{"id":22874483,"url":"https://github.com/chmouel/startpaac","last_synced_at":"2025-05-07T18:22:40.737Z","repository":{"id":266630440,"uuid":"898884040","full_name":"chmouel/startpaac","owner":"chmouel","description":"šŸš€ StartPAAC - All in one setup for Pipelines as Code on Kind","archived":false,"fork":false,"pushed_at":"2025-04-30T15:04:51.000Z","size":135,"stargazers_count":3,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-30T16:22:49.092Z","etag":null,"topics":["kubernetes","pipelines-as-code","tekton"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chmouel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-12-05T08:10:32.000Z","updated_at":"2025-04-30T15:04:54.000Z","dependencies_parsed_at":"2024-12-05T09:24:25.313Z","dependency_job_id":"e358d7cd-d368-40a7-b91d-d54247f22ef0","html_url":"https://github.com/chmouel/startpaac","commit_stats":null,"previous_names":["chmouel/startpaac"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chmouel%2Fstartpaac","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chmouel%2Fstartpaac/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chmouel%2Fstartpaac/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chmouel%2Fstartpaac/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chmouel","download_url":"https://codeload.github.com/chmouel/startpaac/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252932006,"owners_count":21827205,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["kubernetes","pipelines-as-code","tekton"],"created_at":"2024-12-13T14:37:56.307Z","updated_at":"2025-05-07T18:22:40.706Z","avatar_url":"https://github.com/chmouel.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# šŸš€ StartPAAC - All in one setup for Pipelines as Code on Kind\n\n`startpaac` is a script to set up and configure Pipelines as Code (PAC) on a\nKubernetes cluster using Kind. It supports installing various components such\nas Nginx, Tekton, and Forgejo, and configuring PAC with secrets.\n\nComponents that get installed are:\n\n- Kind cluster\n- Nginx ingress gateway\n- Forgejo for local dev\n- Docker registry to push images to.\n- Tekton latest release\n- Tekton dashboard latest\n- PAC using ko from your local revision\n\n## Prerequisites\n\n- [Docker]() - We only tested with docker currently, it may works with podman but i haven't tested it yet\n- [Kind](https://kind.sigs.k8s.io/) - Kubernetes in Docker\n- [Helm](https://helm.sh/) - Kubernetes package manager\n- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) - Kubernetes command-line tool\n- [ko](https://github.com/google/ko) - Build and deploy Go applications on Kubernetes\n- [pass](https://www.passwordstore.org/) (optional, for managing secrets) - Password manager\n- GNU Tools (ie for osx/bsd use the one from homebrew like\n[coreutils](https://formulae.brew.sh/formula/coreutils) and\n[sed](https://formulae.brew.sh/formula/gnu-sed#default) and configure them in\nyour path).\n\n## Getting Started\n\nexecute or adapt the following, adjust the path of the PAC folder where you\nhave checked out pipelines-as-code:\n\n```shell\nmkdir -p $HOME/.config/startpaac\ncat \u003c\u003cEOF \u003e $HOME/.config/startpaac/config\nTARGET_HOST=local\nPAC_DIR=~/go/src/github.com/openshift-pipelines/pipelines-as-code\nPAC_SECRET_FOLDER=~/secrets\nEOF\n```\n\nCreate your GitHub application and grab all the info needed and put them in\neach secret file for example:\n\n```shell\nmkdir -p ~/secrets\nfor i in github-application-id github-private-key smee webhook.secret;do\n echo \"Editing $i file\"\n ${EDITOR:-vi} ~/secrets/$i\nfi\n```\n\nexecute to deploy the kind cluster, the registry, nginx, paac, gitea etc..:\n\n```shell\n./startpaac -a\n```\n\nif you need to deploy a change you made to your code to the local registry you\ndo:\n\n```bash\nstartpaac -p \n```\n\nthis has redeployed everything, if you only want to redeploy the controller you can do:\n\n```bash\nstartpaac -c controller # same goes for watcher or webhook\n```\n\nif you want to spin down the kind cluster you can do:\n\n```bash\nstartpaac --stop-kind\n```\n\n## Configuration\n\nCreate a configuration file at `$HOME/.config/startpaac/config` with the following content:\n(this will be auto created by paac if you don't have one)\n\n## Full Configuration\n\n```bash\n# PAC_DIR is the path to the pipelines-as-code directory, it will try to detect\n# it otherwise\n# PAC_DIR=~/path/to/pipelines-as-code\n#\n# PAC_PASS_SECRET_FOLDER is the path to a folder in https://passwordstore.org/\n# where you have your pac secrets. The folder contains those keys:\n# github/apps/my-app\n# ā”œā”€ā”€ github-application-id\n# ā”œā”€ā”€ github-private-key\n# ā”œā”€ā”€ smee\n# ā””ā”€ā”€ webhook.secret\n# github-application-id and github-private-key are the github application id and private key when you create your github app\n# smee is the smee.io or https://hook.pipelinesascode.com generated webhook URL as set in your github apps.