Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 4. Using the Repository custom resource

The Repository custom resource (CR) has the following primary functions:

  • Inform Pipelines as Code about processing an event from a URL.
  • Inform Pipelines as Code about the namespace for the pipeline runs.
  • Reference an API secret, username, or an API URL necessary for Git provider platforms when using webhook methods.
  • Provide the last pipeline run status for a repository.

4.1. Creating the Repository custom resource
Link kopieren

You can use the tkn pac CLI or other alternative methods to create a Repository custom resource (CR) inside the target namespace. For example: 

cat <<EOF|kubectl create -n my-pipeline-ci -f-
1 


apiVersion: "pipelinesascode.tekton.dev/v1alpha1"
kind: Repository
metadata:
  name: project-repository
spec:
  url: "https://github.com/<repository>/<project>"
EOF
Copy to Clipboard Toggle word wrap
1
my-pipeline-ci is the target namespace.

Whenever there is an event coming from the URL such as https://github.com/<repository>/<project>, Pipelines as Code matches it and then starts checking out the content of the <repository>/<project> repository for the pipeline run to match the content in the .tekton/ directory.

Note
  • You must create the Repository CR in the same namespace where pipelines associated with the source code repository will be executed; it cannot target a different namespace.
  • If multiple Repository CRs match the same event, Pipelines as Code processes only the oldest one. If you need to match a specific namespace, add the pipelinesascode.tekton.dev/target-namespace: "<mynamespace>" annotation. Such explicit targeting prevents a malicious actor from executing a pipeline run in a namespace to which they do not have access.

4.2. Creating the global Repository custom resource
Link kopieren

Optionally, you can create a global Repository custom resource (CR) in the namespace where OpenShift Pipelines is installed, normally openshift-pipelines. If you create this CR, the settings that you specify in it apply by default to all Repository CRs that you create.

Important

The global Repository CR is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope.

Prerequisites

  • You have administrator access to the openshift-pipelines namespace.
  • You logged on to the OpenShift cluster using the oc command line utility.

Procedure

  • Create a Repository CR named pipeline-as-code in the openshift-pipelines namespace. Specify all the required default settings in this CR.

    Example command to create the CR

    $ cat <<EOF|oc create -n openshift-pipelines -f -

apiVersion: "pipelinesascode.tekton.dev/v1alpha1"
kind: Repository
metadata:
  name: pipelines-as-code
spec:
  git_provider:
    secret:
      name: "gitlab-webhook-config"
      key: "provider.token"
    webhook_secret:
      name: "gitlab-webhook-config"
      key: "webhook.secret"
EOF
    Copy to Clipboard Toggle word wrap

    In this example, all Repository CRs that you create include the common secrets for accessing your GitLab repositories. You can set different repository URLs and other settings in the CRs.

4.3. Setting concurrency limits
Link kopieren

You can use the concurrency_limit spec in the Repository custom resource definition (CRD) to define the maximum number of pipeline runs running simultaneously for a repository. 

apiVersion: "pipelinesascode.tekton.dev/v1alpha1"
kind: Repository
metadata:
  name: my-repo
  namespace: target-namespace
spec:
# ...
  concurrency_limit: <number>
# ...
Copy to Clipboard Toggle word wrap

If there are multiple pipeline runs matching an event, the pipeline runs that match the event start in an alphabetical order.

For example, if you have three pipeline runs in the .tekton directory and you create a pull request with a concurrency_limit of 1 in the repository configuration, then all the pipeline runs are executed in an alphabetical order. At any given time, only one pipeline run is in the running state while the rest are queued.

4.4. Changing the source branch for the pipeline definition
Link kopieren

By default, when processing a push event or a pull request event, Pipelines as Code fetches the pipeline definition from the branch that triggered the event. You can use the pipelinerun_provenance setting in the Repository custom resource definition (CRD) to fetch the definition from the default branch configured on the Git repository provider, such as main, master, or trunk. 

apiVersion: "pipelinesascode.tekton.dev/v1alpha1"
kind: Repository
metadata:
  name: my-repo
  namespace: target-namespace
spec:
# ...
  settings:
    pipelinerun_provenance: "default_branch"
# ...
Copy to Clipboard Toggle word wrap
Note

You can use this setting as a security precaution. With the default behaviour, Pipelines as Code uses the pipeline definition in the submitted pull request. With the default-branch setting, the pipeline definition must be merged into the default branch before it is run. This requirement ensures maximum possible verification of any changes during merge review.

4.5. Custom parameter expansion
Link kopieren

You can use Pipelines as Code to expand a custom parameter within your PipelineRun resource by using the params field. You can specify a value for the custom parameter inside the template of the Repository custom resource (CR). The specified value replaces the custom parameter in your pipeline run.

You can use custom parameters in the following scenarios:

  • To define a URL parameter, such as a registry URL that varies based on a push or a pull request.
  • To define a parameter, such as an account UUID that an administrator can manage without necessitating changes to the PipelineRun execution in the Git repository.
Note

Use the custom parameter expansion feature only when you cannot use the Tekton PipelineRun parameters because Tekton parameters are defined in a Pipeline resource and customized alongside it inside a Git repository. However, custom parameters are defined and customized where the Repository CR is located. Therefore, you cannot manage your CI/CD pipeline from a single point.

The following example shows a custom parameter named company in the Repository CR: 

...
spec:
  params:
    - name: company
      value: "ABC Company"
...
Copy to Clipboard Toggle word wrap

The value ABC Company replaces the parameter name company in your pipeline run and in the remotely fetched tasks.

You can also retrieve the value for a custom parameter from a Kubernetes secret, as shown in the following example: 

...
spec:
  params:
    - name: company
      secret_ref:
        name: my-secret
        key: companyname
...
Copy to Clipboard Toggle word wrap

Pipelines as Code parses and uses custom parameters in the following manner:

  • If you have a value and a secret_ref defined, Pipelines as Code uses the value.
  • If you do not have a name in the params section, Pipelines as Code does not parse the parameter.
  • If you have multiple params with the same name, Pipelines as Code uses the last parameter.

You can also define a custom parameter and use its expansion only when specified conditions were matched for a CEL filter. The following example shows a CEL filter applicable on a custom parameter named company when a pull request event is triggered: 

...
spec:
  params:
    - name: company
      value: "ABC Company"
      filter: pac.event_type == "pull_request"
...
Copy to Clipboard Toggle word wrap
Note

When you have multiple parameters with the same name and different filters, Pipelines as Code uses the first parameter that matches the filter. So, Pipelines as Code allows you to expand parameters according to different event types. For example, you can combine a push and a pull request event.

Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat