diff --git a/docs/cmd/tkn_eventlistener.md b/docs/cmd/tkn_eventlistener.md index 8cf3f398f3..cf706427cd 100644 --- a/docs/cmd/tkn_eventlistener.md +++ b/docs/cmd/tkn_eventlistener.md @@ -30,4 +30,5 @@ Manage eventlisteners * [tkn eventlistener delete](tkn_eventlistener_delete.md) - Delete EventListeners in a namespace * [tkn eventlistener describe](tkn_eventlistener_describe.md) - Describe EventListener in a namespace * [tkn eventlistener list](tkn_eventlistener_list.md) - Lists eventlisteners in a namespace +* [tkn eventlistener logs](tkn_eventlistener_logs.md) - Show EventListener logs diff --git a/docs/cmd/tkn_eventlistener_logs.md b/docs/cmd/tkn_eventlistener_logs.md new file mode 100644 index 0000000000..01fc70c7bb --- /dev/null +++ b/docs/cmd/tkn_eventlistener_logs.md @@ -0,0 +1,45 @@ +## tkn eventlistener logs + +Show EventListener logs + +### Usage + +``` +tkn eventlistener logs +``` + +### Synopsis + +Show EventListener logs + +### Examples + + +Show logs of EventListener pods: + + tkn eventlistener logs eventlistenerName + +Show 2 lines of most recent logs from all EventListener pods: + + tkn eventlistener logs eventListenerName -t 2 + +### Options + +``` + -h, --help help for logs + -t, --tail int Number of most recent log lines to show. Specify -1 for all logs from each pod. (default 10) +``` + +### Options inherited from parent commands + +``` + -c, --context string name of the kubeconfig context to use (default: kubectl config current-context) + -k, --kubeconfig string kubectl config file (default: $HOME/.kube/config) + -n, --namespace string namespace to use (default: from $KUBECONFIG) + -C, --nocolour disable colouring (default: false) +``` + +### SEE ALSO + +* [tkn eventlistener](tkn_eventlistener.md) - Manage eventlisteners + diff --git a/docs/cmd/tkn_taskrun_logs.md b/docs/cmd/tkn_taskrun_logs.md index 4206113589..45c6a2e59f 100644 --- a/docs/cmd/tkn_taskrun_logs.md +++ b/docs/cmd/tkn_taskrun_logs.md @@ -14,6 +14,7 @@ Show TaskRuns logs ### Examples + Show the logs of TaskRun named 'foo' from the namespace 'bar': tkn taskrun logs foo -n bar diff --git a/docs/man/man1/tkn-eventlistener-logs.1 b/docs/man/man1/tkn-eventlistener-logs.1 new file mode 100644 index 0000000000..67b964b329 --- /dev/null +++ b/docs/man/man1/tkn-eventlistener-logs.1 @@ -0,0 +1,77 @@ +.TH "TKN\-EVENTLISTENER\-LOGS" "1" "" "Auto generated by spf13/cobra" "" +.nh +.ad l + + +.SH NAME +.PP +tkn\-eventlistener\-logs \- Show EventListener logs + + +.SH SYNOPSIS +.PP +\fBtkn eventlistener logs\fP + + +.SH DESCRIPTION +.PP +Show EventListener logs + + +.SH OPTIONS +.PP +\fB\-h\fP, \fB\-\-help\fP[=false] + help for logs + +.PP +\fB\-t\fP, \fB\-\-tail\fP=10 + Number of most recent log lines to show. Specify \-1 for all logs from each pod. + + +.SH OPTIONS INHERITED FROM PARENT COMMANDS +.PP +\fB\-c\fP, \fB\-\-context\fP="" + name of the kubeconfig context to use (default: kubectl config current\-context) + +.PP +\fB\-k\fP, \fB\-\-kubeconfig\fP="" + kubectl config file (default: $HOME/.kube/config) + +.PP +\fB\-n\fP, \fB\-\-namespace\fP="" + namespace to use (default: from $KUBECONFIG) + +.PP +\fB\-C\fP, \fB\-\-nocolour\fP[=false] + disable colouring (default: false) + + +.SH EXAMPLE +.PP +Show logs of EventListener pods: + +.PP +.RS + +.nf +tkn eventlistener logs eventlistenerName + +.fi +.RE + +.PP +Show 2 lines of most recent logs from all EventListener pods: + +.PP +.RS + +.nf +tkn eventlistener logs eventListenerName \-t 2 + +.fi +.RE + + +.SH SEE ALSO +.PP +\fBtkn\-eventlistener(1)\fP diff --git a/docs/man/man1/tkn-eventlistener.1 b/docs/man/man1/tkn-eventlistener.1 index d90787263d..2cf30f885e 100644 --- a/docs/man/man1/tkn-eventlistener.1 +++ b/docs/man/man1/tkn-eventlistener.1 @@ -42,4 +42,4 @@ Manage eventlisteners .SH SEE ALSO .PP -\fBtkn(1)\fP, \fBtkn\-eventlistener\-delete(1)\fP, \fBtkn\-eventlistener\-describe(1)\fP, \fBtkn\-eventlistener\-list(1)\fP +\fBtkn(1)\fP, \fBtkn\-eventlistener\-delete(1)\fP, \fBtkn\-eventlistener\-describe(1)\fP, \fBtkn\-eventlistener\-list(1)\fP, \fBtkn\-eventlistener\-logs(1)\fP diff --git a/pkg/cmd/eventlistener/eventlistener.go b/pkg/cmd/eventlistener/eventlistener.go index 059bae2ac0..8f998c35ae 100644 --- a/pkg/cmd/eventlistener/eventlistener.go +++ b/pkg/cmd/eventlistener/eventlistener.go @@ -38,6 +38,7 @@ func Command(p cli.Params) *cobra.Command { deleteCommand(p), describeCommand(p), listCommand(p), + logCommand(p), ) return cmd diff --git a/pkg/cmd/eventlistener/logs.go b/pkg/cmd/eventlistener/logs.go new file mode 100644 index 0000000000..77b0432c45 --- /dev/null +++ b/pkg/cmd/eventlistener/logs.go @@ -0,0 +1,132 @@ +// Copyright © 2020 The Tekton Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package eventlistener + +import ( + "bufio" + "bytes" + "fmt" + "io" + + "github.com/spf13/cobra" + "github.com/tektoncd/cli/pkg/cli" + "github.com/tektoncd/cli/pkg/options" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func logCommand(p cli.Params) *cobra.Command { + opts := options.NewLogOptions(p) + + eg := ` +Show logs of EventListener pods: + + tkn eventlistener logs eventlistenerName + +Show 2 lines of most recent logs from all EventListener pods: + + tkn eventlistener logs eventListenerName -t 2` + c := &cobra.Command{ + Use: "logs", + DisableFlagsInUseLine: true, + Short: "Show EventListener logs", + Example: eg, + SilenceUsage: true, + Annotations: map[string]string{ + "commandType": "main", + }, + Args: cobra.ExactValidArgs(1), + RunE: func(cmd *cobra.Command, args []string) error { + if opts.Tail <= 0 && opts.Tail != -1 { + return fmt.Errorf("tail cannot be 0 or less than 0 unless -1 for all pods") + } + + err := getEventListener(args[0], p) + if err != nil { + return err + } + + s := &cli.Stream{ + Out: cmd.OutOrStdout(), + Err: cmd.OutOrStderr(), + } + + return logs(args[0], p, s, opts) + }, + } + c.Flags().Int64VarP(&opts.Tail, "tail", "t", 10, "Number of most recent log lines to show. Specify -1 for all logs from each pod.") + _ = c.MarkZshCompPositionalArgumentCustom(1, "__tkn_get_eventlistener") + return c +} + +func getEventListener(elName string, p cli.Params) error { + cs, err := p.Clients() + if err != nil { + return fmt.Errorf("failed to create tekton client") + } + + _, err = cs.Triggers.TriggersV1alpha1().EventListeners(p.Namespace()).Get(elName, metav1.GetOptions{}) + if err != nil { + return fmt.Errorf("failed to get EventListener %s: %v", elName, err) + } + + return nil +} + +func logs(elName string, p cli.Params, s *cli.Stream, opts *options.LogOptions) error { + cs, err := p.Clients() + if err != nil { + return fmt.Errorf("failed to create tekton client") + } + + elPods, err := cs.Kube.CoreV1().Pods(p.Namespace()).List(metav1.ListOptions{LabelSelector: "eventlistener=" + elName}) + if err != nil { + return fmt.Errorf("failed to get pods for EventListener %s", elName) + } + + if len(elPods.Items) == 0 { + fmt.Fprintf(s.Out, "No pods available for EventListener %s\n", elName) + return nil + } + + for _, pod := range elPods.Items { + podName := pod.Name + podLopOpts := &corev1.PodLogOptions{} + // -1 represents getting all logs from each pod. Tail is 10 by default. + if opts.Tail != -1 { + podLopOpts.TailLines = &opts.Tail + } + podLogReq := cs.Kube.CoreV1().Pods(p.Namespace()).GetLogs(podName, podLopOpts) + podLogs, err := podLogReq.Stream() + if err != nil { + return err + } + defer podLogs.Close() + + buf := new(bytes.Buffer) + _, err = io.Copy(buf, podLogs) + if err != nil { + return err + } + + fmt.Println() + scanner := bufio.NewScanner(buf) + for scanner.Scan() { + fmt.Printf("[%s-%s]: "+scanner.Text()+"\n", elName, podName) + } + } + + return nil +} diff --git a/pkg/cmd/eventlistener/logs_test.go b/pkg/cmd/eventlistener/logs_test.go new file mode 100644 index 0000000000..69c9987db1 --- /dev/null +++ b/pkg/cmd/eventlistener/logs_test.go @@ -0,0 +1,104 @@ +package eventlistener + +import ( + "fmt" + "strings" + "testing" + "time" + + "github.com/jonboulle/clockwork" + "github.com/spf13/cobra" + "github.com/tektoncd/cli/pkg/test" + "github.com/tektoncd/triggers/pkg/apis/triggers/v1alpha1" + triggertest "github.com/tektoncd/triggers/test" + "gotest.tools/v3/golden" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func TestLogsEventListener(t *testing.T) { + now := time.Now() + + els := []*v1alpha1.EventListener{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: "eventlistener-no-pods", + }, + }, + } + + tests := []struct { + name string + command *cobra.Command + args []string + wantError bool + goldenFile bool + want string + }{ + { + name: "No arguments passed", + command: commandLogs(t, els, now), + args: []string{"logs"}, + wantError: true, + goldenFile: false, + want: "accepts 1 arg(s), received 0", + }, + { + name: "No EventListener found", + command: commandLogs(t, els, now), + args: []string{"logs", "notFound"}, + wantError: true, + goldenFile: false, + want: "failed to get EventListener notFound: eventlisteners.triggers.tekton.dev \"notFound\" not found", + }, + { + name: "No EventListener pods", + command: commandLogs(t, els, now), + args: []string{"logs", "eventlistener-no-pods"}, + wantError: false, + goldenFile: false, + want: "No pods available for EventListener eventlistener-no-pods\n", + }, + { + name: "Tail option as 0 results in error", + command: commandLogs(t, els, now), + args: []string{"logs", "eventlistener-no-pods", "-t", "0"}, + wantError: true, + goldenFile: false, + want: "tail cannot be 0 or less than 0 unless -1 for all pods", + }, + { + name: "Tail option as -2 results in error", + command: commandLogs(t, els, now), + args: []string{"logs", "eventlistener-no-pods", "-t", "-2"}, + wantError: true, + goldenFile: false, + want: "tail cannot be 0 or less than 0 unless -1 for all pods", + }, + } + + for _, td := range tests { + t.Run(td.name, func(t *testing.T) { + got, err := test.ExecuteCommand(td.command, td.args...) + + if err != nil && !td.wantError { + t.Errorf("Unexpected error: %v", err) + } + if td.goldenFile { + golden.Assert(t, got, strings.ReplaceAll(fmt.Sprintf("%s.golden", t.Name()), "/", "-")) + } else { + if err != nil { + test.AssertOutput(t, td.want, err.Error()) + } else { + test.AssertOutput(t, td.want, got) + } + } + }) + } +} + +func commandLogs(t *testing.T, els []*v1alpha1.EventListener, now time.Time) *cobra.Command { + clock := clockwork.NewFakeClockAt(now) + cs := test.SeedTestResources(t, triggertest.Resources{EventListeners: els}) + p := &test.Params{Tekton: cs.Pipeline, Clock: clock, Kube: cs.Kube, Triggers: cs.Triggers} + return