codefresh-io · jcantosz · Apr 26, 2022
diff --git a/workflows/codefresh-classic/CHANGELOG.md b/workflows/codefresh-classic/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## v0.0.2 (26.4.2022)
+
+### sync-teams
+
+A wrapper on top of Codefresh cli synchronize teams operation.
+
+
 ## v0.0.1 (1.12.2021)
 
 ### run-pipeline

diff --git a/workflows/codefresh-classic/versions/0.0.2/README.md b/workflows/codefresh-classic/versions/0.0.2/README.md
@@ -0,0 +1,16 @@
+# Codefresh Classic
+
+## Summary
+
+A wrapper on top of the Codefresh CLI run operation. The template provides the easy ability to trigger pipelines or do other Codefresh Classic actions.
+
+## Templates
+
+1. [run-pipeline](https://github.com/codefresh-io/argo-hub/blob/main/workflows/codefresh-classic/versions/0.0.2/docs/run-pipeline.md)
+1. [run-pipeline](https://github.com/codefresh-io/argo-hub/blob/main/workflows/codefresh-classic/versions/0.0.2/docs/sync-team.md)
+
+## Security
+
+Minimal required permissions
+
+[Full rbac permissions list](https://github.com/codefresh-io/argo-hub/blob/main/workflows/codefresh-classic/versions/0.0.2/rbac.yaml)
diff --git a/workflows/codefresh-classic/versions/0.0.2/docs/run-pipeline.md b/workflows/codefresh-classic/versions/0.0.2/docs/run-pipeline.md
@@ -0,0 +1,49 @@
+# run-pipeline
+
+## Summary
+A wrapper on top of Codefresh cli run operation.
+
+The template provides the easy ability to trigger pipelines.
+
+## Inputs/Outputs
+
+### Inputs
+* CF_API_KEY_SECRET (required) - K8s secret name that contains a key named `token` with codefresh [api key](https://codefresh.io/docs/docs/integrations/codefresh-api/#authentication-instructions).
+* PIPELINE_NAME (required) - Pipeline name
+* TRIGGER_NAME (required) - Trigger name
+* CF_BRANCH (required) - Branch name
+* EXTRA_OPTIONS (optional) - Additional cli flags
+* VARIABLES (optional) - Variables to pass to the build
+
+### Outputs
+no outputs
+
+## Examples
+
+### Submit a basic workflow
+```yaml
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+  generateName: codefresh-classic-run-pipeline-
+spec:
+  entrypoint: main
+  templates:
+  - name: main
+    dag:
+      tasks:
+      - name: hello-world
+        templateRef:
+          name: argo-hub.codefresh-classic.0.0.2
+          template: run-pipeline
+        arguments:
+          parameters:
+            - name: CF_API_KEY_SECRET
+              value: codefresh-v1-api-token
+            - name: PIPELINE_NAME
+              value: pipeline-name
+            - name: TRIGGER_NAME
+              value: trigger-name
+            - name: CF_BRANCH
+              value: main
+```
diff --git a/workflows/codefresh-classic/versions/0.0.2/docs/sync-team.md b/workflows/codefresh-classic/versions/0.0.2/docs/sync-team.md
@@ -0,0 +1,63 @@
+# run-pipeline
+
+## Summary
+A wrapper on top of Codefresh cli [synchronize teams](https://codefresh-io.github.io/cli/teams/synchronize-teams/) operation.
+
+The template provides the easy ability to sync teams and can be run in a scheduled job.
+
+## Inputs/Outputs
+
+### Inputs
+* CF_API_KEY_SECRET (required) - K8s secret name that contains a key named `token` with codefresh [api key](https://codefresh.io/docs/docs/integrations/codefresh-api/#authentication-instructions).
+* PIPELINE_NAME (required) - Pipeline name
+* TRIGGER_NAME (required) - Trigger name
+* CF_BRANCH (required) - Branch name
+* EXTRA_OPTIONS (optional) - Additional cli flags
+* VARIABLES (optional) - Variables to pass to the build
+
+* GIT_TOKEN_SECRET (optional) - The secret with the token to synchronize a GitHub team with. value is `autopilot-secret`
+* GIT_TOKEN_SECRET_KEY (optional) - They key in the `GIT_TOKEN_SECRET` secret that has the GitHub token. value is `git_token`.
