Slide from Google : http://files.informatandm.com/uploads/2019/5/Apr_18_Dan_Lorenc_The_Future_of_Cloud_Native_CI_CD.pdf Blog IBM : https://developer.ibm.com/tutorials/knative-build-app-development-with-tekton/
#Create GKE cluster from UI
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole=cluster-admin \
--user=$(gcloud config get-value core/account)
kubectl create ns tekton-pipelines
# Don't use the latest, use specific version
# kubectl apply --filename https://storage.googleapis.com/tekton-releases/latest/release.yaml
kubectl apply --filename https://storage.googleapis.com/tekton-releases/previous/v0.6.0/release.yaml
kubectl get pods --namespace tekton-pipelines
kubectl apply --filename https://github.com/tektoncd/dashboard/releases/download/v0.1.1/release.yaml
kubectl get pods --namespace tekton-pipelines
wget https://github.com/tektoncd/cli/releases/download/v0.3.1/tkn_0.3.1_Linux_x86_64.tar.gz
tar -xvf tkn_0.3.1_Linux_x86_64.tar.gz
cp ./tkn /usr/local/bin/
kubectl create ns tekton-demo
kubectl create serviceaccount tekton-demo
TODO ???
###oc adm policy add-scc-to-user privileged -z tekton-demo -n tekton-demo
###oc adm policy add-role-to-user edit -z tekton-demo -n tekton-demo
https://github.com/tektoncd/catalog
https://github.com/openshift/pipelines-catalog
https://github.com/sub-mod/openshift-pipelines-examples
https://github.com/sub-mod/tf-tekton
kubectl apply --filename https://raw.githubusercontent.com/tektoncd/catalog/master/openshift-client/openshift-client-task.yaml
kubectl apply --filename https://raw.githubusercontent.com/tektoncd/catalog/master/s2i/s2i.yaml
kubectl apply --filename https://raw.githubusercontent.com/tektoncd/catalog/master/buildah/buildah.yaml
kubectl apply --filename https://raw.githubusercontent.com/tektoncd/catalog/master/kaniko/kaniko.yaml
# oc get tasks
NAME AGE
buildah 28h
kaniko 64s
openshift-client 29h
s2i 29h
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: openshift-client
spec:
inputs:
params:
- name: ARGS
description: The OpenShift CLI arguments to run
default: help
steps:
- name: oc
image: quay.io/openshift-pipeline/openshift-cli:0.5.0
command: ["/usr/local/bin/oc"]
args:
- "${inputs.params.ARGS}"
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: whoami
spec:
# Use service account with git and image repo credentials
serviceAccount: tekton-demo
taskRef:
name: openshift-client
inputs:
params:
- name: ARGS
value: whoami
Build an Application Container Image from SOurce
Use s2i Task to pass git resource and build application and Buildah push Image
Example: s2i-python3-build and push
oc create -f https://raw.githubusercontent.com/openshift/pipelines-catalog/master/s2i-python-3/s2i-python-3-task.yaml
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: s2i-python3-taskrun
spec:
# Use service account with git and image repo credentials
serviceAccount: tekton-demo
taskRef:
name: s2i-python-3
inputs:
resources:
- name: source
resourceSpec:
type: git
params:
- name: url
value: https://github.com/sclorg/s2i-python-container.git
params:
- name: PATH_CONTEXT
value: "examples/app-home-test-app/"
- name: TLSVERIFY
value: "false"
outputs:
resources:
- name: image
resourceSpec:
type: image
params:
- name: url
value: image-registry.openshift-image-registry.svc:5000/tekton-demo/s2i-py3-build:latest
Build a Container Image from Dockerfile
Use buildah Task to pass Dockerfile and Buildah bud an Image
https://github.com/sub-mod/tf-tekton/blob/master/pipeline.yml#L24-L38
Use openshift-client Task to use oc client for creating resources
yq w <yaml_file> <path> <new value>
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: Update-param
spec:
inputs:
resources:
- name: source-repo
type: git
params:
- name: yamlFile
description: The path of the yaml file to update
- name: yamlParamPath
description: A tree path for some param attribute in yaml file
- name: yamlParamValue
description: param attribute value
steps:
- name: replace-image
image: mikefarah/yq
command: ["yq"]
args:
- "w"
- "-i"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- "${inputs.params.yamlParamPath}"
- "${inputs.param.yamlParamValue}"
- sed
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
name: Update-param
spec:
inputs:
resources:
- name: source-repo
type: git
params:
- name: yamlFile
description: The path of the yaml file to update
- name: ParamKey
description: param attribute key
- name: yamlParamValue
description: param attribute value
steps:
- name: update-yaml
image: alpine
command: ["sed"]
args:
- "-i"
- "-e"
- "s;<old-key>:<old-value>;${inputs.params.ParamKey}:${inputs.params.yamlParamValue};g"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- name: run-oc
image: quay.io/openshift-pipeline/openshift-cli:0.5.0
command: ["/usr/local/bin/oc"]
args:
- "apply"
- "-f"
- "/workspace/source-repo/${inputs.params.yamlFile}"
- shell script update to multiple values
steps:
- name: update-yaml
image: docker.io/submod/update-yaml
command: ["/bin/update"]
args:
- "${inputs.params.yamlParamPath}=${inputs.param.yamlParamValue}"
- "/workspace/source-repo/${inputs.params.yamlFile}"
git clone happens in /workspace
every input resource name creates a folder in /workspace folder
resources:
inputs:
- name: source
ex: ^ would create /workspace/source folder
every output resource name creates a folder in /workspace/output folder
outputs:
- name: image
ex: ^ would create /workspace/output/image folder