest + script: | + #!/bin/bash + set -euo pipefail + + echo "[INFO] Promoting OKD releases:" + + echo "[INFO] Applying: okd-release-next-pipelinerun.yaml" + oc create -f https://raw.githubusercontent.com/okd-project/okd-release-pipeline/main/environments/moc/pipelineruns/okd-release-next-pipelinerun.yaml + + echo "[INFO] Sleeping for 30 minutes to let the first pipeline complete..." + sleep 1800 + + echo "[INFO] Applying: okd-release-stable-pipelinerun.yaml" + oc create -f https://raw.githubusercontent.com/okd-project/okd-release-pipeline/main/environments/moc/pipelineruns/okd-release-stable-pipelinerun.yaml + + echo "[INFO] OKD promotion jobs done!" \ No newline at end of file diff --git a/release-promotions/trigger-binding.yaml b/release-promotions/trigger-binding.yaml new file mode 100644 index 0000000..917fd93 --- /dev/null +++ b/release-promotions/trigger-binding.yaml @@ -0,0 +1,9 @@ +apiVersion: triggers.tekton.dev/v1beta1 +kind: TriggerBinding +metadata: + name: cluster-command-binding + namespace: okd-coreos +spec: + params: + - name: trigger-source + value: $(body.message) diff --git a/release-promotions/trigger-template.yaml b/release-promotions/trigger-template.yaml new file mode 100644 index 0000000..29565cf --- /dev/null +++ b/release-promotions/trigger-template.yaml @@ -0,0 +1,17 @@ +apiVersion: triggers.tekton.dev/v1beta1 +kind: TriggerTemplate +metadata: + name: cluster-command-template + namespace: okd-coreos +spec: + params: + - name: trigger-source + resourcetemplates: + - apiVersion: tekton.dev/v1beta1 + kind: PipelineRun + metadata: + generateName: cluster-command-run- + spec: + serviceAccountName: tekton-cluster-access + pipelineRef: + name: cluster-command-pipeline