+* CF_V1_TOKEN_SECRET (required) - The secret with the codefresh token for API communication. value is `codefresh-v1-token`
+* CF_V1_TOKEN_SECRET_KEY (required) - They key in the `CF_V1_TOKEN_SECRET` secret with the codefresh token for API communication. value is `token`
+* CLIENT_NAME (required) - The name of the team in codefresh that we are syncing .value is `my-team`
+* CLIENT_TYPE (required) - The type of team to sync (github, okta, or azure) value is `github`
+* OPTIONAL_PARAMS (optional) - Any optional parameters for the sync command (i.e. `--disable-notifications`). value is empty
+
+### Outputs
+no outputs
+
+## Examples
+
+### Submit a basic workflow
+```yaml
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+  generateName: codefresh-classic-synchronize-teams-
+spec:
+  entrypoint: main
+  templates:
+  - name: main
+    dag:
+      tasks:
+      - name: sync-my-team
+        templateRef:
+          name: argo-hub.codefresh-classic.0.0.2
+          template: sync-team
+        arguments:
+          parameters:
+            - name: GIT_TOKEN_SECRET
+              value: 'autopilot-secret'
+            - name: GIT_TOKEN_SECRET_KEY
+              value: 'git_token'
+            - name: CF_V1_TOKEN_SECRET
+              value: 'codefresh-v1-token'
+            - name: CF_V1_TOKEN_SECRET_KEY
+              value: 'token'
+            - name: CLIENT_NAME
+              value: my-team
+            - name: CLIENT_TYPE
+              value: github # github, okta, azure
+            - name: OPTIONAL_PARAMS
+              value: "--disable-notifications"
+```
diff --git a/workflows/codefresh-classic/versions/0.0.2/rbac.yaml b/workflows/codefresh-classic/versions/0.0.2/rbac.yaml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: argo-hub.codefresh-classic.0.0.2
+  annotations:
+    argo-hub/version: '0.0.2'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: argo-hub.codefresh-classic.0.0.2
+  annotations:
+    argo-hub/version: '0.0.2'
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - watch
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - pods/log
+    verbs:
+      - get
+      - watch
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: argo-hub.codefresh-classic.0.0.2
+  annotations:
+    argo-hub/version: '0.0.2'
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: argo-hub.codefresh-classic.0.0.2
+subjects:
+  - kind: ServiceAccount
+    name: argo-hub.codefresh-classic.0.0.2
diff --git a/workflows/codefresh-classic/versions/0.0.2/workflowTemplate.yaml b/workflows/codefresh-classic/versions/0.0.2/workflowTemplate.yaml
@@ -0,0 +1,109 @@
+apiVersion: argoproj.io/v1alpha1
+kind: WorkflowTemplate
+metadata:
+  name: argo-hub.codefresh-classic.0.0.2
+  annotations:
+    argo-hub/version: '0.0.2'
+    argo-hub/description: 'Templates that execute operations against the Codefresh classic platform'
+    argo-hub/license: 'MIT'
+    argo-hub/owner_name: 'Itai Gendler'
+    argo-hub/owner_email: '[email protected]'
+    argo-hub/owner_avatar: 'https://avatars.githubusercontent.com/u/10414627?s=120&v=4'
+    argo-hub/owner_url: 'https://github.com/itai-codefresh'
+    argo-hub/categories: 'codefresh'
+    argo-hub/icon_url: "https://cdn.jsdelivr.net/gh/codefresh-io/argo-hub@main/workflows/codefresh-classic/assets/icon.svg"
+    argo-hub/icon_background: "#f4f4f4"
+spec:
+  templates:
+    - name: run-pipeline
+      serviceAccountName: argo-hub.codefresh-classic.0.0.2
+      metadata:
+        annotations:
+          argo-hub-template/description: 'A wrapper on top of Codefresh cli run operation'