Command(p) +} diff --git a/pkg/cmd/taskrun/logs.go b/pkg/cmd/taskrun/logs.go index bad659b841..a8d44fd590 100644 --- a/pkg/cmd/taskrun/logs.go +++ b/pkg/cmd/taskrun/logs.go @@ -33,7 +33,8 @@ const ( func logCommand(p cli.Params) *cobra.Command { opts := &options.LogOptions{Params: p} - eg := `Show the logs of TaskRun named 'foo' from the namespace 'bar': + eg := ` +Show the logs of TaskRun named 'foo' from the namespace 'bar': tkn taskrun logs foo -n bar diff --git a/pkg/options/logs.go b/pkg/options/logs.go index 00fe9ff8ca..75a5dfce71 100644 --- a/pkg/options/logs.go +++ b/pkg/options/logs.go @@ -46,6 +46,7 @@ type LogOptions struct { Limit int AskOpts survey.AskOpt Fzf bool + Tail int64 } func NewLogOptions(p cli.Params) *LogOptions { diff --git a/test/e2e-tests.sh b/test/e2e-tests.sh index 358519e8ff..79181c1d96 100755 --- a/test/e2e-tests.sh +++ b/test/e2e-tests.sh @@ -105,7 +105,7 @@ kubectl config set-context $(kubectl config current-context) --namespace=tektonc # create pipeline, pipelinerun, task, and taskrun kubectl apply -f ./test/resources/output-pipelinerun.yaml kubectl apply -f ./test/resources/task-volume.yaml -kubectl apply -f ./test/resources/eventlistener.yaml +kubectl apply -f ./test/resources/eventlistener/eventlistener-multi-replica.yaml echo Waiting for resources to be ready echo --------------------------------- wait_until_ready 600 pipelinerun/output-pipeline-run || exit 1 @@ -125,7 +125,7 @@ run_test "list eventlistener" tkn eventlistener list run_test "describe pipeline" tkn pipeline describe output-pipeline run_test "describe pipelinerun" tkn pipelinerun describe output-pipeline-run -run_test "describe eventlistener" tkn eventlistener describe listener +run_test "describe eventlistener" tkn eventlistener describe github-listener-interceptor run_test "show logs" tkn pipelinerun logs output-pipeline-run run_test "show logs" tkn taskrun logs test-template-volume @@ -138,14 +138,14 @@ run_test "delete pipelinerun" tkn pipelinerun delete output-pipeline-run -f run_test "delete resource" tkn resource delete skaffold-git -f run_test "delete task" tkn task delete create-file -f run_test "delete taskrun" tkn taskrun delete test-template-volume -f -run_test "delete eventlistener" tkn eventlistener delete listener -f +run_test "delete eventlistener" tkn eventlistener delete github-listener-interceptor -f # confirm deletion (TODO: Add task test when added desc or logs to task command) must_fail "describe deleted pipeline" tkn pipeline describe output-pipeline must_fail "describe deleted pipelinerun" tkn pipelinerun describe output-pipeline-run must_fail "describe deleted resource" tkn resource describe skaffold-git must_fail "show logs deleted taskrun" tkn taskrun logs test-template-volume -must_fail "describe deleted eventlistener" tkn eventlistener describe listener +must_fail "describe deleted eventlistener" tkn eventlistener describe github-listener-interceptor # Make sure that eveything is cleaned up in the current namespace. for res in pipelineresources tasks pipelines taskruns pipelineruns; do diff --git a/test/e2e/eventListener/eventListener_test.go b/test/e2e/eventListener/eventListener_test.go index d4f7815373..8342f69a70 100644 --- a/test/e2e/eventListener/eventListener_test.go +++ b/test/e2e/eventListener/eventListener_test.go @@ -23,6 +23,7 @@ import ( "github.com/tektoncd/cli/test/framework" "github.com/tektoncd/cli/test/helper" "gotest.tools/v3/assert" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" knativetest "knative.dev/pkg/test" ) @@ -35,12 +36,47 @@ func TestEventListenerE2E(t *testing.T) { kubectl := cli.NewKubectl(namespace) tkn, err := cli.NewTknRunner(namespace) assert.NilError(t, err) + elName := "github-listener-interceptor" - t.Logf("Creating eventlistener in namespace: %s", namespace) - kubectl.MustSucceed(t, "create", "-f", helper.GetResourcePath("eventlistener.yaml")) + t.Logf("Creating EventListener %s in namespace %s", elName, namespace) + kubectl.MustSucceed(t, "create", "-f", helper.GetResourcePath("eventlistener/eventlistener.yaml")) + // Wait for pods to become available for next test + kubectl.MustSucceed(t, "wait", "--for=condition=Ready", "pod", "-n", namespace, "--timeout=2m", "--all") - t.Run("Assert if EventListener AVAILABLE status is false", func(t *testing.T) { - res := tkn.Run("eventlistener", "list") - assert.Assert(t, strings.Contains(res.Stdout(), "AVAILABLE") && strings.Contains(res.Stdout(), "False")) + t.Run("Assert if EventListener AVAILABLE status is true", func(t *testing.T) { + res := tkn.MustSucceed(t, "eventlistener", "list") + stdout := res.Stdout() + assert.Assert(t, strings.Contains(stdout, elName) && + strings.Contains(stdout, "AVAILABLE") && + strings.Contains(stdout, "True")) + }) + + t.Run("Get logs of EventListener", func(t *testing.T) { + res := tkn.MustSucceed(t, "eventlistener", "logs", elName, "-t", "1") + expected := `{"level":"info","logger":"eventlistener","caller":"eventlistenersink/main.go:98","msg":"Listen and serve on port 8080","knative.dev/controller":"eventlistener"}` + assert.Assert(t, strings.Contains(res.Stdout(), expected)) + }) + + t.Logf("Scaling EventListener %s to 3 replicas in namespace %s", elName, namespace) + kubectl.MustSucceed(t, "apply", "-f", helper.GetResourcePath("eventlistener/eventlistener-multi-replica.yaml")) + // Wait for pods to become available for next test + kubectl.MustSucceed(t, "wait", "--for=condition=Ready", "pod", "-n", namespace, "--timeout=2m", "--all") + + t.Run("Get logs of EventListener with multiple pods", func(t *testing.T) { + elPods, err := c.KubeClient.Kube.CoreV1().Pods(namespace).List(metav1.ListOptions{LabelSelector: "eventlistener=" + elName}) + if err != nil { + t.Fatalf("Error getting pods for EventListener %s: %v", elName, err) + } + + assert.Assert(t, len(elPods.Items) == 3) + + res := tkn.MustSucceed(t, "eventlistener", "logs", elName, "-t", "1") + stdout := res.Stdout() + for _, pod := range elPods.Items { + assert.Assert(t, strings.Contains(stdout, pod.Name)) + } + + expected := `{"level":"info","logger":"eventlistener","caller":"eventlistenersink/main.go:98","msg":"Listen and serve on port 8080","knative.dev/controller":"eventlistener"}` + assert.Assert(t, strings.Contains(stdout, expected)) }) } diff --git a/test/resources/eventlistener.yaml b/test/resources/eventlistener.yaml deleted file mode 100644 index 02b8a14764..0000000000 --- a/test/resources/eventlistener.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2020 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: triggers.tekton.dev/v1alpha1 -kind: EventListener -metadata: - name: listener -spec: - serviceAccountName: tekton-triggers-example-sa - triggers: - - name: foo-trig - bindings: - - ref: pipeline-binding - - ref: message-binding - template: - name: pipeline-template \ No newline at end of file diff --git a/test/resources/eventlistener/eventlistener-multi-replica.yaml b/test/resources/eventlistener/eventlistener-multi-replica.yaml new file mode 100644 index 0000000000..06f21c6832 --- /dev/null +++ b/test/resources/eventlistener/eventlistener-multi-replica.