\n# webhook.secret is the shared secret as set in your github apps.\n# PAC_PASS_SECRET_FOLDER=github/apps/my-app\n#\n# PAC_SECRET_FOLDER is an alternative to PASS_SECRET_FOLDER where you have your\n# pac secrets in plain text. The folder has the same structure as the\n# PASS_SECRET_FOLDER the only difference is that the files are in plain text.\n#\n# PAC_SECRET_FOLDER=~/path/to/secrets\n#\n# TARGET_HOST is your vm where kind will be running, you need to have kind working there\n# set as local and unset all other variable to have it running on your local VM\n# TARGET_HOST=my.vm.lan\n#\n# KO_EXTRA_FLAGS are the extra flags to pass to ko\n#\n# KO_EXTRA_FLAGS=() # extra ko flags for example --platform linux/arm64 --insecure-registry\n## Hosts (not needed if TARGET_HOST is set to local)\n# setup a wildcard dns *.lan.mydomain.com to go to your TARGET_HOST vm\n# tips: if you don't want to install a dns server you can simply use\n# https://nextdns.io to let you create wildcard dns for your local network.\n#\n# DOMAIN_NAME=lan.mydomain.com\n# PAAC=paac.${DOMAIN_NAME}\n# REGISTRY=registry.${DOMAIN_NAME}\n# FORGE_HOST=gitea.${DOMAIN_NAME}\n# DASHBOARD=dashboard.${DASHBOARD}\n#\n# Example:\n# TARGET_HOST=civuole.lan\n# KO_EXTRA_FLAGS=(--insecure-registry --platform linux/arm64)\n# DOMAIN_NAME=vm.lan\n# PAAC=paac.${DOMAIN_NAME}\n# REGISTRY=registry.${DOMAIN_NAME}\n# FORGE_HOST=gitea.${DOMAIN_NAME}\n# TARGET_BIND_IP=192.168.1.5\n# DASHBOARD=dashboard.${DOMAIN_NAME}\n# PAC_DIR=$GOPATH/src/github.com/openshift-pipelines/pac/main\n```\n\nYou can have an alternative config file with the `STARTPAAC_CONFIG_FILE`\nenvironment variable.\n\n## Secrets Management\n\n### Using `pass`\n\nIf you prefer to manage your secrets using `pass`, set the\n`PAC_PASS_SECRET_FOLDER` variable in your configuration file to the path of\nyour secrets folder in `pass`. The folder should contain the following files:\n\n- `github-application-id`\n- `github-private-key`\n- `smee`\n- `webhook.secret`\n\nExample structure:\n\n```console\ngithub/apps/my-app\nā”œā”€ā”€ github-application-id\nā”œā”€ā”€ github-private-key\nā”œā”€ā”€ smee\nā””ā”€ā”€ webhook.secret\n```\n\n### Using Plain Text\n\nAlternatively, you can store your secrets in plain text files. Set the\n`PAC_SECRET_FOLDER` variable in your configuration file to the path of your\nsecrets folder. The folder should have the same structure as the `pass` folder,\nbut the files should be in plain text.\n\nExample structure:\n\n```console\n~/path/to/secrets\nā”œā”€ā”€ github-application-id\nā”œā”€ā”€ github-private-key\nā”œā”€ā”€ smee\nā””ā”€ā”€ webhook.secret\n```\n\n## Usage\n\nRun the script with the desired options:\n\n```sh\n./startpaac [options]\n```\n\nBy default, the script will install everything asking you to confirm before. If\nyou don't want confirmation just use the `-a` option.\n\n### Options\n\n- `-a|--all` Install everything\n- `-A|--all-but-kind` Install everything but kind\n- `-k|--kind` (Re)Install Kind\n- `-g|--install-forge` Install Forgejo\n- `-c|--component` Deploy a component (controller, watcher, webhook)\n- `-p|--install-paac` Deploy and configure PAC\n- `-h|--help` Show help message\n- `-s|--sync-kubeconfig` Sync kubeconfig from the remote host\n- `-G|--start-user-gosmee` Start gosmee locally for user $USER\n- `-S|--github-second-ctrl` Deploy second controller for GitHub\n- `--install-nginx` Install Nginx\n- `--install-dashboard` Install Tekton dashboard\n- `--install-tekton` Install Tekton\n- `--install-custom-crds` Install custom CRDs\n- `--second-secret=SECRET` Pass name for the second controller secret\n- `--stop-kind` Stop Kind\n\n## Examples\n\n### Install Everything\n\n```sh\n./startpaac --all\n```\n\n### Install PAC and Configure\n\n```sh\n./startpaac --install-paac\n```\n\n### Install Nginx\n\n```sh\n./startpaac --install-nginx\n```\n\n### Install Tekton\n\n```sh\n./startpaac --install-tekton\n```\n\n### Install Custom CRDs\n\n```sh\n./startpaac --install-custom-crds\n```\n\n### Deploy a Specific Component\n\n```sh\n./startpaac --component controller\n```\n\n### Sync Kubeconfig from Remote Host\n\n```sh\n./startpaac --sync-kubeconfig\n```\n\n### Start User Gosmee\n\n```sh\n./startpaac --start-user-gosmee\n```\n\nit will try to start gosmee for the user if you have a systemd user one, or\ngive you the command line to start it.\n\n### Deploy Second Controller for GitHub\n\n```sh\n./startpaac --github-second-ctrl\n```\n\nyou need the `PAC_PASS_SECOND_FOLDER` which is the same\n`PAC_PASS_SECRET_FOLDER` but for a second controller to use.\n\n## ZSH Completion\n\nThere is a [ZSH completion script](./misc/_startpaac) that can get installed in your\n\npath for completion.\n\n## Author\n\nChmouel Boudjnah \u003cchmouel@chmouel.com\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchmouel%2Fstartpaac","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchmouel%2Fstartpaac","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchmouel%2Fstartpaac/lists"}