+          argo-hub-template/icon_url: "https://cdn.jsdelivr.net/gh/codefresh-io/argo-hub@main/workflows/codefresh-classic/assets/icon.svg"
+          argo-hub-template/icon_background: "#f4f4f4"
+      inputs:
+        parameters:
+          - name: CF_API_KEY_SECRET
+          - name: PIPELINE_NAME
+          - name: TRIGGER_NAME
+          - name: CF_BRANCH
+          - name: EXTRA_OPTIONS
+            default: ''
+          - name: VARIABLES
+            default: ''
+      script:
+        name: main
+        imagePullPolicy: Always
+        image: codefresh/cli
+        env:
+          - name: VARIABLES
+            value: '{{ inputs.parameters.VARIABLES }}'
+          - name: CF_API_KEY
+            valueFrom:
+              secretKeyRef:
+                name: '{{ inputs.parameters.CF_API_KEY_SECRET }}'
+                key: token
+        command: [sh]
+        source: |
+          codefresh \
+          run \
+          '{{ inputs.parameters.PIPELINE_NAME }}' \
+          '-b={{ inputs.parameters.CF_BRANCH }}' \
+          '-t={{ inputs.parameters.TRIGGER_NAME }}' \
+          $(echo $VARIABLES | sed 's/,/ /g' | sed -E 's/(^|[ ])/ -v /g') \
+          '{{ inputs.parameters.EXTRA_OPTIONS }}'
+
+    - name: sync-team
+      serviceAccountName: argo-hub.codefresh-classic.0.0.2
+      metadata:
+        annotations:
+          argo-hub-template/description: 'A wrapper on top of Codefresh cli synchronize teams operation'
+          argo-hub-template/icon_url: "https://cdn.jsdelivr.net/gh/codefresh-io/argo-hub@main/workflows/codefresh-classic/assets/icon.svg"
+          argo-hub-template/icon_background: "#f4f4f4"
+      inputs:
+        parameters:
+          - name: GIT_TOKEN_SECRET
+            default: 'autopilot-secret'
+          - name: GIT_TOKEN_SECRET_KEY
+            default: 'git_token'
+          - name: CF_V1_TOKEN_SECRET
+            default: 'codefresh-v1-token'
+          - name: CF_V1_TOKEN_SECRET_KEY
+            default: 'token'
+          - name: CLIENT_NAME
+            default: my-team
+          - name: CLIENT_TYPE
+            default: github # github, okta, azure
+          - name: OPTIONAL_PARAMS
+            default: " "
+            # --disable-notifications
+      script:
+        image: codefresh/cli
+        imagePullPolicy: Always
+        command: [ bash ]
+        env:
+          - name: CLIENT_NAME
+            value: '{{ inputs.parameters.CLIENT_NAME }}'
+          - name: CLIENT_TYPE
+            value: '{{ inputs.parameters.CLIENT_TYPE }}'
+          - name: CF_API_KEY
+            valueFrom:
+              secretKeyRef:
+                name: '{{ inputs.parameters.CF_V1_TOKEN_SECRET }}'
+                key: '{{ inputs.parameters.CF_V1_TOKEN_SECRET_KEY }}'
+          - name: OPTIONAL_PARAMS
+            value: '{{ inputs.parameters.OPTIONAL_PARAMS }}'
+          - name: GIT_TOKEN
+            valueFrom:
+              secretKeyRef:
+                name: '{{ inputs.parameters.GIT_TOKEN_SECRET }}'
+                key: '{{ inputs.parameters.GIT_TOKEN_SECRET_KEY }}'
+                optional: true
+        # https://codefresh-io.github.io/cli/teams/synchronize-teams/
+        source: |
+          # If we are using github and the token exists/is non-empty
+          if [ ${CLIENT_TYPE} == 'github' ] && [ ! -z ${GIT_TOKEN} ] ; then
+            OPTIONAL_PARAMS="${OPTIONAL_PARAMS} --access-token ${GIT_TOKEN}"
+          fi
+          codefresh synchronize teams ${CLIENT_NAME}  --client-type ${CLIENT_TYPE} ${OPTIONAL_PARAMS}