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: triggers.tekton.dev/v1alpha1 +kind: EventListener +metadata: + name: github-listener-interceptor +spec: + serviceAccountName: tekton-triggers-github-sa + replicas: 3 + triggers: + - name: github-listener + interceptors: + - github: + secretRef: + secretName: github-secret + secretKey: secretToken + eventTypes: + - pull_request + - cel: + filter: "body.action in ['opened', 'synchronize', 'reopened']" + bindings: + - ref: github-pr-binding + template: + name: github-template \ No newline at end of file diff --git a/test/resources/eventlistener/eventlistener.yaml b/test/resources/eventlistener/eventlistener.yaml new file mode 100644 index 0000000000..1033e2be75 --- /dev/null +++ b/test/resources/eventlistener/eventlistener.yaml @@ -0,0 +1,128 @@ +# Copyright 2020 The Tekton Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +apiVersion: triggers.tekton.dev/v1alpha1 +kind: EventListener +metadata: + name: github-listener-interceptor +spec: + serviceAccountName: tekton-triggers-github-sa + triggers: + - name: github-listener + interceptors: + - github: + secretRef: + secretName: github-secret + secretKey: secretToken + eventTypes: + - pull_request + - cel: + filter: "body.action in ['opened', 'synchronize', 'reopened']" + bindings: + - ref: github-pr-binding + template: + name: github-template +--- +apiVersion: triggers.tekton.dev/v1alpha1 +kind: TriggerBinding +metadata: + name: github-pr-binding +spec: + params: + - name: gitrevision + value: $(body.pull_request.head.sha) + - name: gitrepositoryurl + value: $(body.repository.clone_url) + +--- +apiVersion: triggers.tekton.dev/v1alpha1 +kind: TriggerTemplate +metadata: + name: github-template +spec: + params: + - name: gitrevision + - name: gitrepositoryurl + resourcetemplates: + - apiVersion: tekton.dev/v1alpha1 + kind: TaskRun + metadata: + generateName: github-run- + spec: + taskSpec: + inputs: + resources: + - name: source + type: git + steps: + - image: ubuntu + script: | + #! /bin/bash + ls -al $(inputs.resources.source.path) + inputs: + resources: + - name: source + resourceSpec: + type: git + params: + - name: revision + value: $(tt.params.gitrevision) + - name: url + value: $(tt.params.gitrepositoryurl) +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: tekton-triggers-github-sa +secrets: + - name: github-secret +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: tekton-triggers-github-binding +subjects: + - kind: ServiceAccount + name: tekton-triggers-github-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: tekton-triggers-github-minimal +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: tekton-triggers-github-minimal +rules: + # Permissions for every EventListener deployment to function + - apiGroups: ["triggers.tekton.dev"] + resources: ["eventlisteners", "triggerbindings", "triggertemplates"] + verbs: ["get"] + - apiGroups: [""] + # secrets are only needed for Github/Gitlab interceptors, serviceaccounts only for per trigger authorization + resources: ["configmaps", "secrets", "serviceaccounts"] + verbs: ["get", "list", "watch"] + # Permissions to create resources in associated TriggerTemplates + - apiGroups: ["tekton.dev"] + resources: ["pipelineruns", "pipelineresources", "taskruns"] + verbs: ["create"] +--- +apiVersion: v1 +kind: Secret +metadata: + name: github-secret +type: Opaque +stringData: + secretToken: "1234567" \ No newline at end of file