apiVersion: argoproj.io/v1alpha1 kind: Workflow metadata: generateName: example-ci-workflow- namespace: argo labels: workflows.argoproj.io/archive-strategy: "false" annotations: workflows.argoproj.io/description: | This is a simple workflow to show what steps we need to take to deploy an application. spec: entrypoint: ci serviceAccountName: admin volumeClaimTemplates: - metadata: name: shared-data spec: accessModes: ["ReadWriteOnce"] resources: requests: storage: 1Gi volumes: - name: docker-config secret: secretName: my-docker-secret templates: - name: ci dag: tasks: - name: git-clone template: git-clone arguments: parameters: [{ name: message, value: "git-clone task completed" }] - name: ls template: ls dependencies: [git-clone] - name: build template: build arguments: parameters: [{ name: message, value: "build task completed" }] dependencies: [unit-tests, lint-scan] - name: unit-tests template: unit-tests arguments: parameters: [{ name: message, value: "unit-tests task completed" }] dependencies: [ls] - name: lint-scan template: lint-scan arguments: parameters: [{ name: message, value: "lint-scan task completed" }] dependencies: [ls] - name: trivy-image-scan template: simple-container arguments: parameters: [{ name: message, value: "trivy-image-scan task completed" }] dependencies: [build] - name: trivy-filesystem-scan template: simple-container arguments: parameters: [ { name: message, value: "trivy-filesystem-scan task completed", }, ] dependencies: [git-clone] - name: deploy-image template: simple-container arguments: parameters: [{ name: message, value: "push-image task completed" }] # when: " == true" dependencies: [trivy-image-scan, trivy-filesystem-scan] - name: simple-container inputs: parameters: - name: message container: image: alpine:latest command: [sh, -c] args: ["echo {{inputs.parameters.message}}"] - name: ls container: image: alpine:latest command: [sh, -c] args: [ls /] - name: git-clone container: image: ubuntu:latest command: [sh, -c] args: - | apt update apt install -y git git clone -b main https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/Franz.Germann/fibonacci_go.git /shared-data/repo ls -la / ls -la /shared-data ls -la /shared-data/repo volumeMounts: - name: shared-data mountPath: /shared-data - name: build container: image: gcr.io/kaniko-project/executor:v1.23.2 args: [ "--dockerfile=Dockerfile", "--context=/shared-data/repo/", "--destination=gitea.cnoe.localtest.me/giteaadmin/fibonacci_go:latest", "--skip-tls-verify" ] volumeMounts: - name: shared-data mountPath: /shared-data - name: docker-config mountPath: /kaniko/.docker/ - name: unit-tests container: image: golang:1.23.2 command: [sh, -c] args: - | cd /shared-data/repo go test ./... -v volumeMounts: - name: shared-data mountPath: /shared-data # How to extract artifacts # For now this task will fail if the lint scan finds any issue with --error-on-issues # --max-same-issues or --max-issues-per-linter also possible - name: lint-scan container: image: golangci/golangci-lint:v1.61.0 command: [sh, -c] args: - | cd /shared-data/repo golangci-lint run ./... --out-format=json --timeout 5m --issues-exit-code 1 volumeMounts: - name: shared-data mountPath: /shared-data