Customize build workflow

This guide covers adding a custom workflow in the build workflow.

Writing your custom build workflow script

We support adding custom bash scripts to our build workflow. For example, one may want to scan the source code before building and pushing the image to their docker registry.

#!/bin/bash # Example to scan source code using sonarqube, ref: https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/#running-from-zip-file sonar-scanner $SOURCE_CODE_DOWNLOAD_PATH -Dsonar.token=$SONARQUBE_AUTH_TOKEN

Create config map

Create the config map for your custom script to be able to mount that in our build workflow. You can either write a YAML spec and apply it or create it using kubectl command as follows:

kubectl create configmap <configmap-name> --from-file=<script-file-name> -n truefoundry

Add to Truefoundry build workflow

To add the above custom scrip to our build workflow, we need to first attach the config map as volume and then execute the script in the desired step. Please make the following changes in the values of the truefoundry helm chart

tfyBuild: truefoundryWorkflows: extraVolumes: - name: custom-script configMap: name: <config-map-name> defaultMode: 511 extraVolumeMounts: - name: custom-script mountPath: /custom-scripts sfyBuilder: script: | download-code.sh # eg: excute before build and push # /custom-scripts/<your-custom-script-file-name> registry-login.sh wait-for-builder.sh build-and-push.sh # eg: excute after build and push # /custom-scripts/<your-custom-script-file-name> update-build.sh '{"status":"SUCCEEDED"}'

Notes:

  • Please DO NOT remove any existing step as it may cause issues in existing workflow
  • While mounting the configmap, make sure to keep the defaultMode to 511 to make the file executable.
  • Always execute the custom script using the absolute path as the working directory is set to /scripts by default.
  • If you need to set any environment variables to use inside your custom script, you can add those at tfyBuild.truefoundryWorkflows.extraEnvs.
  • Make sure you don't overwrite SOURCE_CODE_DOWNLOAD_PATH, DOCKER_REGISTRY_URL, DOCKER_REGISTRY_USERNAME , DOCKER_REGISTRY_PASSWORD, DOCKER_REPO, DOCKER_TAG, CALLBACK_URL environment variables' as these are reserved for internal usage. You may use them in your workflow if necessary.

Did this page help you?