https://openshift.github.io/pipelines-docs/docs/docs/index.html
OpenShift Pipelines are cloud-native, continuous integration and delivery solutions based on Kubernetes resources. It uses Tekton Pipelines.
https://github.com/openshift/pipelines-tutorial
Install via OperatorHub
oc login -u kubeadmin -p 78UVa-zNj5W-YB62Z-ggxGZ https://api.crc.testing:6443
oc new-project tekton-pipelines
oc adm policy add-scc-to-user anyuid -z tekton-pipelines-controller
# Don't use the latest, use specific version
# oc apply -f https://storage.googleapis.com/tekton-releases/latest/release.yaml
oc apply -f https://storage.googleapis.com/tekton-releases/previous/v0.6.0/release.yaml
oc login -u kubeadmin -p 78UVa-zNj5W-YB62Z-ggxGZ https://api.crc.testing:6443
oc new-project tekton-pipelines
# https://github.com/tektoncd/dashboard/releases/download/v0.4.1/dashboard_latest_release.yaml
oc apply -f https://github.com/tektoncd/dashboard/releases/download/v0.1.1/release.yaml
# create a route named "tekton"
# Final route name is http://tekton-tekton-pipelines.apps-crc.testing
# edit /etc/hosts
# 127.0.0.1 localhost console-openshift-console.apps-crc.testing oauth-openshift.apps-crc.testing tekton-tekton-pipelines.apps-crc.testing
# sudo ssh [email protected] -L 80:tekton-tekton-pipelines.apps-crc.testing:80
wget https://github.com/tektoncd/cli/releases/download/v0.3.1/tkn_0.3.1_Linux_x86_64.tar.gz
tar -xvf tkn_0.3.1_Linux_x86_64.tar.gz
cp ./tkn /usr/local/bin/
oc login -u developer -p developer
oc new-project tekton-demo
oc create serviceaccount tekton-demo
oc login -u kubeadmin -p 78UVa-zNj5W-YB62Z-ggxGZ https://api.crc.testing:6443
oc project tekton-demo
oc adm policy add-scc-to-user privileged -z tekton-demo -n tekton-demo
oc adm policy add-role-to-user edit -z tekton-demo -n tekton-demo
https://github.com/tektoncd/catalog
https://github.com/openshift/pipelines-catalog
https://github.com/sub-mod/openshift-pipelines-examples
https://github.com/sub-mod/tf-tekton
oc login -u developer -p developer
oc project tekton-demo
oc apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/openshift-client/openshift-client-task.yaml
oc apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/s2i/s2i.yaml
oc apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/buildah/buildah.yaml
oc apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/kaniko/kaniko.yaml
# oc get tasks
NAME AGE
buildah 28h
kaniko 64s
openshift-client 29h
s2i 29h
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: openshift-client
spec:
inputs:
params:
- name: ARGS
description: The OpenShift CLI arguments to run
default: help
steps:
- name: oc
image: quay.io/openshift-pipeline/openshift-cli:0.5.0
command: ["/usr/local/bin/oc"]
args:
- "${inputs.params.ARGS}"
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: whoami
spec:
# Use service account with git and image repo credentials
serviceAccount: tekton-demo
taskRef:
name: openshift-client
inputs:
params:
- name: ARGS
value: whoami
Use s2i Task to pass git resource and build application and Buildah push Image
Example: s2i-python3-build and push
oc create -f https://raw.githubusercontent.com/openshift/pipelines-catalog/master/s2i-python-3/s2i-python-3-task.yaml
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: s2i-python3-taskrun
spec:
# Use service account with git and image repo credentials
serviceAccount: tekton-demo
taskRef:
name: s2i-python-3
inputs:
resources:
- name: source
resourceSpec:
type: git
params:
- name: url
value: https://github.com/sclorg/s2i-python-container.git
params:
- name: PATH_CONTEXT
value: "examples/app-home-test-app/"
- name: TLSVERIFY
value: "false"
outputs:
resources:
- name: image
resourceSpec:
type: image
params:
- name: url
value: image-registry.openshift-image-registry.svc:5000/tekton-demo/s2i-py3-build:latest
Use buildah Task to pass Dockerfile and Buildah bud an Image
https://github.com/sub-mod/tf-tekton/blob/master/pipeline.yml#L24-L38
Use openshift-client Task to use oc client for creating resources
yq w <yaml_file> <path> <new value>
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: Update-param
spec:
inputs:
resources:
- name: source-repo
type: git
params:
- name: yamlFile
description: The path of the yaml file to update
- name: yamlParamPath
description: A tree path for some param attribute in yaml file
- name: yamlParamValue
description: param attribute value
steps:
- name: replace-image
image: mikefarah/yq
command: ["yq"]
args:
- "w"
- "-i"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- "${inputs.params.yamlParamPath}"
- "${inputs.param.yamlParamValue}"
- sed
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: Update-param
spec:
inputs:
resources:
- name: source-repo
type: git
params:
- name: yamlFile
description: The path of the yaml file to update
- name: ParamKey
description: param attribute key
- name: yamlParamValue
description: param attribute value
steps:
- name: update-yaml
image: alpine
command: ["sed"]
args:
- "-i"
- "-e"
- "s;<old-key>:<old-value>;${inputs.params.ParamKey}:${inputs.params.yamlParamValue};g"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- name: run-oc
image: quay.io/openshift-pipeline/openshift-cli:0.5.0
command: ["/usr/local/bin/oc"]
args:
- "apply"
- "-f"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- shell script update to multiple values
steps:
- name: update-yaml
image: docker.io/submod/update-yaml
command: ["/bin/update"]
args:
- "${inputs.params.yamlParamPath}=${inputs.param.yamlParamValue}"
- "/workspace/source-repo/${inputs.params.yamlFile}"
git clone happens in /workspace
every input resource name creates a folder in /workspace folder
resources:
inputs:
- name: source
ex: ^ would create /workspace/source folder
every output resource name creates a folder in /workspace/output folder
outputs:
- name: image
ex: ^ would create /workspace/output/image folder
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: change-param-task
spec:
inputs:
resources:
- name: source-repo
type: git
params:
- name: yamlFile
description: The yaml file to update
- name: yamlPath
description: A tree path for attribute in yaml file
- name: yamlPathValue
description: A tree path value for attribute in yaml file
steps:
- name: replace-param
image: mikefarah/yq
command: ["yq"]
args:
- "w"
- "-i"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- "${inputs.params.yamlPath}"
- "${inputs.params.yamlPathValue}"
- name: cat
image: mikefarah/yq
command: ["cat"]
args:
- "/workspace/source-repo/${inputs.params.yamlFile}"
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: change-param-taskrun
spec:
# Use service account with git and image repo credentials
serviceAccount: tekton-demo
# using the task from here https://github.com/openshift/pipelines-catalog/blob/master/s2i-python-3/s2i-python-3-task.yaml
taskRef:
name: change-param-task
inputs:
# git cloning is done into /workspace/source
resources:
- name: source-repo
resourceSpec:
type: git
params:
- name: url
value: https://github.com/sub-mod/tf-mnist.git
params:
- name: yamlFile
value: "job.yml"
- name: yamlPath
value: "spec.template.spec.containers[0].env[0].value"
- name: yamlPathValue
value: "0.964"