# Task for pre-deployment validation apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: pre-deploy-validation namespace: tekton-pipelines labels: app.kubernetes.io/name: bakery-ia-cicd app.kubernetes.io/component: validation spec: workspaces: - name: source description: Source code workspace params: - name: services type: string description: Comma-separated list of services to validate - name: environment type: string description: Target environment (staging/production) default: "production" results: - name: validation-status description: Status of validation (passed/failed) steps: - name: validate image: registry.k8s.io/kustomize/kustomize:v5.3.0 script: | #!/bin/sh set -e SOURCE_PATH="$(workspaces.source.path)" SERVICES="$(params.services)" ENVIRONMENT="$(params.environment)" echo "============================================" echo "Pre-Deployment Validation" echo "============================================" echo "Environment: $ENVIRONMENT" echo "Services: $SERVICES" echo "============================================" cd "$SOURCE_PATH" # Validate kustomization can be built KUSTOMIZE_DIR="infrastructure/environments/$ENVIRONMENT" if [ -d "$KUSTOMIZE_DIR" ]; then echo "" echo "Validating kustomization..." if kustomize build "$KUSTOMIZE_DIR" > /dev/null 2>&1; then echo " ✓ Kustomization is valid" else echo " ✗ Kustomization validation failed" echo "failed" > $(results.validation-status.path) exit 1 fi fi # Additional validation checks can be added here # - Schema validation # - Policy checks (OPA/Gatekeeper) # - Security scanning echo "" echo "============================================" echo "All validations passed" echo "============================================" echo "passed" > $(results.validation-status.path) resources: limits: cpu: 500m memory: 256Mi requests: cpu: 100m memory: 128Mi